The following Fedora EPEL 6 Security updates need testing: Age URL 1123 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.1... 188 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4008/cross-binutils... 49 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1501/strongswan-5.3... 39 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5742/asterisk-1.8.3... 19 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6089/drupal7-views-... 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6158/libssh-0.5.5-4... 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6164/t1utils-1.39-1... 11 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5933/wordpress-4.2.... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6299/zarafa-7.1.12-... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6361/torque-4.2.10-... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6294/hostapd-2.0-6....
The following builds have been pushed to Fedora EPEL 6 updates-testing
Lmod-5.9.4.2-1.el6 burp-1.4.36-6.el6 copr-cli-1.44-1.el6 createrepo_c-0.8.3-1.el6 drupal7-7.37-1.el6 elpa-2015.02.002-4.el6.1 genders-1.22-2.el6 golang-github-russross-blackfriday-1.2-6.el6 golang-github-shurcooL-sanitized_anchor_name-0-0.2.git8e87604.el6 hostapd-2.0-6.el6 inxi-2.2.21-1.el6 jpegoptim-1.4.3-1.el6 mom-0.4.4-1.el6 nodejs-npm-registry-client-0.2.28-3.el6 osbs-0.5-1.el6 perl-Module-Signature-0.79-1.el6 perl-Tangerine-0.16-1.el6 php-horde-Horde-Core-2.20.2-1.el6 php-horde-Horde-Imap-Client-2.28.1-1.el6 php-horde-kronolith-4.2.7-1.el6 php-theseer-autoload-1.17.0-1.el6 php-true-punycode-1.1.0-1.el6 php-whitehat101-apr1-md5-1.0.0-1.el6 python-elasticsearch-1.0.0-1.el6 telegram-cli-1.3.1-1.20150515git5935c9.el6 torque-4.2.10-3.el6 zarafa-7.1.12-2.el6
Details about builds:
================================================================================ Lmod-5.9.4.2-1.el6 (FEDORA-EPEL-2015-6340) Environmental Modules System in Lua -------------------------------------------------------------------------------- Update Information:
Update to 5.9.4.2 -------------------------------------------------------------------------------- ChangeLog:
* Tue May 19 2015 Orion Poplawski orion@cora.nwra.com - 5.9.4.2-1 - Update to 5.9.4.2 * Wed Apr 8 2015 Orion Poplawski orion@cora.nwra.com - 5.9.3-1 - Update to 5.9.3 * Tue Mar 31 2015 Orion Poplawski orion@cora.nwra.com - 5.9.2-1.git76a45db - Update to 5.9.2-1.git76a45db for Lua 5.3 support * Wed Mar 18 2015 Orion Poplawski orion@cora.nwra.com - 5.9-1 - Update to 5.9 * Tue Nov 4 2014 Orion Poplawski orion@cora.nwra.com - 5.8-1 - Update to 5.8 --------------------------------------------------------------------------------
================================================================================ burp-1.4.36-6.el6 (FEDORA-EPEL-2015-6333) A network-based backup and restore program -------------------------------------------------------------------------------- Update Information:
Added two configuration files so they would not be overwritten on update A network backup and restore program -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1186819 - Review Request: burp - Network backup / restore program https://bugzilla.redhat.com/show_bug.cgi?id=1186819 --------------------------------------------------------------------------------
================================================================================ copr-cli-1.44-1.el6 (FEDORA-EPEL-2015-6357) Command line interface for COPR -------------------------------------------------------------------------------- Update Information:
bugfix new commands auto_createrepo, download-build, now users python-copr -------------------------------------------------------------------------------- ChangeLog:
* Fri May 15 2015 Miroslav Suchý msuchy@redhat.com 1.44-1 - mark license as license in spec - 1188022 - accept dash in project name * Wed Jan 21 2015 Miroslav Suchý msuchy@redhat.com 1.43-1 - regression: enable again copr-cli build username/project * Mon Jan 5 2015 Valentin Gologuzov vgologuz@redhat.com 1.42-1 - updated man page - compatibility with Python 2.6 ( due to Epel 6) * Mon Dec 15 2014 Valentin Gologuzov vgologuz@redhat.com 1.41-1 - control auto_createrepo property of project through API and copr-cli; new command supported by cli: **modify** * Fri Nov 21 2014 Valentin Gologuzov vgologuz@redhat.com 1.40-1 - updated to use newer version of python-copr - minor changes in commands output - print debug logs only when user provides "--debug" option * Mon Oct 20 2014 Miroslav Suchý msuchy@redhat.com 1.39-1 - add man page for copr(1) - [cli] [RHBZ: #1149889] RFE: download command in copr-cli - A