[SECURITY] Fedora EPEL 7 Update: lxc-1.0.10-2.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2017-4aae1e22f1
2017-07-30 18:25:02.891795
--------------------------------------------------------------------------------
Name : lxc
Product : Fedora EPEL 7
Version : 1.0.10
Release : 2.el7
URL : http://linuxcontainers.org
Summary : Linux Resource Containers
Description :
Linux Resource Containers provide process and resource isolation without the
overhead of full virtualization.
--------------------------------------------------------------------------------
Update Information:
Update the LXC EPEL package to the latest stable LXC 1.0 release. The upstream
changelog is [here](https://linuxcontainers.org/lxc/news/#lxc-1010-release-
announcement-11th-of-may-2017).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1431557 - CVE-2017-5985 lxc: lxc-user-nic didn't verify network namespace ownership
https://bugzilla.redhat.com/show_bug.cgi?id=1431557
[ 2 ] Bug #1411256 - CVE-2016-10124 lxc: Escaping to parent session using TIOCSTI ioctl in lxc-attach
https://bugzilla.redhat.com/show_bug.cgi?id=1411256
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update lxc' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 9 months
[SECURITY] Fedora EPEL 6 Update: phpldapadmin-1.2.3-10.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2017-f7d737f93d
2017-07-30 18:24:49.612618
--------------------------------------------------------------------------------
Name : phpldapadmin
Product : Fedora EPEL 6
Version : 1.2.3
Release : 10.el6
URL : http://phpldapadmin.sourceforge.net
Summary : Web-based tool for managing LDAP servers
Description :
PhpLDAPadmin is a web-based LDAP client.
It provides easy, anywhere-accessible, multi-language administration
for your LDAP server. Its hierarchical tree-viewer and advanced search
functionality make it intuitive to browse and administer your LDAP directory.
Since it is a web application, this LDAP browser works on many platforms,
making your LDAP server easily manageable from any location.
PhpLDAPadmin is the perfect LDAP browser for the LDAP professional
and novice alike. Its user base consists mostly of LDAP administration
professionals.
Edit /etc/phpldapadmin/config.php to change default (localhost) LDAP server
location and other things. Edit /etc/httpd/conf.d/phpldapadmin.conf to allow
access by remote web-clients.
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2017-11107 (#1471112)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1471112 - CVE-2017-11107 phpldapadmin: XSS in htdocs/entry_chooser.php via form, element, rdn, or container parameter
https://bugzilla.redhat.com/show_bug.cgi?id=1471112
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update phpldapadmin' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 9 months
[SECURITY] Fedora EPEL 6 Update: jabberd-2.6.1-2.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2017-428858445a
2017-07-30 18:24:49.612561
--------------------------------------------------------------------------------
Name : jabberd
Product : Fedora EPEL 6
Version : 2.6.1
Release : 2.el6
URL : http://jabberd2.org/
Summary : OpenSource server implementation of the Jabber protocols
Description :
The jabberd project aims to provide an open-source server implementation of
the Jabber protocols for instant messaging and XML routing. The goal of this
project is to provide a scalable, reliable, efficient and extensible server
that provides a complete set of features and is up to date with the latest
protocol revisions.
jabberd2 is the next generation of the jabberd server. It has been
rewritten from the ground up to be scalable, architecturally sound, and to
support the latest protocol extensions coming out of the JSF.
This package defaults to use pam and sqlite.
--------------------------------------------------------------------------------
Update Information:
added patch to fix build errors with mariadb 10.2 (#1470036)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1468567 - CVE-2017-10807 jabberd: CVE-2017-10807 [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1468567
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update jabberd' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 9 months
Fedora EPEL 6 Update: gen-oath-safe-0.10.1-1.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2017-26c82c8349
2017-07-30 18:24:49.612507
--------------------------------------------------------------------------------
Name : gen-oath-safe
Product : Fedora EPEL 6
Version : 0.10.1
Release : 1.el6
URL : https://github.com/mcepl/gen-oath-safe
Summary : Script for generating HOTP/TOTP keys (and QR code)
Description :
This script creates appropriate keys and QR codes for setting up custom
tokens. It can create TOTP (time based) and HOTP (event based) tokens,
and provide textmode QR codes for loading into Google Authenticator. It
can also provide the needed commands to prepare a Yubikey.
