EPEL Fedora 6 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Thu Sep 18 23:50:45 UTC 2014 

The following Fedora EPEL 6 Security updates need testing:
 Age  URL
 880  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
 212  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolkit-2.0.2-4.el6
  99  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.26-1.el6
  89  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1693/perl-Email-Address-1.905-1.el6
  41  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2148/drupal6-6.33-1.el6
   7  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2561/pdns-recursor-3.6.1-1.el6
   6  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2634/moodle-2.5.8-1.el6
   0  https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2655/python-oauth2-1.5.211-7.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    python-oauth2-1.5.211-7.el6

Details about builds:


================================================================================
 python-oauth2-1.5.211-7.el6 (FEDORA-EPEL-2014-2655)
 Python support for improved oauth
--------------------------------------------------------------------------------
Update Information:

Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Sep 12 2014 Tom Callaway <spot at fedoraproject.org> - 1.5.211-7
- Fix CVE-2013-4346 and CVE-2013-4347 (thanks to Philippe Makowski)
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.5.211-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1007746 - CVE-2013-4346 python-oauth2: _check_signature() ignores the nonce value when validating signed urls
        https://bugzilla.redhat.com/show_bug.cgi?id=1007746
  [ 2 ] Bug #1007758 - CVE-2013-4347 python-oauth2: Uses poor PRNG in nonce
        https://bugzilla.redhat.com/show_bug.cgi?id=1007758
--------------------------------------------------------------------------------

More information about the epel-devel mailing list