The following Fedora EPEL 6 Security updates need testing: Age URL 397 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 391 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 322 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6 281 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 253 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6 139 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-30a8346813 vtun-3.0.1-10.el6 44 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-db7e78fac7 php-PHPMailer-5.2.16-2.el6 37 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-d0e444c5f2 pypy-5.0.1-4.el6 36 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-7a25f65890 nginx-1.10.1-1.el6 27 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-225fc51f32 chicken-4.11.0-2.el6 20 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-d1c7111779 p7zip-16.02-1.el6 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-2d00357bc8 dietlibc-0.33-8.el6 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-66eb498b93 v8-3.14.5.10-25.el6 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-af2033a524 cryptopp-5.6.2-10.el6 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-d8fc3f17ea libarchive3-3.2.1-1.el6 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-b191f5d359 collectd-4.10.9-3.el6 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-36216b1c0b nodejs-0.10.46-1.el6 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-905a05c10e lighttpd-1.4.41-1.el6 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-aded7e0561 drupal7-features-2.10-1.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-bee6c8b3c9 mongodb-2.4.14-3.el6 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-07f4f7dcd7 drupal7-entity_translation-1.0-0.9.beta5.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-3ff1f4485b tomcat-7.0.70-2.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-3e016cb353 drupal7-theme-zen-5.6-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
auter-0.7-1.el6 drupal7-eva-1.4-0.1.rc1.el6 drupal7-theme-adaptivetheme-3.4-1.el6 drupal7-theme-zen-5.6-1.el6 drupal7-variable-2.5-5.el6 drupal7-webform-4.13-1.el6 engauge-digitizer-9.1-1.el6 fontopia-1.5-1.el6 golang-github-grpc-grpc-go-0-0.11.git02fca89.el6 perl-Ref-Util-0.020-2.el6 tomcat-7.0.70-2.el6
Details about builds:
================================================================================ auter-0.7-1.el6 (FEDORA-EPEL-2016-71b7677709) Prepare and apply updates -------------------------------------------------------------------------------- Update Information:
Release version 0.7 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1359234 - Review Request: auter - Prepare and apply updates https://bugzilla.redhat.com/show_bug.cgi?id=1359234 --------------------------------------------------------------------------------
================================================================================ drupal7-eva-1.4-0.1.rc1.el6 (FEDORA-EPEL-2016-a4099815a9) Provides a Views display type that can be attached to entities -------------------------------------------------------------------------------- Update Information:
- [7.x-1.4-rc1](https://www.drupal.org/project/eva/releases/7.x-1.4-rc1) - [7.x-1.3](https://www.drupal.org/project/eva/releases/7.x-1.3) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1365068 - drupal7-eva-1.4-rc1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1365068 --------------------------------------------------------------------------------
================================================================================ drupal7-theme-adaptivetheme-3.4-1.el6 (FEDORA-EPEL-2016-392d6db994) Adaptivetheme is a powerful theme framework -------------------------------------------------------------------------------- Update Information:
- [7.x-3.4](https://www.drupal.org/project/adaptivetheme/releases/7.x-3.4) - [7.x-3.3](https://www.drupal.org/project/adaptivetheme/releases/7.x-3.3) - [7.x-3.2](https://www.drupal.org/project/adaptivetheme/releases/7.x-3.2) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1354480 - drupal7-theme-adaptivetheme-3.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1354480 --------------------------------------------------------------------------------
================================================================================ drupal7-theme-zen-5.6-1.el6 (FEDORA-EPEL-2016-3e016cb353) Zen is a powerful, yet simple, HTML5 starting theme -------------------------------------------------------------------------------- Update Information:
- [7.x-5.6](https://www.drupal.org/project/zen/releases/7.x-5.6) - [7.x-5.5](https://www.drupal.org/project/zen/releases/7.x-5.5) - [SA- CONTRIB-2014-047](https://drupal.org/node/2254925) --------------------------------------------------------------------------------
