The following Fedora EPEL 6 Security updates need testing:
 Age  URL
 290  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828   
chicken-4.9.0.1-4.el6
 273  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031   
python-virtualenv-12.0.7-1.el6
 267  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168   
rubygem-crack-0.3.2-2.el6
 198  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8148   
optipng-0.7.5-5.el6
 198  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156   
nagios-4.0.8-1.el6
 157  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb   
mcollective-2.8.4-1.el6
 128  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9   
thttpd-2.25b-24.el6
  27  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-44de0606ef   
python-tgcaptcha2-0.3.1-1.el6
  21  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8fbd838843   
dropbear-2016.72-1.el6
  21  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-7640e3144a   
proftpd-1.3.3g-9.el6
  14  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-30a8346813   
vtun-3.0.1-10.el6
  11  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-c463c181f1   
MUMPS-5.0.1-18.el6
  11  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-292f24b5c5   
exim-4.84.2-1.el6
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-c3550220fe   
python-rsa-3.4.1-1.el6
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-55f139473e   
latex2rtf-2.3.10-1.el6.1
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e912272569   
libsrtp-1.5.4-3.el6
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-9e3b8fecbf   
qpid-proton-0.12.1-1.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    did-0.9-1.el6
    heketi-1.0.2-4.el6
    latex2rtf-2.3.10-1.el6.1
    libmediainfo-0.7.84-1.el6
    libsrtp-1.5.4-3.el6
    mediainfo-0.7.84-1.el6
    ovirt-guest-agent-1.0.11-3.el6
    php-PHP-CSS-Parser-7.0.2-1.el6
    php-horde-Horde-Auth-2.1.12-1.el6
    php-horde-Horde-Autoloader-2.1.2-1.el6.1
    php-horde-Horde-Crypt-2.7.3-1.el6
    php-horde-Horde-Css-Parser-1.0.9-1.el6
    php-horde-Horde-Dav-1.1.3-1.el6.1
    php-horde-Horde-Kolab-Storage-2.2.2-1.el6
    php-horde-Horde-ListHeaders-1.2.4-1.el6
    php-horde-Horde-Log-2.2.0-1.el6
    php-horde-Horde-Nls-2.2.0-1.el6
    php-horde-Horde-SyncMl-2.0.7-1.el6
    php-horde-imp-6.2.14-1.el6
    php-horde-ingo-3.2.10-1.el6
    php-horde-nag-4.2.9-1.el6
    php-horde-turba-4.2.14-1.el6
    php-paragonie-random-compat-1.4.1-1.el6
    qpid-proton-0.12.1-1.el6
    rubygem-qpid_proton-0.12.0-2.el6
    sysreporter-3.0.3-1.el6
    zerofree-1.0.3-6.el6

Details about builds:


================================================================================
 did-0.9-1.el6 (FEDORA-EPEL-2016-f76d5604b3)
 What did you do last week, month, year?
--------------------------------------------------------------------------------
Update Information:

Trello, bit.ly, yesterday, argparse and more...  - New plugins supported:
Trello, bit.ly, idonethis - Support 'did yesterday' for yesterday's updates -
Ignore comment updates without author specified - User does not have to be
assignee to close a bug - Create vim tags using the 'make tags' target - Use
option prefix also for git, header and footer - Extend the test coverage for
cli, base and utils - Rename DID_CONFIG to DID_DIR to match the content -
Improve error handling, especially config errors - Migrate option parsing from
optparse to argparse - Configurable support for showing bug resolutions -
Support --conf as abbreviation for --config - Initial set of tests for the trac
plugin - Improve readability of gerrit by using review number - Improve closed
bugs stats, add test case [fix #45] - Add statistics of closed bugs for bugzilla
plugin
--------------------------------------------------------------------------------


================================================================================
 heketi-1.0.2-4.el6 (FEDORA-EPEL-2016-0eed6061c2)
 RESTful based volume management framework for GlusterFS
--------------------------------------------------------------------------------
Update Information:

Update godeps and strip bundled build
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1303987 - No description in the .spec where the 
heketi-godeps-<tag>.tar.gz comes from
        https://bugzilla.redhat.com/show_bug.cgi?id=1303987
--------------------------------------------------------------------------------


================================================================================
 latex2rtf-2.3.10-1.el6.1 (FEDORA-EPEL-2016-55f139473e)
 LaTeX to RTF converter that handles equations, figures, and cross-references
--------------------------------------------------------------------------------
Update Information:

Update to 2.3.10 for CVE-2015-8106
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1282492 - CVE-2015-8106 latex2rtf: Format string vulnerability in 
CmdKeywords
        https://bugzilla.redhat.com/show_bug.cgi?id=1282492
--------------------------------------------------------------------------------


================================================================================
 libmediainfo-0.7.84-1.el6 (FEDORA-EPEL-2016-7720cc762e)
 Library for supplies technical and tag information about a video or audio file
--------------------------------------------------------------------------------
Update Information:

Update to 0.7.84.
--------------------------------------------------------------------------------


================================================================================
 libsrtp-1.5.4-3.el6 (FEDORA-EPEL-2016-e912272569)
 An implementation of the Secure Real-time Transport Protocol (SRTP)
--------------------------------------------------------------------------------
Update Information:

Update to 1.5.4. Includes security fix for CVE-2015-6360
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1323702 - CVE-2015-6360 libsrtp: improper handling of CSRC count 
and extension header length in RTP header
        https://bugzilla.redhat.com/show_bug.cgi?id=1323702
--------------------------------------------------------------------------------


================================================================================
 mediainfo-0.7.84-1.el6 (FEDORA-EPEL-2016-7720cc762e)
 Supplies technical and tag information about a video or audio file (CLI)
--------------------------------------------------------------------------------
Update Information:

Update to 0.7.84.
--------------------------------------------------------------------------------


================================================================================
 ovirt-guest-agent-1.0.11-3.el6 (FEDORA-EPEL-2016-6333e82cb2)
 The oVirt Guest Agent
--------------------------------------------------------------------------------
Update Information:

Bump to ovirt guest agent 1.0.11.3 release (ovirt 3.6.5)
--------------------------------------------------------------------------------


================================================================================
 php-PHP-CSS-Parser-7.0.2-1.el6 (FEDORA-EPEL-2016-8953b25ac8)
 A Parser for CSS Files
--------------------------------------------------------------------------------
Update Information:

**Horde_Css_Parser 1.0.9**  * [jan] Update to PHP-CSS-Parser 7.0.2 (Request
#14297).  ---  **PHP-CSS-Parser 7.0.2**  * Compatibility with PHP 7.
--------------------------------------------------------------------------------


================================================================================
 php-horde-Horde-Auth-2.1.12-1.el6 (FEDORA-EPEL-2016-9fcc787e84)
 Horde Authentication API
--------------------------------------------------------------------------------
Update Information:

**Horde_Auth 2.1.12**  * [mjr] Fix creating/removing mailbox in cyrsql driver
(Bug #14295, federico.mennite).   ----  **Horde_Auth 2.1.9**  * [mjr] Ensure we
rebind as configured user after testing auth user credentials.
--------------------------------------------------------------------------------


================================================================================
 php-horde-Horde-Autoloader-2.1.2-1.el6.1 (FEDORA-EPEL-2016-71503e8828)
 Horde Autoloader
--------------------------------------------------------------------------------
Update Information:

**Horde_Dav 1.1.3**  * [jan] Fix down migration of database schema.  ---  Switch
to bundled sabre-dav version 1.8
--------------------------------------------------------------------------------


================================================================================
 php-horde-Horde-Crypt-2.7.3-1.el6 (FEDORA-EPEL-2016-d34b67950d)
 Horde Cryptography API
--------------------------------------------------------------------------------
Update Information:

**Horde_Crypt 2.7.3**  * [jan] Work around broken PGP key servers.
--------------------------------------------------------------------------------


================================================================================
 php-horde-Horde-Css-Parser-1.0.9-1.el6 (FEDORA-EPEL-2016-8953b25ac8)
 Horde CSS Parser
--------------------------------------------------------------------------------
Update Information:

**Horde_Css_Parser 1.0.9**  * [jan] Update to PHP-CSS-Parser 7.0.2 (Request
#14297).  ---  **PHP-CSS-Parser 7.0.2**  * Compatibility with PHP 7.
--------------------------------------------------------------------------------


================================================================================
 php-horde-Horde-Dav-1.1.3-1.el6.1 (FEDORA-EPEL-2016-71503e8828)
 Horde library for WebDAV, CalDAV, CardDAV
--------------------------------------------------------------------------------
Update Information:

**Horde_Dav 1.1.3**  * [jan] Fix down migration of database schema.  ---  Switch
to bundled sabre-dav version 1.8
--------------------------------------------------------------------------------


================================================================================
 php-horde-Horde-Kolab-Storage-2.2.2-1.el6 (FEDORA-EPEL-2016-835240c975)
 A package for handling Kolab data stored on an IMAP server
--------------------------------------------------------------------------------
Update Information:

**Horde_Kolab_Storage 2.2.2**  * [jan] Update Greek translation (Limperis
Antonis).
--------------------------------------------------------------------------------


================================================================================
 php-horde-Horde-ListHeaders-1.2.4-1.el6 (FEDORA-EPEL-2016-776f9938d8)
 Horde List Headers Parsing Library
--------------------------------------------------------------------------------
Update Information:

**Horde_ListHeaders 1.2.4**  * [jan] Add Greek translation (Limperis Antonis).
--------------------------------------------------------------------------------


================================================================================
 php-horde-Horde-Log-2.2.0-1.el6 (FEDORA-EPEL-2016-88b771a812)
 Horde Logging library
--------------------------------------------------------------------------------
Update Information:

**Horde_Log 2.2.0**  * [jan] Add a few common aliases for the log level
constants. * [jan] Allow to have multiple log level names with the same value.
--------------------------------------------------------------------------------


================================================================================
 php-horde-Horde-Nls-2.2.0-1.el6 (FEDORA-EPEL-2016-be24c3af30)
 Native Language Support (NLS)
--------------------------------------------------------------------------------
Update Information:

**Horde_Nls 2.2.0**  * [jan] Add Horde_Nls::getTimezonesWithAbbreviations(). *
[jan] Update Greek translation (Limperis Antonis).
--------------------------------------------------------------------------------


================================================================================
 php-horde-Horde-SyncMl-2.0.7-1.el6 (FEDORA-EPEL-2016-47fb25cd94)
 Horde_SyncMl provides an API for processing SyncML requests
--------------------------------------------------------------------------------
Update Information:

**Horde_SyncMl 2.0.7**  * [jan] Update Greek translation (Limperis Antonis).
--------------------------------------------------------------------------------


================================================================================
 php-horde-imp-6.2.14-1.el6 (FEDORA-EPEL-2016-6dae8f8e28)
 A web based webmail system
--------------------------------------------------------------------------------
Update Information:

**imp 6.2.14**  * [mjr] Fix renaming subfolders in basic view (Bug #14254). *
[mjr] Fix display of mailbox sizes in basic view (Bug #14308). * [mjr] Fix fatal
error when deleting messages in basic view when IMAP server does not support
QRESYNC or CONDSTORE (Bug #14257).
--------------------------------------------------------------------------------


================================================================================
 php-horde-ingo-3.2.10-1.el6 (FEDORA-EPEL-2016-acbca966ca)
 An email filter rules manager
--------------------------------------------------------------------------------
Update Information:

**ingo 3.2.10**  * [jan] Don't duplicate messages in Procmail's vacation recipe
if excluding email addresses (Michael.Martin, Bug #14275). * [jan] Remove stop-
script feature from Procmail driver.   ----  **ingo 3.2.9**  * [mjr] Fix PHP
deprecated warnings in unit test (PR #176, Mathieu Parent). * [mjr] Honor
'date', 'echo', and 'ls' path overrides (Bug #14284). * [jan] Update Greek
translation (Limperis Antonis). * [jan] Fix Oracle compatibility (Bug #14262).
--------------------------------------------------------------------------------


================================================================================
 php-horde-nag-4.2.9-1.el6 (FEDORA-EPEL-2016-8646c1b506)
 A web based task list manager
--------------------------------------------------------------------------------
Update Information:

