The following Fedora EPEL 6 Security updates need testing:
Age URL
951
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168
rubygem-crack-0.3.2-2.el6
841
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb
mcollective-2.8.4-1.el6
812
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9
thttpd-2.25b-24.el6
423
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac
libbsd-0.8.3-2.el6
152
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4c76ddcc92
libmspack-0.6-0.1.alpha.el6
71
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6aaee32b7e
optipng-0.7.6-6.el6
43
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-8c9006d462
heimdal-7.5.0-1.el6
38
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-752a7c9ad4
rootsh-1.5.3-17.el6
16
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-fc6e2820ab
tomcat-7.0.84-1.el6
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-bc1949f307
p7zip-16.02-10.el6
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-f742513635
jhead-3.00-9.el6
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-be69c94866
clamav-0.99.3-8.el6
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-87b20f1b26
exim-4.90.1-2.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-76121890f9
seamonkey-2.49.2-2.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
beecrypt-4.2.1-20.el6
dislocker-0.7.1-6.el6
drbdlinks-1.28-3.el6
mbedtls-2.7.0-1.el6
spectre-meltdown-checker-0.35-1.el6
Details about builds:
================================================================================
beecrypt-4.2.1-20.el6 (FEDORA-EPEL-2018-2f1390d19c)
An open source cryptography library
--------------------------------------------------------------------------------
Update Information:
Update python 2 dependency declarations to new packaging standards, see
https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3
--------------------------------------------------------------------------------
================================================================================
dislocker-0.7.1-6.el6 (FEDORA-EPEL-2018-3f5982aa74)
Utility to access BitLocker encrypted volumes
--------------------------------------------------------------------------------
Update Information:
- Rebuilt for mbed TLS 2.7.0
--------------------------------------------------------------------------------
================================================================================
drbdlinks-1.28-3.el6 (FEDORA-EPEL-2018-627f98033d)
Program for managing links into a DRBD shared partition
--------------------------------------------------------------------------------
Update Information:
- Update python 2 dependency declarations to new packaging standards, see
https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3
--------------------------------------------------------------------------------
================================================================================
mbedtls-2.7.0-1.el6 (FEDORA-EPEL-2018-3c8346d8e5)
Light-weight cryptographic and SSL/TLS library
--------------------------------------------------------------------------------
Update Information:
- Update to 2.7.0 Release notes:
https://tls.mbed.org/tech-
updates/releases/mbedtls-2.7.0-2.1.10-and-1.3.22-released Security Advisory:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-
advisory-2018-01
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1544730 - CVE-2017-18187 CVE-2018-0487 CVE-2018-0488 mbedtls: various flaws
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1544730
--------------------------------------------------------------------------------
================================================================================
spectre-meltdown-checker-0.35-1.el6 (FEDORA-EPEL-2018-391b77a353)
Spectre & Meltdown vulnerability/mitigation checker for Linux
--------------------------------------------------------------------------------
Update Information:
Update to 0.35 - Feature: correctly detect specific Red Hat/Ubuntu patch for
Spectre Variant 1 - Update: new list of blacklisted microcodes (from Intel
document) - Enhancement: detect disrepancy between found kernel image and
running kernel - Enhancement: speed up execution by not decompressing kernel in
--sysfs-only mode - Enhancement: find images installed by systemd kernel-install
- Enhancement: better explanation when kernel supports IBRS but CPU doesn't -
Misc: other minor changes and bugfixes
--------------------------------------------------------------------------------