The following Fedora EPEL 6 Security updates need testing:
Age URL
308
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-4008
cross-binutils-2.23.51.0.3-1.el6.1
88
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828
chicken-4.9.0.1-4.el6
70
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031
python-virtualenv-12.0.7-1.el6
64
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168
rubygem-crack-0.3.2-2.el6
34
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7634
zabbix20-2.0.15-1.el6
15
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7875
onionshare-0.7.1-1.el6
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7917 moodle-2.6.11-1.el6
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7940 nrpe-2.15-6.el6
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7961
php-doctrine-cache-1.4.2-1.el6
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7963
php-doctrine-annotations-1.2.7-1.el6
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7994
seamonkey-2.28-7.ESR_31.8.0.el6
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8027
php-extras-5.3.3-4.el6
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8044 golang-1.5.1-0.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8091
zabbix22-2.2.10-1.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8102
wordpress-4.3.1-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
dar-2.4.18-1.el6
golang-github-AdRoll-goamz-0-0.1.gitf8c4952.el6
golang-github-Azure-azure-sdk-for-go-1.2-0.1.git97d9593.el6
golang-github-denverdino-aliyungo-0-0.1.git0e0f322.el6
golang-github-go-fsnotify-fsnotify-1.2.0-0.1.git96c060f.el6
golang-github-gorilla-handlers-0-0.1.git60c7bfd.el6
golang-github-ncw-swift-0-0.1.git22c8fa9.el6
golang-github-noahdesu-go-ceph-0.3.0-0.1.gitb15639c.el6
golang-github-stevvooe-resumable-0-0.1.git51ad441.el6
libmaxminddb-1.1.1-5.el6
reposurgeon-3.29-1.el6
wordpress-4.3.1-1.el6
Details about builds:
================================================================================
dar-2.4.18-1.el6 (FEDORA-EPEL-2015-8096)
Software for making/restoring incremental CD/DVD backups
--------------------------------------------------------------------------------
Update Information:
New upstream version dar-2.4.18-1.fc23 - New upstream version
dar-2.4.18-1.el7 - new upstream version dar-2.4.18-1.el6 - new upstream
version dar-2.4.18-1.el5 - new upstream version dar-2.4.18-1.fc22 - New
upstream version dar-2.4.18-1.fc21 - new upstream version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1258281 - dar-2.4.18 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1258281
--------------------------------------------------------------------------------
================================================================================
golang-github-AdRoll-goamz-0-0.1.gitf8c4952.el6 (FEDORA-EPEL-2015-8106)
Fork of the GOAMZ with additional functionality with DynamoDB
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1262714 - Review Request: golang-github-AdRoll-goamz - Fork of the GOAMZ with
additional functionality with DynamoDB
https://bugzilla.redhat.com/show_bug.cgi?id=1262714
--------------------------------------------------------------------------------
================================================================================
golang-github-Azure-azure-sdk-for-go-1.2-0.1.git97d9593.el6 (FEDORA-EPEL-2015-8105)
Microsoft Azure SDK for Go
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1262716 - Review Request: golang-github-Azure-azure-sdk-for-go - Microsoft
Azure SDK for Go
https://bugzilla.redhat.com/show_bug.cgi?id=1262716
--------------------------------------------------------------------------------
================================================================================
golang-github-denverdino-aliyungo-0-0.1.git0e0f322.el6 (FEDORA-EPEL-2015-8109)
Go SDK for Aliyun Services
--------------------------------------------------------------------------------
Update Information:
needed by docker/distribution
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1262704 - Review Request: golang-github-denverdino-aliyungo - Go SDK for
Aliyun Services
https://bugzilla.redhat.com/show_bug.cgi?id=1262704
--------------------------------------------------------------------------------
================================================================================
golang-github-go-fsnotify-fsnotify-1.2.0-0.1.git96c060f.el6 (FEDORA-EPEL-2015-8103)
File system notifications for Go
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1262426 - Review Request: golang-github-go-fsnotify-fsnotify - File system
notifications for Go
https://bugzilla.redhat.com/show_bug.cgi?id=1262426
--------------------------------------------------------------------------------
================================================================================
golang-github-gorilla-handlers-0-0.1.git60c7bfd.el6 (FEDORA-EPEL-2015-8108)
A collection of useful handlers for Go's net/http package
--------------------------------------------------------------------------------
Update Information:
needed by docker/distribution
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1262705 - Review Request: golang-github-gorilla-handlers - A collection of
useful handlers for Go's net/http package
https://bugzilla.redhat.com/show_bug.cgi?id=1262705
