[EPEL-devel] Fedora EPEL 6 updates-testing report

Mon, 16 Nov 2015 08:22:18 -0800 

The following Fedora EPEL 6 Security updates need testing:
 Age  URL
 148  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828   
chicken-4.9.0.1-4.el6
 130  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031   
python-virtualenv-12.0.7-1.el6
 124  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168   
rubygem-crack-0.3.2-2.el6
  56  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8148   
optipng-0.7.5-5.el6
  56  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156   
nagios-4.0.8-1.el6
  44  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-68a2c2db36   
python-pymongo-3.0.3-1.el6
  14  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb   
mcollective-2.8.4-1.el6
  14  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-28606b6d1d   
perl-HTML-Scrubber-0.15-1.el6.1
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-5d63583df0   
metis-5.1.0-7.el6
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e195439195   
drupal7-jquery_update-2.7-1.el6
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-967595b7c1   
wildmagic5-5.13-12.el6
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8fc6f35cc9   
MUMPS-5.0.1-4.el6
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-d47ae2d16b   
owncloud-7.0.11-1.el6
   7  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-a7d37297d4   
telegram-cli-1.3.1-7.20150730git2052f4.el6
   7  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-0ae4daf2d6   
tubo-5.0.15-3.el6
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-b4ebe76583   
putty-0.63-5.el6
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-20cb365c26   
zarafa-7.1.14-1.el6
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-260d131310   
libpng10-1.0.64-1.el6
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8161a5151b   
ProDy-1.7.1-1.el6
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-b76c1e5912   
potrace-1.13-2.el6
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-2fad2e45f6   
monitorix-3.8.1-1.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    monitorix-3.8.1-1.el6
    proftpd-1.3.3g-7.el6
    python-dirq-1.7-1.el6

Details about builds:


================================================================================
 monitorix-3.8.1-1.el6 (FEDORA-EPEL-2015-2fad2e45f6)
 A free, open source, lightweight system monitoring tool
--------------------------------------------------------------------------------
Update Information:

This is a maintenance release that mainly fixes a Document Object Model
(DOM)-based cross-site scripting (XSS) vulnerability in the monitorix.cgi file.
Such vulnerability is by injection a JS code in the when parameter of the URL
shown after generating the graphs. Additionally, a potential denial of service
(DoS) issue was discovered in the same when parameter of the URL which could
lead in the creation of an enormous amount of .png files in the imgs directory
of the server.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1281979 - monitorix-3.8.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1281979
--------------------------------------------------------------------------------


================================================================================
 proftpd-1.3.3g-7.el6 (FEDORA-EPEL-2015-a57010c117)
 Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:

This update adds support for specifying TLSv1.1 and TLSv1.2 as values for
TLSProtocol in the mod_tls configuration. The mod_tls module is still disabled
by default and the default value for TLSProtocol remains as "SSLv23 TLSv1", so
the newer protocols must be explicitly enabled if desired.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1281493 - Unable to use TLSv1.1 or TLSv1.2 protocol when 
TLSProtocol is set to TLSv1
        https://bugzilla.redhat.com/show_bug.cgi?id=1281493
--------------------------------------------------------------------------------


================================================================================
 python-dirq-1.7-1.el6 (FEDORA-EPEL-2015-1ac94fc8d0)
 Directory based queue
--------------------------------------------------------------------------------
Update Information:

Updated to latest upstream version.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1281769 - python-dirq-1.7 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1281769
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/epel-devel

Reply via email to