The following Fedora EPEL 6 Security updates need testing: Age URL 856 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 850 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 740 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 712 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6 323 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac libbsd-0.8.3-2.el6 52 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4c76ddcc92 libmspack-0.6-0.1.alpha.el6 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-29f7b67071 wordpress-4.8.3-1.el6 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-16d441d000 pcre2-10.21-21.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-ed87c07972 hostapd-2.6-6.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-2bd5c2db5b php-PHPMailer-5.2.26-1.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-68e2defc4c fedpkg-1.30-4.el6 rpkg-1.51-2.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-b490886f67 roundcubemail-1.0.12-1.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-b791c39304 python-copr-1.84-1.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing ProDy-1.9.3-1.el6 copr-cli-1.65-1.el6 fedpkg-1.30-4.el6 globus-gridftp-server-12.4-1.el6 globus-gridftp-server-control-6.0-3.el6 globus-gsi-credential-7.14-1.el6 globus-gsi-sysconfig-8.0-1.el6 globus-gssapi-gsi-13.4-1.el6 libmediainfo-17.10-1.el6 mediainfo-17.10-1.el6 perl-Finance-Quote-1.45-1.el6 python-copr-1.83-1.el6 python-copr-1.84-1.el6 roundcubemail-1.0.12-1.el6 rpkg-1.51-2.el6 zstd-1.3.2-1.el6 Details about builds: ================================================================================ ProDy-1.9.3-1.el6 (FEDORA-EPEL-2017-0498e9b356) Application for protein structure, dynamics and sequence analysis -------------------------------------------------------------------------------- Update Information: - Update to 1.9.3 - Obsolete old patch -------------------------------------------------------------------------------- ================================================================================ copr-cli-1.65-1.el6 (FEDORA-EPEL-2017-93916bf5e9) Command line interface for COPR -------------------------------------------------------------------------------- Update Information: - allow to set use_bootstrap_container via API -------------------------------------------------------------------------------- ================================================================================ fedpkg-1.30-4.el6 (FEDORA-EPEL-2017-68e2defc4c) Fedora utility for working with dist-git -------------------------------------------------------------------------------- Update Information: **Update** - Fixed chain-build - Remove hard dependency of bash-completion from fedpkg **rpkg** - Ignore TestModulesCli if openidc-client is unavailable (cqi) - Port mbs-build to rpkg (mprahl) - Add .vscode to .gitignore (mprahl) - Fix TestPatch.test_rediff in order to run with old version of mock (cqi) - Allow to specify alternative Copr config file - #184 (cqi) - Tests for patch command (cqi) - More Tests for mockbuild command (cqi) - More tests for getting spec file (cqi) - Tests for container-build-setup command (cqi) - Test for container- build to use custom config (cqi) - Suppress output from git command within setUp (cqi) - Skip test if rpmfluff is not available (lsedlar) - Allow to override build URL (cqi) - Test for mock-config command (cqi) - Tests for copr-build command (cqi) - Fix arch-override for container-build (lucarval) - Remove unsupported osbs for container-build (lucarval) - cli: add --arches support for koji_cointainerbuild (mlangsdo) - Strip refs/heads/ from branch only once (lsedlar) - Don't install bin and config files (cqi) - Fix kojiprofile selection in cliClient.container_build_koji (cqi) - Avoid branch detection for 'rpkg sources' (praiskup) - Fix encoding in new command (cqi) - Minor wording improvement in help (pgier) - Fix indentation (pviktori) - Add --with and --without options to mockbuild (pviktori) **fedpkg** - Tests for update command (cqi) - Add support for module commands (mprahl) - Clean rest cert related code (cqi) - Remove fedora cert (cqi) - Override build URL for Koji (cqi) - changing anongiturl to use src.fp.o instead of pkgs.fp.o. - #119 (tflink) - Add tests (cqi) - Enable lookaside_namespaced - #130 (cqi) - Detect dist tag correctly for RHEL and CentOS - #141 (cqi) - Remove deprecated call to platform.dist (cqi) - Do not prompt hint for SSL cert if fail to log into Koji (cqi) - Add more container-build options to bash completion (cqi) - Remove osbs from bash completion - #138 (cqi) - Install executables via entry_points - #134 (cqi) - Fix container build target (lsedlar) - Get correct build target for rawhide containers (lsedlar) - Update error message to reflect deprecation of --dist option (pgier) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1188634 - fedpkg clone -a should use https:// transport https://bugzilla.redhat.com/show_bug.cgi?id=1188634 [ 2 ] Bug #1509322 - fedpkg >= 1.30-1 depends on bash-completion https://bugzilla.redhat.com/show_bug.cgi?id=1509322 -------------------------------------------------------------------------------- ================================================================================ globus-gridftp-server-12.4-1.el6 (FEDORA-EPEL-2017-5536233b7d) Globus Toolkit - Globus GridFTP Server -------------------------------------------------------------------------------- Update Information: globus-gridftp-server * Ignore backup & packaging files in config.d globus- gridftp-server-control * Terminate the connection if server fails to write the 220 banner globus-gsi-credential * Remove prototype for