The following Fedora EPEL 6 Security updates need testing: Age URL 848 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 842 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 732 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 704 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6 315 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac libbsd-0.8.3-2.el6 44 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4c76ddcc92 libmspack-0.6-0.1.alpha.el6 28 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-164cc614ff nagios-4.3.4-4.el6 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-51e496e5c0 seamonkey-2.49.1-1.el6 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e031963c40 tomcat-7.0.82-1.el6 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-29f7b67071 wordpress-4.8.3-1.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-68e2defc4c fedpkg-1.30-3.el6 rpkg-1.51-1.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-16d441d000 pcre2-10.21-21.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing bindfs-1.13.8-1.el6 fedpkg-1.30-3.el6 globus-gsi-credential-7.13-1.el6 globus-gsi-sysconfig-8.0-1.el6 globus-gssapi-gsi-13.4-1.el6 inxi-2.3.43-1.el6 julietaula-montserrat-fonts-7.200-1.el6 lynis-2.5.7-2.el6 pcre2-10.21-21.el6 perl-Date-Holidays-DE-1.9-4.el6 python-enlighten-1.0.6-1.el6 rho-0.0.29-1.el6 rpkg-1.51-1.el6 xrootd-4.7.1-1.el6 Details about builds: ================================================================================ bindfs-1.13.8-1.el6 (FEDORA-EPEL-2017-6576ede505) Fuse filesystem to mirror a directory -------------------------------------------------------------------------------- Update Information: Update to new release to fix nested FUSE mounts: https://github.com/mpartel/bindfs/issues/54 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1508177 - bindfs-1.13.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1508177 -------------------------------------------------------------------------------- ================================================================================ fedpkg-1.30-3.el6 (FEDORA-EPEL-2017-68e2defc4c) Fedora utility for working with dist-git -------------------------------------------------------------------------------- Update Information: **rpkg** - Ignore TestModulesCli if openidc-client is unavailable (cqi) - Port mbs-build to rpkg (mprahl) - Add .vscode to .gitignore (mprahl) - Fix TestPatch.test_rediff in order to run with old version of mock (cqi) - Allow to specify alternative Copr config file - #184 (cqi) - Tests for patch command (cqi) - More Tests for mockbuild command (cqi) - More tests for getting spec file (cqi) - Tests for container-build-setup command (cqi) - Test for container- build to use custom config (cqi) - Suppress output from git command within setUp (cqi) - Skip test if rpmfluff is not available (lsedlar) - Allow to override build URL (cqi) - Test for mock-config command (cqi) - Tests for copr-build command (cqi) - Fix arch-override for container-build (lucarval) - Remove unsupported osbs for container-build (lucarval) - cli: add --arches support for koji_cointainerbuild (mlangsdo) - Strip refs/heads/ from branch only once (lsedlar) - Don't install bin and config files (cqi) - Fix kojiprofile selection in cliClient.container_build_koji (cqi) - Avoid branch detection for 'rpkg sources' (praiskup) - Fix encoding in new command (cqi) - Minor wording improvement in help (pgier) - Fix indentation (pviktori) - Add --with and --without options to mockbuild (pviktori) **fedpkg** - Tests for update command (cqi) - Add support for module commands (mprahl) - Clean rest cert related code (cqi) - Remove fedora cert (cqi) - Override build URL for Koji (cqi) - changing anongiturl to use src.fp.o instead of pkgs.fp.o. - #119 (tflink) - Add tests (cqi) - Enable lookaside_namespaced - #130 (cqi) - Detect dist tag correctly for RHEL and CentOS - #141 (cqi) - Remove deprecated call to platform.dist (cqi) - Do not prompt hint for SSL cert if fail to log into Koji (cqi) - Add more container-build options to bash completion (cqi) - Remove osbs from bash completion - #138 (cqi) - Install executables via entry_points - #134 (cqi) - Fix container build target (lsedlar) - Get correct build target for rawhide containers (lsedlar) - Update error message to reflect deprecation of --dist option (pgier) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1188634 - fedpkg clone -a should use https:// transport https://bugzilla.redhat.com/show_bug.cgi?id=1188634 -------------------------------------------------------------------------------- ================================================================================ globus-gsi-credential-7.13-1.el6 (FEDORA-EPEL-2017-5536233b7d) Globus Toolkit - Globus GSI Credential Library -------------------------------------------------------------------------------- Update Information: globus-gsi-credential * Remove prototype for non-existing function (7.12) * Remove compatibility shims for old versions of OpenSSL (7.13) globus-gsi- sysconfig * Add cert and key checks based on different uid globus-gssapi-gsi * Allow configuration of non-root user to own credentials for root services (13.3) * Improve vhost support (13.4) -------------------------------------------------------------------------------- ================================================================================ globus-gsi-sysconfig-8.0-1.el6 (FEDORA-EPEL-2017-5536233b7d) Globus Toolkit - Globus GSI System Config Library -------------------------------------------------------------------------------- Update Information: globus-gsi-credential * Remove prototype for non-existing function (7.12) * Remove compatibility shims for old