Fedora EPEL 6 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The following Fedora EPEL 6 Security updates need testing:
 Age  URL
 924  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168   rubygem-crack-0.3.2-2.el6
 814  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb   mcollective-2.8.4-1.el6
 786  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9   thttpd-2.25b-24.el6
 396  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac   libbsd-0.8.3-2.el6
 125  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4c76ddcc92   libmspack-0.6-0.1.alpha.el6
  45  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6aaee32b7e   optipng-0.7.6-6.el6
  27  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6e4ce19598   monit-5.25.1-1.el6
  17  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-8c9006d462   heimdal-7.5.0-1.el6
  13  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-fde8252ab7   python-bottle-0.12.13-1.el6
  11  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-752a7c9ad4   rootsh-1.5.3-17.el6
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-2ba6bfc5d8   wordpress-4.9.2-1.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    GraphicsMagick-1.3.28-1.el6
    distribution-gpg-keys-1.18-1.el6
    fedfind-4.0.0-1.el6
    mozilla-https-everywhere-2018.1.11-1.el6

Details about builds:


================================================================================
 GraphicsMagick-1.3.28-1.el6 (FEDORA-EPEL-2018-1049ca4872)
 An ImageMagick fork, offering faster image generation and better quality
--------------------------------------------------------------------------------
Update Information:

Latest stable release, includes many bug and security fixes.  See also
http://www.graphicsmagick.org/NEWS.html#january-20-2017
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1473729 - CVE-2017-11102 GraphicsMagick: Input validation failure in ReadOneJNGImage function may cause denial of service [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1473729
  [ 2 ] Bug #1473741 - CVE-2017-11139 GraphicsMagick: double free vulnerabilities in the [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1473741
  [ 3 ] Bug #1473752 - CVE-2017-11140 GraphicsMagick: Resource exhaustion denial of service in ReadJPEGImage function [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1473752
  [ 4 ] Bug #1475454 - CVE-2017-11637 GraphicsMagick: NULL pointer dereference in WritePCLImage() in coders/pcl.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1475454
  [ 5 ] Bug #1475458 - CVE-2017-11636 GraphicsMagick: Heap based buffer over-write in WriteRGBImage in coders/rgb.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1475458
  [ 6 ] Bug #1475490 - CVE-2017-11641 GraphicsMagick: Memory Leak in the PersistCache in magick/pixel_cache.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1475490
  [ 7 ] Bug #1475498 - CVE-2017-11643 GraphicsMagick: Heap based over-write in WriteCMYKImagefunction in coders/cmyk.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1475498
  [ 8 ] Bug #1484483 - CVE-2017-13147 GraphicsMagick: Allocation failure in ReadMNGImage function in coders/png.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1484483
  [ 9 ] Bug #1512038 - CVE-2017-16669 GraphicsMagick: Heap buffer over-write in AcquireCacheNexus function in magick/pixel_cache.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1512038
  [ 10 ] Bug #1512049 - CVE-2017-16353 GraphicsMagick: ImageMagick, GraphicsMagick: memory information disclosure in DescribeImage function in magick/describe.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1512049
  [ 11 ] Bug #1528037 - CVE-2017-17782 GraphicsMagick: heap-based buffer over-read in ReadOneJNGImage function in coders/png.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1528037
  [ 12 ] Bug #1528051 - CVE-2017-17783 GraphicsMagick: heap based buffer over-read in ReadPALMImage in coders/palm.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1528051
  [ 13 ] Bug #1529535 - CVE-2017-17915 GraphicsMagick: Memory leak in the function ReadMNGImage in coders/png.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1529535
  [ 14 ] Bug #1529557 - CVE-2017-17913 GraphicsMagick: stack-based buffer over-read in WriteWEBPImage in coders/webp.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1529557
  [ 15 ] Bug #1529580 - CVE-2017-17912 GraphicsMagick:  GraphicsMagick: heap-based buffer over-read in ReadNewsProfile in coders/tiff.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1529580
  [ 16 ] Bug #1536951 - GraphicsMagick: 2018-5685 GraphicsMagick: Infinite loop and application hang in coders/bmp.c:ReadBMPImage [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1536951
--------------------------------------------------------------------------------


================================================================================
 distribution-gpg-keys-1.18-1.el6 (FEDORA-EPEL-2018-4c19ea99da)
 GPG keys of various Linux distributions
--------------------------------------------------------------------------------
Update Information:

- updated Copr keys - add UnitedRPMs - add remi 2018 key
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1536804 - distribution-gpg-keys-1.18-1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1536804
--------------------------------------------------------------------------------


================================================================================
 fedfind-4.0.0-1.el6 (FEDORA-EPEL-2018-a79242a0ec)
 Fedora compose and image finder
--------------------------------------------------------------------------------
Update Information:

This update provides a new major release of fedfind. It is going out to stable
releases as fedfind is used quite extensively in Fedora QA infrastructure, and
we prefer to keep all those deployments on the latest code. The new release also
provides some significant enhancements in correctness checking that will be
useful in these cases.  See [the upstream changelog](https://pagure.io/fedora-
qa/fedfind/blob/5713f806517a358a5761aaaff9cfd276f8aeb862/f/CHANGELOG.md) for
more details on the specific changes in this release. Most uses of fedfind (both
CLI and as a Python library) should continue to work unchanged, or with only
minimal changes (mainly because `get_release` can raise some different
exceptions now).
--------------------------------------------------------------------------------


================================================================================
 mozilla-https-everywhere-2018.1.11-1.el6 (FEDORA-EPEL-2018-1e59402c3f)
 HTTPS enforcement extension for Mozilla Firefox
--------------------------------------------------------------------------------
Update Information:

* More ruleset updates
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux