The following Fedora EPEL 6 Security updates need testing:
Age URL
707
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031
python-virtualenv-12.0.7-1.el6
701
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168
rubygem-crack-0.3.2-2.el6
591
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb
mcollective-2.8.4-1.el6
563
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9
thttpd-2.25b-24.el6
173
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac
libbsd-0.8.3-2.el6
69
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-c0d33ae70f
tnef-1.4.14-1.el6
33
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6ee18d1c7b
openvpn-2.4.2-1.el6
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5279a157d2
ansible-2.3.1.0-1.el6
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-f70a51bd19
tomcat-7.0.78-1.el6
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-23f4cb5d02
lxc-1.0.10-2.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-16880697fe
nagios-4.3.2-3.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
RackTables-0.20.13-1.el6
configsnap-0.12-2.el6
golang-github-hashicorp-go-sockaddr-0-0.2.gitaf174a6.el6
nagios-4.3.2-3.el6
nrpe-3.1.1-1.el6
Details about builds:
================================================================================
RackTables-0.20.13-1.el6 (FEDORA-EPEL-2017-4403f9f945)
A data-center asset management system
--------------------------------------------------------------------------------
Update Information:
Rebase to v0.20.13
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1450545 - RackTables-0.20.13 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1450545
--------------------------------------------------------------------------------
================================================================================
configsnap-0.12-2.el6 (FEDORA-EPEL-2017-bc25246996)
Record and compare system state
--------------------------------------------------------------------------------
Update Information:
Update to 0.12
--------------------------------------------------------------------------------
================================================================================
golang-github-hashicorp-go-sockaddr-0-0.2.gitaf174a6.el6 (FEDORA-EPEL-2017-00676cdff1)
IP Address/UNIX Socket convenience functions for Go
--------------------------------------------------------------------------------
Update Information:
Remove cyclic dep
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1410393 - Review Request: golang-github-hashicorp-go-sockaddr - IP
Address/UNIX Socket convenience functions for Go
https://bugzilla.redhat.com/show_bug.cgi?id=1410393
--------------------------------------------------------------------------------
================================================================================
nagios-4.3.2-3.el6 (FEDORA-EPEL-2017-16880697fe)
Host/service/network monitoring program
--------------------------------------------------------------------------------
Update Information:
Update to latest in git ---- Updated from 4.3.1 maint to 4.3.2 ---- We find
out that RHEL-6 does not like non-UTF so removed German translation ---- Major
update to Nagios to address outstanding Security needs. ----
nagios-4.0.8-1.fc21 nagios-4.0.8-1.fc22 nagios-4.0.8-1.el6 nagios-4.0.8-1.el7
nagios-4.0.8-1.fc23 - update to 4.0.8
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #469320 - CVE-2008-4796 snoopy: command execution via shell metacharacters
https://bugzilla.redhat.com/show_bug.cgi?id=469320
[ 2 ] Bug #958002 - CVE-2013-4214 Nagios core: html/rss-newsfeed.php insecure temporary
file usage
https://bugzilla.redhat.com/show_bug.cgi?id=958002
[ 3 ] Bug #1046113 - CVE-2013-7108 CVE-2013-7205 nagios: denial of service due to
off-by-one flaw in process_cgivars()
https://bugzilla.redhat.com/show_bug.cgi?id=1046113
--------------------------------------------------------------------------------
================================================================================
nrpe-3.1.1-1.el6 (FEDORA-EPEL-2017-92879f40b9)
Host/service/network monitoring agent for Nagios
--------------------------------------------------------------------------------
Update Information:
Update to 3.1.1 ---- Grab updates from upstream to see why nrpe fails on
fedora but not rhel ---- Move to using original nirik nrpe service file for
systemd. It worked and the others dont ---- update to 3.1.0 ---- Fixed pid
location ---- Update to 3.0.1. Major update but upstream is no longer
supporting old code.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #970997 - Allow multiple packets to be received
https://bugzilla.redhat.com/show_bug.cgi?id=970997
[ 2 ] Bug #1236081 - nrpe: /var/run/nrpe owner mismatch
https://bugzilla.redhat.com/show_bug.cgi?id=1236081
[ 3 ] Bug #1275870 - NRPE initscript does not read PID file when calling
status/killproc
https://bugzilla.redhat.com/show_bug.cgi?id=1275870
[ 4 ] Bug #1318773 - nrpe.service sets User/Group, prevents normal .cfg user/group
setting
https://bugzilla.redhat.com/show_bug.cgi?id=1318773
[ 5 ] Bug #1359858 - NRPE causes SELinux denials
https://bugzilla.redhat.com/show_bug.cgi?id=1359858
[ 6 ] Bug #1411705 - allowed_hosts doesn't work, if one of the hostnames can't
be resolved by dns
https://bugzilla.redhat.com/show_bug.cgi?id=1411705
[ 7 ] Bug #1412214 - NRPE systemd service file does not support reload command
https://bugzilla.redhat.com/show_bug.cgi?id=1412214
[ 8 ] Bug #1190708 - nrpe.service does not support reload for systemd
https://bugzilla.redhat.com/show_bug.cgi?id=1190708
--------------------------------------------------------------------------------