The following Fedora EPEL 6 Security updates need testing: Age URL 745 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 739 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 629 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 601 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6 211 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac libbsd-0.8.3-2.el6 107 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-c0d33ae70f tnef-1.4.14-1.el6 41 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-23f4cb5d02 lxc-1.0.10-2.el6 15 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-b1d8b4aed9 globus-ftp-client-8.36-1.el6 globus-gass-cache-program-6.7-1.el6 globus-gass-copy-9.27-1.el6 globus-gram-client-13.18-1.el6 globus-gram-job-manager-14.36-1.el6 globus-gram-job-manager-condor-2.6-5.el6 globus-gridftp-server-12.2-1.el6 globus-gssapi-gsi-12.17-1.el6 globus-io-11.9-1.el6 globus-net-manager-0.17-1.el6 globus-xio-5.16-1.el6 globus-xio-gsi-driver-3.11-1.el6 globus-xio-pipe-driver-3.10-1.el6 globus-xio-udt-driver-1.28-1.el6 myproxy-6.1.28-1.el6 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-63ab34560a putty-0.70-1.el6 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e8124f23c8 heimdal-7.4.0-1.el6 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-428858445a jabberd-2.6.1-2.el6 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-f7d737f93d phpldapadmin-1.2.3-10.el6 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-0ca79e82a3 yara-3.6.3-1.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-515cca9a02 GraphicsMagick-1.3.26-3.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-99fb0d61b0 chicken-4.12.0-3.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-ab5ed7f894 python-tablib-0.11.5-1.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing GraphicsMagick-1.3.26-3.el6 cacti-1.1.13-1.el6 chicken-4.12.0-3.el6 cscppc-1.3.3-1.el6 csmock-2.0.4-1.el6 cswrap-1.3.4-2.el6 hdf-4.2.13-1.el6 nagios-plugins-2.2.1-4git.el6 python-tablib-0.11.5-1.el6 Details about builds: ================================================================================ GraphicsMagick-1.3.26-3.el6 (FEDORA-EPEL-2017-515cca9a02) An ImageMagick fork, offering faster image generation and better quality -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-11403 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1472214 - CVE-2017-11403 GraphicsMagick: Use-after-free in CloseBlob https://bugzilla.redhat.com/show_bug.cgi?id=1472214 -------------------------------------------------------------------------------- ================================================================================ cacti-1.1.13-1.el6 (FEDORA-EPEL-2017-587ab47ba9) An rrd based graphing tool -------------------------------------------------------------------------------- Update Information: - Update to 1.1.13 Release notes: https://www.cacti.net/release_notes.php?version=1.1.13 -------------------------------------------------------------------------------- ================================================================================ chicken-4.12.0-3.el6 (FEDORA-EPEL-2017-99fb0d61b0) A practical and portable Scheme system -------------------------------------------------------------------------------- Update Information: Fix for CVE-2017-11343 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1471816 - CVE-2017-11343 chicken: Predictable symbol table due to using default libc seed in PRNG https://bugzilla.redhat.com/show_bug.cgi?id=1471816 -------------------------------------------------------------------------------- ================================================================================ cscppc-1.3.3-1.el6 (FEDORA-EPEL-2017-888d770120) A compiler wrapper that runs cppcheck in background -------------------------------------------------------------------------------- Update Information: - update to latest upstream bugfix release -------------------------------------------------------------------------------- ================================================================================ csmock-2.0.4-1.el6 (FEDORA-EPEL-2017-888d770120) A mock wrapper for Static Analysis tools -------------------------------------------------------------------------------- Update Information: - update to latest upstream bugfix release -------------------------------------------------------------------------------- ================================================================================ cswrap-1.3.4-2.el6 (FEDORA-EPEL-2017-888d770120) Generic compiler wrapper -------------------------------------------------------------------------------- Update Information: - update to latest upstream bugfix release -------------------------------------------------------------------------------- ================================================================================ hdf-4.2.13-1.el6 (FEDORA-EPEL-2017-30e470e5c5) A general purpose library and file format for storing scientific data -------------------------------------------------------------------------------- Update Information: Update to 4.2.13 -------------------------------------------------------------------------------- ================================================================================ nagios-plugins-2.2.1-4git.el6 (FEDORA-EPEL-2017-8973027f42) Host/service/network monitoring program plugins for Nagios -------------------------------------------------------------------------------- Update Information: Add explicit file require. Fix BZ# 1470823 ---- Updated patches to fix check_http problems ---- Update to git for 20170703 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1427925 - check_http 2.2.0-4 fails if Transfer-Encoding ends the header https://bugzilla.redhat.com/show_bug.cgi?id=1427925 [ 2 ] Bug #1423008 - nagios-plugins-2.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1423008 [ 3 ] Bug #1210380 - SELinux prevents check_mailq from executing postfix when run via NRPE https://bugzilla.redhat.com/show_bug.cgi?id=1210380 [ 4 ] Bug #1204683 - check_ide_smart cannot be started by nrpe https://bugzilla.redhat.com/show_bug.cgi?id=1204683 [ 5 ] Bug #1465784 - nagios http plugin is old and buggy https://bugzilla.redhat.com/show_bug.cgi?id=1465784 [ 6 ] Bug #1463674 - check_http segfaults once Location header terminates with additional 0x0a and is last header line https://bugzilla.redhat.com/show_bug.cgi?id=1463674 [ 7 ] Bug #1256848 - nagios-plugins-log has incorrect paths to egrep/tail (EL6) https://bugzilla.redhat.com/show_bug.cgi?id=1256848 [ 8 ] Bug #1052740 - SELinux is preventing check_log via NRPE from read and open var_log_t files https://bugzilla.redhat.com/show_bug.cgi?id=1052740 -------------------------------------------------------------------------------- ================================================================================ python-tablib-0.11.5-1.el6 (FEDORA-EPEL-2017-ab5ed7f894) Format agnostic tabular data library (XLS, JSON, YAML, CSV) -------------------------------------------------------------------------------- Update Information: Latest upstream, including the `yaml.safe_load` fix for CVE-2017-2810. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1461298 - CVE-2017-2810 python-tablib: Databook loading functionality allows command execution [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1461298 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
