The following Fedora EPEL 6 Security updates need testing: Age URL 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-244e8468f8 t1utils-1.41-1.el6 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-b3dc1811a1 rssh-2.3.4-15.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-755c983846 golang-1.13.3-1.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-cd52ee3c1e putty-0.73-1.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing ansible-2.6.20-1.el6 djvulibre-3.5.25.3-18.el6 eurephia-1.1.1-1.el6 php-robrichards-xmlseclibs-2.1.1-1.el6 python-regex-2019.11.1-1.el6 Details about builds: ================================================================================ ansible-2.6.20-1.el6 (FEDORA-EPEL-2019-58a079b2be) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information: Update to 2.6.20. -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 8 2019 Kevin Fenzi <kevin@xxxxxxxxx> - 2.6.20-1 - Update to 2.6.20. -------------------------------------------------------------------------------- ================================================================================ djvulibre-3.5.25.3-18.el6 (FEDORA-EPEL-2019-800a69997a) DjVu viewers, encoders, and utilities -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2019-15142, CVE-2019-15143, CVE-2019-15144 and CVE-2019-15145. -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 7 2019 Marek Kasik <mkasik@xxxxxxxxxx> - 3.5.25.3-18 - Fix a crash due to missing zero-bytes check - Resolves: #1767923 * Thu Nov 7 2019 Marek Kasik <mkasik@xxxxxxxxxx> - 3.5.25.3-17 - Fix a stack overflow - Resolves: #1767870 * Wed Nov 6 2019 Marek Kasik <mkasik@xxxxxxxxxx> - 3.5.25.3-16 - Break an infinite loop - Resolves: #1767859 * Wed Nov 6 2019 Marek Kasik <mkasik@xxxxxxxxxx> - 3.5.25.3-15 - Fix a buffer overflow - Resolves: #1767844 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1767920 - CVE-2019-15145 djvulibre: out-of-bounds read in JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h https://bugzilla.redhat.com/show_bug.cgi?id=1767920 [ 2 ] Bug #1767867 - CVE-2019-15144 djvulibre: recursive call to GArrayTemplate<Run>::sort in GContainer.h leads to stack overflow https://bugzilla.redhat.com/show_bug.cgi?id=1767867 [ 3 ] Bug #1767855 - CVE-2019-15143 djvulibre: infinite loop in GBitmap::read_rle_raw related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp https://bugzilla.redhat.com/show_bug.cgi?id=1767855 [ 4 ] Bug #1767841 - CVE-2019-15142 djvulibre: heap-based buffer overflow in GStringRep::strdup in libdjvu/GString.cpp https://bugzilla.redhat.com/show_bug.cgi?id=1767841 -------------------------------------------------------------------------------- ================================================================================ eurephia-1.1.1-1.el6 (FEDORA-EPEL-2019-696a47493e) An advanced and flexible OpenVPN user authentication plug-in -------------------------------------------------------------------------------- Update Information: Updates to latest upstream eurephia-1.1.1 -------------------------------------------------------------------------------- ChangeLog: * Sat Nov 9 2019 David Sommerseth <dazo@xxxxxxxxxxxx> - 1.1.1-1 - Updated to latest upstream release - Fix parallel builds -------------------------------------------------------------------------------- ================================================================================ php-robrichards-xmlseclibs-2.1.1-1.el6 (FEDORA-EPEL-2019-89d09bcf60) A PHP library for XML Security -------------------------------------------------------------------------------- Update Information: ## 2.1.1 CVE-2019-3465 / https://simplesamlphp.org/security/201911-01 ## 2.1.0 Backports changes from 3.0 branch -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 6 2019 Shawn Iwinski <shawn@xxxxxxxx> - 2.1.1-1 - Update to 2.1.1 (CVE-2019-3465) - https://simplesamlphp.org/security/201911-01 * Fri Jul 26 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.0.1-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Sat Feb 2 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.0.1-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Fri Jul 13 2018 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.0.1-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Fri Feb 9 2018 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.0.1-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Thu Jul 27 2017 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.0.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ python-regex-2019.11.1-1.el6 (FEDORA-EPEL-2019-01b8908657) Alternative regular expression module, to replace re -------------------------------------------------------------------------------- Update Information: Update regex to the latest released version. -------------------------------------------------------------------------------- ChangeLog: * Sat Nov 9 2019 Thomas Moschny <thomas.moschny@xxxxxx> - 2019.11.1-1 - Update to 2019.11.1. -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
