Fedora EPEL 6 updates-testing report

updates@xxxxxxxxxxxxxxxxx · Sun, 14 Apr 2019 00:18:55 +0000 (UTC)

The following Fedora EPEL 6 Security updates need testing:
 Age  URL
  43  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-06b243cced   guacamole-server-1.0.0-1.el6
  23  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-62f9745b71   drupal7-7.65-1.el6
  13  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-8d5207833a   ntfs-3g-2017.3.23-11.el6
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-73e99f4a82   python34-3.4.10-1.el6

The following builds have been pushed to Fedora EPEL 6 updates-testing

    python-whoosh-2.7.4-3.el6
    python3-jinja2-2.8.1-2.el6

Details about builds:

================================================================================
 python-whoosh-2.7.4-3.el6 (FEDORA-EPEL-2019-7569fe8565)
 Fast, pure-Python full text indexing, search, and spell checking library
--------------------------------------------------------------------------------
Update Information:

Update to 2.7.4  Build for python 3.4
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 12 2016 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.7.4-3
- Ship python2-whoosh
- Build python3 package for EPEL7
- Modernize spec
* Mon May  2 2016 Robert Kuska <rkuska@xxxxxxxxxx> - 2.7.4-1
- Update to 2.7.4
--------------------------------------------------------------------------------

================================================================================
 python3-jinja2-2.8.1-2.el6 (FEDORA-EPEL-2019-9f732040bd)
 General purpose template engine
--------------------------------------------------------------------------------
Update Information:

Update to 2.8.1  Security fix for CVE-2016-10745  Security fix for
CVE-2019-10906
--------------------------------------------------------------------------------
ChangeLog:

* Sat Apr 13 2019 Orion Poplawski <orion@xxxxxxxx> - 2.8.1-2
- Backport fix for CVE-2016-10745 (bugz#1698839)
* Sat Apr 13 2019 Orion Poplawski <orion@xxxxxxxx> - 2.8.1-1
- Update to 2.8.1 (CVE-2016-10745 bugz#1698350)
* Thu Apr  4 2019 Orion Poplawski <orion@xxxxxxxx> - 2.8-4
- Build for python3_other
* Thu Mar  7 2019 Troy Dawson <tdawson@xxxxxxxxxx> - 2.8-3
- Rebuilt to change main python from 3.4 to 3.6
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1698345 - CVE-2016-10745 python-jinja2: Sandbox escape due to information disclosure via str.format
        https://bugzilla.redhat.com/show_bug.cgi?id=1698345
  [ 2 ] Bug #1698839 - CVE-2019-10906 python-jinja2: str.format_map allows sandbox escape
        https://bugzilla.redhat.com/show_bug.cgi?id=1698839
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx