The following Fedora EPEL 6 Security updates need testing: Age URL 885 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 879 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 769 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 740 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6 351 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac libbsd-0.8.3-2.el6 80 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4c76ddcc92 libmspack-0.6-0.1.alpha.el6 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-9882374b91 wordpress-4.9.1-1.el6 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-678916467d exim-4.89-4.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-ed87c07972 hostapd-2.6-7.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6aaee32b7e optipng-0.7.6-6.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-3432442a31 shellinabox-2.20-5.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing R-3.4.3-1.el6 hostapd-2.6-7.el6 lcgdm-1.9.1-1.el6 optipng-0.7.6-6.el6 python-pymediainfo-2.2.0-1.el6 shellinabox-2.20-5.el6 spamassassin-iXhash2-2.05-12.el6 tito-0.6.11-1.el6 Details about builds: ================================================================================ R-3.4.3-1.el6 (FEDORA-EPEL-2017-3e43d7395c) A language for data analysis and graphics -------------------------------------------------------------------------------- Update Information: Update to R 3.4.3, rebuild rpy and rkward to match. -------------------------------------------------------------------------------- ================================================================================ hostapd-2.6-7.el6 (FEDORA-EPEL-2017-ed87c07972) IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator -------------------------------------------------------------------------------- Update Information: Latest hostapd release with KRACK patches applied. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1503874 - KRACK affects hostapd https://bugzilla.redhat.com/show_bug.cgi?id=1503874 [ 2 ] Bug #1502588 - CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 hostapd: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1502588 [ 3 ] Bug #1468942 - attempting to create Access Point overrides modprobe for wifi and crashes https://bugzilla.redhat.com/show_bug.cgi?id=1468942 -------------------------------------------------------------------------------- ================================================================================ lcgdm-1.9.1-1.el6 (FEDORA-EPEL-2017-738fd741cd) LHC Computing Grid Data Management -------------------------------------------------------------------------------- Update Information: * new upstream release -------------------------------------------------------------------------------- ================================================================================ optipng-0.7.6-6.el6 (FEDORA-EPEL-2017-6aaee32b7e) PNG optimizer and converter -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-1000229 and CVE-2017-16938 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1520234 - CVE-2017-1000229 optipng: integer overflow in tiffread.c:minitiff_read_info() allows for arbitrary code execution https://bugzilla.redhat.com/show_bug.cgi?id=1520234 [ 2 ] Bug #1520227 - CVE-2017-16938 optipng: global buffer overflow in gifread.c:LZWReadByte when parsing malicious GIF https://bugzilla.redhat.com/show_bug.cgi?id=1520227 -------------------------------------------------------------------------------- ================================================================================ python-pymediainfo-2.2.0-1.el6 (FEDORA-EPEL-2017-54baa1189e) Python wrapper around the MediaInfo library -------------------------------------------------------------------------------- Update Information: Added python wrapper around MediaInfo library. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1519844 - Review Request: python-pymediainfo - Python wrapper around the MediaInfo library https://bugzilla.redhat.com/show_bug.cgi?id=1519844 -------------------------------------------------------------------------------- ================================================================================ shellinabox-2.20-5.el6 (FEDORA-EPEL-2017-3432442a31) Web based AJAX terminal emulator -------------------------------------------------------------------------------- Update Information: Disable SSHv1 options. -------------------------------------------------------------------------------- ================================================================================ spamassassin-iXhash2-2.05-12.el6 (FEDORA-EPEL-2017-b7bad7f5f6) SpamAssassin plugin to lookup e-mail checksums in blacklists -------------------------------------------------------------------------------- Update Information: Remove retired iXhash blacklists from default configuration -------------------------------------------------------------------------------- ================================================================================ tito-0.6.11-1.el6 (FEDORA-EPEL-2017-154e1b82f7) A tool for managing rpm based git projects -------------------------------------------------------------------------------- Update Information: - Fixing remote_git_name (adammhaile@xxxxxxxxx) - Fix links in README.md file (mzalewsk@xxxxxxxxxx) - Encourage usage of git push --follow-tags (mzalewsk@xxxxxxxxxx) - Print mock output when building with MockBuilder (yuxzhu@xxxxxxxxxx) - Fix a race condition when /tmp/tito doesn't exist (vfreex@xxxxxxxxx) - Don't append 'None' to Release line with no '%%{?dist}' part (patrice.fournier@xxxxxxxx) - python3's map() returns a map object, but we expect sources to be a list (evgeni@xxxxxxxx) - Submitting was missing a t. (jmrodri@xxxxxxxxx) - update links (robberphex@xxxxxxxxx) - use LC_ALL=C.UTF-8 rather than plain C (msuchy@xxxxxxxxxx) - make ReleaseTagger honour --use-version (egolov@xxxxxxxxxx) - also verify that ReleaseTagger supports --use-release (egolov@xxxxxxxxxx) - add test for ReleaseTagger together with --use-version (egolov@xxxxxxxxxx) - Format package list more cleanly (skuznets@xxxxxxxxxx) - Custom tag support in tito release (vrutkovs@xxxxxxxxxx) - VersionTagger should support custom tag format (vrutkovs@xxxxxxxxxx) - Remove createrepo_c BR from spec (ngompa13@xxxxxxxxx) - Use createrepo_c for creating rpm-md repos (ngompa13@xxxxxxxxx) - Fixup Fedora Dockerfiles to work correctly (ngompa13@xxxxxxxxx) - Remove useless EL5 stuff (ngompa13@xxxxxxxxx) ---- - Do not undo tags when git state is dirty (skuznets@xxxxxxxxxx) - Parse options in `tito init` (skuznets@xxxxxxxxxx) - Only use `rpmbuild --noclean` if it is supported (skuznets@xxxxxxxxxx) - Explicitly define indicies in formatting statements (skuznets@xxxxxxxxxx) - Achieve quiet output from `rpmbuild` without passing `--quiet` (skuznets@xxxxxxxxxx) - Update the MANIFEST.in (skuznets@xxxxxxxxxx) - Correctly pass verbosity options through the builder CLI (skuznets@xxxxxxxxxx) - Use correct print-formatting directive in debugging (skuznets@xxxxxxxxxx) - Use `.format()` string formatting correctly in Builder (skuznets@xxxxxxxxxx) - Refactor `rpmbuild` invocation for readability (skuznets@xxxxxxxxxx) - Added `--quiet` and `--verbose` to `tito build` (skuznets@xxxxxxxxxx) - Add a Travis CI manifest (skuznets@xxxxxxxxxx) - Only flush output stream if flushing is supported (skuznets@xxxxxxxxxx) - Added support for choosing platforms for tests (skuznets@xxxxxxxxxx) - Refactored version->tag mapping logic in Tagger (skuznets@xxxxxxxxxx) - Improved debugging for RPM build step (skuznets@xxxxxxxxxx) - Print command debugging information only once (skuznets@xxxxxxxxxx) - Flush output buffers (skuznets@xxxxxxxxxx) - Document `tito tag --use-release` in the manpage (skuznets@xxxxxxxxxx) - Added an option to not escalate privileges on `tito build --install` (skuznets@xxxxxxxxxx) - Factor out the version->tag mapping in the Builder (skuznets@xxxxxxxxxx) - Collapse tagger class selection logic (skuznets@xxxxxxxxxx) - Rename `globalconfig` section to `buildconfig` in README (skuznets@xxxxxxxxxx) - fixes #29 - remove --list-tags and --only-tags (jmrodri@xxxxxxxxx) - 253 - print cmd info when --debug is supplied (jmrodri@xxxxxxxxx) - Work around `dnf` issues and install builddep for Rawhide (skuznets@xxxxxxxxxx) -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
