The following Fedora EPEL 6 Security updates need testing: Age URL 191 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828 chicken-4.9.0.1-4.el6 173 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 167 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 98 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8148 optipng-0.7.5-5.el6 98 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6 87 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-68a2c2db36 python-pymongo-3.0.3-1.el6 57 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 29 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6 20 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-c1e2a347ee xsupplicant-2.2.0-13.el6 16 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-df28a72135 shellinabox-2.19-1.el6 14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-4ea455db6d gwenhywfar-4.13.1-2.el6 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-06bd1d268e nodejs-handlebars-4.0.5-1.el6 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-26f2bb9749 libpng10-1.0.66-1.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e29b297036 phpMyAdmin-4.0.10.12-1.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-d47aefe0b2 roundcubemail-1.0.8-1.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-b94af2e025 seamonkey-2.39-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
nodejs-strip-json-comments-1.0.2-1.el6 nsd-4.1.7-3.el6 opendkim-2.10.3-3.el6 php-doctrine-cache-1.5.4-1.el6 php-solarium-3.5.1-1.el6 php-udan11-sql-parser-3.0.8-1.el6 phpMyAdmin-4.0.10.12-1.el6 python-configparser-3.5.0b2-1.el6 roundcubemail-1.0.8-1.el6 seamonkey-2.39-1.el6 sscep-0.6.1-1.20151228git68e354a.el6 wine-1.8-1.el6
Details about builds:
================================================================================ nodejs-strip-json-comments-1.0.2-1.el6 (FEDORA-EPEL-2015-4c5b9aa860) Strip comments from JSON -------------------------------------------------------------------------------- Update Information:
Upstream has released new version --------------------------------------------------------------------------------
================================================================================ nsd-4.1.7-3.el6 (FEDORA-EPEL-2015-3f702eb49d) Fast and lean authoritative DNS Name Server -------------------------------------------------------------------------------- Update Information:
Improved integration for systemd, use PrivateTmp --------------------------------------------------------------------------------
================================================================================ opendkim-2.10.3-3.el6 (FEDORA-EPEL-2015-5e01f07dc5) A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail -------------------------------------------------------------------------------- Update Information:
Added OpenLDAP support -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1293279 - opendkim miss LDAP support https://bugzilla.redhat.com/show_bug.cgi?id=1293279 --------------------------------------------------------------------------------
================================================================================ php-doctrine-cache-1.5.4-1.el6 (FEDORA-EPEL-2015-f17b123872) Doctrine Cache -------------------------------------------------------------------------------- Update Information:
### v1.5.4 * 127: Path length of 259 is also not possible due to php bug ### v1.5.3 * 113: Perform various tests on windows and this correction solved the problem * 121: FileCache.php bug at line 140 in protected function getFilename * 122: Hotfix - #113 testing/correcting hashing for windows file path length limitations * 124: Filenames are too long for windows * 125: Fix FileCache on Windows ### v1.5.2 * 105: Fix fetch multiple with false * 107: fix file cache naming under windows surpassing MAX_PATH * 108: Avoid MongoCursorException with MongoCache ### v1.5.1 * 104: fetchMultiple problems with null and falsey values ### v1.5.0 * 87: [enhancement] Predis cache improvement * 91: No need to save the default namespace version * 92: travis: use container based build, PHP 7 added * 94: fix file naming based on cache key * 97: unify bool(ean) and add multi get support for wincache * 98: add travis cache and fix apcu installation * 99: Update LICENSE * 100: composer: use PSR-4 autoload * 101: Additional tests added ### v1.4.4 * 104: fetchMultiple problems with null and falsey values ### v1.4.3 * 90: Fix CacheProvider::fetchMultiple if keys array is empty * 91: No need to save the default namespace version * 95: Fix delete() and flushAll() -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1276019 - php-doctrine-cache-v1.5.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1276019 --------------------------------------------------------------------------------
================================================================================ php-solarium-3.5.1-1.el6 (FEDORA-EPEL-2015-47b416e6a6) Solarium PHP Solr client library -------------------------------------------------------------------------------- Update Information:
**Version 3.5.1** - 2015-12-19 * Fix BC break in 3.5.0 release **Version 3.5.0** - 2015-12-09 - improvement: lots of code style fixes - improvement: refactored 'base' plugin class to AbstractPlugin - improvement: removed old PHP environments for Travis, added PHP7 - improvement: set license to a valid SPDX license identifier - bugfix: PHAR generator updated to support namespacing - bugfix: Collations broken for Solr 5 data format - added: Make it possible to bypass (system-wide) proxy setting in Curl adapter - improvement: Added SensioLabs Insight (including lots of fixed in the code based on report) - added: ClientInterface - improvement: Set hard paths in .gitignore to prevent tree lookups - added: Support for facet.contains settings - improvement: updated Symfony event dispatcher dependency to a maintained version - added: docs in repository (markdown format) --------------------------------------------------------------------------------
================================================================================ php-udan11-sql-parser-3.0.8-1.el6 (FEDORA-EPEL-2015-7ad1d25ae8) A validating SQL lexer and parser with a focus on MySQL dialect -------------------------------------------------------------------------------- Update Information:
Bugfix version for phpMyAdmin 4.5.3 --------------------------------------------------------------------------------
================================================================================ phpMyAdmin-4.0.10.12-1.el6 (FEDORA-EPEL-2015-e29b297036) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information:
phpMyAdmin 4.0.10.12 (2015-12-25) ================================= - [Security] Path disclosure, see PMASA-2015-6 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1294254 - PMASA-2015-6 phpMyAdmin: Path disclosure https://bugzilla.redhat.com/show_bug.cgi?id=1294254 --------------------------------------------------------------------------------
================================================================================ python-configparser-3.5.0b2-1.el6 (FEDORA-EPEL-2015-ff4bb5fd70) Backport of Python 3 configparser module -------------------------------------------------------------------------------- Update Information:
Updated to build for el6 and Python3 and other minor changes --------------------------------------------------------------------------------
================================================================================ roundcubemail-1.0.8-1.el6 (FEDORA-EPEL-2015-d47aefe0b2) Round Cube Webmail is a browser-based multilingual IMAP client -------------------------------------------------------------------------------- Update Information:
**Release 1.0.8** - Add workaround for https://bugs.php.net/bug.php?id=70757 (#1490582) - Fix HTML sanitizer to skip <!-- node type X --> in output (#1490583) - Fix charset encoding of message/rfc822 part bodies (#1490606) - Fix handling of message/rfc822 attachments on replies and forwards (#1490607) - Fix PDF support detection in Firefox > 19 (#1490610) - Fix path traversal vulnerability (CWE-22) in setting a skin (#1490620) - Fix so drag-n-drop of text (e.g. recipient addresses) on compose page actually works (#1490619) - Fix .htaccess rewrite rules to not block .well-known URIs (#1490615) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1269155 - Insecure permissions of /var/lib/roundcubemail and /var/log/roundcubemail https://bugzilla.redhat.com/show_bug.cgi?id=1269155 --------------------------------------------------------------------------------
================================================================================ seamonkey-2.39-1.el6 (FEDORA-EPEL-2015-b94af2e025) Web browser, e-mail, news, IRC client, HTML editor -------------------------------------------------------------------------------- Update Information:
Update to 2.39 Fixes various security issues, see http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html for more info. ---- Update to 2.38 Fixes various security issues, see http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html for more info. --------------------------------------------------------------------------------
================================================================================ sscep-0.6.1-1.20151228git68e354a.el6 (FEDORA-EPEL-2015-8399f5b3f3) Simple SCEP client with modifications for engine support & more -------------------------------------------------------------------------------- Update Information:
Rebase on 0.6.1 release --------------------------------------------------------------------------------
================================================================================ wine-1.8-1.el6 (FEDORA-EPEL-2015-9c3823ed0f) A compatibility layer for windows applications -------------------------------------------------------------------------------- Update Information:
Version 1.8 https://www.winehq.org/announce/1.8 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org