versions of OpenSSL (7.13) globus-gsi- sysconfig * Add cert and key checks based on different uid globus-gssapi-gsi * Allow configuration of non-root user to own credentials for root services (13.3) * Improve vhost support (13.4) -------------------------------------------------------------------------------- ================================================================================ globus-gssapi-gsi-13.4-1.el6 (FEDORA-EPEL-2017-5536233b7d) Globus Toolkit - GSSAPI library -------------------------------------------------------------------------------- Update Information: globus-gsi-credential * Remove prototype for non-existing function (7.12) * Remove compatibility shims for old versions of OpenSSL (7.13) globus-gsi- sysconfig * Add cert and key checks based on different uid globus-gssapi-gsi * Allow configuration of non-root user to own credentials for root services (13.3) * Improve vhost support (13.4) -------------------------------------------------------------------------------- ================================================================================ inxi-2.3.43-1.el6 (FEDORA-EPEL-2017-75a3eb51fd) A full featured system information script -------------------------------------------------------------------------------- Update Information: Update to 2.3.43. -------------------------------------------------------------------------------- ================================================================================ julietaula-montserrat-fonts-7.200-1.el6 (FEDORA-EPEL-2017-f6f8f9965a) Sans-serif typeface created by Julieta Ulanovsky -------------------------------------------------------------------------------- Update Information: New update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1508682 - julietaula-montserrat-fonts-v7.200 is available https://bugzilla.redhat.com/show_bug.cgi?id=1508682 -------------------------------------------------------------------------------- ================================================================================ lynis-2.5.7-2.el6 (FEDORA-EPEL-2017-76f32fe8ea) Security and system auditing tool -------------------------------------------------------------------------------- Update Information: Update to 2.5.7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1508417 - lynis-2.5.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1508417 -------------------------------------------------------------------------------- ================================================================================ pcre2-10.21-21.el6 (FEDORA-EPEL-2017-16d441d000) Perl-compatible regular expression library -------------------------------------------------------------------------------- Update Information: This release allows pcre2grep tool to accept file names longer than 128 bytes when running in a recursive mode. ---- This release fixes a buffer overflow in pcre2test tool when processing error messages in UTF-32 mode. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1500717 - CVE-2017-8786 pcre2: Heap-based buffer overflow in pcre2test.c https://bugzilla.redhat.com/show_bug.cgi?id=1500717 -------------------------------------------------------------------------------- ================================================================================ perl-Date-Holidays-DE-1.9-4.el6 (FEDORA-EPEL-2017-bd4fe74619) Perl module to determine German holidays -------------------------------------------------------------------------------- Update Information: Date::Holidays::DE v1.9 ========================= * Version bump in a desperate attempt to fix some inconsistency Date::Holidays::DE v1.8.3 ========================= * Removed hard Date::Calc version dependency -------------------------------------------------------------------------------- ================================================================================ python-enlighten-1.0.6-1.el6 (FEDORA-EPEL-2017-7157f5f23a) Enlighten Progress Bar -------------------------------------------------------------------------------- Update Information: Initial package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1502091 - Review Request: python-enlighten - Enlighten Progress Bar https://bugzilla.redhat.com/show_bug.cgi?id=1502091 -------------------------------------------------------------------------------- ================================================================================ rho-0.0.29-1.el6 (FEDORA-EPEL-2017-bfff403315) An SSH system profiler -------------------------------------------------------------------------------- Update Information: # Testing Rho To set up Rho, you create profiles that control how to run each scan. - Authentication profiles contain user credentials for a user with sufficient authority to complete the scan (for example, a root user or one with root-level access obtained through -sudo privilege escalation). - Network profiles contain network identifiers (for example, a hostname, IP address, or range of IP addresses) and the authentication profiles to be used for a scan. Complete the following steps, repeating them as necessary to access all parts of your environment that you want to scan: 1. Create at least one authentication profile with root-level access to Rho: ``` rho auth add --name auth_name --username root_name(--sshkeyfile key_file | --password) ``` a. At the Rho vault password prompt, create a new Rho vault password. This password is required to access the encrypted Rho data, such as authentication and network profiles, scan data, and other information. b. If you did not use the sshkeyfile option to provide an SSH key for the username value, enter the password of the user with root-level access at the connection password prompt. For example, for an authentication profile