The following Fedora EPEL 6 Security updates need testing: Age URL 625 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 619 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 509 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 480 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6 211 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8594ed3a53 chicken-4.11.0-3.el6 91 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac libbsd-0.8.3-2.el6 41 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-acd2c2af0d nagios-4.2.4-4.el6 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-1ad70123a8 R-3.3.3-1.el6 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-75190374ce moodle-2.7.19-1.el6 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-eb18b4839a mbedtls-2.4.2-1.el6 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-b1bba0f99d roundcubemail-1.0.9-2.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-da3e5ef08f tcpreplay-4.2.1-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
fetch-crl-3.0.19-1.el6 openvpn-2.4.1-2.el6 perl-Plack-0.9974-2.el6.1 python-ansible-tower-cli-3.1.3-2.el6 tcpreplay-4.2.1-1.el6
Details about builds:
================================================================================ fetch-crl-3.0.19-1.el6 (FEDORA-EPEL-2017-f312129381) Downloads Certificate Revocation Lists -------------------------------------------------------------------------------- Update Information:
Changes in 3.0.19-1 ---------------------- * Do not add spurious newline to DER- format files (fixes report 201670320-01) * run a script after the completion of every fetch-crl run (uses postexec directive in config file) --------------------------------------------------------------------------------
================================================================================ openvpn-2.4.1-2.el6 (FEDORA-EPEL-2017-3da5d4f25f) A full-featured SSL VPN solution -------------------------------------------------------------------------------- Update Information:
Updating to upstream OpenVPN v2.4.1. This update re-introduces a **DEPRECATED** feature to, **--tls-remote** to enable v2.3 installations to upgrade. Users are **STRONGLY** encouraged to update their configurations to use the newer option, **--verify-x509-name**. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1435036 - openvpn-2.4.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1435036 --------------------------------------------------------------------------------
================================================================================ perl-Plack-0.9974-2.el6.1 (FEDORA-EPEL-2017-6bd09b4a27) Perl Superglue for Web frameworks and Web Servers (PSGI toolkit) -------------------------------------------------------------------------------- Update Information:
This is an implementation of Perl Server Gateway Interface. --------------------------------------------------------------------------------
================================================================================ python-ansible-tower-cli-3.1.3-2.el6 (FEDORA-EPEL-2017-72e35f4a3b) A CLI tool for Ansible Tower -------------------------------------------------------------------------------- Update Information:
fix dependencies ---- update ---- Update ---- update to 3.1 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1430960 - python-ansible-tower-cli-v3.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1430960 --------------------------------------------------------------------------------
================================================================================ tcpreplay-4.2.1-1.el6 (FEDORA-EPEL-2017-da3e5ef08f) Replay captured network traffic -------------------------------------------------------------------------------- Update Information:
Here is what is fixed in this release: - Fix reporting of rates < 1Mbps (#348) - Option --unique-ip not working properly (#346) ---- Features and fixes include: - MAC rewriting capabilities by Pedro Arthur (#313) - Fix several issues identified by Coverity (#305) - Packet distortion --fuzz-seed option by Gabriel Ganne (#302) - Add --unique-ip-loops option to modify IPs every few loops (#296) - Netmap startup delay increase (#290) - tcpcapinfo buffer overflow vulnerablily (#278) - Update git-clone instructions by Kyle McDonald (#277) - Allow fractions for --pps option (#270) - Print per-loop stats with --stats=0 (#269) - Add protection against packet drift by Guillaume Scott (#268) - Print flow stats periodically with --stats output (#262) - Include Travis-CI build support by Ilya Shipitsin (#264) (#285) - tcpreplay won't replay all packets in a pcap file with --netmap (#255) - First and last packet times in --stats output (#239) - Switch to wire speed after 30 minutes at 6 Gbps (#210) - tcprewrite fix checksum properly for fragmented packets (#190) ---- Patch CVE-2017-6429. Tcpcapinfo utility of Tcpreplay has a buffer overflow vulnerability associated with parsing a crafted pcap file. This occurs in the src/tcpcapinfo.c file when capture has a packet that is too large to handle. References: http://seclists.org/bugtraq/2017/Mar/22 Upstream bug: https://github.com/appneta/tcpreplay/issues/278 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1429521 - CVE-2017-6429 tcpreplay: Buffer overflow in Tcpcapinfo utility [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1429521 [ 2 ] Bug #1429522 - CVE-2017-6429 tcpreplay: Buffer overflow in Tcpcapinfo utility [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1429522 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org