The following Fedora EPEL 6 Security updates need testing: Age URL 832 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 826 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 716 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 687 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6 298 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac libbsd-0.8.3-2.el6 27 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4c76ddcc92 libmspack-0.6-0.1.alpha.el6 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-1f4bfd5d1d botan-1.8.15-2.el6 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-164cc614ff nagios-4.3.4-4.el6 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8abafd9ad0 check-mk-1.2.6p16-5.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-0177a71c41 tnef-1.4.15-1.el6 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-f7e4cbd529 golang-1.7.6-2.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-0100ef8963 tre-0.7.6-3.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-93a3dd5663 cacti-1.1.19-2.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing cacti-1.1.19-2.el6 fedfind-3.6.4-1.el6 tre-0.7.6-3.el6 Details about builds: ================================================================================ cacti-1.1.19-2.el6 (FEDORA-EPEL-2017-93a3dd5663) An rrd based graphing tool -------------------------------------------------------------------------------- Update Information: - CVE-2017-15194 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1500456 - CVE-2017-15194 cacti: XSS in the URI / refresh page in include/global_session.php https://bugzilla.redhat.com/show_bug.cgi?id=1500456 -------------------------------------------------------------------------------- ================================================================================ fedfind-3.6.4-1.el6 (FEDORA-EPEL-2017-a96a15e55c) Fedora compose and image finder -------------------------------------------------------------------------------- Update Information: This new release of fedfind fixes use of the `expected_images` property (and hence `check_expected()` method) with modular composes. In 3.6.2 and earlier, it caused a crash. -------------------------------------------------------------------------------- ================================================================================ tre-0.7.6-3.el6 (FEDORA-EPEL-2017-0100ef8963) POSIX compatible regexp library with approximate matching -------------------------------------------------------------------------------- Update Information: Fix CVE-2016-8859 Regex integer overflow in buffer size computations. Probably fix CVE-2015-3796 (see upstream [issue #37](https://github.com/laurikari/tre/issues/37) and Chromium Project Zero [bug #428](https://bugs.chromium.org/p/project-zero/issues/detail?id=428)) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1387112 - CVE-2016-8859 tre: Regex integer overflow in buffer size computations https://bugzilla.redhat.com/show_bug.cgi?id=1387112 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
