The following Fedora EPEL 6 Security updates need testing:
 Age  URL
 269  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828   
chicken-4.9.0.1-4.el6
 251  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031   
python-virtualenv-12.0.7-1.el6
 245  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168   
rubygem-crack-0.3.2-2.el6
 176  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8148   
optipng-0.7.5-5.el6
 176  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156   
nagios-4.0.8-1.el6
 135  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb   
mcollective-2.8.4-1.el6
 107  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9   
thttpd-2.25b-24.el6
  14  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-78096a43d9   
php-htmLawed-1.1.21-1.el6
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-b14579b3db   
websvn-2.3.3-12.el6
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-44de0606ef   
python-tgcaptcha2-0.3.1-1.el6
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-a198786211   
lcms2-2.7-3.el6
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-0ea6a62cb7   
drupal6-emfield-2.7-1.el6
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-4a2caa893f   
putty-0.63-6.el6
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8fbd838843   
dropbear-2016.72-1.el6
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-7640e3144a   
proftpd-1.3.3g-9.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    distribution-gpg-keys-1.4-1.el6
    dropbear-2016.72-1.el6
    globus-common-16.2-1.el6
    globus-proxy-utils-6.15-1.el6
    libtranslate-0.99-100.el6
    mock-1.2.17-1.el6
    myproxy-6.1.17-1.el6
    perl-Canary-Stability-2011-1.el6
    php-Faker-1.5.0-5.el6
    php-paragonie-random-compat-1.2.2-1.el6
    proftpd-1.3.3g-9.el6
    python-productmd-1.0-13.el6

Details about builds:


================================================================================
 distribution-gpg-keys-1.4-1.el6 (FEDORA-EPEL-2016-c749affc91)
 Keys of various Linux distributions
--------------------------------------------------------------------------------
Update Information:

* updated Copr keys * added mageia keys
--------------------------------------------------------------------------------


================================================================================
 dropbear-2016.72-1.el6 (FEDORA-EPEL-2016-8fbd838843)
 SSH2 server and client
--------------------------------------------------------------------------------
Update Information:

CVE-2016-3116 dropbear: X11 forwarding input not validated properly
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1316827 - CVE-2016-3116 dropbear: X11 forwarding input not 
validated properly [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1316827
--------------------------------------------------------------------------------


================================================================================
 globus-common-16.2-1.el6 (FEDORA-EPEL-2016-02e9361f60)
 Globus Toolkit - Common Library
--------------------------------------------------------------------------------
Update Information:

globus-proxy-utils  - Better support for checking cert names.  globus-common  -
Minor documentation fix.  myproxy  - Handle error returns from OCSP_parse_url.
--------------------------------------------------------------------------------


================================================================================
 globus-proxy-utils-6.15-1.el6 (FEDORA-EPEL-2016-02e9361f60)
 Globus Toolkit - Globus GSI Proxy Utility Programs
--------------------------------------------------------------------------------
Update Information:

globus-proxy-utils  - Better support for checking cert names.  globus-common  -
Minor documentation fix.  myproxy  - Handle error returns from OCSP_parse_url.
--------------------------------------------------------------------------------


================================================================================
 libtranslate-0.99-100.el6 (FEDORA-EPEL-2016-10f8ae51a2)
 Natural language translation library
--------------------------------------------------------------------------------
Update Information:

Update services.xml file
--------------------------------------------------------------------------------


================================================================================
 mock-1.2.17-1.el6 (FEDORA-EPEL-2016-d4770f601d)
 Builds packages inside chroots
--------------------------------------------------------------------------------
Update Information:

 *   Bugfix release   *  removed the sparc config
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1312820 - Lots of WARNING: unable to delete selinux filesystems
        https://bugzilla.redhat.com/show_bug.cgi?id=1312820
  [ 2 ] Bug #1311796 - --new-chroot causes incorrect $PATH
        https://bugzilla.redhat.com/show_bug.cgi?id=1311796
  [ 3 ] Bug #1301953 - mock builds fail with nspawn, buildroot missing /bin/su
        https://bugzilla.redhat.com/show_bug.cgi?id=1301953
--------------------------------------------------------------------------------


