The following Fedora EPEL 6 Security updates need testing:
Age URL
938
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3....
157
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7....
28
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3434/pylint-1.3....
24
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3527/asterisk-1....
18
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3647/konversatio...
18
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3623/Pound-2.6-2...
14
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3748/tnftp-20141...
11
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3790/facter-1.6....
6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3851/python-requ...
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3927/drupal7-cke...
3
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3962/oath-toolki...
3
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4005/nginx-1.0.1...
3
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4008/cross-binut...
3
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3975/polarssl-1....
3
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2069/php-channel...
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4057/moodle-2.5....
The following builds have been pushed to Fedora EPEL 6 updates-testing
globus-ftp-client-8.16-1.el6
globus-ftp-control-6.3-1.el6
globus-gass-copy-9.13-1.el6
globus-gatekeeper-10.9-1.el6
globus-gram-audit-4.4-1.el6
globus-gram-client-13.11-1.el6
globus-gram-job-manager-14.25-1.el6
globus-gram-job-manager-slurm-2.5-1.el6
globus-gram-protocol-12.12-2.el6
globus-gridftp-server-7.15-1.el6
globus-gss-assist-10.13-1.el6
globus-gssapi-gsi-11.14-1.el6
globus-io-11.2-1.el6
globus-scheduler-event-generator-5.8-1.el6
globus-simple-ca-4.17-1.el6
globus-xio-4.17-1.el6
jabberd-2.2.14-6.el6
kobo-0.5.0-1.el6
llvm-3.4.2-2.el6
lynis-1.6.4-1.el6
perl-App-Daemon-0.22-1.el6
ssh-installkeys-1.9-1.el6
Details about builds:
================================================================================
globus-ftp-client-8.16-1.el6 (FEDORA-EPEL-2014-4079)
Globus Toolkit - GridFTP Client Library
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream sources. Drop most patches - now accepted upstream. Fix some
tests.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 13 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 8.16-1
- GT6 update
- Drop patch globus-ftp-client-undef-macro.patch (fixed upstream)
--------------------------------------------------------------------------------
================================================================================
globus-ftp-control-6.3-1.el6 (FEDORA-EPEL-2014-4079)
Globus Toolkit - GridFTP Control Library
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream sources. Drop most patches - now accepted upstream. Fix some
tests.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 13 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 6.3-1
- GT6 update
- Drop patches globus-ftp-control-memleak.patch and
globus-ftp-control-tests-localhost.patch (fixed upstream)
--------------------------------------------------------------------------------
================================================================================
globus-gass-copy-9.13-1.el6 (FEDORA-EPEL-2014-4079)
Globus Toolkit - Globus Gass Copy
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream sources. Drop most patches - now accepted upstream. Fix some
tests.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 13 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 9.13-1
- GT6 update
--------------------------------------------------------------------------------
================================================================================
globus-gatekeeper-10.9-1.el6 (FEDORA-EPEL-2014-4079)
Globus Toolkit - Globus Gatekeeper
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream sources. Drop most patches - now accepted upstream. Fix some
tests.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 13 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 10.9-1
- GT6 update
--------------------------------------------------------------------------------
================================================================================
globus-gram-audit-4.4-1.el6 (FEDORA-EPEL-2014-4079)
Globus Toolkit - GRAM Jobmanager Auditing
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream sources. Drop most patches - now accepted upstream. Fix some
tests.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 13 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 4.4-1
- GT6 update
- Drop patch globus-gram-audit-macro.patch (fixed upstream)
--------------------------------------------------------------------------------
================================================================================
globus-gram-client-13.11-1.el6 (FEDORA-EPEL-2014-4079)
Globus Toolkit - GRAM Client Library
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream sources. Drop most patches - now accepted upstream. Fix some
tests.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 13 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 13.11-1
- GT6 update
- Set GLOBUS_HOSTNAME during make check
--------------------------------------------------------------------------------
================================================================================
globus-gram-job-manager-14.25-1.el6 (FEDORA-EPEL-2014-4079)
Globus Toolkit - GRAM Jobmanager
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream sources. Drop most patches - now accepted upstream. Fix some
tests.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 13 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 14.25-1
- GT6 update
- Drop patch globus-gram-job-manager-personal-gk.patch (fixed upstream)
--------------------------------------------------------------------------------
================================================================================
globus-gram-job-manager-slurm-2.5-1.el6 (FEDORA-EPEL-2014-4079)
Globus Toolkit - SLURM Job Manager Support
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream sources. Drop most patches - now accepted upstream. Fix some
tests.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 13 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 2.5-1
- GT6 update
--------------------------------------------------------------------------------
================================================================================
globus-gram-protocol-12.12-2.el6 (FEDORA-EPEL-2014-4079)
Globus Toolkit - GRAM Protocol Library
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream sources. Drop most patches - now accepted upstream. Fix some
tests.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 14 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 12.12-2
- Set GLOBUS_HOSTNAME during make check
--------------------------------------------------------------------------------
================================================================================
globus-gridftp-server-7.15-1.el6 (FEDORA-EPEL-2014-4079)
Globus Toolkit - Globus GridFTP Server
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream sources. Drop most patches - now accepted upstream. Fix some
tests.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 13 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 7.15-1
- GT6 update
- Drop patch globus-gridftp-server-ipv6log.patch (fixed upstream)
--------------------------------------------------------------------------------
================================================================================
globus-gss-assist-10.13-1.el6 (FEDORA-EPEL-2014-4079)
Globus Toolkit - GSSAPI Assist library
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream sources. Drop most patches - now accepted upstream. Fix some
tests.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 13 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 10.13-1
- GT6 update
- Drop patch globus-gss-assist-doxygen.patch (fixed upstream)
--------------------------------------------------------------------------------
================================================================================
globus-gssapi-gsi-11.14-1.el6 (FEDORA-EPEL-2014-4079)
Globus Toolkit - GSSAPI library
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream sources. Drop most patches - now accepted upstream. Fix some
tests.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 13 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 11.14-1
- GT6 update
- Drop patch globus-gssapi-gsi-doxygen.patch (fixed upstream)
--------------------------------------------------------------------------------
================================================================================
globus-io-11.2-1.el6 (FEDORA-EPEL-2014-4079)
Globus Toolkit - uniform I/O interface
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream sources. Drop most patches - now accepted upstream. Fix some
tests.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 13 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 11.2-1
- GT6 update
- Drop patch globus-io-tests-localhost.patch (fixed upstream)
--------------------------------------------------------------------------------
================================================================================
globus-scheduler-event-generator-5.8-1.el6 (FEDORA-EPEL-2014-4079)
Globus Toolkit - Scheduler Event Generator
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream sources. Drop most patches - now accepted upstream. Fix some
tests.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 13 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 5.8-1
- GT6 update
- Drop patch globus-scheduler-event-generator-manpages.patch (fixed upstream)
--------------------------------------------------------------------------------
================================================================================
globus-simple-ca-4.17-1.el6 (FEDORA-EPEL-2014-4079)
Globus Toolkit - Simple CA Utility
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream sources. Drop most patches - now accepted upstream. Fix some
tests.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 13 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 4.17-1
- GT6 update
--------------------------------------------------------------------------------
================================================================================
globus-xio-4.17-1.el6 (FEDORA-EPEL-2014-4079)
Globus Toolkit - Globus XIO Framework
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream sources. Drop most patches - now accepted upstream. Fix some
tests.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 13 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 4.17-1
- GT6 update
- Drop patches globus-xio-http-tests-localhost.patch and
globus-xio-http-tests-header-name-value.patch (fixed upstream)
--------------------------------------------------------------------------------
================================================================================
jabberd-2.2.14-6.el6 (FEDORA-EPEL-2014-4094)
OpenSource server implementation of the Jabber protocols
--------------------------------------------------------------------------------
Update Information:
applied patch for "jabberd and init script issue" (#1161616)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 14 2014 Adrian Reber <adrian(a)lisas.de> - 2.2.14-6
- applied patch for "jabberd and init script issue" (#1161616)
provided by Tomas Lestach
- made rpmlint happy (changelog dates)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1161616 - jabberd and init script issue
https://bugzilla.redhat.com/show_bug.cgi?id=1161616
--------------------------------------------------------------------------------
================================================================================
kobo-0.5.0-1.el6 (FEDORA-EPEL-2014-4085)
Python modules for tools development
--------------------------------------------------------------------------------
Update Information:
New upstream version.
