The following Fedora EPEL 6 Security updates need testing:
Age URL
553
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031
python-virtualenv-12.0.7-1.el6
547
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168
rubygem-crack-0.3.2-2.el6
479
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6
437
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb
mcollective-2.8.4-1.el6
409
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9
thttpd-2.25b-24.el6
139
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8594ed3a53
chicken-4.11.0-3.el6
19
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac
libbsd-0.8.3-2.el6
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-62450e4e38
libpng10-1.0.67-1.el6
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-284a1cc356
exim-4.88-1.el6
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8c6c7bf06e
dbus-sharp-0.7.0-16.el6 dbus-sharp-glib-0.5.0-14.el6 mono-4.2.4-9.el6
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7d479b3940
php-PHPMailer-5.2.22-1.el6
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-50bd111169
icoutils-0.31.1-1.el6
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4e597458f1
php-ZendFramework2-2.2.10-3.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-c29445aed4
gnutls30-3.5.8-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
carbon-c-relay-2.5-1.el6
euca2ools-3.4.0-1.el6
globus-common-16.9-1.el6
globus-gsi-callback-5.13-1.el6
globus-gsi-cert-utils-9.16-1.el6
globus-gsi-openssl-error-3.8-1.el6
globus-gss-assist-10.21-1.el6
globus-proxy-utils-6.19-1.el6
gnutls30-3.5.8-1.el6
golang-github-kr-fs-0-0.8.git2788f0d.el6
golang-github-pelletier-go-buffruneio-0-0.1.gitdf1e16f.el6
golang-github-pkg-errors-0.7.1-0.2.gita887431.el6
golang-github-pkg-sftp-0-0.1.git8197a2e.el6
myproxy-6.1.25-1.el6
Details about builds:
================================================================================
carbon-c-relay-2.5-1.el6 (FEDORA-EPEL-2017-2677ef7505)
Enhanced C implementation of Carbon relay, aggregator and rewriter
--------------------------------------------------------------------------------
Update Information:
Update to 2.5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1392644 - carbon-c-relay-v2.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1392644
--------------------------------------------------------------------------------
================================================================================
euca2ools-3.4.0-1.el6 (FEDORA-EPEL-2017-43f23133a2)
Eucalyptus/AWS-compatible command line tools
--------------------------------------------------------------------------------
Update Information:
This update adds support for NAT gateways, CloudFormation template attributes,
new AWS regions, and more. For a complete list of changes, see the [upstream
release
notes](https://docs.eucalyptus.com/eucalyptus/4.3.1/#euca2ools-release-
notes/rn_index_3.4.0.html).
--------------------------------------------------------------------------------
================================================================================
globus-common-16.9-1.el6 (FEDORA-EPEL-2017-c6bb4adf8f)
Globus Toolkit - Common Library
--------------------------------------------------------------------------------
Update Information:
globus-common-16.9-1 - Fix crash in globus_eval_path globus-gsi-
callback-5.13-1 - Fix crash with OpenSSL 1.1.0 with a CRL (issue #87) globus-
gsi-cert-utils-9.16-1 - Add const qualifier to avoid casting with OpensSL 1.1.0
globus-gsi-openssl-error-3.8-1 - Alter dependency order to avoid mixing SSL
version globus-gss-assist-10.21-1 - Slow grid-mapfile-delete-entry (issue #84)
globus-proxy-utils-6.19-1 - Fix RSA key checking myproxy-6.1.25-1 - Fixes for
OpenSSL 1.1.0
--------------------------------------------------------------------------------
================================================================================
globus-gsi-callback-5.13-1.el6 (FEDORA-EPEL-2017-c6bb4adf8f)
Globus Toolkit - Globus GSI Callback Library
