The following Fedora EPEL 6 Security updates need testing:
Age URL
1014 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
104 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3434/pylint-1.3.1-1.el6,python-astroid-1.2.1-2.el6,python-logilab-common-0.62.1-2.el6
79 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4008/cross-binutils-2.23.51.0.3-1.el6.1
67 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4242/facter-1.6.18-8.el6
55 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4485/python-tornado-2.2.1-7.el6
37 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4884/mapserver-6.0.4-1.el6
35 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4918/dokuwiki-0-0.23.20140929b.el6
17 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0232/chicken-4.9.0.1-2.el6
17 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0278/Django14-1.4.18-1.el6
6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0363/polarssl-1.3.2-4.el6
6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0368/puppetlabs-stdlib-4.5.1-1.20150121git7a91f20.el6
6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0407/seamonkey-2.28-3.ESR_31.4.0.el6
4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0436/privoxy-3.0.23-1.el6
1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0557/clamav-0.98.6-1.el6
1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0560/websvn-2.3.3-8.el6
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0566/pigz-2.3.3-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
dspam-3.10.2-5.el6
golang-googlecode-goprotobuf-0-0.11.git7f07925.el6
php-aws-sdk-2.7.17-1.el6
pigz-2.3.3-1.el6
Details about builds:
================================================================================
dspam-3.10.2-5.el6 (FEDORA-EPEL-2015-0572)
A library and Mail Delivery Agent for Bayesian SPAM filtering
--------------------------------------------------------------------------------
Update Information:
Updated dspamc permissions
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Nathanael Noblet <nathanael at gnat.ca> - 3.10.2-5
- Updated dspamc permissions - fixes bug #1185489
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1185489 - permissions of dspamc different than dspam
https://bugzilla.redhat.com/show_bug.cgi?id=1185489
--------------------------------------------------------------------------------
================================================================================
golang-googlecode-goprotobuf-0-0.11.git7f07925.el6 (FEDORA-EPEL-2015-0567)
Go support for Google protocol buffers
--------------------------------------------------------------------------------
Update Information:
Provide back compatibility provides
Bump to 7f07925444bb51fa4cf9dfe6f7661876f8852275
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 jchaloup <jchaloup at redhat.com> - 0-0.11.git7f07925
- Provide back compatibility provides
resolves: #1187495 #1187491 #1187494
* Mon Jan 26 2015 jchaloup <jchaloup at redhat.com> - 0-0.10.git7f07925
- Bump to 7f07925444bb51fa4cf9dfe6f7661876f8852275
related: #1018057
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1187495 - new version breaks dependencies on epel6
https://bugzilla.redhat.com/show_bug.cgi?id=1187495
[ 2 ] Bug #1187491 - golang-googlecode-goprotobuf breaks dependencies
https://bugzilla.redhat.com/show_bug.cgi?id=1187491
[ 3 ] Bug #1187494 - golang-googlecode-goprotobuf breaks dependencies
https://bugzilla.redhat.com/show_bug.cgi?id=1187494
[ 4 ] Bug #1018057 - Review Request: golang-googlecode-goprotobuf - Go support for Google protocol buffers
https://bugzilla.redhat.com/show_bug.cgi?id=1018057
--------------------------------------------------------------------------------
================================================================================
php-aws-sdk-2.7.17-1.el6 (FEDORA-EPEL-2015-0570)
Amazon Web Services framework for PHP
--------------------------------------------------------------------------------
Update Information:
## 2.7.17 - 2015-01-27
* Added support for `getShippingLabel` to the AWS Import/Export client.
* Updated the AWS Lambda client.
## 2.7.16 - 2015-01-20
* Added support for custom security groups to the Amazon EMR client.
* Added support for the latest APIs to the Amazon Cognito Identity client.
* Added support for ClassicLink to the Auto Scaling client.
* Added the ability to set a client's API version to "latest" for forwards compatibility with v3.
## 2.7.15 - 2015-01-15
* Added support for [HLS Content Protection](https://aws.amazon.com/releasenotes/3388917394239147) to the Elastic Transcoder client.
* Updated client factory logic to add the `SignatureListener`, even when `NullCredentials` have been specified. This way, you can update a client's credentials later if you want to begin signing requests.
## 2.7.14 - 2015-01-09
* Fixed a regression in the CloudSearch Domain client (#448).
## 2.7.13 - 2015-01-08
* Added the Amazon EC2 Container Service client.
* Added the Amazon CloudHSM client.
* Added support for dynamic fields to the Amazon CloudSearch client.
* Added support for the ClassicLink feature to the Amazon EC2 client.
* Updated the Amazon RDS client to use the latest 2014-10-31 API.
* Updated S3 signature so retries use a new Date header on each attempt.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 29 2015 Shawn Iwinski <shawn.iwinski at gmail.com> - 2.7.17-1
- Updated to 2.7.17 (BZ #1180500)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1180500 - php-aws-sdk-2.7.17 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1180500
--------------------------------------------------------------------------------
================================================================================
pigz-2.3.3-1.el6 (FEDORA-EPEL-2015-0566)
Parallel implementation of gzip
--------------------------------------------------------------------------------
Update Information:
Update to 2.3.3, fixes CVE-2015-1191:
- Return zero exit code when only warnings are issued
- Increase speed of unlzw (Unix compress decompression)
- Update zopfli to current google state
- Allow larger maximum blocksize (-b), now 512 MiB
- Do not require that -d precede -N, -n, -T options
- Strip any path from header name for -dN or -dNT
- Remove use of PATH_MAX (PATH_MAX is not reliable)
- Do not abort on inflate data error, do remaining files
- Check gzip header CRC if present
- Improve decompression error detection and reporting
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Orion Poplawski <orion at cora.nwra.com> - 2.3.3-1
- Update to 2.3.3, fixes CVE-2015-1191 (bug #1181045)
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.3.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1181045 - CVE-2015-1191 pigz: directory traversal vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=1181045
--------------------------------------------------------------------------------