The following Fedora EPEL 6 Security updates need testing:
Age URL
527
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031
python-virtualenv-12.0.7-1.el6
521
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168
rubygem-crack-0.3.2-2.el6
452
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6
411
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb
mcollective-2.8.4-1.el6
383
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9
thttpd-2.25b-24.el6
113
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8594ed3a53
chicken-4.11.0-3.el6
53
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-cb5398893b
nodejs-0.10.48-3.el6
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8482adf875
php-simplesamlphp-saml2-2.3.3-1.el6 php-simplesamlphp-saml2_1-1.10.3-1.el6
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-5ddfd80ad5
lxc-1.0.9-1.el6
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-851b04cffd
golang-1.7.4-1.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-681fa1a146
hdf5-1.8.5.patch1-10.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-a9e593c654
game-music-emu-0.6.1-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
game-music-emu-0.6.1-1.el6
golang-github-akrennmair-gopcap-0-0.3.git00e1103.el6
golang-github-golang-appengine-0-0.9.git6a43653.el6
golang-github-grpc-grpc-go-1.0.0-0.2.git231b4cf.el6
golang-google-golangorg-cloud-0-0.10.git872c736.el6
golang-googlecode-goauth2-0-0.18.git1364adb.el6
golang-googlecode-google-api-client-0-0.16.gite6294e6.el6
hdf5-1.8.5.patch1-10.el6
nordugrid-arc-5.2.1-1.el6
pcre2-10.21-11.el6
php-horde-Horde-Dav-1.1.4-1.el6
Details about builds:
================================================================================
game-music-emu-0.6.1-1.el6 (FEDORA-EPEL-2016-a9e593c654)
Video game music file emulation/playback library
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2016-9957, CVE-2016-9958, CVE-2016-9959, CVE-2016-9960,
CVE-2016-9961
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1405024 - game-music-emu-0.6.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1405024
--------------------------------------------------------------------------------
================================================================================
golang-github-akrennmair-gopcap-0-0.3.git00e1103.el6 (FEDORA-EPEL-2016-adc4f8e9ae)
A simple wrapper around libpcap for the Go programming language
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1405532 - Tracker for golang-github-akrennmair-gopcap
https://bugzilla.redhat.com/show_bug.cgi?id=1405532
--------------------------------------------------------------------------------
================================================================================
golang-github-golang-appengine-0-0.9.git6a43653.el6 (FEDORA-EPEL-2016-d5c0ffcfe9)
Go App Engine for Managed VMs
--------------------------------------------------------------------------------
Update Information:
Bump to upstream 6a436539be38c296a8075a871cc536686b458371 ---- Polish the spec
file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1249049 - Tracker for golang-github-golang-appengine
https://bugzilla.redhat.com/show_bug.cgi?id=1249049
--------------------------------------------------------------------------------
================================================================================
golang-github-grpc-grpc-go-1.0.0-0.2.git231b4cf.el6 (FEDORA-EPEL-2016-28e31b6cf5)
The Go language implementation of gRPC. HTTP/2 based RPC
--------------------------------------------------------------------------------
Update Information:
Polish the spec file ---- Give back example provides, they are actually used
by golang-github-cockroachdb-cmux-unit-test-devel ---- Bump to upstream
02fca896ff5f50c6bbbee0860345a49344b37a03 ---- Bump to upstream
e78224b060cf3215247b7be455f80ea22e469b66
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1250461 - Tracker for golang-github-grpc-grpc-go
https://bugzilla.redhat.com/show_bug.cgi?id=1250461
--------------------------------------------------------------------------------
================================================================================
golang-google-golangorg-cloud-0-0.10.git872c736.el6 (FEDORA-EPEL-2016-f00812c4ce)
Google Cloud Platform APIs related types and common functions
--------------------------------------------------------------------------------
Update Information:
Bump to upstream 872c736f496c2ba12786bedbb8325576bbdb33cf
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1246239 - Tracker for golang-google-golangorg-cloud
https://bugzilla.redhat.com/show_bug.cgi?id=1246239
--------------------------------------------------------------------------------
================================================================================
golang-googlecode-goauth2-0-0.18.git1364adb.el6 (FEDORA-EPEL-2016-01dcdc30a9)
OAuth 2.0 for Go clients
--------------------------------------------------------------------------------
Update Information:
Polish the spec file ---- Bump to upstream
1364adb2c63445016c5ed4518fc71f6a3cda6169 ---- Update spec file to spec-2.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1227273 - Tracker for golang-googlecode-goauth2
https://bugzilla.redhat.com/show_bug.cgi?id=1227273
--------------------------------------------------------------------------------
================================================================================
golang-googlecode-google-api-client-0-0.16.gite6294e6.el6 (FEDORA-EPEL-2016-9a38a25e53)
Go libraries for "new style" Google APIs
--------------------------------------------------------------------------------
Update Information:
Bump to upstream e6294e63a06b2be522ff3d328d8cacded0b1bd31
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1250521 - Tracker for golang-googlecode-google-api-client
https://bugzilla.redhat.com/show_bug.cgi?id=1250521
--------------------------------------------------------------------------------
================================================================================
hdf5-1.8.5.patch1-10.el6 (FEDORA-EPEL-2016-681fa1a146)
A general purpose library and file format for storing scientific data
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2016-4330, CVE-2016-4331, CVE-2016-4332, CVE-2016-4333
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1397708 - CVE-2016-4333 hdf5: H5T_COMPOUND heap buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=1397708
[ 2 ] Bug #1397707 - CVE-2016-4332 hdf5: Shareable message type out-of-bounds write
https://bugzilla.redhat.com/show_bug.cgi?id=1397707
[ 3 ] Bug #1397704 - CVE-2016-4331 hdf5: H5Z_NBIT heap buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=1397704
[ 4 ] Bug #1397701 - CVE-2016-4330 hdf5: H5T_ARRAY heap buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=1397701
--------------------------------------------------------------------------------
================================================================================
nordugrid-arc-5.2.1-1.el6 (FEDORA-EPEL-2016-f88b057c39)
Advanced Resource Connector Grid Middleware
--------------------------------------------------------------------------------
Update Information:
ARC 5.2.1
--------------------------------------------------------------------------------
================================================================================
pcre2-10.21-11.el6 (FEDORA-EPEL-2016-970ee92c37)
Perl-compatible regular expression library
--------------------------------------------------------------------------------
Update Information:
This release fixes crashes in substitution when starting offset was specified
beyond the subject end or when an extended substition for \p, \P, or \X was
performed. ---- This release fixes "pcre2-config --libs-posix" output, a
memory leak in pcre2test tool, a buffer overflow in the library when partial-
matching for CR-LF in an empty buffer and a crash in pcre2test tool when
diplaying wide characters.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Dav-1.1.4-1.el6 (FEDORA-EPEL-2016-6db8c9d9f3)
Horde library for WebDAV, CalDAV, CardDAV
--------------------------------------------------------------------------------
Update Information:
**Horde_Dav 1.1.4** * [jan] Fix throwing exceptions from Lock backend (Bug
#14520). * [jan] Mark PHP 7 as supported. * [jan] Update to SabreDAV 1.8.12
(Only redirect client to HTTP and HTTPS urls; Support empty user names and
passwords in basic authentication).
--------------------------------------------------------------------------------