================================================================================
 myproxy-6.1.17-1.el6 (FEDORA-EPEL-2016-02e9361f60)
 Manage X.509 Public Key Infrastructure (PKI) security credentials
--------------------------------------------------------------------------------
Update Information:

globus-proxy-utils  - Better support for checking cert names.  globus-common  -
Minor documentation fix.  myproxy  - Handle error returns from OCSP_parse_url.
--------------------------------------------------------------------------------


================================================================================
 perl-Canary-Stability-2011-1.el6 (FEDORA-EPEL-2016-ab2819c4e3)
 Canary to check perl compatibility for Schmorp's modules
--------------------------------------------------------------------------------
Update Information:

This release fixes color printing. It also improves the message text.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1317254 - perl-Canary-Stability-2011 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1317254
--------------------------------------------------------------------------------


================================================================================
 php-Faker-1.5.0-5.el6 (FEDORA-EPEL-2016-821e81c537)
 A PHP library that generates fake data
--------------------------------------------------------------------------------
Update Information:

See https://github.com/fzaninotto/Faker/releases/tag/v1.5.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1226339 - php-Faker-v1.5.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1226339
--------------------------------------------------------------------------------


================================================================================
 php-paragonie-random-compat-1.2.2-1.el6 (FEDORA-EPEL-2016-c2f2f8de78)
 PHP 5.x polyfill for random_bytes() and random_int() from PHP 7
--------------------------------------------------------------------------------
Update Information:

### Version 1.2.2 - 2016-03-11  * To prevent applications from hanging, if
`/dev/urandom` is not   accessible to PHP, skip mcrypt (which just fails before
giving OpenSSL   a chance and was morally equivalent to not offering OpenSSL at
all).  ### Version 1.2.1 - 2016-02-29  * PHP 5.6.10 - 5.6.12 will hang when
mcrypt is used on Unix-based operating    systems ([PHP bug
69833](https://bugs.php.net/bug.php?id=69833)). If you are   running one of
these versions, please upgrade (or make sure `/dev/urandom` is   readable)
otherwise you're relying on OpenSSL.  ### Version 1.2.0 - 2016-02-05  *
Whitespace and other cosmetic changes * Added a changelog.  ### Version 1.1.6 -
2016-01-29  * Eliminate `open_basedir` warnings by detecting this configuration
setting.    (Thanks [@oucil](https://github.com/oucil) for reporting this.) *
Added install instructions to the README. * Documentation cleanup (there is, in
fact, no `MCRYPT_CREATE_IV` constant, I    meant to write `MCRYPT_DEV_URANDOM`)
### Version 1.1.5 - 2016-01-06  * Prevent fatal errors on platforms with older
versions of libsodium.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1296738 - php-paragonie-random-compat-1.2.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1296738
  [ 2 ] Bug #1317102 - php-paragonie-random-compat-1.2.2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1317102
--------------------------------------------------------------------------------


================================================================================
 proftpd-1.3.3g-9.el6 (FEDORA-EPEL-2016-7640e3144a)
 Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:

This update fixes issues with selection of inappropriate DH parameters, which
could lead to encrypted traffic being more easily decrypted than it should be.
* http://bugs.proftpd.org/show_bug.cgi?id=3868 *
http://bugs.proftpd.org/show_bug.cgi?id=4230 (CVE-2016-3125)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1317420 - CVE-2016-3125 proftpd: usage of 1024 bit DH key even 
with manual parameters set
        https://bugzilla.redhat.com/show_bug.cgi?id=1317420
--------------------------------------------------------------------------------


================================================================================
 python-productmd-1.0-13.el6 (FEDORA-EPEL-2016-70b5068ef0)
 Library providing parsers for metadata related to OS installation
--------------------------------------------------------------------------------
Update Information:

add patch for supporting subvariant
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
epel-devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/epel-devel@lists.fedoraproject.org

Reply via email to