The following Fedora EPEL 6 Security updates need testing:
Age URL
969
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3....
188
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7....
59
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3434/pylint-1.3....
34
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4008/cross-binut...
22
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4242/facter-1.6....
13
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4404/perl-YAML-L...
13
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4384/antiword-0....
13
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4407/pkcs11-help...
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4411/llvm-3.4.2-...
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4444/php-horde-k...
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4442/icecast-2.4...
10
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4485/python-torn...
10
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4472/pwgen-2.07-...
10
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4496/seamonkey-2...
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4624/xrdp-0.6.1-...
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4575/links-2.8-4...
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4563/firebird-2....
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4669/libhtp-0.5....
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4693/denyhosts-2...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4737/docker-io-1...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4729/ettercap-0....
The following builds have been pushed to Fedora EPEL 6 updates-testing
ansible-1.8.2-1.el6
docker-io-1.4.0-2.el6
eb-4.4.3-4.el6
ettercap-0.7.5-4.el6.1.20120906gitc796e5
libzen-0.4.30-3.el6
nss_wrapper-1.0.3-2.el6
perl-Devel-Autoflush-0.06-3.el6
perl-Net-IDN-Encode-2.201-2.el6
php-horde-Horde-Core-2.17.2-1.el6
python-bloom-0.5.16-1.el6
python-rosdistro-0.4.0-1.el6
qextserialport-1.2-0.6.beta2.el6
resolv_wrapper-1.1.0-2.el6
socket_wrapper-1.1.2-2.el6
tubo-5.0.14-5.el6
uid_wrapper-1.0.2-4.el6
wireless-tools-29-13.el6
Details about builds:
================================================================================
ansible-1.8.2-1.el6 (FEDORA-EPEL-2014-4741)
SSH-based configuration management, deployment, and task execution system
--------------------------------------------------------------------------------
Update Information:
Update to 1.8.2
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 7 2014 Kevin Fenzi <kevin(a)scrye.com> 1.8.2-1
- Update to 1.8.2
--------------------------------------------------------------------------------
================================================================================
docker-io-1.4.0-2.el6 (FEDORA-EPEL-2014-4737)
Automates deployment of containerized applications
--------------------------------------------------------------------------------
Update Information:
Resolves: rhbz#1173950 remove min version requirements on device-mapper-libs
Security fix for CVE-2014-9357, CVE-2014-9358, CVE-2014-9356
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 15 2014 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 1.4.0-2
- Resolves: rhbz#1173950 remove min version requirements on device-mapper-libs
* Thu Dec 11 2014 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 1.4.0-1
- Resolves: rhbz#1173325
- Resolves: rhbz#1172761 - CVE-2014-9356
- Resolves: rhbz#1172782 - CVE-2014-9357
- Resolves: rhbz#1172787 - CVE-2014-9358
- update to upstream v1.4.0
- override DOCKER_CERT_PATH in sysconfig instead of patching the source
- update metaprovides
- define PR_SET_CHILD_SUBREAPER as per newer kernel-headers
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1172761 - CVE-2014-9356 docker: Path traversal during processing of absolute
symlinks
https://bugzilla.redhat.com/show_bug.cgi?id=1172761
[ 2 ] Bug #1172782 - CVE-2014-9357 docker: Escalation of privileges during decompression
of LZMA archives
https://bugzilla.redhat.com/show_bug.cgi?id=1172782
[ 3 ] Bug #1172787 - CVE-2014-9358 docker: Path traversal and spoofing opportunities
presented through image identifiers
https://bugzilla.redhat.com/show_bug.cgi?id=1172787
--------------------------------------------------------------------------------
================================================================================
eb-4.4.3-4.el6 (FEDORA-EPEL-2014-4733)
Library for accessing Japanese CD-ROM electronic books
--------------------------------------------------------------------------------
Update Information:
PORT TO EPEL.
--------------------------------------------------------------------------------
================================================================================
ettercap-0.7.5-4.el6.1.20120906gitc796e5 (FEDORA-EPEL-2014-4729)
Network traffic sniffer/analyser, NCURSES interface version
--------------------------------------------------------------------------------
Update Information:
Fix for multiple CVEs.
https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 16 2014 Jon Ciesla <limburgher(a)gmail.com> - 0.7.5-4.1.20120906gitc796e5
- Patch for multiple CVEs.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1174823 - CVE-2014-6396 CVE-2014-6395 CVE-2014-9377 CVE-2014-9376
CVE-2014-9379 CVE-2014-9378 CVE-2014-9380 CVE-2014-9381 ettercap: multiple vulnerabilities
[epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=1174823
--------------------------------------------------------------------------------
================================================================================
libzen-0.4.30-3.el6 (FEDORA-EPEL-2014-4701)
Shared library for libmediainfo and medianfo*
--------------------------------------------------------------------------------
Update Information:
Add BR pkgconfig(zlib)
use cmake
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 16 2014 Vasiliy N. Glazov <vascom2(a)gmail.com> 0.4.30-3
- Add BR pkgconfig(zlib)
* Sun Dec 7 2014 Ivan Romanov <drizt(a)land.ru> - 0.4.30-2
- use cmake
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1174240 - libzen doesn't provide pkgconfig(libzen) a
https://bugzilla.redhat.com/show_bug.cgi?id=1174240
--------------------------------------------------------------------------------
================================================================================
nss_wrapper-1.0.3-2.el6 (FEDORA-EPEL-2014-4725)
A wrapper for the user, group and hosts NSS API
--------------------------------------------------------------------------------
Update Information:
Fix format of changelog entries and dependencies.
Update to version 1.0.3.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 15 2014 Michael Adam <madam(a)redhat.com> - 1.0.3-2
- Fix format of changelog entries.
- Require cmake.
- Don't own _libdir/pkgconfig, and require pkgconfig instead.
* Thu Sep 11 2014 Andreas Schneider <asn(a)redhat.com> - 1.0.3-1
- Update to version 1.0.3.
--------------------------------------------------------------------------------
================================================================================
perl-Devel-Autoflush-0.06-3.el6 (FEDORA-EPEL-2014-4731)
Set autoflush from the command line
--------------------------------------------------------------------------------
Update Information:
Perl 5.20 rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #809806 - Review Request: perl-Devel-Autoflush - Set autoflush from the
command line
https://bugzilla.redhat.com/show_bug.cgi?id=809806
--------------------------------------------------------------------------------
================================================================================
perl-Net-IDN-Encode-2.201-2.el6 (FEDORA-EPEL-2014-4715)
Internationalizing Domain Names in Applications (IDNA)
--------------------------------------------------------------------------------
Update Information:
Perl 5.20 rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #891139 - Review Request: perl-Net-IDN-Encode - Internationalizing Domain
Names in Applications (IDNA)
https://bugzilla.redhat.com/show_bug.cgi?id=891139
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Core-2.17.2-1.el6 (FEDORA-EPEL-2014-4732)
Horde Core Framework libraries
--------------------------------------------------------------------------------
Update Information:
Horde_Core 2.17.2
* [mjr] Allow disabling maillog synchronization with EAS clients (Bug #13747).
* [jan] Log E_USER_WARNING, E_RECOVERABLE_ERROR, and E_USER_NOTICE messages at the correct
level.
* [mjr] Add support for ActiveSync clients that issue BODYPARTPREFERENCE options (Bug
#13729).
Horde_Core 2.16.1:
* [mms] Fix file permissions of dynamically generated static CSS/JS files.
* [jan] Use correct user name as a fallback for identity full names with existing
authusername hook.
Horde_Core 2.16.0:
* [mjr] Add the activesync_provisioning_check hook.
* [mjr] Fix determining multiplex settting for EAS notes (Bug #13637).
* [mjr] Fix adding new tasklists from EAS (Bug #13642).
* [jan] Update Czech translation (Michael Grafnetter).
Horde_Core 2.16.1:
* [mms] Fix file permissions of dynamically generated static CSS/JS files.
* [jan] Use correct user name as a fallback for identity full names with existing
authusername hook.
Horde_Core 2.16.0:
* [mjr] Add the activesync_provisioning_check hook.
* [mjr] Fix determining multiplex settting for EAS notes (Bug #13637).
* [mjr] Fix adding new tasklists from EAS (Bug #13642).
* [jan] Update Czech translation (Michael Grafnetter).
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 16 2014 Remi Collet <remi(a)fedoraproject.org> - 2.17.2-1
- Update to 2.17.2
--------------------------------------------------------------------------------
================================================================================
python-bloom-0.5.16-1.el6 (FEDORA-EPEL-2014-4739)
Bloom is a release automation tool
--------------------------------------------------------------------------------
Update Information:
Version update for ROS tools
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 15 2014 Scott K Logan <logans(a)cottsay.net> - 0.5.16-1
- Update to 0.5.16
* Sat Dec 13 2014 Scott K Logan <logans(a)cottsay.net> - 0.5.15-1
- Update to 0.5.15
* Fri Nov 28 2014 Scott K Logan <logans(a)cottsay.net> - 0.5.14-1
- Update to 0.5.14
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1172640 - python-bloom-0.5.15 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1172640
--------------------------------------------------------------------------------
================================================================================
python-rosdistro-0.4.0-1.el6 (FEDORA-EPEL-2014-4739)
File format for managing ROS Distributions
--------------------------------------------------------------------------------
Update Information:
Version update for ROS tools
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 15 2014 Scott K Logan <logans(a)cottsay.net> - 0.4.0-1
- Update to release 0.4.0
* Sat Oct 25 2014 Scott K Logan <logans(a)cottsay.net> - 0.3.7-1
- Update to release 0.3.7
- Remove argparse patch (fixed upstream)
- Fix sphinx dependency in el6
- Add check section
- Add python3 package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1172640 - python-bloom-0.5.15 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1172640
--------------------------------------------------------------------------------
================================================================================
qextserialport-1.2-0.6.beta2.el6 (FEDORA-EPEL-2014-4714)
Qt interface class for old fashioned serial ports
--------------------------------------------------------------------------------
Update Information:
Adding qextserialport to EPEL 6/7.
--------------------------------------------------------------------------------
================================================================================
resolv_wrapper-1.1.0-2.el6 (FEDORA-EPEL-2014-4728)
A wrapper for dns name resolving or dns faking
--------------------------------------------------------------------------------
Update Information:
New package for resolv_wrapper.
--------------------------------------------------------------------------------
================================================================================
socket_wrapper-1.1.2-2.el6 (FEDORA-EPEL-2014-4711)
A library passing all socket communications through Unix sockets
--------------------------------------------------------------------------------
Update Information:
Fix format of changelog entries.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 15 2014 Michael Adam <madam(a)redhat.com> - 1.1.2-2
- Fix format of changelog entries.
- Require cmake.
- Require pkgconfig instead of owning {_libdir}/pkgconfig
- Add patch from upstream to fix timing issue in tests.
* Fri Dec 12 2014 Michael Adam <madam(a)redhat.com> - 1.1.2-2
- Fix typos.
--------------------------------------------------------------------------------
================================================================================
tubo-5.0.14-5.el6 (FEDORA-EPEL-2014-4736)
Library to thread process std-in/std-err/std-out from fork() child
--------------------------------------------------------------------------------
Update Information:
- **Built a doc sub-package.**
- **Added %%license tag.**
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 15 2014 Antonio Trande <sagitter(a)fedoraproject.org> - 5.0.14-5
- %license just on Fedora
* Mon Dec 15 2014 Antonio Trande <sagitter(a)fedoraproject.org> - 5.0.14-4
- Built a doc sub-package
- Added %license tag
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
5.0.14-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
5.0.14-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
uid_wrapper-1.0.2-4.el6 (FEDORA-EPEL-2014-4719)
A wrapper for privilege separation
--------------------------------------------------------------------------------
Update Information:
Fix format errors in changelog and depencies.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 15 2014 Michael Adam <madam(a)redhat.com> - 1.0.2-4
- Fix format errors in changelog.
- Require cmake.
- Don't own _libdir/pkgconfig, and require pkgconfig instead.
--------------------------------------------------------------------------------
================================================================================
wireless-tools-29-13.el6 (FEDORA-EPEL-2014-4724)
Wireless ethernet configuration tools
--------------------------------------------------------------------------------
Update Information:
PORT TO EPEL
--------------------------------------------------------------------------------