Bump to new upstream release: 0.4.3
Bump to new upstream release: 0.4.3
Bump to new upstream release: 0.4.3
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 15 2014 Daniel Mach <dmach(a)redhat.com> - 0.5.0-1
- Modify shortcuts.run() to pass all **kwargs to Popen(). (Daniel Mach)
- Admin page for kobo.auth.User (Tomas Kopecek)
- Unset active menu if no other menu is active (Lubomír Sedlář)
- Allow rendering menu for bootstrap's navbar (Lubomír Sedlář)
- Handle menu items without text as dividers (Lubomír Sedlář)
- allow --force in resubmit-tasks CLI command (Tomas Kopecek)
- Django 1.6 db transaction model (Tomas Kopecek)
- CLI command for viewing log files (Tomas Kopecek)
- Display overall time in task page (Tomas Kopecek)
- Fix shortcuts.run() to handle errno.EINTR correctly. (Tomas Tomecek)
- Don't count assigned tasks into worker load. (Tomas Tomecek)
- Human readable state exceptions. (Tomas Kopecek)
- Human readable JSONField. (Tomas Kopecek)
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.4.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Fri Jan 17 2014 Daniel Mach <dmach(a)redhat.com> - 0.4.3-1
- Rename User model to properly adjust to older db schema. (Tomas Kopecek)
- Fix typo in login template. (Tomas Kopecek)
- Switch from simplejson to json. (Daniel Mach)
--------------------------------------------------------------------------------
================================================================================
llvm-3.4.2-2.el6 (FEDORA-EPEL-2014-4086)
The Low Level Virtual Machine
--------------------------------------------------------------------------------
Update Information:
Add support for using devtoolset
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 15 2014 Dave Johansen <davejohansen(a)gmail.com> 3.4.2-2
- Adding support for using devtoolset
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1139077 - Automatic selection of devtoolset for clang
https://bugzilla.redhat.com/show_bug.cgi?id=1139077
--------------------------------------------------------------------------------
================================================================================
lynis-1.6.4-1.el6 (FEDORA-EPEL-2014-4082)
Security and system auditing tool
--------------------------------------------------------------------------------
Update Information:
== 1.6.4 (2014-11-04) ==
New:
- Boot loader detection for AIX [BOOT-5102]
- Detection of getcap and lsvg binary
- Added filesystem_ext to report
- Detect rootsh
Changes:
- Hide errors when RPM database is faulty and show suggestion instead [PKGS-7308]
- Allow OpenBSD to gather information on listening network ports [NETW-3012]
- Don't trigger warning for Shellshock when doing segfault test [SHLL-6290]
- Do not run Apache test on OpenBSD and strip control chars [HTTP-6624]
- Extended AIDE test with configuration validation test [FIND-4314]
- Improved Shellshock test regarding non-Linux support [SHLL-6290]
- Added support for gathering volume groups on AIX [FILE-6311]
- Properly parse PAM lines and add them to report [AUTH-9264]
- Support for boot loader detection on OpenBSD [BOOT-5159]
- Added uptime detection for OpenBSD systems [BOOT-5202]
- Support for volume groups on AIX [FILE-6312]
- Redirect errors when searching for readlink binary
== * 1.6.3 (2014-10-14) ==
New:
- Added tests for Shellshock bash vulnerability [SHLL-6290]
- Added test to determine if Snoopy is used [ACCT-9636]
- New test for qdaemon configuration file [PRNT-2416]
- Test for GRUB boot loader password [BOOT-5122]
- New test for qdaemon printer jobs [PRNT-2420]
- Added ClamXav test for Mac OS X [MALW-3288]
- Gentoo vulnerable packages test [PKGS-7393]
- New test for qdaemon status [PRNT-2418]
- Gentoo package listing [PKGS-7304]
- Running Lynis without root permissions will start non-privileged scan
- Systemd service and timer example file added
- Added grub2-install to binaries
Changes:
- Adjustments so insecure SSL protocols are detected in nginx config [HTTP-6710]
- Directories will be skipped when searching for nginx log files [HTTP-6720]
- Only gather unique name servers from /etc/resolv.conf [NAME-2704]
- Properly detect mod_evasive on Gentoo and others [HTTP-6640]
- Improved swap partition detection in /etc/fstab [FILE-6336]
- Improvements to kernel detection (e.g. Gentoo) [KRNL-5830]
- Test for built-in security options in YUM [PKGS-7386]
- Improved boot loader detection for GRUB2 [BOOT-5121]
- Split GRUB test into two tests [BOOT-5122]
