The following Fedora EPEL 6 Security updates need testing:
Age URL
1042
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3....
106
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4008/cross-binut...
95
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4242/facter-1.6....
83
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4485/python-torn...
65
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4884/mapserver-6...
63
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4918/dokuwiki-0-...
45
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0232/chicken-4.9...
22
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0644/perl-Gtk2-1...
19
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0696/drupal7-pat...
13
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0701/unbound-1.5...
13
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0738/drupal6-vie...
13
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0740/python-cryp...
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0779/drupal7-vie...
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0942/novnc-0.5.1...
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0864/nodejs-0.10...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0992/libpng10-1....
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0985/drupal7-ent...
The following builds have been pushed to Fedora EPEL 6 updates-testing
abduco-0.3-1.el6
drupal6-admin_menu-1.9-1.el6
drupal7-entity-1.6-1.el6
drupal7-migrate-2.7-1.el6
golang-github-beorn7-perks-0-0.1.gitb965b61.el6
golang-github-docker-spdystream-0-0.1.git29e1da2.el6
golang-github-golang-groupcache-0-0.1.git604ed57.el6
golang-github-gorilla-websocket-0-0.1.gitab5b3a6.el6
golang-github-prometheus-client_golang-0-0.2.git39e4bc8.el6
golang-github-shurcooL-sanitized_anchor_name-0-0.1.git8e87604.el6
ikiwiki-3.20150107-1.el6
libpng10-1.0.63-1.el6
mydns-1.2.8.31-2.el6
perl-Monitoring-Plugin-0.38-1.el6.1
python-fudge-1.0.3-6.el6
Details about builds:
================================================================================
abduco-0.3-1.el6 (FEDORA-EPEL-2015-1003)
Session management in a clean and simple way
--------------------------------------------------------------------------------
Update Information:
Update to 0.3 release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 26 2015 Denis Fateyev <denis(a)fateyev.com> - 0.3-1
- Update to 0.3 release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1194491 - abduco-0.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1194491
--------------------------------------------------------------------------------
================================================================================
drupal6-admin_menu-1.9-1.el6 (FEDORA-EPEL-2015-0990)
Provides a dropdown menu to most administrative tasks
--------------------------------------------------------------------------------
Update Information:
## 6.x-1.9
- Issue #2360249 by pvasili, konstantin.komelin, Eyal Shalev, ofry, Plazik, dalin, gngn,
marcmueller: Fixed tertiary menu items not visible in Firefox 34.
- Issue #927018 by DamienMcKenna, mikeytown2: Fixed PHP notice in
admin_menu_link_build().
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 27 2015 Shawn Iwinski <shawn.iwinski(a)gmail.com> - 1.9-1
- Updated to 1.9 (BZ #1195728)
- Removed RPM README b/c it only explained common Drupal workflow
- %license usage
- Spec cleanup
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.8-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.8-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.8-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.8-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.8-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1195728 - drupal6-admin_menu-1.9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1195728
--------------------------------------------------------------------------------
================================================================================
drupal7-entity-1.6-1.el6 (FEDORA-EPEL-2015-0985)
Extends the entity API to provide a unified way to deal with entities
--------------------------------------------------------------------------------
Update Information:
## 7.x-1.6
See [SA-CONTRIB-2015-053 - Entity API - Cross Site Scripting
(
XSS)](https://www.drupal.org/node/2437905)
Changes since 7.x-1.5:
- by klausi: Sanitize field labels before passing them to the Token API.
- Issue #2264079 by Amitaibu, fago: Fixed $wrapper->access() might be wrong for single
entity reference field.
- Issue #2039601 by DuaelFr, fago: Added Ease EntityMetadataWrapper usage with a getter.
- Issue #2160355 by wodenx, gmercer, fgm, jgullstr: Fixed Trying to get property of
non-object in entity_metadata_user_access().
- Issue #1651824 by meatsack | joachim: Fixed 'entity_test' table has incorrect
declaration of foreign keys.
- Issue #2309697 by kristiaanvandeneynde; joachim: Fixed variable mistake in
entity_views_handler_relationship_by_bundle.
- Issue #2003826 by greenmother, stella, jazzdrive3, fago: Fixed
template_preprocess_entity does not check for existing 'path' index.
- Issue #1104286: Support generating database schema for date properties.
- Issue #2013473 by fietserwin: Title attribute of image field not listed as possible
token.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 27 2015 Shawn Iwinski <shawn.iwinski(a)gmail.com> - 1.6-1
- Updated to 1.6 (BZ #1196750 / SA-CONTRIB-2015-053)
- Removed RPM README b/c it only explained common Drupal workflow
- %license usage
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.5-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1196750 - drupal7-entity-1.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1196750
--------------------------------------------------------------------------------
================================================================================
drupal7-migrate-2.7-1.el6 (FEDORA-EPEL-2015-0991)
Import content from external sources
--------------------------------------------------------------------------------
Update Information:
# Migrate 2.7
## Bug fixes
- 2415597 - Make batching of SQL sources optional, and force map_joinable FALSE.
# Migrate 2.7 Release Candidate 1
## Features and enhancements
- 2296911 - Add a source handler for IBM DB2.
- 2256761 - Add a destination handler for variables.
- 2047815 - Support multi-column source keys in idlist.
- 1751438 - Add spreadsheet source plugin.
## Bug fixes
- 2403593 - SQL batching messes up cases with altered queries, such as idlist.
- 2298969 - Verify wizard validation function exists.
- 2268863 - Fix drush --all option.
- 2410523 - Remove inconsistent escaping of migrate_drush_path.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 27 2015 Shawn Iwinski <shawn.iwinski(a)gmail.com> - 2.7-1
- Updated to 2.7 (BZ #1191439)
- Removed RPM README b/c it only explained common Drupal workflow
- %license usage
- Spec cleanup
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.6-0.2.rc1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1191439 - drupal7-migrate-2.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1191439
--------------------------------------------------------------------------------
================================================================================
golang-github-beorn7-perks-0-0.1.gitb965b61.el6 (FEDORA-EPEL-2015-0986)
Effective Computation of Things
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1196432 - Review Request: golang-github-beorn7-perks - Effective Computation
of Things
https://bugzilla.redhat.com/show_bug.cgi?id=1196432
--------------------------------------------------------------------------------
================================================================================
golang-github-docker-spdystream-0-0.1.git29e1da2.el6 (FEDORA-EPEL-2015-1004)
A multiplexed stream library using spdy
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1196363 - Review Request: golang-github-docker-spdystream - A multiplexed
stream library using spdy
https://bugzilla.redhat.com/show_bug.cgi?id=1196363
--------------------------------------------------------------------------------
================================================================================
golang-github-golang-groupcache-0-0.1.git604ed57.el6 (FEDORA-EPEL-2015-1008)
Caching and cache-filling library as a replacement for memcached in many cases
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1196368 - Review Request: golang-github-golang-groupcache - Caching and
cache-filling library as a replacement for memcached in many cases
https://bugzilla.redhat.com/show_bug.cgi?id=1196368
--------------------------------------------------------------------------------
================================================================================
golang-github-gorilla-websocket-0-0.1.gitab5b3a6.el6 (FEDORA-EPEL-2015-0995)
A WebSocket implementation for Go
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1196361 - Review Request: golang-github-gorilla-websocket - A WebSocket
implementation for Go
https://bugzilla.redhat.com/show_bug.cgi?id=1196361
--------------------------------------------------------------------------------
================================================================================
golang-github-prometheus-client_golang-0-0.2.git39e4bc8.el6 (FEDORA-EPEL-2015-1005)
Prometheus instrumentation library for Go applications
--------------------------------------------------------------------------------
Update Information:
Bump to upstream 39e4bc83f974fb141a9e67c042b26322bacc917b
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1190442 - Review Request: golang-github-prometheus-client_golang - Prometheus
instrumentation library for Go applications
https://bugzilla.redhat.com/show_bug.cgi?id=1190442
--------------------------------------------------------------------------------
================================================================================
golang-github-shurcooL-sanitized_anchor_name-0-0.1.git8e87604.el6
(FEDORA-EPEL-2015-0980)
Package sanitized_anchor_name provides a func to create sanitized anchor names
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1196551 - Review Request: golang-github-shurcooL-sanitized_anchor_name -
Package sanitized_anchor_name provides a func to create sanitized anchor names
https://bugzilla.redhat.com/show_bug.cgi?id=1196551
--------------------------------------------------------------------------------
================================================================================
ikiwiki-3.20150107-1.el6 (FEDORA-EPEL-2015-0988)
A wiki compiler
--------------------------------------------------------------------------------
Update Information:
Update to the latest stable version of ikiwiki, 3.20150107.