non-existing function (7.12) * Fix crash when handle->cert not set in call to globus_gsi_cred_get_cert (7.13) * Remove compatibility shims for old versions of OpenSSL (7.13) * Fix issue with voms proxy and openssl 1.1 (7.14) globus-gsi-sysconfig * Add cert and key checks based on different uid globus-gssapi-gsi * Allow configuration of non-root user to own credentials for root services (13.3) * Improve vhost support (13.4) -------------------------------------------------------------------------------- ================================================================================ globus-gridftp-server-control-6.0-3.el6 (FEDORA-EPEL-2017-5536233b7d) Globus Toolkit - Globus GridFTP Server Library -------------------------------------------------------------------------------- Update Information: globus-gridftp-server * Ignore backup & packaging files in config.d globus- gridftp-server-control * Terminate the connection if server fails to write the 220 banner globus-gsi-credential * Remove prototype for non-existing function (7.12) * Fix crash when handle->cert not set in call to globus_gsi_cred_get_cert (7.13) * Remove compatibility shims for old versions of OpenSSL (7.13) * Fix issue with voms proxy and openssl 1.1 (7.14) globus-gsi-sysconfig * Add cert and key checks based on different uid globus-gssapi-gsi * Allow configuration of non-root user to own credentials for root services (13.3) * Improve vhost support (13.4) -------------------------------------------------------------------------------- ================================================================================ globus-gsi-credential-7.14-1.el6 (FEDORA-EPEL-2017-5536233b7d) Globus Toolkit - Globus GSI Credential Library -------------------------------------------------------------------------------- Update Information: globus-gridftp-server * Ignore backup & packaging files in config.d globus- gridftp-server-control * Terminate the connection if server fails to write the 220 banner globus-gsi-credential * Remove prototype for non-existing function (7.12) * Fix crash when handle->cert not set in call to globus_gsi_cred_get_cert (7.13) * Remove compatibility shims for old versions of OpenSSL (7.13) * Fix issue with voms proxy and openssl 1.1 (7.14) globus-gsi-sysconfig * Add cert and key checks based on different uid globus-gssapi-gsi * Allow configuration of non-root user to own credentials for root services (13.3) * Improve vhost support (13.4) -------------------------------------------------------------------------------- ================================================================================ globus-gsi-sysconfig-8.0-1.el6 (FEDORA-EPEL-2017-5536233b7d) Globus Toolkit - Globus GSI System Config Library -------------------------------------------------------------------------------- Update Information: globus-gridftp-server * Ignore backup & packaging files in config.d globus- gridftp-server-control * Terminate the connection if server fails to write the 220 banner globus-gsi-credential * Remove prototype for non-existing function (7.12) * Fix crash when handle->cert not set in call to globus_gsi_cred_get_cert (7.13) * Remove compatibility shims for old versions of OpenSSL (7.13) * Fix issue with voms proxy and openssl 1.1 (7.14) globus-gsi-sysconfig * Add cert and key checks based on different uid globus-gssapi-gsi * Allow configuration of non-root user to own credentials for root services (13.3) * Improve vhost support (13.4) -------------------------------------------------------------------------------- ================================================================================ globus-gssapi-gsi-13.4-1.el6 (FEDORA-EPEL-2017-5536233b7d) Globus Toolkit - GSSAPI library -------------------------------------------------------------------------------- Update Information: globus-gridftp-server * Ignore backup & packaging files in config.d globus- gridftp-server-control * Terminate the connection if server fails to write the 220 banner globus-gsi-credential * Remove prototype for non-existing function (7.12) * Fix crash when handle->cert not set in call to globus_gsi_cred_get_cert (7.13) * Remove compatibility shims for old versions of OpenSSL (7.13) * Fix issue with voms proxy and openssl 1.1 (7.14) globus-gsi-sysconfig * Add cert and key checks based on different uid globus-gssapi-gsi * Allow configuration of non-root user to own credentials for root services (13.3) * Improve vhost support (13.4) -------------------------------------------------------------------------------- ================================================================================ libmediainfo-17.10-1.el6 (FEDORA-EPEL-2017-8e4ce3215d) Library for supplies technical and tag information about a video or audio file -------------------------------------------------------------------------------- Update Information: Update to 17.10. -------------------------------------------------------------------------------- ================================================================================ mediainfo-17.10-1.el6 (FEDORA-EPEL-2017-8e4ce3215d) Supplies technical and tag information about a video or audio file (CLI) -------------------------------------------------------------------------------- Update Information: Update to 17.10. -------------------------------------------------------------------------------- ================================================================================ perl-Finance-Quote-1.45-1.el6 (FEDORA-EPEL-2017-84459b620f) A Perl module that retrieves stock and mutual fund quotes -------------------------------------------------------------------------------- Update Information: Current upstream maintenance release. Various sources fixed, new source AlphaVantage added. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1509722 - perl-Finance-Quote-1.40 is available https://bugzilla.redhat.com/show_bug.cgi?id=1509722 [ 2 ] Bug #1510220 - perl-Finance-Quote-1.42 is available https://bugzilla.redhat.com/show_bug.cgi?id=1510220 [ 3 ] Bug #1510678 - perl-Finance-Quote-1.44 is available https://bugzilla.redhat.com/show_bug.cgi?id=1510678 [ 4 ] Bug #1511240 - perl-Finance-Quote-1.45 is available https://bugzilla.redhat.com/show_bug.cgi?id=1511240 -------------------------------------------------------------------------------- ================================================================================ python-copr-1.83-1.el6 (FEDORA-EPEL-2017-93916bf5e9) Python interface for Copr -------------------------------------------------------------------------------- Update Information: - allow to set use_bootstrap_container via API -------------------------------------------------------------------------------- ================================================================================ python-copr-1.84-1.el6 (FEDORA-EPEL-2017-b791c39304) Python interface for Copr -------------------------------------------------------------------------------- Update Information: Change default COPR URL route from http://copr.fedoraproject.org to https://copr.fedorainfracloud.org -------------------------------------------------------------------------------- ================================================================================ roundcubemail-1.0.12-1.el6 (FEDORA-EPEL-2017-b490886f67) Round Cube Webmail is a browser-based multilingual IMAP client -------------------------------------------------------------------------------- Update Information: Upstream announcement for **Version 1.0.12** This is a security update to the LTS version 1.0. It closes a potential file disclosure vulnerability discovered in the file-based attachment plugins. While there's currently no exploit path for Roundcube 1.0.x the fix was nevertheless back-ported to protect from yet unknown zero-day exploits. It's considered stable and we recommend to update all productive installations of Roundcube 1.0.x with this version if for some reason you're not able to upgrade to the latest stable version. Please do backup your data before updating! **Changelog** - Fix file disclosure vulnerability caused by insufficient input validation **CVE-2017-16651** (#6026) -------------------------------------------------------------------------------- ================================================================================ rpkg-1.51-2.el6 (FEDORA-EPEL-2017-68e2defc4c) Python library for interacting with rpm+git -------------------------------------------------------------------------------- Update Information: **Update** - Fixed chain-build - Remove hard dependency of bash-completion from fedpkg **rpkg** - Ignore TestModulesCli if openidc-client is unavailable (cqi) - Port mbs-build to rpkg (mprahl) - Add .vscode to .gitignore (mprahl) - Fix TestPatch.test_rediff in order to run with old version of mock (cqi) - Allow to specify alternative Copr config file - #184 (cqi) - Tests for patch command (cqi) - More Tests for mockbuild command (cqi) - More tests for getting spec file (cqi) - Tests for container-build-setup command (cqi) - Test for container- build to use custom config (cqi) - Suppress output from git command within setUp (cqi) - Skip test if rpmfluff is not available (lsedlar) - Allow to override build URL (cqi) - Test for mock-config command (cqi) - Tests for copr-build command (cqi) - Fix arch-override for container-build (lucarval) - Remove unsupported osbs for container-build (lucarval) - cli: add --arches support for koji_cointainerbuild (mlangsdo) - Strip refs/heads/ from branch only once (lsedlar) - Don't install bin and config files (cqi) - Fix kojiprofile selection in cliClient.container_build_koji (cqi) - Avoid branch detection for 'rpkg sources' (praiskup) - Fix encoding in new command (cqi) - Minor wording improvement in help (pgier) - Fix indentation (pviktori) - Add --with and --without options to mockbuild (pviktori) **fedpkg** - Tests for update command (cqi) - Add support for module commands (mprahl) - Clean rest cert related code (cqi) - Remove fedora cert (cqi) - Override build URL for Koji (cqi) - changing anongiturl to use src.fp.o instead of pkgs.fp.o. - #119 (tflink) - Add tests (cqi) - Enable lookaside_namespaced - #130 (cqi) - Detect dist tag correctly for RHEL and CentOS - #141 (cqi) - Remove deprecated call to platform.dist (cqi) - Do not prompt hint for SSL cert if fail to log into Koji (cqi) - Add more container-build options to bash completion (cqi) - Remove osbs from bash completion - #138 (cqi) - Install executables via entry_points - #134 (cqi) - Fix container build target (lsedlar) - Get correct build target for rawhide containers (lsedlar) - Update error message to reflect deprecation of --dist option (pgier) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1188634 - fedpkg clone -a should use https:// transport https://bugzilla.redhat.com/show_bug.cgi?id=1188634 [ 2 ] Bug #1509322 - fedpkg >= 1.30-1 depends on bash-completion https://bugzilla.redhat.com/show_bug.cgi?id=1509322 -------------------------------------------------------------------------------- ================================================================================ zstd-1.3.2-1.el6 (FEDORA-EPEL-2017-92595fad02) Zstd compression library -------------------------------------------------------------------------------- Update Information: Latest upstream -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
