The following Fedora EPEL 6 Security updates need testing: Age URL 145 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828 chicken-4.9.0.1-4.el6 128 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 122 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 53 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8148 optipng-0.7.5-5.el6 53 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6 41 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-68a2c2db36 python-pymongo-3.0.3-1.el6 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-28606b6d1d perl-HTML-Scrubber-0.15-1.el6.1 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-5d63583df0 metis-5.1.0-7.el6 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e195439195 drupal7-jquery_update-2.7-1.el6 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-967595b7c1 wildmagic5-5.13-12.el6 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8fc6f35cc9 MUMPS-5.0.1-4.el6 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-d47ae2d16b owncloud-7.0.11-1.el6 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-a7d37297d4 telegram-cli-1.3.1-7.20150730git2052f4.el6 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-0ae4daf2d6 tubo-5.0.15-3.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-b4ebe76583 putty-0.63-5.el6 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-20cb365c26 zarafa-7.1.14-1.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-260d131310 libpng10-1.0.64-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
gnudos-1.8-4.el6 libpng10-1.0.64-1.el6 nodejs-ee-first-1.1.1-1.el6 perl-Authen-Credential-1.1-1.el6 perl-Directory-Queue-1.9-1.el6 php-theseer-autoload-1.21.0-1.el6 uwsgi-2.0.11.2-1.el6 zabbix20-2.0.16-1.el6 zabbix22-2.2.11-1.el6
Details about builds:
================================================================================ gnudos-1.8-4.el6 (FEDORA-EPEL-2015-5f297f80d2) The GnuDOS library for GNU/Linux -------------------------------------------------------------------------------- Update Information:
More bug fixes! --------------------------------------------------------------------------------
================================================================================ libpng10-1.0.64-1.el6 (FEDORA-EPEL-2015-260d131310) Old version of libpng, needed to run old binaries -------------------------------------------------------------------------------- Update Information:
An out-of-bounds read in png_convert_to_rfc1123() in png.c could potentially be exploited by a crafted PNG file to leak information from an application's memory (CVE-2015-7981). Buffer overflow vulnerabilities in functions png_get_PLTE/png_set_PLTE, allowing remote attackers to cause DoS to application or have unspecified other impact (CVE-2015-8126). Also includes various other small bug fixes as detailed in the package changelog. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1276416 - CVE-2015-7981 libpng: Out-of-bounds read in png_convert_to_rfc1123 https://bugzilla.redhat.com/show_bug.cgi?id=1276416 [ 2 ] Bug #1281756 - CVE-2015-8126 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions https://bugzilla.redhat.com/show_bug.cgi?id=1281756 --------------------------------------------------------------------------------
================================================================================ nodejs-ee-first-1.1.1-1.el6 (FEDORA-EPEL-2015-9bb895f7ff) Get the first event in a set of event emitters and event pairs -------------------------------------------------------------------------------- Update Information:
Initial packaging -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1269648 - Review Request: nodejs-ee-first - Get the first event in a set of event emitters and event pairs https://bugzilla.redhat.com/show_bug.cgi?id=1269648 --------------------------------------------------------------------------------
================================================================================ perl-Authen-Credential-1.1-1.el6 (FEDORA-EPEL-2015-78bd81efa9) Abstraction of a credential -------------------------------------------------------------------------------- Update Information:
Upgraded to latest version from CPAN: 1.1. --------------------------------------------------------------------------------
================================================================================ perl-Directory-Queue-1.9-1.el6 (FEDORA-EPEL-2015-8ddd959853) Object oriented interface to a directory based queue -------------------------------------------------------------------------------- Update Information:
Update to upstream version 1.9, fixes rhbz #1281294. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1281294 - Upgrade perl-Directory-Queue to 1.9 https://bugzilla.redhat.com/show_bug.cgi?id=1281294 --------------------------------------------------------------------------------
================================================================================ php-theseer-autoload-1.21.0-1.el6 (FEDORA-EPEL-2015-0dfa260bec) A tool and library to generate autoload code -------------------------------------------------------------------------------- Update Information:
**Version 1.21.0** * Added --hash option to explicitly choose hash algorithm for phar generation (defaults to best available) --------------------------------------------------------------------------------
================================================================================ uwsgi-2.0.11.2-1.el6 (FEDORA-EPEL-2015-9a50f245d1) Fast, self-healing, application container server -------------------------------------------------------------------------------- Update Information:
With latest stable --------------------------------------------------------------------------------
================================================================================ zabbix20-2.0.16-1.el6 (FEDORA-EPEL-2015-4ad574547e) Open-source monitoring solution for your IT infrastructure -------------------------------------------------------------------------------- Update Information:
http://www.zabbix.com/rn2.0.16.php --------------------------------------------------------------------------------
================================================================================ zabbix22-2.2.11-1.el6 (FEDORA-EPEL-2015-ad3006a1e9) Open-source monitoring solution for your IT infrastructure -------------------------------------------------------------------------------- Update Information:
http://www.zabbix.com/rn2.2.11.php --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org