See
https://ikiwiki.info/news/version_3.20150107/ for the full list of changes.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Feb 22 2015 Thomas Moschny <thomas.moschny(a)gmx.de> - 3.20150107-1
- Update to 3.20150107.
--------------------------------------------------------------------------------
================================================================================
libpng10-1.0.63-1.el6 (FEDORA-EPEL-2015-0992)
Old version of libpng, needed to run old binaries
--------------------------------------------------------------------------------
Update Information:
This update addresses a couple of buffer overflows that might allow context-dependent
attackers to execute arbitrary code via very wide PNG images.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 27 2015 Paul Howarth <paul(a)city-fan.org> - 1.0.63-1
- Update to 1.0.63
- Issue a png_error() instead of a png_warning() when width is potentially
too large for the architecture, in case the calling application has
overridden the default 1,000,000-column limit (fixes CVE-2014-9495 and
CVE-2015-0973)
- Quieted some harmless warnings from Coverity-scan
- Display user limits in the output from pngtest (not packaged)
- Changed PNG_USER_CHUNK_MALLOC_MAX from unlimited to 8,000,000; it only
affects the maximum memory that can be allocated to an ancillary chunk,
and does not limit the size of IDAT data, which is instead limited by
PNG_USER_WIDTH_MAX
- Rebuilt configure scripts with automake-1.15 and libtool-2.4.6
- Update soname patch
* Fri Nov 21 2014 Paul Howarth <paul(a)city-fan.org> 1.0.62-1
- update to 1.0.62
- avoid out-of-bounds memory access while checking version string in
pngread.c and pngwrite.c
- build fix for Windows
- use %license where possible
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org>
1.0.61-3
- rebuilt for
https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org>
1.0.61-2
- rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1179186 - CVE-2014-9495 libpng: buffer overflow in png_combine_row
https://bugzilla.redhat.com/show_bug.cgi?id=1179186
[ 2 ] Bug #1177327 - CVE-2015-0973 libpng: Heap-buffer overflow png_combine_row() with
very wide interlaced images
https://bugzilla.redhat.com/show_bug.cgi?id=1177327
--------------------------------------------------------------------------------
================================================================================
mydns-1.2.8.31-2.el6 (FEDORA-EPEL-2015-1007)
A Database based DNS server
--------------------------------------------------------------------------------
Update Information:
Fix build of the mydns-pgsql so that it actually supports pgsql (#985909)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 26 2015 Matej Cepl <mcepl(a)redhat.com> - 1.2.8.31-2
- Fix build of the mydns-pgsql so that it actually supports pgsql (#985909)
Thanks for the patch by Tomasz Sterna.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #985909 - mydns-pgsql is built for MySQL
https://bugzilla.redhat.com/show_bug.cgi?id=985909
--------------------------------------------------------------------------------
================================================================================
perl-Monitoring-Plugin-0.38-1.el6.1 (FEDORA-EPEL-2015-0987)
Family of modules to streamline writing plugins for various monitoring systems
--------------------------------------------------------------------------------
Update Information:
First EPEL6 build
--------------------------------------------------------------------------------
================================================================================
python-fudge-1.0.3-6.el6 (FEDORA-EPEL-2015-0989)
A Python module for using fake objects (mocks and stubs) to test real ones
--------------------------------------------------------------------------------
Update Information:
Fudge is a Python module for using fake objects (mocks and stubs) to test real ones.
--------------------------------------------------------------------------------