Only use this on a trusted system with an encrypted filesystem. This
script was not designed to be used except by experienced users, so it is
not terribly user friendly.
--------------------------------------------------------------------------------
Update Information:
Tiny bugfix update ��� missing ``-h`` and ``--help`` options.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update gen-oath-safe' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 9 months
Fedora EPEL 6 Update: youtube-dl-2017.07.09-1.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2017-8586fec834
2017-07-30 18:24:49.612447
--------------------------------------------------------------------------------
Name : youtube-dl
Product : Fedora EPEL 6
Version : 2017.07.09
Release : 1.el6
URL : https://yt-dl.org
Summary : A small command-line program to download online videos
Description :
Small command-line program to download videos from YouTube and other sites.
--------------------------------------------------------------------------------
Update Information:
Update to the latest upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1467126 - youtube-dl-2017.07.09 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1467126
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update youtube-dl' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 9 months
Fedora EPEL 6 Update: R-3.4.1-1.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2017-173efcf1f5
2017-07-30 18:24:49.612398
--------------------------------------------------------------------------------
Name : R
Product : Fedora EPEL 6
Version : 3.4.1
Release : 1.el6
URL : http://www.r-project.org
Summary : A language for data analysis and graphics
Description :
This is a metapackage that provides both core R userspace and
all R development components.
R is a language and environment for statistical computing and graphics.
R is similar to the award-winning S system, which was developed at
Bell Laboratories by John Chambers et al. It provides a wide
variety of statistical and graphical techniques (linear and
nonlinear modelling, statistical tests, time series analysis,
classification, clustering, ...).
R is designed as a true computer language with control-flow
constructions for iteration and alternation, and it allows users to
add additional functionality by defining new functions. For
computationally intensive tasks, C, C++ and Fortran code can be linked
and called at run time.
--------------------------------------------------------------------------------
Update Information:
Update to R 3.4.1. This contains several significant bugfixes introduced in
3.4.0, so updating is strongly recommended. Full release notes are here:
https://cran.r-project.org/doc/manuals/r-release/NEWS.html
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1456452 - rpy-2.8.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1456452
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update R' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 9 months
[SECURITY] Fedora EPEL 6 Update: lxc-1.0.10-2.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2017-23f4cb5d02
2017-07-30 18:24:49.612223
--------------------------------------------------------------------------------
Name : lxc
Product : Fedora EPEL 6
Version : 1.0.10
Release : 2.el6
URL : http://linuxcontainers.org
Summary : Linux Resource Containers
Description :
Linux Resource Containers provide process and resource isolation without the
overhead of full virtualization.
--------------------------------------------------------------------------------
Update Information:
Update the LXC EPEL package to the latest stable LXC 1.0 release. The upstream
changelog is [here](https://linuxcontainers.org/lxc/news/#lxc-1010-release-
announcement-11th-of-may-2017).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1411256 - CVE-2016-10124 lxc: Escaping to parent session using TIOCSTI ioctl in lxc-attach
https://bugzilla.redhat.com/show_bug.cgi?id=1411256
[ 2 ] Bug #1431557 - CVE-2017-5985 lxc: lxc-user-nic didn't verify network namespace ownership
https://bugzilla.redhat.com/show_bug.cgi?id=1431557
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update lxc' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 9 months
Fedora EPEL 6 Update: uw-imap-2007f-14.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2017-03a17c3c29
2017-07-29 00:55:34.843982
--------------------------------------------------------------------------------
Name : uw-imap
Product : Fedora EPEL 6
Version : 2007f
Release : 14.el6
URL : http://www.washington.edu/imap/
Summary : UW Server daemons for IMAP and POP network mail protocols
Description :
The uw-imap package provides UW server daemons for both the IMAP (Internet
Message Access Protocol) and POP (Post Office Protocol) mail access
protocols. The POP protocol uses a "post office" machine to collect
mail for users and allows users to download their mail to their local
machine for reading. The IMAP protocol allows a user to read mail on a
remote machine without downloading it to their local machine.
