EPEL Fedora 6 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Thu Sep 18 23:50:45 UTC 2014
The following Fedora EPEL 6 Security updates need testing:
Age URL
880 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
212 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolkit-2.0.2-4.el6
99 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.26-1.el6
89 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1693/perl-Email-Address-1.905-1.el6
41 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2148/drupal6-6.33-1.el6
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2561/pdns-recursor-3.6.1-1.el6
6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2634/moodle-2.5.8-1.el6
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2655/python-oauth2-1.5.211-7.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
python-oauth2-1.5.211-7.el6
Details about builds:
================================================================================
python-oauth2-1.5.211-7.el6 (FEDORA-EPEL-2014-2655)
Python support for improved oauth
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 12 2014 Tom Callaway <spot at fedoraproject.org> - 1.5.211-7
- Fix CVE-2013-4346 and CVE-2013-4347 (thanks to Philippe Makowski)
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.5.211-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1007746 - CVE-2013-4346 python-oauth2: _check_signature() ignores the nonce value when validating signed urls
https://bugzilla.redhat.com/show_bug.cgi?id=1007746
[ 2 ] Bug #1007758 - CVE-2013-4347 python-oauth2: Uses poor PRNG in nonce
https://bugzilla.redhat.com/show_bug.cgi?id=1007758
--------------------------------------------------------------------------------
More information about the epel-devel
mailing list