The following Fedora EPEL 6 Security updates need testing:
Age URL
622 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031
python-virtualenv-12.0.7-1.el6
616 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168
rubygem-crack-0.3.2-2.el6
506 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb
mcollective-2.8.4-1.el6
477 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9
thttpd-2.25b-24.el6
208 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8594ed3a53
chicken-4.11.0-3.el6
88 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac
libbsd-0.8.3-2.el6
72 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8c6c7bf06e
dbus-sharp-0.7.0-16.el6 dbus-sharp-glib-0.5.0-14.el6 mono-4.2.4-9.el6
38 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-acd2c2af0d
nagios-4.2.4-4.el6
14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-50cbc23498
wordpress-4.7.3-1.el6
13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-23481d5e1a
icoutils-0.31.2-1.el6
10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-1ad70123a8
R-3.3.3-1.el6
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-75190374ce
moodle-2.7.19-1.el6
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-eb18b4839a
mbedtls-2.4.2-1.el6
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-b1bba0f99d
roundcubemail-1.0.9-2.el6
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5007998266
tcpreplay-4.2.0-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
tcpreplay-4.2.0-1.el6
tlp-0.9-4.el6
Details about builds:
================================================================================
tcpreplay-4.2.0-1.el6 (FEDORA-EPEL-2017-5007998266)
Replay captured network traffic
--------------------------------------------------------------------------------
Update Information:
Features and fixes include: - MAC rewriting capabilities by Pedro Arthur (#313)
- Fix several issues identified by Coverity (#305) - Packet distortion --fuzz-
seed option by Gabriel Ganne (#302) - Add --unique-ip-loops option to modify IPs
every few loops (#296) - Netmap startup delay increase (#290) - tcpcapinfo
buffer overflow vulnerablily (#278) - Update git-clone instructions by Kyle
McDonald (#277) - Allow fractions for --pps option (#270) - Print per-loop stats
with --stats=0 (#269) - Add protection against packet drift by Guillaume Scott
(#268) - Print flow stats periodically with --stats output (#262) - Include
Travis-CI build support by Ilya Shipitsin (#264) (#285) - tcpreplay won't replay
all packets in a pcap file with --netmap (#255) - First and last packet times
in --stats output (#239) - Switch to wire speed after 30 minutes at 6 Gbps
(#210) - tcprewrite fix checksum properly for fragmented packets (#190) ----
Patch CVE-2017-6429. Tcpcapinfo utility of Tcpreplay has a buffer overflow
vulnerability associated with parsing a crafted pcap file. This occurs in the
src/tcpcapinfo.c file when capture has a packet that is too large to handle.
References: http://seclists.org/bugtraq/2017/Mar/22 Upstream bug:
https://github.com/appneta/tcpreplay/issues/278
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1429521 - CVE-2017-6429 tcpreplay: Buffer overflow in Tcpcapinfo
utility [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1429521
[ 2 ] Bug #1429522 - CVE-2017-6429 tcpreplay: Buffer overflow in Tcpcapinfo
utility [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1429522
--------------------------------------------------------------------------------
================================================================================
tlp-0.9-4.el6 (FEDORA-EPEL-2017-5d68372442)
Advanced power management tool for Linux
--------------------------------------------------------------------------------
Update Information:
Upstream bug fixes for 0.9: - fix corner case for tlp-stat causing an error -
mitigate slow shutdown issue.
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
