The following Fedora EPEL 6 Security updates need testing:
Age URL
385
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031
python-virtualenv-12.0.7-1.el6
379
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168
rubygem-crack-0.3.2-2.el6
310
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6
269
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb
mcollective-2.8.4-1.el6
240
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9
thttpd-2.25b-24.el6
126
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-30a8346813
vtun-3.0.1-10.el6
31
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-db7e78fac7
php-PHPMailer-5.2.16-2.el6
25
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-d0e444c5f2
pypy-5.0.1-4.el6
24
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-7a25f65890
nginx-1.10.1-1.el6
15
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-225fc51f32
chicken-4.11.0-2.el6
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-d1c7111779
p7zip-16.02-1.el6
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-1cbd9dc578
drupal7-views-3.14-1.el6
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-823164477b
php-doctrine-orm-2.4.8-1.el6 php-doctrine-dbal-2.4.5-1.el6
php-doctrine-common-2.4.3-2.el6
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6e8996ae73
php-ZendFramework2-2.2.10-2.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-2f26fee4ad
dropbear-2016.74-1.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-2d00357bc8
dietlibc-0.33-8.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-d44efceb2b
collectd-4.10.9-2.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-66eb498b93
v8-3.14.5.10-25.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-af2033a524
cryptopp-5.6.2-10.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
389-admin-1.1.43-1.el6
389-adminutil-1.1.22-1.el6
389-console-1.1.17-1.el6
389-ds-console-1.2.12-2.el6
collectd-4.10.9-2.el6
cryptopp-5.6.2-10.el6
dietlibc-0.33-8.el6
dpm-dsi-1.9.7-7.el6
dropbear-2016.74-1.el6
globus-ftp-control-7.2-1.el6
globus-gridftp-server-11.1-1.el6
golang-github-golang-time-0-0.1.gita4bde12.el6
golang-github-jessevdk-go-flags-0-0.7.gitf2785f5.el6
golang-github-urfave-cli-1.17.0-0.1.git6011f16.el6
golang-googlecode-net-0-0.33.git4d38db7.el6
golang-googlecode-text-0-0.12.git6fc2e00.el6
idm-console-framework-1.1.15-1.el6
kobo-0.5.2-1.el6
ovirt-guest-agent-1.0.12-4.el6
v8-3.14.5.10-25.el6
zabbix22-2.2.14-1.el6
Details about builds:
================================================================================
389-admin-1.1.43-1.el6 (FEDORA-EPEL-2016-2618571ab7)
389 Administration Server (admin)
--------------------------------------------------------------------------------
Update Information:
Release 1.1.43
--------------------------------------------------------------------------------
================================================================================
389-adminutil-1.1.22-1.el6 (FEDORA-EPEL-2016-285d49b2b9)
Utility library for 389 administration
--------------------------------------------------------------------------------
Update Information:
Release 1.1.22
--------------------------------------------------------------------------------
================================================================================
389-console-1.1.17-1.el6 (FEDORA-EPEL-2016-8824bc47a2)
389 Management Console
--------------------------------------------------------------------------------
Update Information:
Release 1.1.17-1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1304595 - Console -- Update Java dependency to 1.8
https://bugzilla.redhat.com/show_bug.cgi?id=1304595
--------------------------------------------------------------------------------
================================================================================
389-ds-console-1.2.12-2.el6 (FEDORA-EPEL-2016-9576102f14)
389 Directory Server Management Console
--------------------------------------------------------------------------------
Update Information:
Release 1.2.12-2
--------------------------------------------------------------------------------
================================================================================
collectd-4.10.9-2.el6 (FEDORA-EPEL-2016-d44efceb2b)
Statistics collection daemon for filling RRD files
--------------------------------------------------------------------------------
Update Information:
CVE-2016-6254
--------------------------------------------------------------------------------
================================================================================
cryptopp-5.6.2-10.el6 (FEDORA-EPEL-2016-af2033a524)
C++ class library of cryptographic schemes
--------------------------------------------------------------------------------
Update Information:
- CVE-2016-3995
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1325950 - CVE-2016-3995 cryptopp: bogus protection from timing attacks
[epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=1325950
--------------------------------------------------------------------------------
================================================================================
dietlibc-0.33-8.el6 (FEDORA-EPEL-2016-2d00357bc8)
Small libc implementation
--------------------------------------------------------------------------------
Update Information:
http://thread.gmane.org/gmane.linux.lib.dietlibc/1833
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1359768 - Insecure _PATH_DEFPATH
https://bugzilla.redhat.com/show_bug.cgi?id=1359768
--------------------------------------------------------------------------------
================================================================================
dpm-dsi-1.9.7-7.el6 (FEDORA-EPEL-2016-4a3c065e18)
Disk Pool Manager (DPM) plugin for the Globus GridFTP server
--------------------------------------------------------------------------------
Update Information:
globus-ftp-control * Add buffering to data ordering mode globus-gridftp-server
* Fix forced order issues with restart (11.1) * Add forced ordering option
(11.0) * Add Globus task id to transfer log (10.6) * Don't errantly kill a
transfer due to timeout while client is still connected (10.5) dpm-dsi *
Rebuilt for globus-gridftp-server 11.1
--------------------------------------------------------------------------------
================================================================================
dropbear-2016.74-1.el6 (FEDORA-EPEL-2016-2f26fee4ad)
SSH2 server and client
--------------------------------------------------------------------------------
Update Information:
new version ---- CVE-2016-3116 dropbear: X11 forwarding input not validated
properly
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1359635 - dropbear: Multiple security issues fixed in 2016.74
https://bugzilla.redhat.com/show_bug.cgi?id=1359635
--------------------------------------------------------------------------------
