[EPEL-devel] Fedora EPEL 6 updates-testing report

Mon, 26 Jun 2017 19:21:04 -0700 

The following Fedora EPEL 6 Security updates need testing:
 Age  URL
 719  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031   
python-virtualenv-12.0.7-1.el6
 713  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168   
rubygem-crack-0.3.2-2.el6
 603  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb   
mcollective-2.8.4-1.el6
 575  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9   
thttpd-2.25b-24.el6
 185  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac   
libbsd-0.8.3-2.el6
  81  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-c0d33ae70f   
tnef-1.4.14-1.el6
  16  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-f70a51bd19   
tomcat-7.0.78-1.el6
  15  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-23f4cb5d02   
lxc-1.0.10-2.el6
  11  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-16880697fe   
nagios-4.3.2-3.el6
  10  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6489eec271   
golang-1.7.6-1.el6
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-9ec615ff74   
openvpn-2.4.3-1.el6
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-fc2d88e3d3   
zabbix20-2.0.21-1.el6
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-94b8514427   
zabbix22-2.2.18-1.el6
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d99d50d751   
catdoc-0.95-1.el6
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-b1d8b4aed9   
globus-xio-5.16-1.el6 globus-net-manager-0.17-1.el6 
globus-gass-cache-program-6.7-1.el6 globus-gass-copy-9.27-1.el6 
globus-gssapi-gsi-12.16-1.el6 globus-gram-job-manager-14.36-1.el6 
globus-gridftp-server-12.2-1.el6 globus-io-11.9-1.el6 
globus-xio-gsi-driver-3.11-1.el6 globus-xio-pipe-driver-3.10-1.el6 
globus-xio-udt-driver-1.27-1.el6 myproxy-6.1.28-1.el6 
globus-ftp-client-8.35-2.el6
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-f7d349f9b4   
drupal7-7.56-1.el6
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-1490b54059   
libtomcrypt-1.17-25.el6 libtommath-0.42.0-5.el6
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-2e08fc8a0d   
phpMyAdmin-4.0.10.20-1.el6
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8ba2ea7136   
php-horde-Horde-Image-2.5.1-1.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    golang-github-pelletier-go-buffruneio-0.2.0-0.1.gitc37440a.el6
    golang-github-pelletier-go-toml-1.0.0-0.1.git5ccdfb1.el6
    golang-googlecode-go-exp-0-0.14.gitd00e13e.el6
    libtomcrypt-1.17-25.el6
    libtommath-0.42.0-5.el6
    php-horde-Horde-Image-2.5.1-1.el6
    php-theseer-autoload-1.24.1-1.el6
    phpMyAdmin-4.0.10.20-1.el6

Details about builds:


================================================================================
 golang-github-pelletier-go-buffruneio-0.2.0-0.1.gitc37440a.el6 
(FEDORA-EPEL-2017-9b12c806b4)
 Wrapper around bufio to provide buffered runes access with unlimited unreads
--------------------------------------------------------------------------------
Update Information:

Bump to v0.2.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1464885 - Tracker for golang-github-pelletier-go-buffruneio
        https://bugzilla.redhat.com/show_bug.cgi?id=1464885
  [ 2 ] Bug #1430564 - golang-github-pelletier-go-buffruneio-v0.2.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1430564
--------------------------------------------------------------------------------


================================================================================
 golang-github-pelletier-go-toml-1.0.0-0.1.git5ccdfb1.el6 
(FEDORA-EPEL-2017-71ead19225)
 Go library for the TOML language
--------------------------------------------------------------------------------
Update Information:

Bump to v1.0.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1464882 - Tracker for golang-github-pelletier-go-toml
        https://bugzilla.redhat.com/show_bug.cgi?id=1464882
  [ 2 ] Bug #1430562 - golang-github-pelletier-go-toml-v1.0.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1430562
--------------------------------------------------------------------------------


================================================================================
 golang-googlecode-go-exp-0-0.14.gitd00e13e.el6 (FEDORA-EPEL-2017-0f766e4789)
 Experimental tools and packages for Go
--------------------------------------------------------------------------------
Update Information:

Remove superfluous dependencies
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1456243 - golang-googlecode-go-exp: FTBFS due to missing 
dependencies on Fedora 26+
        https://bugzilla.redhat.com/show_bug.cgi?id=1456243
  [ 2 ] Bug #1423669 - golang-googlecode-go-exp: FTBFS in rawhide
        https://bugzilla.redhat.com/show_bug.cgi?id=1423669
--------------------------------------------------------------------------------


================================================================================
 libtomcrypt-1.17-25.el6 (FEDORA-EPEL-2017-1490b54059)
 A comprehensive, portable cryptographic toolkit
--------------------------------------------------------------------------------
Update Information:

- Fix CVE-2016-6129 (#1370955, #1370957) - Update URLs (#1463608, #1463547)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1370955 - CVE-2016-6129 libtomcrypt: possible OP-TEE 
Bleichenbacher attack
        https://bugzilla.redhat.com/show_bug.cgi?id=1370955
--------------------------------------------------------------------------------


================================================================================
 libtommath-0.42.0-5.el6 (FEDORA-EPEL-2017-1490b54059)
 A portable number theoretic multiple-precision integer library
--------------------------------------------------------------------------------
Update Information:

- Fix CVE-2016-6129 (#1370955, #1370957) - Update URLs (#1463608, #1463547)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1370955 - CVE-2016-6129 libtomcrypt: possible OP-TEE 
Bleichenbacher attack
        https://bugzilla.redhat.com/show_bug.cgi?id=1370955
--------------------------------------------------------------------------------


================================================================================
 php-horde-Horde-Image-2.5.1-1.el6 (FEDORA-EPEL-2017-8ba2ea7136)
 Horde Image API
--------------------------------------------------------------------------------
Update Information:

**Horde_Image 2.5.1**  * [mjr] SECURITY: Fix more potential places for command
injections.   ----  **Horde_Image 2.5.0**  * [mjr] **SECURITY**: Prevent DOS
attack by preventing an infinite loop in certain conditions (CVE-2017-9773,
reported by Fariskhi Vidyan). * [mjr] **SECURITY**: Prevent RCE attacks by
properly sanitizing shell arguments (CVE-2017-9774, reported by Fariskhi
Vidyan). * [jan] Add blur effect.
--------------------------------------------------------------------------------


================================================================================
 php-theseer-autoload-1.24.1-1.el6 (FEDORA-EPEL-2017-ecba2c4642)
 A tool and library to generate autoload code
--------------------------------------------------------------------------------
Update Information:

**Release 1.24.1**  * Merge PR
[#78](https://github.com/theseer/Autoload/pull/78): Restore PHP 5.3
compatibility [Remi]  ----  **Release 1.24.0**  *
[#77](https://github.com/theseer/Autoload/issues/77): Change duplicate detection
to collect all rather than exit on first
--------------------------------------------------------------------------------


================================================================================
 phpMyAdmin-4.0.10.20-1.el6 (FEDORA-EPEL-2017-2e08fc8a0d)
 Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:

phpMyAdmin 4.0.10.20 (2017-03-29) =================================  Welcome to
phpMyAdmin 4.0.10.20, a release containing a security fix and a bug fix.  The
security fix relates to the possible bypass of
$cfg['Servers'][$i]['AllowNoPassword'], see PMASA-2017-08. The bug fix relates
to searching a database when the locale is not set 'en'.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1437828 - phpMyAdmin: Bypass $cfg['Servers'][$i]['AllowNoPassword']
        https://bugzilla.redhat.com/show_bug.cgi?id=1437828
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to