Fedora EPEL 6 updates-testing report

updates@xxxxxxxxxxxxxxxxx · Wed, 7 Feb 2018 13:52:46 +0000 (UTC)

The following Fedora EPEL 6 Security updates need testing:
 Age  URL
 938  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168   rubygem-crack-0.3.2-2.el6
 828  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb   mcollective-2.8.4-1.el6
 800  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9   thttpd-2.25b-24.el6
 411  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac   libbsd-0.8.3-2.el6
 140  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4c76ddcc92   libmspack-0.6-0.1.alpha.el6
  59  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6aaee32b7e   optipng-0.7.6-6.el6
  41  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6e4ce19598   monit-5.25.1-1.el6
  31  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-8c9006d462   heimdal-7.5.0-1.el6
  26  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-752a7c9ad4   rootsh-1.5.3-17.el6
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-369a48191f   clamav-0.99.3-1.el6
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-fc6e2820ab   tomcat-7.0.84-1.el6

The following builds have been pushed to Fedora EPEL 6 updates-testing

    jhead-3.00-7.el6
    mbedtls-2.7.0-1.el6
    mozilla-https-everywhere-2018.1.29-1.el6
    p7zip-16.02-10.el6
    wordpress-4.9.4-1.el6

Details about builds:

================================================================================
 jhead-3.00-7.el6 (FEDORA-EPEL-2018-91712cdabe)
 Tool for displaying EXIF data embedded in JPEG images
--------------------------------------------------------------------------------
Update Information:

Added Debian patch to fix CVE-2018-6612 (#1542049)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1542049 - CVE-2018-6612 jhead: Integer underflow in the process_EXIF function
        https://bugzilla.redhat.com/show_bug.cgi?id=1542049
--------------------------------------------------------------------------------

================================================================================
 mbedtls-2.7.0-1.el6 (FEDORA-EPEL-2018-3c8346d8e5)
 Light-weight cryptographic and SSL/TLS library
--------------------------------------------------------------------------------
Update Information:

- Update to 2.7.0  Release notes: https://tls.mbed.org/tech-
updates/releases/mbedtls-2.7.0-2.1.10-and-1.3.22-released  Security Advisory:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-
advisory-2018-01
--------------------------------------------------------------------------------

================================================================================
 mozilla-https-everywhere-2018.1.29-1.el6 (FEDORA-EPEL-2018-5a251eba13)
 HTTPS enforcement extension for Mozilla Firefox
--------------------------------------------------------------------------------
Update Information:

- More unspecified ruleset updates
--------------------------------------------------------------------------------

================================================================================
 p7zip-16.02-10.el6 (FEDORA-EPEL-2018-bc1949f307)
 Very high compression ratio file archiver
--------------------------------------------------------------------------------
Update Information:

Improve security patch  ----  Security fix for CVE-2017-17969 (from Debian)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1538457 - CVE-2017-17969 p7zip: heap-based buffer overflow in 7zip/Compress/ShrinkDecoder.cpp can allow an attacker to write arbitrary data and cause a crash
        https://bugzilla.redhat.com/show_bug.cgi?id=1538457
--------------------------------------------------------------------------------

================================================================================
 wordpress-4.9.4-1.el6 (FEDORA-EPEL-2018-d2ebba1b36)
 Blog tool and publishing platform
--------------------------------------------------------------------------------
Update Information:

Upstream announcements:  * [WordPress 4.9.4 Maintenance
Release](https://wordpress.org/news/2018/02/wordpress-4-9-4-maintenance-
release/) * [WordPress 4.9.3 Maintenance
Release](https://wordpress.org/news/2018/02/wordpress-4-9-3-maintenance-
release/)
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx