The following Fedora EPEL 6 Security updates need testing: Age URL 622 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 616 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 506 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 477 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6 208 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8594ed3a53 chicken-4.11.0-3.el6 88 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac libbsd-0.8.3-2.el6 72 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8c6c7bf06e dbus-sharp-0.7.0-16.el6 dbus-sharp-glib-0.5.0-14.el6 mono-4.2.4-9.el6 38 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-acd2c2af0d nagios-4.2.4-4.el6 14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-50cbc23498 wordpress-4.7.3-1.el6 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-23481d5e1a icoutils-0.31.2-1.el6 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-1ad70123a8 R-3.3.3-1.el6 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-75190374ce moodle-2.7.19-1.el6 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-eb18b4839a mbedtls-2.4.2-1.el6 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-b1bba0f99d roundcubemail-1.0.9-2.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5007998266 tcpreplay-4.2.0-1.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing tcpreplay-4.2.0-1.el6 tlp-0.9-4.el6 Details about builds: ================================================================================ tcpreplay-4.2.0-1.el6 (FEDORA-EPEL-2017-5007998266) Replay captured network traffic -------------------------------------------------------------------------------- Update Information: Features and fixes include: - MAC rewriting capabilities by Pedro Arthur (#313) - Fix several issues identified by Coverity (#305) - Packet distortion --fuzz- seed option by Gabriel Ganne (#302) - Add --unique-ip-loops option to modify IPs every few loops (#296) - Netmap startup delay increase (#290) - tcpcapinfo buffer overflow vulnerablily (#278) - Update git-clone instructions by Kyle McDonald (#277) - Allow fractions for --pps option (#270) - Print per-loop stats with --stats=0 (#269) - Add protection against packet drift by Guillaume Scott (#268) - Print flow stats periodically with --stats output (#262) - Include Travis-CI build support by Ilya Shipitsin (#264) (#285) - tcpreplay won't replay all packets in a pcap file with --netmap (#255) - First and last packet times in --stats output (#239) - Switch to wire speed after 30 minutes at 6 Gbps (#210) - tcprewrite fix checksum properly for fragmented packets (#190) ---- Patch CVE-2017-6429. Tcpcapinfo utility of Tcpreplay has a buffer overflow vulnerability associated with parsing a crafted pcap file. This occurs in the src/tcpcapinfo.c file when capture has a packet that is too large to handle. References: http://seclists.org/bugtraq/2017/Mar/22 Upstream bug: https://github.com/appneta/tcpreplay/issues/278 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1429521 - CVE-2017-6429 tcpreplay: Buffer overflow in Tcpcapinfo utility [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1429521 [ 2 ] Bug #1429522 - CVE-2017-6429 tcpreplay: Buffer overflow in Tcpcapinfo utility [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1429522 -------------------------------------------------------------------------------- ================================================================================ tlp-0.9-4.el6 (FEDORA-EPEL-2017-5d68372442) Advanced power management tool for Linux -------------------------------------------------------------------------------- Update Information: Upstream bug fixes for 0.9: - fix corner case for tlp-stat causing an error - mitigate slow shutdown issue. -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx