The following Fedora EPEL 6 Security updates need testing:
Age URL
958
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3....
177
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7....
48
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3434/pylint-1.3....
23
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4008/cross-binut...
17
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4144/nodejs-0.10...
14
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4237/drupal7-7.3...
14
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4233/drupal6-6.3...
11
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4242/facter-1.6....
11
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4243/asterisk-1....
11
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2069/php-channel...
10
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4281/docker-io-1...
3
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4404/perl-YAML-L...
3
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4384/antiword-0....
3
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4407/pkcs11-help...
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4411/llvm-3.4.2-...
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4468/phpMyAdmin-...
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4444/php-horde-k...
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4442/icecast-2.4...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4485/python-torn...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4472/pwgen-2.07-...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4496/seamonkey-2...
The following builds have been pushed to Fedora EPEL 6 updates-testing
ansible-lint-2.0.1-1.el6
lnst-6-1.el6
openblas-0.2.13-1.el6
perl-qpid_proton-0.8-1.el6
pwgen-2.07-1.el6
python-jsonrpclib-0.1.3-2.el6
python-ncclient-0.4.2-2.el6
python-pyroute2-0.3.3-1.el6
python-tornado-2.2.1-7.el6
seamonkey-2.28-2.ESR_31.3.0.el6
sl-5.02-1.el6
will-crash-0.9-3.el6
xbacklight-1.2.1-1.el6
xml2-0.5-7.el6
Details about builds:
================================================================================
ansible-lint-2.0.1-1.el6 (FEDORA-EPEL-2014-4507)
Best practices checker for Ansible
--------------------------------------------------------------------------------
Update Information:
Update to 2.0.1
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 5 2014 Parag Nemade <pnemade AT redhat DOT com> - 2.0.1-1
- Update to 2.0.1
--------------------------------------------------------------------------------
================================================================================
lnst-6-1.el6 (FEDORA-EPEL-2014-4487)
Common code for lnst-ctl and lnst-slave
--------------------------------------------------------------------------------
Update Information:
update to version 6
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 5 2014 Jiri Pirko <jpirko(a)redhat.com> - 6-1
- Updating to stable release 6
--------------------------------------------------------------------------------
================================================================================
openblas-0.2.13-1.el6 (FEDORA-EPEL-2014-4498)
An optimized BLAS library based on GotoBLAS2
--------------------------------------------------------------------------------
Update Information:
Update to 0.2.13, fixing a bug in sgemm on Sandy Bridge.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 5 2014 Susi Lehtola <jussilehtola(a)fedoraproject.org> - 0.2.13-1
- Update to 0.2.13.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1171015 - openblas-0.2.13 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1171015
--------------------------------------------------------------------------------
================================================================================
perl-qpid_proton-0.8-1.el6 (FEDORA-EPEL-2014-4474)
Perl language bindings for Qpid Proton
--------------------------------------------------------------------------------
Update Information:
Rebased on Proton 0.8.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Darryl L. Pierce <dpierce(a)redhat.com> - 0.8-1
- Rebased on Proton 0.8.
* Thu Aug 28 2014 Jitka Plesnikova <jplesnik(a)redhat.com> - 0.7-4
- Perl 5.20 rebuild
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.7-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.7-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
pwgen-2.07-1.el6 (FEDORA-EPEL-2014-4472)
Automatic password generation
--------------------------------------------------------------------------------
Update Information:
Update to 2.07:
* Remove backwards compatibility for no-tty mode. Addresses CVE-2013-4440
* Fail hard if /dev/urandom and /dev/random are not available. Addresses CVE-2013-4442
and Launchpad #1183213 (Closes: #767008)
* Fix pwgen -B so that it doesn't accidentally generate passwords with ambiguous
characters after changing the case of some letters. Addresses Launchpad Bugs #638418 and
#1349863
* Fix potential portability bug on architectures where unsgined ints are not 4 bytes long
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 5 2014 Orion Poplawski <orion(a)cora.nwra.com> - 2.07-1
- Update to 2.07 (bug 1159526) fixes:
CVE-2013-4440 (bug 1020222, 1020223)
CVE-2013-4442 (bug 1020259, 1020261)
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.06-12
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.06-11
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.06-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.06-9
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.06-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.06-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Wed Feb 9 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.06-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1020220 - CVE-2013-4440 pwgen: non-tty passwords are trivially weak by
default
https://bugzilla.redhat.com/show_bug.cgi?id=1020220
[ 2 ] Bug #1020258 - CVE-2013-4442 pwgen: silent fallback to insecure entropy
https://bugzilla.redhat.com/show_bug.cgi?id=1020258
--------------------------------------------------------------------------------
================================================================================
python-jsonrpclib-0.1.3-2.el6 (FEDORA-EPEL-2014-4484)
JSON-RPC v2.0 client library for Python
--------------------------------------------------------------------------------
Update Information:
Minor update to dependencies and build spec.
--------------------------------------------------------------------------------
================================================================================
python-ncclient-0.4.2-2.el6 (FEDORA-EPEL-2014-4483)
Python library for NETCONF clients
--------------------------------------------------------------------------------
Update Information:
Initial upload of the package to repos.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1170629 - Review Request: python-ncclient - Python library for NETCONF
clients
https://bugzilla.redhat.com/show_bug.cgi?id=1170629
--------------------------------------------------------------------------------
================================================================================
python-pyroute2-0.3.3-1.el6 (FEDORA-EPEL-2014-4502)
Pure Python netlink library
--------------------------------------------------------------------------------
Update Information:
Fix-ups, 0.3.3
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 5 2014 Peter V. Saveliev <peter(a)svinota.eu> 0.3.3-1
- Fix-ups, 0.3.3
- Bugfixes for Python 2.6
--------------------------------------------------------------------------------
================================================================================
python-tornado-2.2.1-7.el6 (FEDORA-EPEL-2014-4485)
Scalable, non-blocking web server and tools
--------------------------------------------------------------------------------
Update Information:
- Add patch to fix CVE-2013-2098 CVE-2013-2099 (bug #96627)
- Drop requires python-simplejson, not needed for modern python
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 5 2014 Orion Poplawski <orion(a)cora.nwra.com> - 2.2.1-7
- Add patch to fix CVE-2013-2098 CVE-2013-2099 (bug #96627)
- Drop requires python-simplejson, not needed for modern python
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.2.1-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri Jun 14 2013 Thomas Spura <tomspur(a)fedoraproject.org> - 2.2.1-5
- remove rhel conditional for with_python3:
https://fedorahosted.org/fpc/ticket/200
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.2.1-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Sat Aug 4 2012 David Malcolm <dmalcolm(a)redhat.com> - 2.2.1-3
- rebuild for
https://fedoraproject.org/wiki/Features/Python_3.3
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.2.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #963260 - CVE-2013-2099 python: ssl.match_hostname() DoS via certificates with
specially crafted hostname wildcard patterns
https://bugzilla.redhat.com/show_bug.cgi?id=963260
--------------------------------------------------------------------------------
================================================================================
seamonkey-2.28-2.ESR_31.3.0.el6 (FEDORA-EPEL-2014-4496)
Web browser, e-mail, news, IRC client, HTML editor
--------------------------------------------------------------------------------
Update Information:
Update to the codebase of Extended Support Release (ESR) 31.3.0
Fixes various security issues, see
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html and
https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html for more info
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 4 2014 Dmitry Butskoy <Dmitry(a)Butskoy.name> 2.28-2.ESR_31.3.0
- update to Extended Support Release version 31.3.0, derived
from the correspond thunderbird source tree.
--------------------------------------------------------------------------------
================================================================================
sl-5.02-1.el6 (FEDORA-EPEL-2014-4505)
Joke command for when you type 'sl' instead of 'ls'
--------------------------------------------------------------------------------
Update Information:
Update to the new upstream (and new build system; #1170931)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 5 2014 Matej Cepl <mcepl(a)redhat.com> - 5.02-1
- Update to the new upstream (and new build system; #1170931)
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
3.03-17
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
3.03-16
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
3.03-15
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
3.03-14
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Fri Jul 27 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
3.03-13
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
3.03-12
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Wed Oct 26 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
3.03-11
- Rebuilt for glibc bug#747377
* Wed Feb 9 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
3.03-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
3.03-9
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
3.03-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Tue Nov 18 2008 Tom "spot" Callaway <tcallawa(a)redhat.com> 3.03-7
- fix license tag (Freely redistributable without restriction is only
for firmware)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1170931 - RFE: update to 5.02
https://bugzilla.redhat.com/show_bug.cgi?id=1170931
--------------------------------------------------------------------------------
================================================================================
will-crash-0.9-3.el6 (FEDORA-EPEL-2014-4482)
Set of crashing executables written in various languages
--------------------------------------------------------------------------------
Update Information:
fix java deps for EL6
fix will_java_throw_suppressed availability
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 5 2014 Richard Marko <rmarko(a)fedoraproject.org> - 0.9-3
- fix java deps for EL6
* Mon Nov 24 2014 Richard Marko <rmarko(a)fedoraproject.org> - 0.9-2
- fix will_java_throw_suppressed availability on RHEL6
* Thu Oct 30 2014 Jakub Filak <jfilak(a)redhat.com> - 0.9-1
- port to javapackages-utils
* Wed Sep 10 2014 Richard Marko <rmarko(a)fedoraproject.org> - 0.8-1
- add will_segfault --break-link-map
* Wed Aug 27 2014 Martin Milata <mmilata(a)redhat.com> - 0.7-5
- added will_stackoverflow
* Mon Aug 18 2014 Richard Marko <rmarko(a)fedoraproject.org> - 0.7-4
- support OpenJDK8
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.7-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.7-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1168397 - will-crash has unsatisfied dependencies on epel6
https://bugzilla.redhat.com/show_bug.cgi?id=1168397
--------------------------------------------------------------------------------
================================================================================
xbacklight-1.2.1-1.el6 (FEDORA-EPEL-2014-4476)
Adjust backlight brightness using RandR
--------------------------------------------------------------------------------
Update Information:
- fix reading backlight level on 64-bit systems
- fix invalid read found using valgrind
- manpage fix - replace hyphens with minus signs
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 6 2014 Michel Alexandre Salim <salimma(a)fedoraproject.org> - 1.2.1-1
- Update to 1.2.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1016910 - xbacklight-1.2.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1016910
--------------------------------------------------------------------------------
================================================================================
xml2-0.5-7.el6 (FEDORA-EPEL-2014-4473)
XML/Unix Processing Tools
--------------------------------------------------------------------------------
Update Information:
These tools are used to convert XML and HTML to and from a line-oriented format more
amenable to processing by classic Unix pipeline processing tools, like grep, sed, awk,
cut, shell scripts, and so forth.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #492708 - Review Request: xml2 - XML/Unix Processing Tools
https://bugzilla.redhat.com/show_bug.cgi?id=492708
--------------------------------------------------------------------------------