--------------------------------------------------------------------------------
Update Information:
globus-common-16.9-1 - Fix crash in globus_eval_path globus-gsi-
callback-5.13-1 - Fix crash with OpenSSL 1.1.0 with a CRL (issue #87) globus-
gsi-cert-utils-9.16-1 - Add const qualifier to avoid casting with OpensSL 1.1.0
globus-gsi-openssl-error-3.8-1 - Alter dependency order to avoid mixing SSL
version globus-gss-assist-10.21-1 - Slow grid-mapfile-delete-entry (issue #84)
globus-proxy-utils-6.19-1 - Fix RSA key checking myproxy-6.1.25-1 - Fixes for
OpenSSL 1.1.0
--------------------------------------------------------------------------------
================================================================================
globus-gsi-cert-utils-9.16-1.el6 (FEDORA-EPEL-2017-c6bb4adf8f)
Globus Toolkit - Globus GSI Cert Utils Library
--------------------------------------------------------------------------------
Update Information:
globus-common-16.9-1 - Fix crash in globus_eval_path globus-gsi-
callback-5.13-1 - Fix crash with OpenSSL 1.1.0 with a CRL (issue #87) globus-
gsi-cert-utils-9.16-1 - Add const qualifier to avoid casting with OpensSL 1.1.0
globus-gsi-openssl-error-3.8-1 - Alter dependency order to avoid mixing SSL
version globus-gss-assist-10.21-1 - Slow grid-mapfile-delete-entry (issue #84)
globus-proxy-utils-6.19-1 - Fix RSA key checking myproxy-6.1.25-1 - Fixes for
OpenSSL 1.1.0
--------------------------------------------------------------------------------
================================================================================
globus-gsi-openssl-error-3.8-1.el6 (FEDORA-EPEL-2017-c6bb4adf8f)
Globus Toolkit - Globus OpenSSL Error Handling
--------------------------------------------------------------------------------
Update Information:
globus-common-16.9-1 - Fix crash in globus_eval_path globus-gsi-
callback-5.13-1 - Fix crash with OpenSSL 1.1.0 with a CRL (issue #87) globus-
gsi-cert-utils-9.16-1 - Add const qualifier to avoid casting with OpensSL 1.1.0
globus-gsi-openssl-error-3.8-1 - Alter dependency order to avoid mixing SSL
version globus-gss-assist-10.21-1 - Slow grid-mapfile-delete-entry (issue #84)
globus-proxy-utils-6.19-1 - Fix RSA key checking myproxy-6.1.25-1 - Fixes for
OpenSSL 1.1.0
--------------------------------------------------------------------------------
================================================================================
globus-gss-assist-10.21-1.el6 (FEDORA-EPEL-2017-c6bb4adf8f)
Globus Toolkit - GSSAPI Assist library
--------------------------------------------------------------------------------
Update Information:
globus-common-16.9-1 - Fix crash in globus_eval_path globus-gsi-
callback-5.13-1 - Fix crash with OpenSSL 1.1.0 with a CRL (issue #87) globus-
gsi-cert-utils-9.16-1 - Add const qualifier to avoid casting with OpensSL 1.1.0
globus-gsi-openssl-error-3.8-1 - Alter dependency order to avoid mixing SSL
version globus-gss-assist-10.21-1 - Slow grid-mapfile-delete-entry (issue #84)
globus-proxy-utils-6.19-1 - Fix RSA key checking myproxy-6.1.25-1 - Fixes for
OpenSSL 1.1.0
--------------------------------------------------------------------------------
================================================================================
globus-proxy-utils-6.19-1.el6 (FEDORA-EPEL-2017-c6bb4adf8f)
Globus Toolkit - Globus GSI Proxy Utility Programs
--------------------------------------------------------------------------------
Update Information:
globus-common-16.9-1 - Fix crash in globus_eval_path globus-gsi-
callback-5.13-1 - Fix crash with OpenSSL 1.1.0 with a CRL (issue #87) globus-
gsi-cert-utils-9.16-1 - Add const qualifier to avoid casting with OpensSL 1.1.0
globus-gsi-openssl-error-3.8-1 - Alter dependency order to avoid mixing SSL
version globus-gss-assist-10.21-1 - Slow grid-mapfile-delete-entry (issue #84)
globus-proxy-utils-6.19-1 - Fix RSA key checking myproxy-6.1.25-1 - Fixes for
OpenSSL 1.1.0
--------------------------------------------------------------------------------
================================================================================
