[EPEL-devel] Fedora EPEL 5 updates-testing report
The following Fedora EPEL 5 Security updates need testing: Age URL 729 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-3849 sblim-sfcb-1.3.8-2.el5 372 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-edbea40516 mcollective-2.8.4-1.el5 344 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-582c8075e6 thttpd-2.25b-24.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing prosody-0.9.11-1.el5 Details about builds: prosody-0.9.11-1.el5 (FEDORA-EPEL-2016-1b87280ec3) Flexible communications server for Jabber/XMPP Update Information: Prosody 0.9.11 == A summary of changes in this release:* HTTP parser: Improve buffering of incoming HTTP data and add size limits (#603) * sessionmanager: Fix for an issue which caused people to be kicked from conferences if mod_smacks was enabled (#648) * Dependencies: Workaround for compatibility with LuaSec 0.6 (#749) * MUC: Accept missing form as "instant room" request (#377) * C2S: Fix issues with destroying disconnected connections (#590, #641) * mod_privacy: Fix selection of the top resource(s) (#694) * mod_presence: Make sure both users get each others presence after adding each other (#673) * mod_http_files: Fix traceback when serving a non- wildcard path (#611) * mod_http_files: Preserve a trailing slash in paths (#639) * util.datamanager: Fix error handling (#632) * net.server_event: Fix internal socket API to allow writing from socket.ondrain callback (#661) * net.server_event: Fix timeout (commit) * net.server_event: Fix traceback due to write during TLS handshake (commit) * net.server_event: Fix buffer length check (commit) References: [ 1 ] Bug #1391802 - prosody-0.9.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1391802 ___ epel-devel mailing list -- epel-devel@lists.fedoraproject.org To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
[EPEL-devel] Fedora EPEL 6 updates-testing report
The following Fedora EPEL 6 Security updates need testing: Age URL 488 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 482 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 413 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6 372 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 344 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6 74 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8594ed3a53 chicken-4.11.0-3.el6 47 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-25e30f6dc3 jansson-2.9-1.el6 14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-a886ace670 tomcat-7.0.72-1.el6 14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-cb5398893b nodejs-0.10.48-3.el6 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e69bdefcde pdns-3.3.3-2.el6 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-dc75157b92 ansible-2.2.0.0-3.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing php-horde-Horde-Core-2.27.2-1.el6 php-horde-Horde-Service-Weather-2.5.0-1.el6 pps-tools-0-0.12.20120407git0deb9c.el6 prosody-0.9.11-1.el6 python-ase-3.12.0-21.el6 python-pytg-0.4.10-3.el6 Details about builds: php-horde-Horde-Core-2.27.2-1.el6 (FEDORA-EPEL-2016-555e6229c7) Horde Core Framework libraries Update Information: **Horde_Core 2.27.2** * [mjr] Prevent building invalid HTML when building an email from a SMART_REPLY (Bug #14500). **Horde_Core 2.27.1** * [jan] Allow administrators to log in if preference backend is not available. * [mjr] Log message headers on error when sending email via ActiveSync. * [jan] Fix warning if an old locale is longer than 255 characters (Bug #14489). * [jan] Fix abbreviated Norwegian month names in JavaScript to include trailing dot (Bug #14488). * [jan] Fix reading session data from the command line with PHP 7. php-horde-Horde-Service-Weather-2.5.0-1.el6 (FEDORA-EPEL-2016-c13ffc07da) Horde Weather Provider Update Information: **Horde_Service_Weather 2.5.0** * [mjr] Replace defunct data source for surface station data (Bug #14502). ** Horde_Service_Weather 2.4.1** * [jan] Update location of METAR stations. pps-tools-0-0.12.20120407git0deb9c.el6 (FEDORA-EPEL-2016-285448a4aa) LinuxPPS user-space tools Update Information: Initial build for el6. Import from master. prosody-0.9.11-1.el6 (FEDORA-EPEL-2016-b59d825089) Flexible communications server for Jabber/XMPP Update Information: Prosody 0.9.11 == A summary of changes in this release:* HTTP parser: Improve buffering of incoming HTTP data and add size limits (#603) * sessionmanager: Fix for an issue which caused people to be kicked from conferences if mod_smacks was enabled (#648) * Dependencies: Workaround for compatibility with LuaSec 0.6 (#749) * MUC: Accept missing form as "instant room" request (#377) * C2S: Fix issues with destroying disconnected connections (#590, #641) * mod_privacy: Fix selection of the top resource(s) (#694) * mod_presence: Make sure both users get each others presence after adding each other (#673) * mod_http_files: Fix traceback when serving a non- wildcard path (#611) * mod_http_files: Preserve a trailing slash in paths (#639) * util.datamanager: Fix error handling (#632) * net.server_event: Fix internal socket API to allow writing from socket.ondrain callback (#661) * net.server_event: Fix timeout (commit) * net.server_event: Fix traceback due to write during TLS handshake (commit) * net.server_event: Fix buffer length check (commit) References: [ 1 ] Bug #1391802 - prosody-0.9.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1391802
