The following Fedora EPEL 6 Security updates need testing:
Age URL
496
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6
15
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11198/filezilla-3.7.3-1.el6
15
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11187/libzrtpcpp-3.2.1-2.el6
15
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11195/chrony-1.25-3.el6
14
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11250/Django14-1.4.6-1.el6
14
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11245/python-virtualenv-1.10.1-1.el6
14
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11257/drupal7-entity-1.2-1.el6
11
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11274/ssmtp-2.61-21.el6
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11301/drupal7-theme-zen-5.4-1.el6
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11327/php-pear-Auth-OpenID-2.2.2-7.el6
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11330/ngircd-20.3-1.el6
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11311/roundcubemail-0.9.3-2.el6
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11339/lighttpd-1.4.32-1.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11393/nagios-3.5.1-1.el6
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11395/cacti-0.8.8b-2.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
cacti-0.8.8b-2.el6
check-mk-1.2.2p2-1.el6
nagios-3.5.1-1.el6
Details about builds:
================================================================================
cacti-0.8.8b-2.el6 (FEDORA-EPEL-2013-11395)
An rrd based graphing tool
--------------------------------------------------------------------------------
Update Information:
This update fixes two cross-site scripting issues and one SQL injection issue
in the latest version of Cacti.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 26 2013 Ken Dreyer <[email protected]> - 0.8.8b-2
- Patch for CVE-2013-5588 and CVE-2013-5589 (BZ #1000860)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1000860 - CVE-2013-5588 CVE-2013-5589 cacti: XSS and SQL injection
flaws
https://bugzilla.redhat.com/show_bug.cgi?id=1000860
--------------------------------------------------------------------------------
================================================================================
check-mk-1.2.2p2-1.el6 (FEDORA-EPEL-2013-11394)
A new general purpose Nagios-plugin for retrieving data
--------------------------------------------------------------------------------
Update Information:
New upstream release and several bug fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 31 2013 Andrea Veri <[email protected]> - 1.2.2p2-1
- New upstream release.
* Thu Aug 29 2013 Andrea Veri <[email protected]> - 1.2.2-5
- Make sure the waitmax binary gets built. Also thanks to John Reddy
for his initial work on this. (BZ: #982769)
- Add an if statement for RHEL and make sure auto provides are not set
automatically. (BZ #985285)
- Requires set to mod_python on RHEL, no mod_wsgi migration yet on EPEL. (BZ:
#987852)
- Fix the perl command that was doing the needed substitution on the
/usr/bin/check_mk_agent's configuration directories. Thanks Brainslug for the
report. (BZ: #989793)
- In addition to a customized 'defaults' file, add a defaults.py accordingly.
(BZ: #987859)
* Sun Apr 28 2013 Andrea Veri <[email protected]> 1.2.2-4.el6
- Make sure the Nagios library path on the check_mk_templates.cfg file
is correct on both x86_64 and i686 systems.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #982769 - check-mk-agent missing waitmax
https://bugzilla.redhat.com/show_bug.cgi?id=982769
[ 2 ] Bug #985285 - check-mk-docs claims to provide perl(Module::Install),
masking the one from perl-Module-Install
https://bugzilla.redhat.com/show_bug.cgi?id=985285
[ 3 ] Bug #989793 - check-mk-agent has wrong hardcoded config/lib directories
https://bugzilla.redhat.com/show_bug.cgi?id=989793
[ 4 ] Bug #987859 - check-mk-multisite package has user "mockbuild" in the
defaults.py
https://bugzilla.redhat.com/show_bug.cgi?id=987859
[ 5 ] Bug #987852 - check-mk-multisite package should have mod_python as a
requirement
https://bugzilla.redhat.com/show_bug.cgi?id=987852
--------------------------------------------------------------------------------
================================================================================
nagios-3.5.1-1.el6 (FEDORA-EPEL-2013-11393)
Nagios monitors hosts and services and yells if somethings breaks
--------------------------------------------------------------------------------
Update Information:
Update to 3.5.1
Insecure temporary file usage in nagios.upgrade_to_v3.sh (#958294); Init script
overwrites pid file unnecessarily (#983129)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 30 2013 Jose Pedro Oliveira <jpo at di.uminho.pt> - 3.5.1-1
- update to 3.5.1
- drop patch nagios-3.4.3-spaces-to-plus-signs.patch (upstream bug #407)
* Thu Aug 29 2013 Jose Pedro Oliveira <jpo at di.uminho.pt> - 3.5.0-2
- Insecure temporary file usage in nagios.upgrade_to_v3.sh (#958294)
- Init script overwrites pid file unnecessarily (#983129)
- Corrected bogus dates
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #958015 - CVE-2013-2029 Nagios core: Insecure temporary file usage
in nagios.upgrade_to_v3.sh
https://bugzilla.redhat.com/show_bug.cgi?id=958015
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/epel-devel