gnutls30-3.5.8-1.el6 (FEDORA-EPEL-2017-c29445aed4)
A TLS protocol implementation
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2017-5337, CVE-2017-5336
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1411836 - CVE-2017-5337 gnutls: Heap read overflow in read-packet.c
https://bugzilla.redhat.com/show_bug.cgi?id=1411836
[ 2 ] Bug #1412236 - CVE-2017-5336 gnutls: Stack overflow in cdk_pk_get_keyid
https://bugzilla.redhat.com/show_bug.cgi?id=1412236
[ 3 ] Bug #1412235 - CVE-2017-5335 gnutls: Out of memory while parsing crafted OpenPGP
certificate
https://bugzilla.redhat.com/show_bug.cgi?id=1412235
--------------------------------------------------------------------------------
================================================================================
golang-github-kr-fs-0-0.8.git2788f0d.el6 (FEDORA-EPEL-2017-319487df96)
Provides Go filesystem-related functions
--------------------------------------------------------------------------------
Update Information:
Polish the spec file ---- Update spec file to spec-2.0 new golang package
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1250492 - Tracker for golang-github-kr-fs
https://bugzilla.redhat.com/show_bug.cgi?id=1250492
[ 2 ] Bug #1148447 - Review Request: golang-github-kr-fs - Provides Go
filesystem-related functions
https://bugzilla.redhat.com/show_bug.cgi?id=1148447
--------------------------------------------------------------------------------
================================================================================
golang-github-pelletier-go-buffruneio-0-0.1.gitdf1e16f.el6 (FEDORA-EPEL-2017-a7eba3c01a)
Wrapper around bufio to provide buffered runes access with unlimited unreads
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1387178 - Review Request: golang-github-pelletier-go-buffruneio - Wrapper
around bufio to provide buffered runes access with unlimited unreads
https://bugzilla.redhat.com/show_bug.cgi?id=1387178
--------------------------------------------------------------------------------
================================================================================
golang-github-pkg-errors-0.7.1-0.2.gita887431.el6 (FEDORA-EPEL-2017-b881eef27b)
Simple error handling primitives
--------------------------------------------------------------------------------
Update Information:
Extend the default architectures, consolidate with_ macros ---- First package
for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1387115 - Review Request: golang-github-pkg-errors - Simple error handling
primitives
https://bugzilla.redhat.com/show_bug.cgi?id=1387115
--------------------------------------------------------------------------------
================================================================================
golang-github-pkg-sftp-0-0.1.git8197a2e.el6 (FEDORA-EPEL-2017-0a52c655ae)
SFTP support for the go.crypto/ssh package
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1387131 - Review Request: golang-github-pkg-sftp - SFTP support for the
go.crypto/ssh package
https://bugzilla.redhat.com/show_bug.cgi?id=1387131
--------------------------------------------------------------------------------
================================================================================
myproxy-6.1.25-1.el6 (FEDORA-EPEL-2017-c6bb4adf8f)
Manage X.509 Public Key Infrastructure (PKI) security credentials
--------------------------------------------------------------------------------
Update Information:
globus-common-16.9-1 - Fix crash in globus_eval_path globus-gsi-
callback-5.13-1 - Fix crash with OpenSSL 1.1.0 with a CRL (issue #87) globus-
gsi-cert-utils-9.16-1 - Add const qualifier to avoid casting with OpensSL 1.1.0
globus-gsi-openssl-error-3.8-1 - Alter dependency order to avoid mixing SSL
version globus-gss-assist-10.21-1 - Slow grid-mapfile-delete-entry (issue #84)
globus-proxy-utils-6.19-1 - Fix RSA key checking myproxy-6.1.25-1 - Fixes for
OpenSSL 1.1.0
--------------------------------------------------------------------------------