[EPEL-devel] Fedora EPEL 6 updates-testing report

Sat, 09 Dec 2017 11:35:42 -0800 

The following Fedora EPEL 6 Security updates need testing:
 Age  URL
 885  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031   
python-virtualenv-12.0.7-1.el6
 879  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168   
rubygem-crack-0.3.2-2.el6
 769  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb   
mcollective-2.8.4-1.el6
 740  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9   
thttpd-2.25b-24.el6
 351  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac   
libbsd-0.8.3-2.el6
  80  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4c76ddcc92   
libmspack-0.6-0.1.alpha.el6
   7  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-9882374b91   
wordpress-4.9.1-1.el6
   7  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-678916467d   
exim-4.89-4.el6
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-ed87c07972   
hostapd-2.6-7.el6
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6aaee32b7e   
optipng-0.7.6-6.el6
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-3432442a31   
shellinabox-2.20-5.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    R-3.4.3-1.el6
    hostapd-2.6-7.el6
    lcgdm-1.9.1-1.el6
    optipng-0.7.6-6.el6
    python-pymediainfo-2.2.0-1.el6
    shellinabox-2.20-5.el6
    spamassassin-iXhash2-2.05-12.el6
    tito-0.6.11-1.el6

Details about builds:


================================================================================
 R-3.4.3-1.el6 (FEDORA-EPEL-2017-3e43d7395c)
 A language for data analysis and graphics
--------------------------------------------------------------------------------
Update Information:

Update to R 3.4.3, rebuild rpy and rkward to match.
--------------------------------------------------------------------------------


================================================================================
 hostapd-2.6-7.el6 (FEDORA-EPEL-2017-ed87c07972)
 IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
--------------------------------------------------------------------------------
Update Information:

Latest hostapd release with KRACK patches applied.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1503874 - KRACK affects hostapd
        https://bugzilla.redhat.com/show_bug.cgi?id=1503874
  [ 2 ] Bug #1502588 - CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 
CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 
CVE-2017-13088 hostapd: various flaws [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1502588
  [ 3 ] Bug #1468942 - attempting to create Access Point overrides modprobe for 
wifi and crashes
        https://bugzilla.redhat.com/show_bug.cgi?id=1468942
--------------------------------------------------------------------------------


================================================================================
 lcgdm-1.9.1-1.el6 (FEDORA-EPEL-2017-738fd741cd)
 LHC Computing Grid Data Management
--------------------------------------------------------------------------------
Update Information:

* new upstream release
--------------------------------------------------------------------------------


================================================================================
 optipng-0.7.6-6.el6 (FEDORA-EPEL-2017-6aaee32b7e)
 PNG optimizer and converter
--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2017-1000229 and CVE-2017-16938
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1520234 - CVE-2017-1000229 optipng: integer overflow in 
tiffread.c:minitiff_read_info() allows for arbitrary code execution
        https://bugzilla.redhat.com/show_bug.cgi?id=1520234
  [ 2 ] Bug #1520227 - CVE-2017-16938 optipng: global buffer overflow in 
gifread.c:LZWReadByte when parsing malicious GIF
        https://bugzilla.redhat.com/show_bug.cgi?id=1520227
--------------------------------------------------------------------------------


================================================================================
 python-pymediainfo-2.2.0-1.el6 (FEDORA-EPEL-2017-54baa1189e)
 Python wrapper around the MediaInfo library
--------------------------------------------------------------------------------
Update Information:

Added python wrapper around MediaInfo library.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1519844 - Review Request: python-pymediainfo - Python wrapper 
around the MediaInfo library
        https://bugzilla.redhat.com/show_bug.cgi?id=1519844
--------------------------------------------------------------------------------


================================================================================
 shellinabox-2.20-5.el6 (FEDORA-EPEL-2017-3432442a31)
 Web based AJAX terminal emulator
--------------------------------------------------------------------------------
Update Information:

Disable SSHv1 options.
--------------------------------------------------------------------------------


================================================================================
 spamassassin-iXhash2-2.05-12.el6 (FEDORA-EPEL-2017-b7bad7f5f6)
 SpamAssassin plugin to lookup e-mail checksums in blacklists
--------------------------------------------------------------------------------
Update Information:

Remove retired iXhash blacklists from default configuration
--------------------------------------------------------------------------------


================================================================================
 tito-0.6.11-1.el6 (FEDORA-EPEL-2017-154e1b82f7)
 A tool for managing rpm based git projects
--------------------------------------------------------------------------------
Update Information:

  - Fixing remote_git_name ([email protected])   - Fix links in README.md
file ([email protected])   - Encourage usage of git push --follow-tags
([email protected])   - Print mock output when building with MockBuilder
([email protected])   - Fix a race condition when /tmp/tito doesn't exist
([email protected])   - Don't append 'None' to Release line with no '%%{?dist}'
part     ([email protected])   - python3's map() returns a map object,
but we expect sources to be a list     ([email protected])   - Submitting was
missing a t. ([email protected])   - update links ([email protected])   - use
LC_ALL=C.UTF-8 rather than plain C ([email protected])   - make ReleaseTagger
honour --use-version ([email protected])   - also verify that ReleaseTagger
supports --use-release ([email protected])   - add test for ReleaseTagger
together with --use-version ([email protected])   - Format package list more
cleanly ([email protected])   - Custom tag support in tito release
([email protected])   - VersionTagger should support custom tag format
([email protected])   - Remove createrepo_c BR from spec ([email protected])
- Use createrepo_c for creating rpm-md repos ([email protected])   - Fixup
Fedora Dockerfiles to work correctly ([email protected])   - Remove useless EL5
stuff ([email protected])   ----  - Do not undo tags when git state is dirty
([email protected]) - Parse options in `tito init` ([email protected]) -
Only use `rpmbuild --noclean` if it is supported ([email protected]) -
Explicitly define indicies in formatting statements ([email protected]) -
Achieve quiet output from `rpmbuild` without passing `--quiet`
([email protected]) - Update the MANIFEST.in ([email protected]) - Correctly
pass verbosity options through the builder CLI   ([email protected]) - Use
correct print-formatting directive in debugging ([email protected]) - Use
`.format()` string formatting correctly in Builder ([email protected]) -
Refactor `rpmbuild` invocation for readability ([email protected]) - Added
`--quiet` and `--verbose` to `tito build` ([email protected]) - Add a Travis
CI manifest ([email protected]) - Only flush output stream if flushing is
supported ([email protected]) - Added support for choosing platforms for tests
([email protected]) - Refactored version->tag mapping logic in Tagger
([email protected]) - Improved debugging for RPM build step
([email protected]) - Print command debugging information only once
([email protected]) - Flush output buffers ([email protected]) - Document
`tito tag --use-release` in the manpage ([email protected]) - Added an option
to not escalate privileges on `tito build --install`   ([email protected]) -
Factor out the version->tag mapping in the Builder ([email protected]) -
Collapse tagger class selection logic ([email protected]) - Rename
`globalconfig` section to `buildconfig` in README   ([email protected]) -
fixes #29 - remove --list-tags and --only-tags ([email protected]) - 253 - print
cmd info when --debug is supplied ([email protected]) - Work around `dnf` issues
and install builddep for Rawhide   ([email protected])
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to