The following Fedora EPEL 6 Security updates need testing: Age URL 816 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 810 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 700 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 672 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6 282 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac libbsd-0.8.3-2.el6 178 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-c0d33ae70f tnef-1.4.14-1.el6 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4c76ddcc92 libmspack-0.6-0.1.alpha.el6 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e50abdd3d5 python3-numpy-1.10.4-6.el6 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e563119ec9 php-horde-Horde-Image-2.5.2-1.el6 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-bfeae1e322 wordpress-4.8.2-1.el6 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5b8684c487 php-horde-passwd-5.0.7-1.el6 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e6c88309c0 php-horde-wicked-2.0.8-1.el6 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-a981889220 php-horde-nag-4.2.17-1.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-be95216c3a MySQL-zrm-3.0-6.el6.2 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-ad63a060a6 freexl-1.0.4-1.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-a437fba22e openvpn-2.4.4-1.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e4d447e97c tor-0.2.9.12-1.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing bgpq3-0.1.31-1.el6 fedora-easy-karma-0-0.32.20170930git0c81432c.el6 golang-github-aws-aws-sdk-go-1.4.22-0.5.git50762c1.el6 golang-github-coreos-go-iptables-0-0.10.git259c8e6.el6 golang-github-emicklei-go-restful-1.1.3-0.15.git09691a3.el6 golang-github-golang-appengine-0-0.13.git4f7eeb5.el6 golang-github-google-gofuzz-0-0.18.git44d8105.el6 golang-googlecode-goauth2-0-0.22.git5432cc9.el6 nova-agent-2.1.6-1.el6 opensmtpd-6.0.2p1-6.el6 openvpn-2.4.4-1.el6 petsc-3.7.7-1.el6 sysbench-1.0.9-2.el6 tor-0.2.9.12-1.el6 Details about builds: ================================================================================ bgpq3-0.1.31-1.el6 (FEDORA-EPEL-2017-98c40bc9d7) Automate BGP filter generation based on routing database information -------------------------------------------------------------------------------- Update Information: Initial package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1495004 - Review Request: bgpq3 - Automate BGP filter generation based on routing database information https://bugzilla.redhat.com/show_bug.cgi?id=1495004 -------------------------------------------------------------------------------- ================================================================================ fedora-easy-karma-0-0.32.20170930git0c81432c.el6 (FEDORA-EPEL-2017-e2634c3757) Fedora update feedback made easy -------------------------------------------------------------------------------- Update Information: Add support for new bodhi client bindings and add hard dependencies for yum or python2-dnf -------------------------------------------------------------------------------- References: [ 1 ] Bug #1494644 - fedora.client.bodhi.BodhiClientException: You must provide a captcha_key https://bugzilla.redhat.com/show_bug.cgi?id=1494644 [ 2 ] Bug #1270600 - fedora-easy-karma can not execute without yum or python2-dnf (missing dependency) https://bugzilla.redhat.com/show_bug.cgi?id=1270600 -------------------------------------------------------------------------------- ================================================================================ golang-github-aws-aws-sdk-go-1.4.22-0.5.git50762c1.el6 (FEDORA-EPEL-2017-13455bf767) AWS SDK for the Go programming language -------------------------------------------------------------------------------- Update Information: Bump to upstream 50762c1efc55dd2a05eac85fc170b0f65aeec28f -------------------------------------------------------------------------------- References: [ 1 ] Bug #1274280 - Tracker for golang-github-aws-aws-sdk-go https://bugzilla.redhat.com/show_bug.cgi?id=1274280 -------------------------------------------------------------------------------- ================================================================================ golang-github-coreos-go-iptables-0-0.10.git259c8e6.el6 (FEDORA-EPEL-2017-0f3b241d2b) Go wrapper around iptables utility -------------------------------------------------------------------------------- Update Information: Bump to upstream 259c8e6a4275d497442c721fa52204d7a58bde8b -------------------------------------------------------------------------------- References: [ 1 ] Bug #1262543 - Tracker for golang-github-coreos-go-iptables https://bugzilla.redhat.com/show_bug.cgi?id=1262543 -------------------------------------------------------------------------------- ================================================================================ golang-github-emicklei-go-restful-1.1.3-0.15.git09691a3.el6 (FEDORA-EPEL-2017-6d1e8d100e) Package for building REST-style Web Services using Google Go -------------------------------------------------------------------------------- Update Information: Bump to upstream 09691a3b6378b740595c1002f40c34dd5f218a22 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1215626 - Tracker for golang-github-emicklei-go-restful https://bugzilla.redhat.com/show_bug.cgi?id=1215626 -------------------------------------------------------------------------------- ================================================================================ golang-github-golang-appengine-0-0.13.git4f7eeb5.el6 (FEDORA-EPEL-2017-287c2802ec) Go App Engine for Managed VMs -------------------------------------------------------------------------------- Update Information: Bump to upstream 4f7eeb5305a4ba1966344836ba4af9996b7b4e05 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1249049 - Tracker for golang-github-golang-appengine https://bugzilla.redhat.com/show_bug.cgi?id=1249049 -------------------------------------------------------------------------------- ================================================================================ golang-github-google-gofuzz-0-0.18.git44d8105.el6 (FEDORA-EPEL-2017-3efd7289b6) Library for populating go objects with random values -------------------------------------------------------------------------------- Update Information: Bump to upstream 44d81051d367757e1c7c6a5a86423ece9afcf63c -------------------------------------------------------------------------------- References: [ 1 ] Bug #1249075 - Tracker for golang-github-google-gofuzz https://bugzilla.redhat.com/show_bug.cgi?id=1249075 -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-goauth2-0-0.22.git5432cc9.el6 (FEDORA-EPEL-2017-fb33715332) OAuth 2.0 for Go clients -------------------------------------------------------------------------------- Update Information: Bump to upstream 5432cc9688e6250a0dd8f5a5f4c781d92b398be6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1227273 - Tracker for golang-googlecode-goauth2 https://bugzilla.redhat.com/show_bug.cgi?id=1227273 -------------------------------------------------------------------------------- ================================================================================ nova-agent-2.1.6-1.el6 (FEDORA-EPEL-2017-fb2a2da6a5) Agent for setting up clean servers on Xen -------------------------------------------------------------------------------- Update Information: This is a new package. -------------------------------------------------------------------------------- ================================================================================ opensmtpd-6.0.2p1-6.el6 (FEDORA-EPEL-2017-590fd84f74) Free implementation of the server-side SMTP protocol as defined by RFC 5321 -------------------------------------------------------------------------------- Update Information: Fixing HAVE_REALLOCARRAY in portable -------------------------------------------------------------------------------- References: [ 1 ] Bug #1480303 - opensmptd: Accidentally interposes reallocarray https://bugzilla.redhat.com/show_bug.cgi?id=1480303 -------------------------------------------------------------------------------- ================================================================================ openvpn-2.4.4-1.el6 (FEDORA-EPEL-2017-a437fba22e) A full-featured SSL VPN solution -------------------------------------------------------------------------------- Update Information: Maintenance release with several minor upstream bugfixes and a security fix related to legacy configurations deploying the deprecated `key-method 1` configuration option ([CVE-2017-12166](https://community.openvpn.net/openvpn/wiki/CVE-2017-12166)). >From this update of, OpenVPN will use the lz4 compression library from Fedora EPEL instead of the upstream bundled library. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1497109 - CVE-2017-12166 openvpn: Incorrect bounds check in read_key() with 'key-method 1' https://bugzilla.redhat.com/show_bug.cgi?id=1497109 -------------------------------------------------------------------------------- ================================================================================ petsc-3.7.7-1.el6 (FEDORA-EPEL-2017-d0752f4896) Portable Extensible Toolkit for Scientific Computation -------------------------------------------------------------------------------- Update Information: - Update to 3.7.7 - Move petscvariables/petscrules under a private directory of libdir -------------------------------------------------------------------------------- ================================================================================ sysbench-1.0.9-2.el6 (FEDORA-EPEL-2017-ca8bf05df5) System performance benchmark -------------------------------------------------------------------------------- Update Information: Update to latest upstream release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1488694 - sysbench-1.0.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1488694 -------------------------------------------------------------------------------- ================================================================================ tor-0.2.9.12-1.el6 (FEDORA-EPEL-2017-e4d447e97c) Anonymizing overlay network for TCP -------------------------------------------------------------------------------- Update Information: update to upstream release 0.2.9.12 (SECURITY) (#1494860) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1494860 - tor-0.2.9.10-1.el7.x86_64 is unsecure and out of date https://bugzilla.redhat.com/show_bug.cgi?id=1494860 [ 2 ] Bug #1493512 - CVE-2017-0380 tor: Stack disclosure in hidden services logs when SafeLogging disabled [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1493512 [ 3 ] Bug #1493513 - CVE-2017-0380 tor: Stack disclosure in hidden services logs when SafeLogging disabled [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1493513 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
