Fedora EPEL 6 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The following Fedora EPEL 6 Security updates need testing:
 Age  URL
 636  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031   python-virtualenv-12.0.7-1.el6
 630  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168   rubygem-crack-0.3.2-2.el6
 520  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb   mcollective-2.8.4-1.el6
 491  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9   thttpd-2.25b-24.el6
 222  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8594ed3a53   chicken-4.11.0-3.el6
 102  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac   libbsd-0.8.3-2.el6
  52  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-acd2c2af0d   nagios-4.2.4-4.el6
  11  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-da3e5ef08f   tcpreplay-4.2.1-1.el6
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-68aef427a4   php-horde-Horde-Crypt-2.7.6-1.el6
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-def12f5099   libupnp-1.6.21-1.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    libglvnd-0.2.999-14.20170308git8e6e102.el6
    libupnp-1.6.21-1.el6
    open-vm-tools-10.1.5-6.el6
    php-horde-Horde-Crypt-2.7.6-1.el6

Details about builds:


================================================================================
 libglvnd-0.2.999-14.20170308git8e6e102.el6 (FEDORA-EPEL-2017-fe81b727ea)
 The GL Vendor-Neutral Dispatch library
--------------------------------------------------------------------------------
Update Information:

* Fix conditionals for _without_mesa_glvnd_default * Fix other RHEL-
conditionals, too * Update RPM filters for private libraries (includes GLX,
fixes RHEL 6). * Update to latest snapshot, remove upstreamed patches. * Update
release to packaging guidelines format. * Make sure that for Fedora 24 and RHEL
the libraries are always private.
--------------------------------------------------------------------------------


================================================================================
 libupnp-1.6.21-1.el6 (FEDORA-EPEL-2017-def12f5099)
 Universal Plug and Play (UPnP) SDK
--------------------------------------------------------------------------------
Update Information:

Long standing security bugs fixed through update to version 1.6.21.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1437143 - Plans for EPEL 6
        https://bugzilla.redhat.com/show_bug.cgi?id=1437143
  [ 2 ] Bug #1388774 - CVE-2016-8863 libupnp: Heap buffer overflow in the create_url_list function [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1388774
  [ 3 ] Bug #1358614 - CVE-2016-6255 libupnp: Unhandled POSTs can write to the filesystem by default [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1358614
  [ 4 ] Bug #1358352 - libupnp: Upload arbitrary file via POST [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1358352
  [ 5 ] Bug #1146033 - libupnp: security and critical bug fixes [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1146033
  [ 6 ] Bug #905578 - CVE-2012-5958 CVE-2012-5959 CVE-2012-5960 CVE-2012-5961 CVE-2012-5962 CVE-2012-5963 CVE-2012-5964 CVE-2012-5965 ibupnp: Multiple stack-based buffer overflows in unique_service_name() by processing specially-crafted SSDP request (VU#922681) [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=905578
--------------------------------------------------------------------------------


================================================================================
 open-vm-tools-10.1.5-6.el6 (FEDORA-EPEL-2017-cdcc212f16)
 Open Virtual Machine Tools for virtual machines hosted on VMware
--------------------------------------------------------------------------------
Update Information:

Fix incorrect udev rules installation.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1438481 - open-vm-tools 10.1.5 installs 99-vmware-scsi-udev.rules to wrong location
        https://bugzilla.redhat.com/show_bug.cgi?id=1438481
--------------------------------------------------------------------------------


================================================================================
 php-horde-Horde-Crypt-2.7.6-1.el6 (FEDORA-EPEL-2017-68aef427a4)
 Horde Cryptography API
--------------------------------------------------------------------------------
Update Information:

**Horde_Crypt 2.7.6**  * [mjr] SECURITY: Fix remote code execution vulnerability
(**CVE-2017-7413**, and **CVE-2017-7414**).
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux