The following Fedora EPEL 6 Security updates need testing:
Age URL
625
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031
python-virtualenv-12.0.7-1.el6
619
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168
rubygem-crack-0.3.2-2.el6
509
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb
mcollective-2.8.4-1.el6
480
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9
thttpd-2.25b-24.el6
211
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8594ed3a53
chicken-4.11.0-3.el6
91
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac
libbsd-0.8.3-2.el6
41
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-acd2c2af0d
nagios-4.2.4-4.el6
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-1ad70123a8 R-3.3.3-1.el6
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-75190374ce
moodle-2.7.19-1.el6
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-eb18b4839a
mbedtls-2.4.2-1.el6
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-b1bba0f99d
roundcubemail-1.0.9-2.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-da3e5ef08f
tcpreplay-4.2.1-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
fetch-crl-3.0.19-1.el6
openvpn-2.4.1-2.el6
perl-Plack-0.9974-2.el6.1
python-ansible-tower-cli-3.1.3-2.el6
tcpreplay-4.2.1-1.el6
Details about builds:
================================================================================
fetch-crl-3.0.19-1.el6 (FEDORA-EPEL-2017-f312129381)
Downloads Certificate Revocation Lists
--------------------------------------------------------------------------------
Update Information:
Changes in 3.0.19-1 ---------------------- * Do not add spurious newline to DER-
format files (fixes report 201670320-01) * run a script after the completion of
every fetch-crl run (uses postexec directive in config file)
--------------------------------------------------------------------------------
================================================================================
openvpn-2.4.1-2.el6 (FEDORA-EPEL-2017-3da5d4f25f)
A full-featured SSL VPN solution
--------------------------------------------------------------------------------
Update Information:
Updating to upstream OpenVPN v2.4.1. This update re-introduces a **DEPRECATED**
feature to, **--tls-remote** to enable v2.3 installations to upgrade. Users are
**STRONGLY** encouraged to update their configurations to use the newer option,
**--verify-x509-name**.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1435036 - openvpn-2.4.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1435036
--------------------------------------------------------------------------------
================================================================================
perl-Plack-0.9974-2.el6.1 (FEDORA-EPEL-2017-6bd09b4a27)
Perl Superglue for Web frameworks and Web Servers (PSGI toolkit)
--------------------------------------------------------------------------------
Update Information:
This is an implementation of Perl Server Gateway Interface.
--------------------------------------------------------------------------------
================================================================================
python-ansible-tower-cli-3.1.3-2.el6 (FEDORA-EPEL-2017-72e35f4a3b)
A CLI tool for Ansible Tower
--------------------------------------------------------------------------------
Update Information:
fix dependencies ---- update ---- Update ---- update to 3.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1430960 - python-ansible-tower-cli-v3.1.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1430960
--------------------------------------------------------------------------------
================================================================================
tcpreplay-4.2.1-1.el6 (FEDORA-EPEL-2017-da3e5ef08f)
Replay captured network traffic
--------------------------------------------------------------------------------
Update Information:
Here is what is fixed in this release: - Fix reporting of rates < 1Mbps (#348)
- Option --unique-ip not working properly (#346) ---- Features and fixes
include: - MAC rewriting capabilities by Pedro Arthur (#313) - Fix several
issues identified by Coverity (#305) - Packet distortion --fuzz-seed option by
Gabriel Ganne (#302) - Add --unique-ip-loops option to modify IPs every few
loops (#296) - Netmap startup delay increase (#290) - tcpcapinfo buffer overflow
vulnerablily (#278) - Update git-clone instructions by Kyle McDonald (#277) -
Allow fractions for --pps option (#270) - Print per-loop stats with --stats=0
(#269) - Add protection against packet drift by Guillaume Scott (#268) - Print
flow stats periodically with --stats output (#262) - Include Travis-CI build
support by Ilya Shipitsin (#264) (#285) - tcpreplay won't replay all packets in
a pcap file with --netmap (#255) - First and last packet times in --stats
output (#239) - Switch to wire speed after 30 minutes at 6 Gbps (#210) -
tcprewrite fix checksum properly for fragmented packets (#190) ---- Patch
CVE-2017-6429. Tcpcapinfo utility of Tcpreplay has a buffer overflow
vulnerability associated with parsing a crafted pcap file. This occurs in the
src/tcpcapinfo.c file when capture has a packet that is too large to handle.
References:
http://seclists.org/bugtraq/2017/Mar/22 Upstream bug:
https://github.com/appneta/tcpreplay/issues/278
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1429521 - CVE-2017-6429 tcpreplay: Buffer overflow in Tcpcapinfo utility
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1429521
[ 2 ] Bug #1429522 - CVE-2017-6429 tcpreplay: Buffer overflow in Tcpcapinfo utility
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1429522
--------------------------------------------------------------------------------