The following Fedora EPEL 6 Security updates need testing:
Age URL
39
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-06b243cced
guacamole-server-1.0.0-1.el6
18
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-62f9745b71
drupal7-7.65-1.el6
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-8d5207833a
ntfs-3g-2017.3.23-11.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
python34-3.4.10-1.el6
Details about builds:
================================================================================
python34-3.4.10-1.el6 (FEDORA-EPEL-2019-73e99f4a82)
Version 3 of the Python programming language aka Python 3000
--------------------------------------------------------------------------------
Update Information:
- Update to 3.4.10 - Use system expat on EL6 - Use python3 style of calling
super() without arguments in rpath patch to prevent recursion in UnixCCompiler
subclasses - Move macros to python-rpm-macros
--------------------------------------------------------------------------------
ChangeLog:
* Sun Apr 7 2019 Carl George <carl(a)george.computer> - 3.4.10-1
- Latest upstream
- Use system expat on EL6
* Thu Mar 7 2019 Troy Dawson <tdawson(a)redhat.com> - 3.4.9-3
- Rebuilt to change main python from 3.4 to 3.6
* Mon Feb 4 2019 Carl George <carl(a)george.computer> - 3.4.9-2
- Use python3 style of calling super() without arguments in rpath
patch to prevent recursion in UnixCCompiler subclasses (#1593660)
* Sun Aug 5 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 3.4.9-1
- Rebased to 3.4.9
* Thu Jul 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 3.4.8-2
- Move macros to python-rpm-macros (#1599809)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1666519 - CVE-2019-5010 python: NULL pointer dereference using a specially
crafted X509 certificate
https://bugzilla.redhat.com/show_bug.cgi?id=1666519
[ 2 ] Bug #1664509 - CVE-2018-20406 python: Integer overflow in Modules/_pickle.c allows
for memory exhaustion if serializing gigabytes of data
https://bugzilla.redhat.com/show_bug.cgi?id=1664509
[ 3 ] Bug #1631822 - CVE-2018-14647 python: Missing salt initialization in
_elementtree.c module
https://bugzilla.redhat.com/show_bug.cgi?id=1631822
--------------------------------------------------------------------------------