[EPEL-devel] Fedora EPEL 7 updates-testing report
The following Fedora EPEL 7 Security updates need testing: Age URL 610 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 372 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 90 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-23fa04bf1c redis-3.2.3-1.el7 74 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8f4ff76b3 chicken-4.11.0-3.el7 17 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-03fb3c1531 banshee-2.6.2-11.el7 dbus-sharp-0.7.0-15.el7 dbus-sharp-glib-0.5.0-13.el7 gdata-sharp-1.4.0.2-18.el7 gio-sharp-0.3-14.el7 gkeyfile-sharp-0.1-19.el7 gnome-sharp-2.24.2-12.el7 gtk-sharp-beans-2.14.0-17.el7 gtk-sharp2-2.12.26-3.el7 gtk-sharp3-2.99.3-16.el7 gudev-sharp-0.1-18.el7 libappindicator-12.10.0-11.el7 libgpod-0.8.3-14.el7 libyui-bindings-1.1.0-7.el7 mono-4.2.4-7.el7 mono-addins-1.1-3.el7 mono-cecil-0.9.6-6.el7 mono-zeroconf-0.9.0-16.el7 notify-sharp-0.4.0-0.26.20100411svn.el7 notify-sharp3-3.0.3-2.el7 nunit-3.5-1.el7 nunit2-2.6.4-14.el7 pinta-1.6-5.el7 taglib-sharp-2.1.0.0-3.el7 17 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-ee3cc4d1b6 compat-guile18-1.8.8-14.el7 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-181efcf9c4 tre-0.8.0-18.20140228gitc2f5d13.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e26faf9489 python-simplejson-3.5.3-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-2fcbc39837 chromium-54.0.2840.90-3.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing chromium-54.0.2840.90-3.el7 php-horde-Horde-Core-2.27.2-1.el7 php-horde-Horde-Service-Weather-2.5.0-1.el7 pidgin-groupchat-typing-notifications-0-2.git33a75f9.el7 prosody-0.9.11-1.el7 python-ase-3.12.0-21.el7 python-epdb-0.15-1.el7 python-pytg-0.4.10-3.el7 suricata-3.1.3-1.el7 Details about builds: chromium-54.0.2840.90-3.el7 (FEDORA-EPEL-2016-2fcbc39837) A WebKit (Blink) powered web browser Update Information: Security fix for CVE-2016-5181, CVE-2016-5182, CVE-2016-5183, CVE-2016-5184, CVE-2016-5185, CVE-2016-5187, CVE-2016-5188, CVE-2016-5192, CVE-2016-5189, CVE-2016-5186, CVE-2016-5191, CVE-2016-5190, CVE-2016-5193, CVE-2016-5194 Security fix for CVE-2016-5198 Update to new stable, 54.0.2840.90. References: [ 1 ] Bug #1384365 - CVE-2016-5194 chromium-browser: various fixes from internal audits https://bugzilla.redhat.com/show_bug.cgi?id=1384365 [ 2 ] Bug #1384364 - CVE-2016-5193 chromium-browser: scheme bypass https://bugzilla.redhat.com/show_bug.cgi?id=1384364 [ 3 ] Bug #1384362 - CVE-2016-5190 chromium-browser: use after free in internals https://bugzilla.redhat.com/show_bug.cgi?id=1384362 [ 4 ] Bug #1384361 - CVE-2016-5191 chromium-browser: universal xss in bookmarks https://bugzilla.redhat.com/show_bug.cgi?id=1384361 [ 5 ] Bug #1384360 - CVE-2016-5186 chromium-browser: out of bounds read in devtools https://bugzilla.redhat.com/show_bug.cgi?id=1384360 [ 6 ] Bug #1384358 - CVE-2016-5189 chromium-browser: url spoofing https://bugzilla.redhat.com/show_bug.cgi?id=1384358 [ 7 ] Bug #1384357 - CVE-2016-5192 chromium-browser: cross-origin bypass in blink https://bugzilla.redhat.com/show_bug.cgi?id=1384357 [ 8 ] Bug #1384355 - CVE-2016-5188 chromium-browser: ui spoofing https://bugzilla.redhat.com/show_bug.cgi?id=1384355 [ 9 ] Bug #1384354 - CVE-2016-5187 chromium-browser: url spoofing https://bugzilla.redhat.com/show_bug.cgi?id=1384354 [ 10 ] Bug #1384352 - CVE-2016-5185 chromium-browser: use after free in blink https://bugzilla.redhat.com/show_bug.cgi?id=1384352 [ 11 ] Bug #1384350 - CVE-2016-5184 chromium-browser: use after free in pdfium https://bugzilla.redhat.com/show_bug.cgi?id=1384350 [ 12 ] Bug #1384349 - CVE-2016-5183 chromium-browser: use after free in pdfium https://bugzilla.redhat.com/show_bug.cgi?id=1384349 [ 13 ] Bug #1384348 - CVE-2016-5182 chromium-browser: heap overflow in blink https://bugzilla.redhat.com/show_bug.cgi?id=1384348 [ 14 ] Bug #1384347 - CVE-2016-5181 chromium-browser: universal xss in blink https://bugzilla.redhat.com/show_bug.cgi?id=1384347 [ 15 ] Bug #1391356 - CVE-2016-5198 chromium-browser: out of bounds memory access in v8 https://bugzilla.redhat.com/show_bug.cgi?id=1391356 php-horde-Horde-Core-2.27.2-1.el7 (FEDORA-EPEL-2016-8bf75551d3) Horde Core Framework