where the authentication profile name is roothost1, the user with root-level access is root, and the SSH key for the user is in the path ~/.ssh/id_rsa, you would enter the following command: ``` rho auth add --name roothost1 --username root --sshkeyfile ~/.ssh/id_rsa ``` You can also use the sudo-password option to create an authentication profile for a user with root-level access who requires a password to obtain this privilege. You can use the sudo-password option with either the sshkeyfile or the password option. For example, for an authentication profile where the authentication profile name is sudouser1, the user with root-level access is sysadmin, and the access is obtained through the password option, you would enter the following command: ``` rho auth add --name sudouser1 --username sysadmin --password --sudo-password ``` After you enter this command, you are prompted to enter two passwords. First, you would enter the connection password for the username user, and then you would enter the password for the sudo command. 2. Create at least one network profile that specifies one or more network identifiers, such as a host name, an IP address, a list of IP addresses, or an IP range, and one or more authentication profiles to be used for the scan: ``` rho profile add --name profile_name --hosts host_name_or_file --auth auth_name ``` For example, for a network profile where the name of the network profile is mynetwork, the network to be scanned is the 192.0.2.0/24 subnet, and the authentication profiles that are used to run the scan are roothost1 and roothost2, you would enter the following command: ``` rho profile add --name mynetwork --hosts 192.0.2.[1:254] --auth roothost1 roothost2 ``` You can also use a file to pass in the network identifiers. If you use a file to enter multiple network identifiers, such as multiple individual IP addresses, enter each on a single line. For example, for a network profile where the path to this file is /home/user1/hosts_file, you would enter the following command: ``` rho profile add --name mynetwork --hosts /home/user1/hosts_file --auth roothost1 roothost2 ``` # Running a scan Run the scan by using the scan command, specifying a network profile for the profile option and a location to store the output as a file in the comma-separated variables (CSV) format for the reportfile option: ``` rho scan --profile profile_name --reportfile filename.csv ``` For example, if you want to use the network profile mynetwork and save the report as mynetwork_scan1.csv, you would enter the following command: ``` rho scan --profile mynetwork --reportfile mynetwork_scan1.csv ``` -------------------------------------------------------------------------------- ================================================================================ rpkg-1.51-1.el6 (FEDORA-EPEL-2017-68e2defc4c) Python library for interacting with rpm+git -------------------------------------------------------------------------------- Update Information: **rpkg** - Ignore TestModulesCli if openidc-client is unavailable (cqi) - Port mbs-build to rpkg (mprahl) - Add .vscode to .gitignore (mprahl) - Fix TestPatch.test_rediff in order to run with old version of mock (cqi) - Allow to specify alternative Copr config file - #184 (cqi) - Tests for patch command (cqi) - More Tests for mockbuild command (cqi) - More tests for getting spec file (cqi) - Tests for container-build-setup command (cqi) - Test for container- build to use custom config (cqi) - Suppress output from git command within setUp (cqi) - Skip test if rpmfluff is not available (lsedlar) - Allow to override build URL (cqi) - Test for mock-config command (cqi) - Tests for copr-build command (cqi) - Fix arch-override for container-build (lucarval) - Remove unsupported osbs for container-build (lucarval) - cli: add --arches support for koji_cointainerbuild (mlangsdo) - Strip refs/heads/ from branch only once (lsedlar) - Don't install bin and config files (cqi) - Fix kojiprofile selection in cliClient.container_build_koji (cqi) - Avoid branch detection for 'rpkg sources' (praiskup) - Fix encoding in new command (cqi) - Minor wording improvement in help (pgier) - Fix indentation (pviktori) - Add --with and --without options to mockbuild (pviktori) **fedpkg** - Tests for update command (cqi) - Add support for module commands (mprahl) - Clean rest cert related code (cqi) - Remove fedora cert (cqi) - Override build URL for Koji (cqi) - changing anongiturl to use src.fp.o instead of pkgs.fp.o. - #119 (tflink) - Add tests (cqi) - Enable lookaside_namespaced - #130 (cqi) - Detect dist tag correctly for RHEL and CentOS - #141 (cqi) - Remove deprecated call to platform.dist (cqi) - Do not prompt hint for SSL cert if fail to log into Koji (cqi) - Add more container-build options to bash completion (cqi) - Remove osbs from bash completion - #138 (cqi) - Install executables via entry_points - #134 (cqi) - Fix container build target (lsedlar) - Get correct build target for rawhide containers (lsedlar) - Update error message to reflect deprecation of --dist option (pgier) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1188634 - fedpkg clone -a should use https:// transport https://bugzilla.redhat.com/show_bug.cgi?id=1188634 -------------------------------------------------------------------------------- ================================================================================ xrootd-4.7.1-1.el6 (FEDORA-EPEL-2017-fe99879076) Extended ROOT file server -------------------------------------------------------------------------------- Update Information: https://github.com/xrootd/xrootd/blob/v4.7.1/docs/ReleaseNotes.txt -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
