[EPEL-devel] Fedora EPEL 6 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Sun Dec 21 17:44:09 UTC 2014
The following Fedora EPEL 6 Security updates need testing:
Age URL
973 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
192 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.26-1.el6
63 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3434/pylint-1.3.1-1.el6,python-astroid-1.2.1-2.el6,python-logilab-common-0.62.1-2.el6
38 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4008/cross-binutils-2.23.51.0.3-1.el6.1
26 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4242/facter-1.6.18-8.el6
15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4485/python-tornado-2.2.1-7.el6
10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4624/xrdp-0.6.1-1.el6
10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4575/links-2.8-4.el6
10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4563/firebird-2.5.3.26778.0-2.el6
6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4669/libhtp-0.5.16-1.el6
6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4693/denyhosts-2.6-19.el6.1
4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4737/docker-io-1.4.0-2.el6
4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4729/ettercap-0.7.5-4.el6.1.20120906gitc796e5
2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4766/mediawiki119-1.19.23-1.el6
2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4773/unrtf-0.21.7-1.el6
1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4807/libssh-0.5.5-3.el6
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4829/roundcubemail-1.0.4-2.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
roundcubemail-1.0.4-2.el6
Details about builds:
================================================================================
roundcubemail-1.0.4-2.el6 (FEDORA-EPEL-2014-4829)
Round Cube Webmail is a browser-based multilingual IMAP client
--------------------------------------------------------------------------------
Update Information:
This update provides Roundcube 1.0.4. This is a stable security update: the security fix is described by upstream as "Fix possible CSRF attacks to some address book operations as well as to the ACL and Managesieve plugins." More details on the update are available at http://roundcube.net/news/2014/12/18/update-1.0.4-released/ . The update should apply without any special handling by the system administrator.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 20 2014 Adam Williamson <awilliam at redhat.com> - 1.0.4-2
- drop tinymce bbcode plugin for safety (CVE-2012-4230)
* Sat Dec 20 2014 Adam Williamson <awilliam at redhat.com> - 1.0.4-1
- new release 1.0.4 (security update)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1091438 - CVE-2012-4230 tinymce: XSS attacks via security policy bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1091438
--------------------------------------------------------------------------------
More information about the epel-devel
mailing list