- Added Mac OS uptime check [BOOT-5202]
- Improved GetHostID function for systems having only ip binary
- Improved testing for symlinked binary directories
- Minor adjustments to log output
- Renamed dev directory to extras
== * 1.6.2 (2014-09-22) ==
New:
- IsVirtualMachine function to check if system is running in VM
VM types: Bochs CPU emulation, IBM z/VM, KVM, Linux Containers,
libvirt LXC driver (Linux Containers), Microsoft Virtual PC, OpenVZ,
Oracle VM VirtualBox, QEMU, Systemd Namespace container,
User-Mode Linux (UML), VMware products, XEN
- Detection for SaltStack configuration management tooling
- ShowSymlinkPath function to check path behind a symlink
- Check of configuration options of pacman [PKGS-7314]
- Support for drill binary to check for Lynis update
- FileIsEmpty function to check for empty files
- Detect updates for Arch Linux [PKGS-7312]
- Add detection for machine ID (systemd)
- Added linux_config_file to report
- Bash completion script for Lynis
- Added detection of ss binary
Changes:
- Extended system reboot check, to enable it for most Linux versions[KRNL-5830]
- Improved inetd test to avoid false positive with xinetd process [INSE-8002]
- Permissions check has been adjusted to allow packaging and pentest mode
- Added detection for compressed Linux config file [KRNL-5728]
- Added support for compressed Linux config file [KRNL-5730]
- Store PID file in home directory of the user, if needed
- Added usage of ss to gather listening ports [NETW-3012]
- Additional permission added to CUPS check [PRNT-2307]
- Extended telnet in inetd test [INSE-8016]
- Fix for reading at.deny file [SCHD-7720]
- Removed individual warnings [BOOT-5184]
- Several improvements for Arch Linux
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 14 2014 Christopher Meng <rpm(a)cicku.me> - 1.6.4-1
- Update to 1.6.4
--------------------------------------------------------------------------------
================================================================================
perl-App-Daemon-0.22-1.el6 (FEDORA-EPEL-2014-4093)
Start an Application as a Daemon
--------------------------------------------------------------------------------
Update Information:
Update to 0.22
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 10 2014 Emmanuel Seyman <emmanuel(a)seyman.fr> - 0.22-1
- Update to 0.22
* Fri Aug 29 2014 Jitka Plesnikova <jplesnik(a)redhat.com> - 0.18-6
- Perl 5.20 rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.18-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.18-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri Aug 2 2013 Petr Pisar <ppisar(a)redhat.com> - 0.18-3
- Perl 5.18 rebuild
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.18-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Fri Nov 2 2012 Iain Arnell <iarnell(a)gmail.com> 0.18-1
- update to latest upstream version
* Sat Oct 27 2012 Iain Arnell <iarnell(a)gmail.com> 0.16-1
- update to latest upstream version
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.15-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Sat Jun 30 2012 Petr Pisar <ppisar(a)redhat.com> - 0.15-2
- Perl 5.16 rebuild
* Sun Feb 26 2012 Iain Arnell <iarnell(a)gmail.com> 0.15-1
- update to latest upstream version
* Thu Jan 5 2012 Iain Arnell <iarnell(a)gmail.com> 0.14-1
- update to latest upstream version
* Sat Jul 23 2011 Iain Arnell <iarnell(a)gmail.com> 0.13-2
- Perl mass rebuild
* Sat Jul 23 2011 Iain Arnell <iarnell(a)gmail.com> 0.13-1
- update to latest upstream version
- clean up spec for modern rpmbuild
* Tue Jul 19 2011 Petr Sabata <contyk(a)redhat.com> - 0.11-4
- Perl mass rebuild
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.11-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Dec 15 2010 Marcela Maslanova <mmaslano(a)redhat.com> - 0.11-2
- 661697 rebuild for fixing problems with vendorach/lib
--------------------------------------------------------------------------------
================================================================================
ssh-installkeys-1.9-1.el6 (FEDORA-EPEL-2014-4095)
A tool for installing ssh keys on remote sites
--------------------------------------------------------------------------------
Update Information:
Fix permissions of $HOME/.ssh/authorized_keys.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 14 2014 Christopher Meng <rpm(a)cicku.me> - 1.9-1
- Update to 1.9
--------------------------------------------------------------------------------