================================================================================ drupal7-variable-2.5-5.el6 (FEDORA-EPEL-2016-70071b3215) Provides a registry for meta-data about Drupal variables -------------------------------------------------------------------------------- Update Information:
RPM-only release: Minor cleanup --------------------------------------------------------------------------------
================================================================================ drupal7-webform-4.13-1.el6 (FEDORA-EPEL-2016-6363b1b067) Enables the creation of forms and questionnaires -------------------------------------------------------------------------------- Update Information:
- [7.x-4.13](https://www.drupal.org/project/webform/releases/7.x-4.13) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1359428 - drupal7-webform-4.13 is available https://bugzilla.redhat.com/show_bug.cgi?id=1359428 --------------------------------------------------------------------------------
================================================================================ engauge-digitizer-9.1-1.el6 (FEDORA-EPEL-2016-0416ea74a9) Convert graphs or map files into numbers -------------------------------------------------------------------------------- Update Information:
- Update to 9.1 --------------------------------------------------------------------------------
================================================================================ fontopia-1.5-1.el6 (FEDORA-EPEL-2016-df4c811cf6) The console font editor -------------------------------------------------------------------------------- Update Information:
Fixed a buffer-overflow bug in export_unitab() ---- Fixed a memory-corruption bug in handle_hw_change() function ---- Fixed a bug in calc_max_zoom() function -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1363855 - font version change causes fontopia abend and trashes keyboard https://bugzilla.redhat.com/show_bug.cgi?id=1363855 [ 2 ] Bug #1361910 - fontopia abends trashing keyboard https://bugzilla.redhat.com/show_bug.cgi?id=1361910 --------------------------------------------------------------------------------
================================================================================ golang-github-grpc-grpc-go-0-0.11.git02fca89.el6 (FEDORA-EPEL-2016-60ee3344d3) The Go language implementation of gRPC. HTTP/2 based RPC -------------------------------------------------------------------------------- Update Information:
Give back example provides, they are actually used by golang-github-cockroachdb- cmux-unit-test-devel ---- Bump to upstream 02fca896ff5f50c6bbbee0860345a49344b37a03 ---- Bump to upstream e78224b060cf3215247b7be455f80ea22e469b66 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1250461 - Tracker for golang-github-grpc-grpc-go https://bugzilla.redhat.com/show_bug.cgi?id=1250461 --------------------------------------------------------------------------------
================================================================================ perl-Ref-Util-0.020-2.el6 (FEDORA-EPEL-2016-da4724d0a9) Utility functions for checking references -------------------------------------------------------------------------------- Update Information:
This is the first Fedora/EPEL release of perl-Ref-Util. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1361212 - Review Request: perl-Ref-Util - Utility functions for checking references https://bugzilla.redhat.com/show_bug.cgi?id=1361212 --------------------------------------------------------------------------------
================================================================================ tomcat-7.0.70-2.el6 (FEDORA-EPEL-2016-3ff1f4485b) Apache Servlet/JSP Engine, RI for Servlet 3.0/JSP 2.2 API -------------------------------------------------------------------------------- Update Information:
The update provides resolutions for 11 bugs, including 7 CVE fixes and a rebase from version 7.0.65 to 7.0.70. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1349468 - CVE-2016-3092 tomcat: Usage of vulnerable FileUpload package can result in denial of service https://bugzilla.redhat.com/show_bug.cgi?id=1349468 [ 2 ] Bug #1311093 - CVE-2016-0763 tomcat: security manager bypass via setGlobalContext() https://bugzilla.redhat.com/show_bug.cgi?id=1311093 [ 3 ] Bug #1311089 - CVE-2015-5345 tomcat: directory disclosure https://bugzilla.redhat.com/show_bug.cgi?id=1311089 [ 4 ] Bug #1311087 - CVE-2016-0706 tomcat: security manager bypass via StatusManagerServlet https://bugzilla.redhat.com/show_bug.cgi?id=1311087 [ 5 ] Bug #1311085 - CVE-2015-5346 tomcat: Session fixation https://bugzilla.redhat.com/show_bug.cgi?id=1311085 [ 6 ] Bug #1311082 - CVE-2016-0714 tomcat: Security Manager bypass via persistence mechanisms https://bugzilla.redhat.com/show_bug.cgi?id=1311082 [ 7 ] Bug #1311076 - CVE-2015-5351 tomcat: CSRF token leak https://bugzilla.redhat.com/show_bug.cgi?id=1311076 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org