[EPEL-devel] Fedora EPEL 6 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Mon Nov 16 16:21:25 UTC 2015
The following Fedora EPEL 6 Security updates need testing:
Age URL
148 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828 chicken-4.9.0.1-4.el6
130 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6
124 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6
56 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8148 optipng-0.7.5-5.el6
56 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6
44 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-68a2c2db36 python-pymongo-3.0.3-1.el6
14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6
14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-28606b6d1d perl-HTML-Scrubber-0.15-1.el6.1
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-5d63583df0 metis-5.1.0-7.el6
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e195439195 drupal7-jquery_update-2.7-1.el6
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-967595b7c1 wildmagic5-5.13-12.el6
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8fc6f35cc9 MUMPS-5.0.1-4.el6
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-d47ae2d16b owncloud-7.0.11-1.el6
7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-a7d37297d4 telegram-cli-1.3.1-7.20150730git2052f4.el6
7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-0ae4daf2d6 tubo-5.0.15-3.el6
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-b4ebe76583 putty-0.63-5.el6
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-20cb365c26 zarafa-7.1.14-1.el6
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-260d131310 libpng10-1.0.64-1.el6
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8161a5151b ProDy-1.7.1-1.el6
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-b76c1e5912 potrace-1.13-2.el6
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-2fad2e45f6 monitorix-3.8.1-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
monitorix-3.8.1-1.el6
proftpd-1.3.3g-7.el6
python-dirq-1.7-1.el6
Details about builds:
================================================================================
monitorix-3.8.1-1.el6 (FEDORA-EPEL-2015-2fad2e45f6)
A free, open source, lightweight system monitoring tool
--------------------------------------------------------------------------------
Update Information:
This is a maintenance release that mainly fixes a Document Object Model
(DOM)-based cross-site scripting (XSS) vulnerability in the monitorix.cgi file.
Such vulnerability is by injection a JS code in the when parameter of the URL
shown after generating the graphs. Additionally, a potential denial of service
(DoS) issue was discovered in the same when parameter of the URL which could
lead in the creation of an enormous amount of .png files in the imgs directory
of the server.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1281979 - monitorix-3.8.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1281979
--------------------------------------------------------------------------------
================================================================================
proftpd-1.3.3g-7.el6 (FEDORA-EPEL-2015-a57010c117)
Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:
This update adds support for specifying TLSv1.1 and TLSv1.2 as values for
TLSProtocol in the mod_tls configuration. The mod_tls module is still disabled
by default and the default value for TLSProtocol remains as "SSLv23 TLSv1", so
the newer protocols must be explicitly enabled if desired.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1281493 - Unable to use TLSv1.1 or TLSv1.2 protocol when TLSProtocol is set to TLSv1
https://bugzilla.redhat.com/show_bug.cgi?id=1281493
--------------------------------------------------------------------------------
================================================================================
python-dirq-1.7-1.el6 (FEDORA-EPEL-2015-1ac94fc8d0)
Directory based queue
--------------------------------------------------------------------------------
Update Information:
Updated to latest upstream version.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1281769 - python-dirq-1.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1281769
--------------------------------------------------------------------------------
More information about the epel-devel
mailing list