The following Fedora EPEL 6 Security updates need testing:
Age URL
265
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828
chicken-4.9.0.1-4.el6
247
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031
python-virtualenv-12.0.7-1.el6
241
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168
rubygem-crack-0.3.2-2.el6
173
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8148 optipng-0.7.5-5.el6
173
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6
131
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb
mcollective-2.8.4-1.el6
103
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9
thttpd-2.25b-24.el6
14
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-00c45982f6
drupal6-6.38-1.el6
14
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6e0c318d91
libssh-0.5.5-5.el6
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6a812bd682
drupal7-7.43-1.el6
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-78096a43d9
php-htmLawed-1.1.21-1.el6
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-b14579b3db
websvn-2.3.3-12.el6
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-44de0606ef
python-tgcaptcha2-0.3.1-1.el6
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-a198786211
lcms2-2.7-3.el6
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-0ea6a62cb7
drupal6-emfield-2.7-1.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-4a2caa893f
putty-0.63-6.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
cmake3-3.5.0-2.1.el6
dcap-2.47.10-3.el6
globus-proxy-utils-6.14-1.el6
jsoncpp-0.6.0-0.9.rc2.el6
lcgdm-dav-0.17.1-2.el6
libarchive3-3.1.2-1.el6
munin-2.0.25-10.el6
osbs-client-0.18-1.el6
php-paragonie-random-compat-1.2.1-1.el6
putty-0.63-6.el6
youtube-dl-2016.03.06-1.el6
Details about builds:
================================================================================
cmake3-3.5.0-2.1.el6 (FEDORA-EPEL-2016-a82c466e38)
Cross-platform make system
--------------------------------------------------------------------------------
Update Information:
initial epel-release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1315307 - Review Request: libarchive3 - A library for handling streaming
archive formats
https://bugzilla.redhat.com/show_bug.cgi?id=1315307
[ 2 ] Bug #1315097 - please provide a package of jsoncpp for epel6
https://bugzilla.redhat.com/show_bug.cgi?id=1315097
[ 3 ] Bug #1315193 - Review Request (EPEL): cmake3 - Cross-platform make system
https://bugzilla.redhat.com/show_bug.cgi?id=1315193
--------------------------------------------------------------------------------
================================================================================
dcap-2.47.10-3.el6 (FEDORA-EPEL-2016-18af0fc423)
Client Tools for dCache
--------------------------------------------------------------------------------
Update Information:
Fix broken postun scriptlet in dcap-libs.
--------------------------------------------------------------------------------
================================================================================
globus-proxy-utils-6.14-1.el6 (FEDORA-EPEL-2016-02e9361f60)
Globus Toolkit - Globus GSI Proxy Utility Programs
--------------------------------------------------------------------------------
Update Information:
Better support for checking cert names.
--------------------------------------------------------------------------------
================================================================================
jsoncpp-0.6.0-0.9.rc2.el6 (FEDORA-EPEL-2016-a82c466e38)
JSON library implemented in C++
--------------------------------------------------------------------------------
Update Information:
initial epel-release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1315307 - Review Request: libarchive3 - A library for handling streaming
archive formats
https://bugzilla.redhat.com/show_bug.cgi?id=1315307
[ 2 ] Bug #1315097 - please provide a package of jsoncpp for epel6
https://bugzilla.redhat.com/show_bug.cgi?id=1315097
[ 3 ] Bug #1315193 - Review Request (EPEL): cmake3 - Cross-platform make system
https://bugzilla.redhat.com/show_bug.cgi?id=1315193
--------------------------------------------------------------------------------
================================================================================
lcgdm-dav-0.17.1-2.el6 (FEDORA-EPEL-2016-a3123e0040)
HTTP/DAV front end to the DPM/LFC services
--------------------------------------------------------------------------------
Update Information:
New upstream release 0.17.1
--------------------------------------------------------------------------------
================================================================================
libarchive3-3.1.2-1.el6 (FEDORA-EPEL-2016-a82c466e38)
A library for handling streaming archive formats
--------------------------------------------------------------------------------
Update Information:
initial epel-release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1315307 - Review Request: libarchive3 - A library for handling streaming
archive formats
https://bugzilla.redhat.com/show_bug.cgi?id=1315307
[ 2 ] Bug #1315097 - please provide a package of jsoncpp for epel6
https://bugzilla.redhat.com/show_bug.cgi?id=1315097
[ 3 ] Bug #1315193 - Review Request (EPEL): cmake3 - Cross-platform make system
https://bugzilla.redhat.com/show_bug.cgi?id=1315193
--------------------------------------------------------------------------------
================================================================================
munin-2.0.25-10.el6 (FEDORA-EPEL-2016-f4564ebb06)
Network-wide graphing framework (grapher/gatherer)
--------------------------------------------------------------------------------
Update Information:
EL5/6 do not need to install firewalld files BZ# 1315810 - postgresql plugin
default configuration (contrib) BZ# 1315990 - Please remove unnecessary
requirements for munin-node BZ# 1315951 - move /etc/tmpfiles.d/munin.conf to
/usr/lib/tmpfiles.d Remove firewalld Require and associated script. EPEL7 does
not have them. BZ# 1300379 - Please include firewalld service file for munin-
node in RPM package BZ# 1262751 - munin-common should be requires(pre) shadow-
utils package Brought forward munin-2.0.26-406c67e ---- BZ# 1262751 - munin-
common should be requires(pre) shadow-utils package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1315810 - postgresql plugin default configuration
https://bugzilla.redhat.com/show_bug.cgi?id=1315810
[ 2 ] Bug #1315990 - Please remove unnecessary requirements for munin-node
https://bugzilla.redhat.com/show_bug.cgi?id=1315990
[ 3 ] Bug #1315951 - move /etc/tmpfiles.d/munin.conf to /usr/lib/tmpfiles.d
https://bugzilla.redhat.com/show_bug.cgi?id=1315951
[ 4 ] Bug #1300379 - Please include firewalld service file for munin-node in RPM
package
https://bugzilla.redhat.com/show_bug.cgi?id=1300379
[ 5 ] Bug #1262751 - munin-common should be requires(pre) shadow-utils package
https://bugzilla.redhat.com/show_bug.cgi?id=1262751
--------------------------------------------------------------------------------
================================================================================
osbs-client-0.18-1.el6 (FEDORA-EPEL-2016-e84a9d8827)
Python command line client for OpenShift Build Service
--------------------------------------------------------------------------------
Update Information:
New upstream release.
--------------------------------------------------------------------------------
================================================================================
php-paragonie-random-compat-1.2.1-1.el6 (FEDORA-EPEL-2016-c2f2f8de78)
PHP 5.x polyfill for random_bytes() and random_int() from PHP 7
--------------------------------------------------------------------------------
Update Information:
### Version 1.2.1 - 2016-02-29 * PHP 5.6.10 - 5.6.12 will hang when mcrypt is
used on Unix-based operating systems ([PHP bug
69833](https://bugs.php.net/bug.php?id=69833)). If you are running one of
these versions, please upgrade (or make sure `/dev/urandom` is readable)
otherwise you're relying on OpenSSL. ### Version 1.2.0 - 2016-02-05 *
Whitespace and other cosmetic changes * Added a changelog. ### Version 1.1.6 -
2016-01-29 * Eliminate `open_basedir` warnings by detecting this configuration
setting. (Thanks [@oucil](https://github.com/oucil) for reporting this.) *
Added install instructions to the README. * Documentation cleanup (there is, in
fact, no `MCRYPT_CREATE_IV` constant, I meant to write `MCRYPT_DEV_URANDOM`)
### Version 1.1.5 - 2016-01-06 * Prevent fatal errors on platforms with older
versions of libsodium.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1296738 - php-paragonie-random-compat-1.2.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1296738
--------------------------------------------------------------------------------
================================================================================
putty-0.63-6.el6 (FEDORA-EPEL-2016-4a2caa893f)
SSH, Telnet and Rlogin client
--------------------------------------------------------------------------------
Update Information:
This is an update fixing possible buffer overflow in SCP protocol when parsing
server response (CVE-2016-2563).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1316481 - CVE-2016-2563 putty: old-style scp downloads may allow remote code
execution
https://bugzilla.redhat.com/show_bug.cgi?id=1316481
--------------------------------------------------------------------------------
================================================================================
youtube-dl-2016.03.06-1.el6 (FEDORA-EPEL-2016-e394475026)
A small command-line program to download online videos
--------------------------------------------------------------------------------
Update Information:
Update to latest release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1310644 - youtube-dl-2016.03.06 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1310644
--------------------------------------------------------------------------------