**nag 4.2.9**  * [jan] Fix regression with date picker in tasks form (Bug
#14303). * [mjr] Fix handling EAS categories/tags.
--------------------------------------------------------------------------------


================================================================================
 php-horde-turba-4.2.14-1.el6 (FEDORA-EPEL-2016-b878461000)
 A web based address book
--------------------------------------------------------------------------------
Update Information:

**turba 4.2.14**  * [mjr] Fix persisting tags when moving or copying a contact
to another address book (Bug #14312). * [mjr] Fix resetting state when changing
sync_book prefs and device has forced multiplex. * [mjr] Fix synchronizing
contact notes via ActiveSync when no truncation value is requested by the client
(Bug #14307).  ----  **turba 4.2.13**  * [mjr] Honor alternative_name mapping
(Bug #14280). * [mjr] Fix dealing with orphaned virtual address books. * [jan]
Update Greek translation (Limperis Antonis).
--------------------------------------------------------------------------------


================================================================================
 php-paragonie-random-compat-1.4.1-1.el6 (FEDORA-EPEL-2016-fc4a6a7b4d)
 PHP 5.x polyfill for random_bytes() and random_int() from PHP 7
--------------------------------------------------------------------------------
Update Information:

### Version 1.4.1 - 2016-03-18  * Update comment in random.php  ### Version
1.4.0 - 2016-03-18  * Restored OpenSSL in the version 1 branch in preparation to
remove OpenSSL in version 2.  ### Version 1.3.1/1.2.3 - 2016-03-18  * Add more
possible values to `open_baseir` check.  ### Version 1.3.0 - 2016-03-17  *
Removed `openssl_random_pseudo_bytes()` entirely. If you are using
random_compat in PHP on a Unix-like OS but cannot access   `/dev/urandom`,
version 1.3+ will throw an `Exception`. If you want to   trust OpenSSL, feel
free to write your own fallback code. e.g.      ```   try {       $bytes =
random_bytes(32);   } catch (Exception $ex) {       $strong = false;
$bytes = openssl_random_pseudo_bytes(32, $strong);       if (!$strong) {
throw $ex;       }   }   ```
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1318836 - php-paragonie-random-compat-2.0.2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1318836
--------------------------------------------------------------------------------


================================================================================
 qpid-proton-0.12.1-1.el6 (FEDORA-EPEL-2016-9e3b8fecbf)
 A high performance, lightweight messaging library
--------------------------------------------------------------------------------
Update Information:

Rebased to 0.12.1.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1320845 - CVE-2016-2166 qpid-proton: reactor sends  messages in 
clear if ssl is requested but not available [epel-6]
        https://bugzilla.redhat.com/show_bug.cgi?id=1320845
--------------------------------------------------------------------------------


================================================================================
 rubygem-qpid_proton-0.12.0-2.el6 (FEDORA-EPEL-2016-582cbfae22)
 Ruby language bindings for the Qpid Proton messaging framework
--------------------------------------------------------------------------------
Update Information:

Updated dependencies.
--------------------------------------------------------------------------------


================================================================================
 sysreporter-3.0.3-1.el6 (FEDORA-EPEL-2016-b35ce33ca9)
 Basic system reporter with emailing
--------------------------------------------------------------------------------
Update Information:

Update to 3.0.3
--------------------------------------------------------------------------------


================================================================================
 zerofree-1.0.3-6.el6 (FEDORA-EPEL-2016-2eb5eb4dcb)
 Utility to force unused ext2 inodes and blocks to zero
--------------------------------------------------------------------------------
Update Information:

zerofree is a utility to set unused filesystem inodes and blocks of an ext2
filesystem to zero.  This can improve the compressibility and privacy of an ext2
filesystem.  This tool was inspired by the ext2fs privacy (i.e. secure deletion)
patch described in a Linux kernel mailing list thread.  WARNING: The filesystem
to be processed should be unmounted or mounted read-only.  The tool tries to
check this before running, but you should be careful.
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
epel-devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/epel-devel@lists.fedoraproject.org

Reply via email to