--------------------------------------------------------------------------------
================================================================================
golang-github-ncw-swift-0-0.1.git22c8fa9.el6 (FEDORA-EPEL-2015-8107)
Go language interface to Swift
--------------------------------------------------------------------------------
Update Information:
needed by docker/distribution
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1262710 - Review Request: golang-github-ncw-swift - Go language interface to
Swift
https://bugzilla.redhat.com/show_bug.cgi?id=1262710
--------------------------------------------------------------------------------
================================================================================
golang-github-noahdesu-go-ceph-0.3.0-0.1.gitb15639c.el6 (FEDORA-EPEL-2015-8104)
Go bindings for RADOS, RBD, and CephFS
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1262711 - Review Request: golang-github-noahdesu-go-ceph - Go bindings for
RADOS, RBD, and CephFS
https://bugzilla.redhat.com/show_bug.cgi?id=1262711
--------------------------------------------------------------------------------
================================================================================
golang-github-stevvooe-resumable-0-0.1.git51ad441.el6 (FEDORA-EPEL-2015-8110)
Subset of the Go `crypto` Package with a Resumable Hash Interface
--------------------------------------------------------------------------------
Update Information:
needed by docker/distribution
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1262709 - Review Request: golang-github-stevvooe-resumable - Subset of the Go
`crypto` Package with a Resumable Hash Interface
https://bugzilla.redhat.com/show_bug.cgi?id=1262709
--------------------------------------------------------------------------------
================================================================================
libmaxminddb-1.1.1-5.el6 (FEDORA-EPEL-2015-8095)
C library for the MaxMind DB file format
--------------------------------------------------------------------------------
Update Information:
C library for the MaxMind DB file format
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1258874 - Review Request: libmaxminddb - C library for the MaxMind DB file
format
https://bugzilla.redhat.com/show_bug.cgi?id=1258874
--------------------------------------------------------------------------------
================================================================================
reposurgeon-3.29-1.el6 (FEDORA-EPEL-2015-8112)
SCM Repository Manipulation Tool
--------------------------------------------------------------------------------
Update Information:
# 3.29: 2015-09-02 * Now included: git aliases that allow git to work with
action stamps. * **The new `repomapper` tool helps prepare contributor maps.** *
Use of branchify/branchify_map is now less likely to produce invalid resets. *
`branchify_map` has been changed to handle subdirectories better. `branchify_map
reset` actually works now. * Prevent a crash on empty SVN comments produced by
dumpfiltering. * `assign` command with no selection set or arguments lists
assignments. * New `--user-ignores` option on Subversion reads passes through
.gitignores. * `repotool initialize` now generates an easier-to-read conversion
makefile (Fedora: Used to be conversion.mk in /usr/share/doc/reposurgeon).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1259536 - reposurgeon-3.29 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1259536
--------------------------------------------------------------------------------
================================================================================
wordpress-4.3.1-1.el6 (FEDORA-EPEL-2015-8102)
Blog tool and publishing platform
--------------------------------------------------------------------------------
Update Information:
**WordPress 4.3.1 Security and Maintenance Release** [Upstream
announcement](https://wordpress.org/news/2015/09/wordpress-4-3-1/): WordPress
4.3.1 is now available. This is a security release for all previous versions and
we strongly encourage you to update your sites immediately. This release
addresses three issues, including two cross-site scripting vulnerabilities and a
potential privilege escalation. * WordPress versions 4.3 and earlier are
vulnerable to a cross-site scripting vulnerability when processing shortcode
tags (CVE-2015-5714). Reported by Shahar Tal and Netanel Rubin of Check Point. *
A separate cross-site scripting vulnerability was found in the user list table.
Reported by Ben Bidner of the WordPress security team. * Finally, in certain
cases, users without proper permissions could publish private posts and make
them sticky (CVE-2015-5715). Reported by Shahar Tal and Netanel Rubin of Check
Point. WordPress 4.3.1 also fixes twenty-six bugs. For more information, see
the [release
notes](https://codex.wordpress.org/Version_4.3.1) or consult the
[list of
changes](https://core.trac.wordpress.org/log/branches/4.3/?rev=34199&st
op_rev=33647).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1263657 - CVE-2015-5714 CVE-2015-5715 wordpress: XSS and permission issue
fixed in wordpress 4.3.1
https://bugzilla.redhat.com/show_bug.cgi?id=1263657
--------------------------------------------------------------------------------