few fixes for CI * Tue Oct 7 2014 Valentin Gologuzov vgologuz@redhat.com 1.38-1 - [cli] Added symlink for executable: copr -> copr-cli - [cli] removed epydoc documentation - [python-copr, cli] test coverage - [python-copr, cli] updating copr-cli to use python-copr * Thu Sep 18 2014 Miroslav Suchý msuchy@redhat.com 1.37-1 - [python-copr] Renamed package: python-copr-client -> python-copr - [cli] In case of missing config show proper message, hide traceback. - [python-client] added a few unittest, changed package layout, updated .spec to run tests during %check. [copr-cli] reflected changes in python-client - [python-copr,copr-cli] fixing, cleanup - [python-copr,copr-cli] Copr-cli now uses python-copr-cli package. [copr-cli] updated .spec to reflect usage of python-copr-client * Tue Jul 22 2014 Miroslav Suchý msuchy@redhat.com 1.36-1 - use correct name of variable -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1149889 - RFE: download command in copr-cli https://bugzilla.redhat.com/show_bug.cgi?id=1149889 [ 2 ] Bug #1188022 - copr-cli does not respect the project argument https://bugzilla.redhat.com/show_bug.cgi?id=1188022 --------------------------------------------------------------------------------
================================================================================ createrepo_c-0.8.3-1.el6 (FEDORA-EPEL-2015-6323) Creates a common metadata repository -------------------------------------------------------------------------------- Update Information:
mergerepo: Do not prepend file:// if protocol is already specified Update to 0.8.2 -------------------------------------------------------------------------------- ChangeLog:
* Fri May 15 2015 Tomas Mlcoch <tmlcoch at redhat.com> - 0.8.3-1 - mergerepo: Do not prepend file:// if protocol is already specified * Thu May 14 2015 Tomas Mlcoch <tmlcoch at redhat.com> - 0.8.2-1 - doc: Add man pages for sqliterepo and update manpages for other tools - mergerepo: Work only with noarch packages if --koji is used and no archlist is specified - mergerepo: Use file:// protocol in local baseurl - mergerepo: Do not include baseurl for first repo if --koji is specified (RhBug: 1220082) - mergerepo_c: Support multilib arch for --koji repos - mergerepo_c: Refactoring - Print debug message with version in each tool when --verbose is used - modifyrepo: Don't override file with itself (RhBug: 1215229) * Wed May 6 2015 Tomas Mlcoch <tmlcoch at redhat.com> - 0.8.1-1 - Fix bash completion for RHEL 6 * Tue May 5 2015 Tomas Mlcoch <tmlcoch at redhat.com> - 0.8.0-1 - New tool Sqliterepo_c - It generates sqlite databases into repos where the sqlite is missing. - Internal refactoring and code cleanup * Fri Feb 20 2015 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.7-1 - Proper directory for temporary files when --local-sqlite is used (Issue #12) - Bring bash completion install dir and filenames up to date with current bash-completion * Thu Jan 8 2015 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.6-1 - Python: Add __contains__ method to Repomd() class * Sun Dec 28 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.5-1 - Python repomd: Support for iteration and indexing by type - e.g. record = repomd['primary'] - Show warning if an XML parser probably parsed a bad type of medata (New XML parser warning type CR_XML_WARNING_BADMDTYPE) - drpm library: Explicitly try to locate libdrpm.so.0 - deltarpms: Don't show options for delta rpms if support is not available --------------------------------------------------------------------------------
================================================================================ drupal7-7.37-1.el6 (FEDORA-EPEL-2015-6320) An open-source content-management platform -------------------------------------------------------------------------------- Update Information:
Maintenance release for bug fixes. For full information, read the release notes at https://www.drupal.org/drupal-7.37-release-notes -------------------------------------------------------------------------------- ChangeLog:
* Sun May 10 2015 Paul W. Frields stickster@gmail.com - 7.37-1 - Update to upstream 7.37 maintenance release for bug fixes - Upstream release notes at https://www.drupal.org/drupal-7.37-release-notes --------------------------------------------------------------------------------
================================================================================ elpa-2015.02.002-4.el6.1 (FEDORA-EPEL-2015-6176) High-performance library for parallel solution of eigenvalue problems -------------------------------------------------------------------------------- Update Information:
ELPA is a Fortran-based high-performance computational library for the (massively) parallel solution of symmetric or Hermitian, standard or generalized eigenvalue problems. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1154994 - please build elpa for EPEL6 https://bugzilla.redhat.com/show_bug.cgi?id=1154994 --------------------------------------------------------------------------------
================================================================================ genders-1.22-2.el6 (FEDORA-EPEL-2015-6346) Static cluster configuration database -------------------------------------------------------------------------------- Update Information:
Bugfix make libgenders man page part of libgenders (#1220093) -------------------------------------------------------------------------------- ChangeLog:
* Tue May 19 2015 David Brown david.brown@pnnl.gov - 1.22-2 - Bugfix make libgenders man page part of libgenders (#1220093) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1220093 - Empty man page for genders config file https://bugzilla.redhat.com/show_bug.cgi?id=1220093 --------------------------------------------------------------------------------
================================================================================ golang-github-russross-blackfriday-1.2-6.el6 (FEDORA-EPEL-2015-6292) Markdown processor implemented in Go -------------------------------------------------------------------------------- Update Information:
Add license macro for LICENSE -------------------------------------------------------------------------------- ChangeLog:
* Sun May 17 2015 jchaloup jchaloup@redhat.com - 1.2-6 - Add license macro for LICENSE - Remove runtime dependency on golang. resolves: #1222338 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1222338 - Tracker for golang-github-russross-blackfriday https://bugzilla.redhat.com/show_bug.cgi?id=1222338 --------------------------------------------------------------------------------
================================================================================ golang-github-shurcooL-sanitized_anchor_name-0-0.2.git8e87604.el6 (FEDORA-EPEL-2015-6300) Package sanitized_anchor_name provides a func to create sanitized anchor names -------------------------------------------------------------------------------- Update Information:
Add license macro for LICENSE -------------------------------------------------------------------------------- ChangeLog:
* Sun May 17 2015 jchaloup jchaloup@redhat.com - 0-0.2.git8e87604 - Add license macro for LICENSE - Remove runtime dependency on golang. resolves: #1222336 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1222336 - Tracker for golang-github-shurcooL-sanitized_anchor_name https://bugzilla.redhat.com/show_bug.cgi?id=1222336 --------------------------------------------------------------------------------
================================================================================ hostapd-2.0-6.el6 (FEDORA-EPEL-2015-6294) IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator -------------------------------------------------------------------------------- Update Information:
Security update for integer underflow in AP mode WMM Action frame processing. -------------------------------------------------------------------------------- ChangeLog:
* Fri May 15 2015 John W. Linville linville@redhat.com - 2.0-6 - apply fix for underflow in WMM action frame parser -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1221178 - wpa_supplicant and hostapd: integer underflow in AP mode WMM Action frame processing https://bugzilla.redhat.com/show_bug.cgi?id=1221178 --------------------------------------------------------------------------------
================================================================================ inxi-2.2.21-1.el6 (FEDORA-EPEL-2015-6342) A full featured system information script -------------------------------------------------------------------------------- Update Information:
Update to 2.2.21 -------------------------------------------------------------------------------- ChangeLog:
* Fri May 15 2015 Vasiliy N. Glazov vascom2@gmail.com 2.2.21-1 - Update to 2.2.21 --------------------------------------------------------------------------------
================================================================================ jpegoptim-1.4.3-1.el6 (FEDORA-EPEL-2015-6321) Utility to optimize JPEG files -------------------------------------------------------------------------------- Update Information:
Update to version 1.4.3 -------------------------------------------------------------------------------- ChangeLog:
