The following Fedora EPEL 6 Security updates need testing:
Age URL
307
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-4008
cross-binutils-2.23.51.0.3-1.el6.1
87
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828
chicken-4.9.0.1-4.el6
69
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031
python-virtualenv-12.0.7-1.el6
63
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168
rubygem-crack-0.3.2-2.el6
33
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7634
zabbix20-2.0.15-1.el6
14
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7875
onionshare-0.7.1-1.el6
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7917 moodle-2.6.11-1.el6
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7940 nrpe-2.15-6.el6
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7961
php-doctrine-cache-1.4.2-1.el6
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7963
php-doctrine-annotations-1.2.7-1.el6
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7994
seamonkey-2.28-7.ESR_31.8.0.el6
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8027
php-extras-5.3.3-4.el6
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8044 golang-1.5.1-0.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8091
zabbix22-2.2.10-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
cube-4.3.2-2.el6
davix-0.5.0-1.el6
future-0.15.2-2.el6
mylvmbackup-0.16-1.el6
python-requests-toolbelt-0.3.1-1.el6
zabbix22-2.2.10-1.el6
Details about builds:
================================================================================
cube-4.3.2-2.el6 (FEDORA-EPEL-2015-8094)
CUBE Uniform Behavioral Encoding generic presentation component
--------------------------------------------------------------------------------
Update Information:
cube-4.3.2-2.fc22 - Make separate libs package (for scorep) - Don't BR Java
stuff cube-4.3.2-2.el6 - Make separate libs package (for scorep) - Don't BR
Java stuff cube-4.3.2-2.el7 - Make separate libs package (for scorep) - Don't
BR Java stuff cube-4.3.2-2.fc23 - Make separate libs package (for scorep) -
Don't BR Java stuff
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1240311 - Please make a libs package
https://bugzilla.redhat.com/show_bug.cgi?id=1240311
--------------------------------------------------------------------------------
================================================================================
davix-0.5.0-1.el6 (FEDORA-EPEL-2015-8084)
Toolkit for Http-based file management
--------------------------------------------------------------------------------
Update Information:
Update to davix 0.5.0, see release note for details
--------------------------------------------------------------------------------
================================================================================
future-0.15.2-2.el6 (FEDORA-EPEL-2015-8090)
Easy, clean, reliable Python 2/3 compatibility
--------------------------------------------------------------------------------
Update Information:
New package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1250884 - Review Request: future - Easy, clean, reliable Python 2/3
compatibility
https://bugzilla.redhat.com/show_bug.cgi?id=1250884
--------------------------------------------------------------------------------
================================================================================
mylvmbackup-0.16-1.el6 (FEDORA-EPEL-2015-8082)
Utility for creating MySQL backups via LVM snapshots
--------------------------------------------------------------------------------
Update Information:
# Version 0.16 - SNMP support. - BUG#1351000: fixed crash when specifying both
--help and $mail_report_on was set to 'always'.
--------------------------------------------------------------------------------
================================================================================
python-requests-toolbelt-0.3.1-1.el6 (FEDORA-EPEL-2015-8086)
A utility belt for advanced users of python-requests
--------------------------------------------------------------------------------
Update Information:
Initial packaging
--------------------------------------------------------------------------------
================================================================================
zabbix22-2.2.10-1.el6 (FEDORA-EPEL-2015-8091)
Open-source monitoring solution for your IT infrastructure
--------------------------------------------------------------------------------
Update Information:
http://www.zabbix.com/rn2.2.10.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1095927 - CVE-2014-1685 zabbix22: zabbix: unauthorized modification of user
media via Zabbix Admin users [epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=1095927
[ 2 ] Bug #1110500 - CVE-2014-3005 zabbix22: zabbix: local file inclusion via XXE attack
[epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=1110500
[ 3 ] Bug #1178879 - CVE-2014-9450 zabbix22: zabbix: SQL injection in chart_bar.php
[epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=1178879
[ 4 ] Bug #1159060 - Zabbix22 for EL6 not updated since 2.2.1
https://bugzilla.redhat.com/show_bug.cgi?id=1159060
[ 5 ] Bug #1202602 - logrotate configuration uses 'su' option, which doesn't
exit on log rotate in CentOS 6.
https://bugzilla.redhat.com/show_bug.cgi?id=1202602
--------------------------------------------------------------------------------