Fedora EPEL 6 updates-testing report
by updates@fedoraproject.org
The following Fedora EPEL 6 Security updates need testing:
Age URL
10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-e44380bc7a php-horde-kronolith-4.2.29-1.el6
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-e54cfb4880 singularity-3.6.0-1.el6
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-f275c3fe6a mbedtls-2.7.16-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
golang-1.13.14-1.el6
python-regex-2020.7.14-1.el6
snmptt-1.4.2-1.el6
Details about builds:
================================================================================
golang-1.13.14-1.el6 (FEDORA-EPEL-2020-713ebad0a1)
The Go Programming Language
--------------------------------------------------------------------------------
Update Information:
* Rebase to go1.13.14 * Security fix for CVE-2020-15586
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 20 2020 Jakub ��ajka <jcajka(a)redhat.com> - 1.13.14-1
- Rebase to go1.13.14
- Fix for CVE-2020-15586
- Resolves: BZ#1856956
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1856953
--------------------------------------------------------------------------------
================================================================================
python-regex-2020.7.14-1.el6 (FEDORA-EPEL-2020-707d92e43f)
Alternative regular expression module, to replace re
--------------------------------------------------------------------------------
Update Information:
Update to 2020.7.14.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 23 2020 Thomas Moschny <thomas.moschny(a)gmx.de> - 2020.7.14-1
- Update to 2020.7.14.
--------------------------------------------------------------------------------
================================================================================
snmptt-1.4.2-1.el6 (FEDORA-EPEL-2020-d1b24a2a25)
An SNMP trap handler written in Perl
--------------------------------------------------------------------------------
Update Information:
- Removed the daemon_gid option and enhanced the daemon_uid option so that it
retreives the group membership for daemon_uid from the OS. This fixes a bug
in 1.4.1 where it was not possible to define multiple group members with
daemon_gid. - Fixed a security issue with EXEC / PREXEC / unknown_trap_exec that
could allow malicious shell code to be executed. - Fixed a bug with EXEC /
PREXEC / unknown_trap_exec that caused commands to be run as root instead of
the user defined in daemon_uid. - Added the snmptt.ini option daemon_gid to
allow the gid to be set in addition to the uid. Defaults to 'nobody' if not
defined.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 23 2020 Volker Fr��hlich <volker27(a)gmx.at> - 1.4.2-1
- New upstream version
--------------------------------------------------------------------------------