The following Fedora EPEL 6 Security updates need testing:
Age URL
832 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031
python-virtualenv-12.0.7-1.el6
826 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168
rubygem-crack-0.3.2-2.el6
716 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb
mcollective-2.8.4-1.el6
687 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9
thttpd-2.25b-24.el6
298 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac
libbsd-0.8.3-2.el6
27 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4c76ddcc92
libmspack-0.6-0.1.alpha.el6
11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-1f4bfd5d1d
botan-1.8.15-2.el6
11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-164cc614ff
nagios-4.3.4-4.el6
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8abafd9ad0
check-mk-1.2.6p16-5.el6
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-0177a71c41
tnef-1.4.15-1.el6
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-f7e4cbd529
golang-1.7.6-2.el6
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-0100ef8963
tre-0.7.6-3.el6
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-93a3dd5663
cacti-1.1.19-2.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
cacti-1.1.19-2.el6
fedfind-3.6.4-1.el6
tre-0.7.6-3.el6
Details about builds:
================================================================================
cacti-1.1.19-2.el6 (FEDORA-EPEL-2017-93a3dd5663)
An rrd based graphing tool
--------------------------------------------------------------------------------
Update Information:
- CVE-2017-15194
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1500456 - CVE-2017-15194 cacti: XSS in the URI / refresh page in
include/global_session.php
https://bugzilla.redhat.com/show_bug.cgi?id=1500456
--------------------------------------------------------------------------------
================================================================================
fedfind-3.6.4-1.el6 (FEDORA-EPEL-2017-a96a15e55c)
Fedora compose and image finder
--------------------------------------------------------------------------------
Update Information:
This new release of fedfind fixes use of the `expected_images` property (and
hence `check_expected()` method) with modular composes. In 3.6.2 and earlier, it
caused a crash.
--------------------------------------------------------------------------------
================================================================================
tre-0.7.6-3.el6 (FEDORA-EPEL-2017-0100ef8963)
POSIX compatible regexp library with approximate matching
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2016-8859 Regex integer overflow in buffer size computations. Probably
fix CVE-2015-3796 (see upstream [issue
#37](https://github.com/laurikari/tre/issues/37) and Chromium Project Zero [bug
#428](https://bugs.chromium.org/p/project-zero/issues/detail?id=428))
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1387112 - CVE-2016-8859 tre: Regex integer overflow in buffer size
computations
https://bugzilla.redhat.com/show_bug.cgi?id=1387112
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