--------------------------------------------------------------------------------
Update Information:
Use bundled (less buggy) libc-client library with working ssl support, update to
latest 2007f release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #736120 - uw-imap-2007e-14.el6.i686 + libc-client-2007e-11.el6.i686 can't establish encrypted connections
https://bugzilla.redhat.com/show_bug.cgi?id=736120
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update uw-imap' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 9 months
Fedora EPEL 6 Update: python-copr-1.78-1.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2017-3f9e6da958
2017-07-29 00:55:34.843887
--------------------------------------------------------------------------------
Name : python-copr
Product : Fedora EPEL 6
Version : 1.78
Release : 1.el6
URL : https://pagure.io/copr/copr
Summary : Python interface for Copr
Description :
COPR is lightweight build system. It allows you to create new project in WebUI,
and submit new builds and COPR will create yum repository from latest builds.
This package contains python interface to access Copr service. Mostly useful
for developers only.
--------------------------------------------------------------------------------
Update Information:
Fixes https://pagure.io/copr/copr/issue/67 copr edit-package-tito nulls out
fields not edited. ---- copr-cli: - when building module --url or --yaml
needs to be selected - remove make-module command - update man for build-module
command - allow to submit optional params to mbs - frontend act as a gateway
between user and mbs - possibility to submit yaml file to mbs - compose auth url
more prettier - describe module actions in man - rename method for making module
to match cli naming - split module building into two separate commands - add
possibility to build module via MBS or not - add command for building modules -
more similar mock-config with real builder's config - put errors/warnings on
stderr - fix trace in 'copr-cli --debug' - replace fedorahosted links - use
'avg' api from python-progress python-copr: - allow to submit optional params
to mbs - frontend act as a gateway between user and mbs - allow to create module
and it's action separately - possibility to submit yaml file to mbs - update
auth for current MBS package - rename method for making module to match cli
naming - add command for building modules - files can be uploaded via simple
MultipartEncoder (RhBug: 1440480) - fix proxyuser when creating modules -
replace fedorahosted links - fix setting username on multipart data - proxyuser
feature (RhBug: 1381574) ---- EPEL6 fix
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update python-copr' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 9 months
Fedora EPEL 6 Update: copr-cli-1.60-1.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2017-3f9e6da958
2017-07-29 00:55:34.843887
--------------------------------------------------------------------------------
Name : copr-cli
Product : Fedora EPEL 6
Version : 1.60
Release : 1.el6
URL : https://pagure.io/copr/copr
Summary : Command line interface for COPR
Description :
COPR is lightweight build system. It allows you to create new project in WebUI,
and submit new builds and COPR will create yum repository from latests builds.
This package contains command line interface.
--------------------------------------------------------------------------------
Update Information:
Fixes https://pagure.io/copr/copr/issue/67 copr edit-package-tito nulls out
fields not edited. ---- copr-cli: - when building module --url or --yaml
needs to be selected - remove make-module command - update man for build-module
command - allow to submit optional params to mbs - frontend act as a gateway
between user and mbs - possibility to submit yaml file to mbs - compose auth url
more prettier - describe module actions in man - rename method for making module
to match cli naming - split module building into two separate commands - add
possibility to build module via MBS or not - add command for building modules -
more similar mock-config with real builder's config - put errors/warnings on
stderr - fix trace in 'copr-cli --debug' - replace fedorahosted links - use
'avg' api from python-progress python-copr: - allow to submit optional params
to mbs - frontend act as a gateway between user and mbs - allow to create module
and it's action separately - possibility to submit yaml file to mbs - update
auth for current MBS package - rename method for making module to match cli
naming - add command for building modules - files can be uploaded via simple
MultipartEncoder (RhBug: 1440480) - fix proxyuser when creating modules -
replace fedorahosted links - fix setting username on multipart data - proxyuser
feature (RhBug: 1381574) ---- EPEL6 fix
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update copr-cli' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 9 months