================================================================================
globus-ftp-control-7.2-1.el6 (FEDORA-EPEL-2016-4a3c065e18)
Globus Toolkit - GridFTP Control Library
--------------------------------------------------------------------------------
Update Information:
globus-ftp-control * Add buffering to data ordering mode globus-gridftp-server
* Fix forced order issues with restart (11.1) * Add forced ordering option
(11.0) * Add Globus task id to transfer log (10.6) * Don't errantly kill a
transfer due to timeout while client is still connected (10.5) dpm-dsi *
Rebuilt for globus-gridftp-server 11.1
--------------------------------------------------------------------------------
================================================================================
globus-gridftp-server-11.1-1.el6 (FEDORA-EPEL-2016-4a3c065e18)
Globus Toolkit - Globus GridFTP Server
--------------------------------------------------------------------------------
Update Information:
globus-ftp-control * Add buffering to data ordering mode globus-gridftp-server
* Fix forced order issues with restart (11.1) * Add forced ordering option
(11.0) * Add Globus task id to transfer log (10.6) * Don't errantly kill a
transfer due to timeout while client is still connected (10.5) dpm-dsi *
Rebuilt for globus-gridftp-server 11.1
--------------------------------------------------------------------------------
================================================================================
golang-github-golang-time-0-0.1.gita4bde12.el6 (FEDORA-EPEL-2016-15bc71c289)
Go supplementary time packages
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1354398 - Review Request: golang-github-golang-time - Go supplementary time
packages
https://bugzilla.redhat.com/show_bug.cgi?id=1354398
--------------------------------------------------------------------------------
================================================================================
golang-github-jessevdk-go-flags-0-0.7.gitf2785f5.el6 (FEDORA-EPEL-2016-7b9b5d7e40)
Go command line option parser
--------------------------------------------------------------------------------
Update Information:
Bump to upstream f2785f5820ec967043de79c8be97edfc464ca745 ---- Update spec
file to spec-2.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1250487 - Tracker for golang-github-jessevdk-go-flags
https://bugzilla.redhat.com/show_bug.cgi?id=1250487
--------------------------------------------------------------------------------
================================================================================
golang-github-urfave-cli-1.17.0-0.1.git6011f16.el6 (FEDORA-EPEL-2016-3b8bcd5981)
A simple, fast, and fun package for building command line apps in Go
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1354378 - Review Request: golang-github-urfave-cli - A simple, fast, and fun
package for building command line apps in Go
https://bugzilla.redhat.com/show_bug.cgi?id=1354378
--------------------------------------------------------------------------------
================================================================================
golang-googlecode-net-0-0.33.git4d38db7.el6 (FEDORA-EPEL-2016-2b97ecadbf)
Supplementary Go networking libraries
--------------------------------------------------------------------------------
Update Information:
Bump to upstream 4d38db76854b199960801a1734443fd02870d7e1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1326890 - FTBFS with gcc-go on s390x
https://bugzilla.redhat.com/show_bug.cgi?id=1326890
--------------------------------------------------------------------------------
================================================================================
golang-googlecode-text-0-0.12.git6fc2e00.el6 (FEDORA-EPEL-2016-166ab1223a)
Supplementary Go text libraries
--------------------------------------------------------------------------------
Update Information:
Polishing the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1254601 - Tracker for golang-googlecode-text
https://bugzilla.redhat.com/show_bug.cgi?id=1254601
--------------------------------------------------------------------------------
================================================================================
idm-console-framework-1.1.15-1.el6 (FEDORA-EPEL-2016-5d30351294)
Identity Management Console Framework
--------------------------------------------------------------------------------
Update Information:
Release 1.1.15-1
--------------------------------------------------------------------------------
================================================================================
kobo-0.5.2-1.el6 (FEDORA-EPEL-2016-c539895974)
Python modules for tools development
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream. ---- Rebase to latest upstream New upstream
version. Bump to new upstream release: 0.4.3 Bump to new upstream release: 0.4.3
Bump to new upstream release: 0.4.3 New upstream version. Bump to new upstream
release: 0.4.3 Bump to new upstream release: 0.4.3 Bump to new upstream release:
0.4.3 New upstream version. Bump to new upstream release: 0.4.3 Bump to new
upstream release: 0.4.3 Bump to new upstream release: 0.4.3
--------------------------------------------------------------------------------
================================================================================
ovirt-guest-agent-1.0.12-4.el6 (FEDORA-EPEL-2016-fd407a0825)
The oVirt Guest Agent
--------------------------------------------------------------------------------
Update Information:
Bump to upstream version 1.0.12.2 and dependency fix on F24
--------------------------------------------------------------------------------
================================================================================
v8-3.14.5.10-25.el6 (FEDORA-EPEL-2016-66eb498b93)
JavaScript Engine
--------------------------------------------------------------------------------
Update Information:
fix for CVE-2016-1669, fix for builtin reporting, add provides for v8-314
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1353623 - CVE-2016-1669 v8: chromium-browser,v8,nodejs: buffer overflow in v8
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1353623
[ 2 ] Bug #1353620 - CVE-2016-1669 v8: chromium-browser,v8,nodejs: buffer overflow in v8
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1353620
--------------------------------------------------------------------------------
================================================================================
zabbix22-2.2.14-1.el6 (FEDORA-EPEL-2016-9f4ef44d3a)
Open-source monitoring solution for your IT infrastructure
--------------------------------------------------------------------------------
Update Information:
http://www.zabbix.com/rn2.2.14.php
--------------------------------------------------------------------------------