* Tue May 19 2015 Denis Fateyev denis@fateyev.com - 1.4.3-1 - Update to version 1.4.3 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1222931 - jpegoptim-1.4.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1222931 --------------------------------------------------------------------------------
================================================================================ mom-0.4.4-1.el6 (FEDORA-EPEL-2015-6305) Dynamically manage system resources on virtualization hosts -------------------------------------------------------------------------------- Update Information:
Upgrade to 0.4.4 -------------------------------------------------------------------------------- ChangeLog:
* Fri May 15 2015 Adam Litke alitke@redhat.com - 0.4.4-1 - Upgrade to 0.4.4 --------------------------------------------------------------------------------
================================================================================ nodejs-npm-registry-client-0.2.28-3.el6 (FEDORA-EPEL-2015-6352) Client for the npm registry -------------------------------------------------------------------------------- Update Information:
This update resolves issues that prevented the `npm adduser` and `npm publish` commands from working properly. -------------------------------------------------------------------------------- ChangeLog:
* Sat May 16 2015 T.C. Hollingsworth tchollingsworth@gmail.com - 0.2.28-3 - backport fixes to publish and adduser functions (RHBZ#1220472) * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.2.28-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1220472 - npm fails to login https://bugzilla.redhat.com/show_bug.cgi?id=1220472 --------------------------------------------------------------------------------
================================================================================ osbs-0.5-1.el6 (FEDORA-EPEL-2015-6304) Python command line client for OpenShift Build Service -------------------------------------------------------------------------------- Update Information:
new upstream release: 0.5 -------------------------------------------------------------------------------- ChangeLog:
* Tue May 19 2015 Tomas Tomecek ttomecek@redhat.com - 0.5-1 - new upstream release: 0.5 * Tue May 12 2015 Slavek Kabrda bkabrda@redhat.com - 0.4-2 - Introduce python-osbs subpackage - move /usr/bin/osbs to /usr/bin/osbs2, /usr/bin/osbs is now a symlink - depend on python[3]-setuptools because of entrypoints usage --------------------------------------------------------------------------------
================================================================================ perl-Module-Signature-0.79-1.el6 (FEDORA-EPEL-2015-6329) CPAN signature management utilities and modules -------------------------------------------------------------------------------- Update Information:
This update restores cpansign --skip functionality, broken in a previous security update. -------------------------------------------------------------------------------- ChangeLog:
* Tue May 19 2015 Paul Howarth paul@city-fan.org - 0.79-1 - Update to 0.79 - Restore "cpansign --skip" functionality -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1222727 - perl-Module-Signature-0.79 is available https://bugzilla.redhat.com/show_bug.cgi?id=1222727 --------------------------------------------------------------------------------
================================================================================ perl-Tangerine-0.16-1.el6 (FEDORA-EPEL-2015-6303) Analyse perl files and report module-related information -------------------------------------------------------------------------------- Update Information:
Module names consisting solely of digits are also valid. Don't ignore them. -------------------------------------------------------------------------------- ChangeLog:
* Thu May 14 2015 Petr Šabata contyk@redhat.com - 0.16-1 - 0.16 bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1221422 - perl-Tangerine-0.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=1221422 --------------------------------------------------------------------------------
================================================================================ php-horde-Horde-Core-2.20.2-1.el6 (FEDORA-EPEL-2015-6326) Horde Core Framework libraries -------------------------------------------------------------------------------- Update Information:
**kronolith 4.2.7** * [jan] Fix importing iCalendar events via the API (Bug #13975).
**Horde_Core 2.20.1** * [mjr] Fix issue that could cause sending the same email to an ActiveSync client multiple times (Bug #13985). * [mjr] Performance and memory improvements to ActiveSync.
**Horde_Core 2.20.2** * [mjr] Fix duplicate attachments in certain messages that were forwarded by ActiveSync clients.
-------------------------------------------------------------------------------- ChangeLog:
* Tue May 19 2015 Remi Collet remi@fedoraproject.org - 2.20.2-1 - Update to 2.20.2 * Tue May 19 2015 Remi Collet remi@fedoraproject.org - 2.20.1-1 - Update to 2.20.1 --------------------------------------------------------------------------------
================================================================================ php-horde-Horde-Imap-Client-2.28.1-1.el6 (FEDORA-EPEL-2015-6355) Horde IMAP abstraction interface -------------------------------------------------------------------------------- Update Information:
**Horde_Imap_Client 2.28.1** * [mms] Directly store literal data in a separate stream when parsing IMAP tokens, so we don't have to duplicate the stream later when processing it. * [mms] Don't load literal IMAP data into a string variable when tokenizing IMAP input. * [mms] Fix search queries where ID list given is explicitly empty, indicating that a match can never be successful (Bug #13971). * [mms] Fix expunging in certain cases when UIDPLUS is not available (Bug #13970; Robin McCorkell).
-------------------------------------------------------------------------------- ChangeLog:
* Wed May 13 2015 Remi Collet remi@fedoraproject.org - 2.28.1-1 - Update to 2.28.1 --------------------------------------------------------------------------------
================================================================================ php-horde-kronolith-4.2.7-1.el6 (FEDORA-EPEL-2015-6326) A web based calendar -------------------------------------------------------------------------------- Update Information:
**kronolith 4.2.7** * [jan] Fix importing iCalendar events via the API (Bug #13975).
**Horde_Core 2.20.1** * [mjr] Fix issue that could cause sending the same email to an ActiveSync client multiple times (Bug #13985). * [mjr] Performance and memory improvements to ActiveSync.
**Horde_Core 2.20.2** * [mjr] Fix duplicate attachments in certain messages that were forwarded by ActiveSync clients.
-------------------------------------------------------------------------------- ChangeLog:
* Tue May 19 2015 Remi Collet remi@fedoraproject.org - 4.2.7-1 - Update to 4.2.7 --------------------------------------------------------------------------------
================================================================================ php-theseer-autoload-1.17.0-1.el6 (FEDORA-EPEL-2015-6336) A tool and library to generate autoload code -------------------------------------------------------------------------------- Update Information:
* Added support for parameter 'prepend' of spl_autoload_register to allow for prepending without changing templates * Added support for parameter 'exception' of spl_autoload_register to optionally disable exceptions on errors
-------------------------------------------------------------------------------- ChangeLog:
* Fri May 15 2015 Remi Collet remi@fedoraproject.org - 1.17.0-1 - Update to 1.17.0 --------------------------------------------------------------------------------
================================================================================ php-true-punycode-1.1.0-1.el6 (FEDORA-EPEL-2015-6359) A Bootstring encoding of Unicode for IDNA -------------------------------------------------------------------------------- Update Information:
New upstream version **1.1.0** * [Enhancement] Character encoding is now passed to the constructor, defaulting to UTF-8, as opposite to relying on mb_internal_encoding function call (#9). -------------------------------------------------------------------------------- ChangeLog:
* Mon May 18 2015 Remi Collet remi@fedoraproject.org - 1.1.0-1 - update to version 1.1.0 --------------------------------------------------------------------------------
================================================================================ php-whitehat101-apr1-md5-1.0.0-1.el6 (FEDORA-EPEL-2015-6291) Apache's APR1-MD5 algorithm in pure PHP -------------------------------------------------------------------------------- Update Information:
A tested, referenced, documented, and packaged implementation of Apache's APR1 MD5 Hashing Algorithm in pure PHP. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1222265 - Review Request: php-whitehat101-apr1-md5 - Apache's APR1-MD5 algorithm in pure PHP https://bugzilla.redhat.com/show_bug.cgi?id=1222265 --------------------------------------------------------------------------------
================================================================================ python-elasticsearch-1.0.0-1.el6 (FEDORA-EPEL-2015-6339) Client for Elasticsearch -------------------------------------------------------------------------------- Update Information:
Build for epel -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1220478 - please add epel6 and epel7 branches https://bugzilla.redhat.com/show_bug.cgi?id=1220478 --------------------------------------------------------------------------------
================================================================================ telegram-cli-1.3.1-1.20150515git5935c9.el6 (FEDORA-EPEL-2015-6288) Linux Command-line interface for Telegram -------------------------------------------------------------------------------- Update Information:
- **Update to 1.3.1** - **Added jansson-devel BR** - **This code can work only in little-endian systems** -------------------------------------------------------------------------------- ChangeLog:
* Fri May 15 2015 Antonio Trande <sagitterATfedoraproject.org> 1.3.1-1.20150114gitd96750 - Update to 1.3.1 - Added jansson-devel BR - This code can work only in little-endian systems --------------------------------------------------------------------------------
================================================================================ torque-4.2.10-3.el6 (FEDORA-EPEL-2015-6361) Tera-scale Open-source Resource and QUEue manager -------------------------------------------------------------------------------- Update Information:
Bugfix - #1215207 create/install service files for these -------------------------------------------------------------------------------- ChangeLog:
* Tue May 19 2015 David Brown david.brown@pnnl.gov - 4.2.10-3 - Bugfix - #1215207 create/install service files for these - Bugfix - #1117263 qmgr aborts in some instances - Bugfix - #1144396 Hey! Version Bump! - Bugfix - #1215992 more service scripts - Bugfix - #1216037 fixed permissions on directories - Bugfix - #1149045 hopefully these are all fixed now - Bugfix - #965513 calling this one fixed... * Fri Apr 24 2015 David Brown david.brown@pnnl.gov - 4.2.10-2 - Bugfix - #1154413 make manipulating services better. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1215207 - pbs_server does not start trqauthd https://bugzilla.redhat.com/show_bug.cgi?id=1215207 [ 2 ] Bug #1144396 - torque-4.2.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=1144396 [ 3 ] Bug #1216037 - permissions on some /var/lib/torque/ sub-directories https://bugzilla.redhat.com/show_bug.cgi?id=1216037 [ 4 ] Bug #965513 - torque package should be built with PIE flags https://bugzilla.redhat.com/show_bug.cgi?id=965513 [ 5 ] Bug #1117263 - torque qmgr aborts on server commands while jobs are running https://bugzilla.redhat.com/show_bug.cgi?id=1117263 [ 6 ] Bug #1215992 - torque-client (4.x) should package trqauthd service https://bugzilla.redhat.com/show_bug.cgi?id=1215992 [ 7 ] Bug #1149045 - CVE-2014-3684 torque: non-root users able to kill any process on any node in a job [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1149045 --------------------------------------------------------------------------------
================================================================================ zarafa-7.1.12-2.el6 (FEDORA-EPEL-2015-6299) Open Source Edition of the Zarafa Collaboration Platform -------------------------------------------------------------------------------- Update Information:
- Upgrade to 7.1.12 (re-released) - Backported patch from Zarafa 7.2 to fix CVE-2015-3436 -------------------------------------------------------------------------------- ChangeLog:
* Mon May 18 2015 Robert Scheck robert@fedoraproject.org 7.1.12-2 - Upgrade to 7.1.12 (re-released) - Backported patch from Zarafa 7.2 to fix CVE-2015-3436 (#1222151) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1222151 - CVE-2015-3436 zarafa: Overwrite arbitrary files in filesystem https://bugzilla.redhat.com/show_bug.cgi?id=1222151 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org