The following Fedora EPEL 6 Security updates need testing:
Age URL
71 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-b7556983e8
tomcat-7.0.92-1.el6
67 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-a0ddb153b8
game-music-emu-0.6.2-1.el6
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-26a7e6e4e8
koji-1.16.2-1.el6
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-b4ed6df2c1
distcc-3.2rc1-3.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
canl-java-2.6.0-1.el6
drupal6-6.38-2.el6
drupal7-7.64-1.el6
Details about builds:
================================================================================
canl-java-2.6.0-1.el6 (FEDORA-EPEL-2019-a2c76e5ed2)
EMI Common Authentication library - bindings for Java
--------------------------------------------------------------------------------
Update Information:
Version 2.6.0.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 22 2019 Mattias Ellert <[email protected]> - 2.6.0-1
- Update to 2.6.0
- Drop patch canl-java-javadoc.patch (previously backported)
--------------------------------------------------------------------------------
================================================================================
drupal6-6.38-2.el6 (FEDORA-EPEL-2019-67b3f85ea0)
An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:
Apply [backported Drupal 7/8 security
patches](https://cgit.drupalcode.org/d6lts/tree/common/core) from [Drupal 6 LTS
program](https://www.drupal.org/project/d6lts) - https://www.drupal.org/sa-
core-2018-001 - https://www.drupal.org/sa-core-2018-002 -
https://www.drupal.org/sa-core-2018-004 - https://www.drupal.org/sa-
core-2018-006 - https://www.drupal.org/sa-core-2019-002
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 23 2019 Shawn Iwinski <[email protected]> - 6.38-2
- Apply backported Drupal 7/8 security patches from Drupal 6 LTS program
- https://www.drupal.org/project/d6lts
- https://cgit.drupalcode.org/d6lts/tree/common/core
- https://www.drupal.org/sa-core-2018-001
- https://www.drupal.org/sa-core-2018-002
- https://www.drupal.org/sa-core-2018-004
- https://www.drupal.org/sa-core-2018-006
- https://www.drupal.org/sa-core-2019-002
- Fix source URL
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1548323 - CVE-2017-6926 CVE-2017-6927 CVE-2017-6928 CVE-2017-6929
CVE-2017-6930 CVE-2017-6931 CVE-2017-6932 drupal: Multiple vulnerabilities
fixed in 7.57 and 8.4.5 (SA-CORE-2018-001)
https://bugzilla.redhat.com/show_bug.cgi?id=1548323
[ 2 ] Bug #1548200 - drupal: External link injection on 404 pages when
linking to the current page
https://bugzilla.redhat.com/show_bug.cgi?id=1548200
[ 3 ] Bug #1548196 - drupal: jQuery vulnerability with untrusted domains
requests via Ajax
https://bugzilla.redhat.com/show_bug.cgi?id=1548196
[ 4 ] Bug #1548193 - drupal: Private file access bypass in Drupal private
file system
https://bugzilla.redhat.com/show_bug.cgi?id=1548193
[ 5 ] Bug #1548189 - drupal: JavaScript cross-site scripting in checkPlain
function
https://bugzilla.redhat.com/show_bug.cgi?id=1548189
[ 6 ] Bug #1548187 - drupal: Comment reply form allows access to restricted
content
https://bugzilla.redhat.com/show_bug.cgi?id=1548187
[ 7 ] Bug #1643121 - drupal: Multiple Vulnerabilities - SA-CORE-2018-006
https://bugzilla.redhat.com/show_bug.cgi?id=1643121
[ 8 ] Bug #1561854 - CVE-2018-7600 drupal: Unsanitized requests allow remote
attackers to execute arbitrary code
https://bugzilla.redhat.com/show_bug.cgi?id=1561854
--------------------------------------------------------------------------------
================================================================================
drupal7-7.64-1.el6 (FEDORA-EPEL-2019-9953736ad9)
An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:
- https://www.drupal.org/project/drupal/releases/7.64 -
https://www.drupal.org/project/drupal/releases/7.63 -
https://www.drupal.org/project/drupal/releases/7.62 -
https://www.drupal.org/SA-CORE-2019-001 - https://www.drupal.org/SA-
CORE-2019-002 - https://www.drupal.org/project/drupal/releases/7.61
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 23 2019 Shawn Iwinski <[email protected]> - 7.64-1
- Update to 7.64 (RHBZ #1673206)
- https://www.drupal.org/SA-CORE-2019-001
- https://www.drupal.org/SA-CORE-2019-002
* Thu Jan 31 2019 Fedora Release Engineering <[email protected]> - 7.60-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1679953 - Security updates for Drupal7
https://bugzilla.redhat.com/show_bug.cgi?id=1679953
[ 2 ] Bug #1673206 - drupal7-7.64 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1673206
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
