The following Fedora EPEL 6 Security updates need testing: Age URL 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-5dfb2dbe75 proftpd-1.3.3g-11.el6 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-244e8468f8 t1utils-1.41-1.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing hylafax+-7.0.1-1.el6 python-pycryptodomex-3.9.0-1.el6 python-sphinxcontrib-napoleon-0.2.9-2.el6 rssh-2.3.4-15.el6 Details about builds: ================================================================================ hylafax+-7.0.1-1.el6 (FEDORA-EPEL-2019-77e188ea08) An enterprise-strength fax server -------------------------------------------------------------------------------- Update Information: update to 7.0.1 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 30 2019 Lee Howard <faxguy@xxxxxxxxxxxxxxxx> - 7.0.1-1 - update to 7.0.1 * Thu Jul 25 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 7.0.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ python-pycryptodomex-3.9.0-1.el6 (FEDORA-EPEL-2019-07fec2dd92) A self-contained cryptographic library for Python -------------------------------------------------------------------------------- Update Information: This is the first EPEL-6 build of python-pycryptodomex. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1759730 - python-pycryptodomex: build for EPEL6 https://bugzilla.redhat.com/show_bug.cgi?id=1759730 -------------------------------------------------------------------------------- ================================================================================ python-sphinxcontrib-napoleon-0.2.9-2.el6 (FEDORA-EPEL-2019-1609b16323) Sphinx napoleon extension -------------------------------------------------------------------------------- Update Information: This is the first EPEL-6 build of python-sphinxcontrib-napoleon. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1761876 - [RFE] EPEL 6 branch for python-sphinxcontrib-napoleon https://bugzilla.redhat.com/show_bug.cgi?id=1761876 -------------------------------------------------------------------------------- ================================================================================ rssh-2.3.4-15.el6 (FEDORA-EPEL-2019-b3dc1811a1) Restricted shell for use with OpenSSH, allowing only scp and/or sftp -------------------------------------------------------------------------------- Update Information: Fix CVE-2019-3463, CVE-2019-3464 and CVE-2019-1000018. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 30 2019 Xavier Bachelot <xavier@xxxxxxxxxxxx> - 2.3.4-15 - Clean up specfile. - Add patches for CVE-2019-3463, CVE-2019-3464 and CVE-2019-1000018. * Fri Jul 26 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.3.4-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Sat Feb 2 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.3.4-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Sat Jul 14 2018 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.3.4-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Fri Feb 9 2018 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.3.4-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Thu Aug 3 2017 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.3.4-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Thu Jul 27 2017 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.3.4-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Sat Feb 11 2017 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.3.4-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild * Thu Feb 4 2016 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.3.4-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild * Thu Jun 18 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.3.4-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Mon Aug 18 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.3.4-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.3.4-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.3.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.3.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1672384 - CVE-2019-3464 rssh: rsync bypass resulting in arbitrary code execution when built with popt [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1672384 [ 2 ] Bug #1672381 - CVE-2019-3463 rssh: rsync bypass resulting in arbitrary code execution [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1672381 [ 3 ] Bug #1671296 - CVE-2019-1000018 rssh: Possible allowscp bypass resulting in arbitrary code execution [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671296 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
