The following Fedora EPEL 6 Security updates need testing: Age URL 143 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828 chicken-4.9.0.1-4.el6 126 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 120 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 51 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8148 optipng-0.7.5-5.el6 51 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6 39 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-68a2c2db36 python-pymongo-3.0.3-1.el6 15 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-ba19b1c7eb php-horde-horde-5.2.8-1.el6 php-horde-imp-6.2.11-1.el6 php-horde-ingo-3.2.7-1.el6 php-horde-passwd-5.0.4-1.el6 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-28606b6d1d perl-HTML-Scrubber-0.15-1.el6.1 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-5d63583df0 metis-5.1.0-7.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e195439195 drupal7-jquery_update-2.7-1.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-967595b7c1 wildmagic5-5.13-12.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8fc6f35cc9 MUMPS-5.0.1-4.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-d47ae2d16b owncloud-7.0.11-1.el6 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-a7d37297d4 telegram-cli-1.3.1-7.20150730git2052f4.el6 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-0ae4daf2d6 tubo-5.0.15-3.el6 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-b4ebe76583 putty-0.63-5.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-20cb365c26 zarafa-7.1.14-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
clustershell-1.7-1.el6 livecd-tools-13.4.9-1.el6 sec-2.7.7-3.el6 zarafa-7.1.14-1.el6
Details about builds:
================================================================================ clustershell-1.7-1.el6 (FEDORA-EPEL-2015-597f247f89) Python framework for efficient cluster administration -------------------------------------------------------------------------------- Update Information:
clustershell-1.7-1.el6 - update to 1.7 - add explicit file attributes required for ghost groups file --------------------------------------------------------------------------------
================================================================================ livecd-tools-13.4.9-1.el6 (FEDORA-EPEL-2015-b5ec93dc2b) Tools for building live CDs -------------------------------------------------------------------------------- Update Information:
livecd-tools-13.4.9-1.el6 - Version 13.4.9 (bcl) - python-imgcreate: remove -f from second lokkit call (#769457) (bcl) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1259864 - firewall rules in kickstart script are overwritten due to lokkit -f call in /usr/lib/python2.6/site-packages/imgcreate/kickstart.py https://bugzilla.redhat.com/show_bug.cgi?id=1259864 --------------------------------------------------------------------------------
================================================================================ sec-2.7.7-3.el6 (FEDORA-EPEL-2015-70084b08e9) Simple Event Correlator script to filter log file entries -------------------------------------------------------------------------------- Update Information:
Add an optional timeout to the init script rule stop ---- Update init script in order to send SIGTERM instead of SIGKILL for stop rule ---- While rotating logfiles do not do a full restart of the sec instance --------------------------------------------------------------------------------
================================================================================ zarafa-7.1.14-1.el6 (FEDORA-EPEL-2015-20cb365c26) Open Source Edition of the Zarafa Collaboration Platform -------------------------------------------------------------------------------- Update Information:
Zarafa Collaboration Platform 7.1.14 final [51822] ================================================== - ZCP-13581: update fck- editor (for webaccess) to solve CVE-2012-4000 - ZCP-13572: CVE-2015-6566 - zarafa-autorespond suffers from a potential local privilege escalation - ZCP-13087: Meeting requests are not being sent with Thunderbird Lightning due to new functionality - ZCP-13608: Attachments are missing in the Sent items folder when using a cache profile - ZCP-13243: ser_safe_mode falsely reports that it would delete users -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1263006 - CVE-2015-6566 zarafa: Potential local privilege escalation in zarafa-autorespond https://bugzilla.redhat.com/show_bug.cgi?id=1263006 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org