The following Fedora EPEL 6 Security updates need testing:
Age URL
388 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031
python-virtualenv-12.0.7-1.el6
382 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168
rubygem-crack-0.3.2-2.el6
313 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156
nagios-4.0.8-1.el6
272 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb
mcollective-2.8.4-1.el6
243 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9
thttpd-2.25b-24.el6
129 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-30a8346813
vtun-3.0.1-10.el6
34 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-db7e78fac7
php-PHPMailer-5.2.16-2.el6
28 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-d0e444c5f2
pypy-5.0.1-4.el6
27 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-7a25f65890
nginx-1.10.1-1.el6
18 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-225fc51f32
chicken-4.11.0-2.el6
10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-d1c7111779
p7zip-16.02-1.el6
10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-1cbd9dc578
drupal7-views-3.14-1.el6
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-823164477b
php-doctrine-orm-2.4.8-1.el6 php-doctrine-dbal-2.4.5-1.el6
php-doctrine-common-2.4.3-2.el6
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6e8996ae73
php-ZendFramework2-2.2.10-2.el6
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-2f26fee4ad
dropbear-2016.74-1.el6
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-2d00357bc8
dietlibc-0.33-8.el6
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-66eb498b93
v8-3.14.5.10-25.el6
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-af2033a524
cryptopp-5.6.2-10.el6
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-d8fc3f17ea
libarchive3-3.2.1-1.el6
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-b191f5d359
collectd-4.10.9-3.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
mozilla-noscript-2.9.0.12-1.el6
nettle-3.2-2.el6
Details about builds:
================================================================================
mozilla-noscript-2.9.0.12-1.el6 (FEDORA-EPEL-2016-9a8817045d)
JavaScript white list extension for Mozilla Firefox
--------------------------------------------------------------------------------
Update Information:
* Updated DNT implementation to match the most recent spec about
navigator.doNotTrack values (thanks Francois Merier) * [XSS] Better
compatibility with Unionbank's website (thanks Brent for reporting) * Fixed bug
1278735 (JavaScript disabled in private windows) * Fixed JSON viewer not working
* about:feed in the mandatory whitelist to fix bug 1272139 * [XSS] Disable
JavaScript on FTP-served pages when a potential DOM XSS threat is detected
(thanks Emanuel Bronshtein @e3amn2l for reporting) * Fixed DOS through script-
triggered ClickToPlay confirmation dialogs in a loop (thanks Emanuel Bronshtein
@e3amn2l for reporting) * Fixed placeholder links might be potentially used as
XSS vectors if stars were properly aligned (thanks Emanuel Bronshtein @e3amn2l
for reporting) * [Surrogate] Updated google-analytics.com replacement (thanks
noscriptsplox) * [XSS] Fixed regression (thanks Masato Kinugawa for report) *
[XSS] Fixed infrastructure issue preventing one filter from being automatically
synchronized with Mozilla's source code as designed (thanks .mario and Maxim
Rupp for reporting) * [XSS] Added filtering for a potential CSRF vector (thanks
Masato Kinugawa for reporting) * Fixed placeholder activation in Gecko 45 and
above * [XSS] Compatibility exception for the Printfriendly add-on * Removed
msn.com from the default whitelist, since it seems to be unable to support HTTPS
consistently * Fixed incompatibility with Firefox below version 38 * Tentative
fix for an issue with explicit ports in HTTPS upgraded URLs * [HTTPS] Removed
legacy redirection methods when redirectTo() is available in HTTP channels,
fixing YouTube embedding problem * Replaced newChannel() with newChannel2() on
Gecko 48 * [HTTPS] Limit httpsDefWhitelist effect to document loads * [XSS]
Reduced eval aliasing checks false positives
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1360761 - mozilla-noscript-2.9.0.12 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1360761
--------------------------------------------------------------------------------
================================================================================
nettle-3.2-2.el6 (FEDORA-EPEL-2016-546f73e84a)
A low-level cryptographic library
--------------------------------------------------------------------------------
Update Information:
Imported nettle 3.2 from fedora 24.
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
[email protected]
https://lists.fedoraproject.org/admin/lists/[email protected]
