The following Fedora EPEL 6 Security updates need testing: Age URL 308 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-4008 cross-binutils-2.23.51.0.3-1.el6.1 88 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828 chicken-4.9.0.1-4.el6 70 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 64 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 34 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7634 zabbix20-2.0.15-1.el6 15 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7875 onionshare-0.7.1-1.el6 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7917 moodle-2.6.11-1.el6 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7940 nrpe-2.15-6.el6 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7961 php-doctrine-cache-1.4.2-1.el6 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7963 php-doctrine-annotations-1.2.7-1.el6 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7994 seamonkey-2.28-7.ESR_31.8.0.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8027 php-extras-5.3.3-4.el6 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8044 golang-1.5.1-0.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8091 zabbix22-2.2.10-1.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8102 wordpress-4.3.1-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
dar-2.4.18-1.el6 golang-github-AdRoll-goamz-0-0.1.gitf8c4952.el6 golang-github-Azure-azure-sdk-for-go-1.2-0.1.git97d9593.el6 golang-github-denverdino-aliyungo-0-0.1.git0e0f322.el6 golang-github-go-fsnotify-fsnotify-1.2.0-0.1.git96c060f.el6 golang-github-gorilla-handlers-0-0.1.git60c7bfd.el6 golang-github-ncw-swift-0-0.1.git22c8fa9.el6 golang-github-noahdesu-go-ceph-0.3.0-0.1.gitb15639c.el6 golang-github-stevvooe-resumable-0-0.1.git51ad441.el6 libmaxminddb-1.1.1-5.el6 reposurgeon-3.29-1.el6 wordpress-4.3.1-1.el6
Details about builds:
================================================================================ dar-2.4.18-1.el6 (FEDORA-EPEL-2015-8096) Software for making/restoring incremental CD/DVD backups -------------------------------------------------------------------------------- Update Information:
New upstream version dar-2.4.18-1.fc23 - New upstream version dar-2.4.18-1.el7 - new upstream version dar-2.4.18-1.el6 - new upstream version dar-2.4.18-1.el5 - new upstream version dar-2.4.18-1.fc22 - New upstream version dar-2.4.18-1.fc21 - new upstream version -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1258281 - dar-2.4.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=1258281 --------------------------------------------------------------------------------
================================================================================ golang-github-AdRoll-goamz-0-0.1.gitf8c4952.el6 (FEDORA-EPEL-2015-8106) Fork of the GOAMZ with additional functionality with DynamoDB -------------------------------------------------------------------------------- Update Information:
First package for Fedora -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1262714 - Review Request: golang-github-AdRoll-goamz - Fork of the GOAMZ with additional functionality with DynamoDB https://bugzilla.redhat.com/show_bug.cgi?id=1262714 --------------------------------------------------------------------------------
================================================================================ golang-github-Azure-azure-sdk-for-go-1.2-0.1.git97d9593.el6 (FEDORA-EPEL-2015-8105) Microsoft Azure SDK for Go -------------------------------------------------------------------------------- Update Information:
First package for Fedora -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1262716 - Review Request: golang-github-Azure-azure-sdk-for-go - Microsoft Azure SDK for Go https://bugzilla.redhat.com/show_bug.cgi?id=1262716 --------------------------------------------------------------------------------
================================================================================ golang-github-denverdino-aliyungo-0-0.1.git0e0f322.el6 (FEDORA-EPEL-2015-8109) Go SDK for Aliyun Services -------------------------------------------------------------------------------- Update Information:
needed by docker/distribution -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1262704 - Review Request: golang-github-denverdino-aliyungo - Go SDK for Aliyun Services https://bugzilla.redhat.com/show_bug.cgi?id=1262704 --------------------------------------------------------------------------------
================================================================================ golang-github-go-fsnotify-fsnotify-1.2.0-0.1.git96c060f.el6 (FEDORA-EPEL-2015-8103) File system notifications for Go -------------------------------------------------------------------------------- Update Information:
First package for Fedora -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1262426 - Review Request: golang-github-go-fsnotify-fsnotify - File system notifications for Go https://bugzilla.redhat.com/show_bug.cgi?id=1262426 --------------------------------------------------------------------------------
================================================================================ golang-github-gorilla-handlers-0-0.1.git60c7bfd.el6 (FEDORA-EPEL-2015-8108) A collection of useful handlers for Go's net/http package -------------------------------------------------------------------------------- Update Information:
needed by docker/distribution -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1262705 - Review Request: golang-github-gorilla-handlers - A collection of useful handlers for Go's net/http package https://bugzilla.redhat.com/show_bug.cgi?id=1262705 --------------------------------------------------------------------------------
================================================================================ golang-github-ncw-swift-0-0.1.git22c8fa9.el6 (FEDORA-EPEL-2015-8107) Go language interface to Swift -------------------------------------------------------------------------------- Update Information:
needed by docker/distribution -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1262710 - Review Request: golang-github-ncw-swift - Go language interface to Swift https://bugzilla.redhat.com/show_bug.cgi?id=1262710 --------------------------------------------------------------------------------
================================================================================ golang-github-noahdesu-go-ceph-0.3.0-0.1.gitb15639c.el6 (FEDORA-EPEL-2015-8104) Go bindings for RADOS, RBD, and CephFS -------------------------------------------------------------------------------- Update Information:
First package for Fedora -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1262711 - Review Request: golang-github-noahdesu-go-ceph - Go bindings for RADOS, RBD, and CephFS https://bugzilla.redhat.com/show_bug.cgi?id=1262711 --------------------------------------------------------------------------------
================================================================================ golang-github-stevvooe-resumable-0-0.1.git51ad441.el6 (FEDORA-EPEL-2015-8110) Subset of the Go `crypto` Package with a Resumable Hash Interface -------------------------------------------------------------------------------- Update Information:
needed by docker/distribution -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1262709 - Review Request: golang-github-stevvooe-resumable - Subset of the Go `crypto` Package with a Resumable Hash Interface https://bugzilla.redhat.com/show_bug.cgi?id=1262709 --------------------------------------------------------------------------------
================================================================================ libmaxminddb-1.1.1-5.el6 (FEDORA-EPEL-2015-8095) C library for the MaxMind DB file format -------------------------------------------------------------------------------- Update Information:
C library for the MaxMind DB file format -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1258874 - Review Request: libmaxminddb - C library for the MaxMind DB file format https://bugzilla.redhat.com/show_bug.cgi?id=1258874 --------------------------------------------------------------------------------
================================================================================ reposurgeon-3.29-1.el6 (FEDORA-EPEL-2015-8112) SCM Repository Manipulation Tool -------------------------------------------------------------------------------- Update Information:
# 3.29: 2015-09-02 * Now included: git aliases that allow git to work with action stamps. * **The new `repomapper` tool helps prepare contributor maps.** * Use of branchify/branchify_map is now less likely to produce invalid resets. * `branchify_map` has been changed to handle subdirectories better. `branchify_map reset` actually works now. * Prevent a crash on empty SVN comments produced by dumpfiltering. * `assign` command with no selection set or arguments lists assignments. * New `--user-ignores` option on Subversion reads passes through .gitignores. * `repotool initialize` now generates an easier-to-read conversion makefile (Fedora: Used to be conversion.mk in /usr/share/doc/reposurgeon). -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1259536 - reposurgeon-3.29 is available https://bugzilla.redhat.com/show_bug.cgi?id=1259536 --------------------------------------------------------------------------------
================================================================================ wordpress-4.3.1-1.el6 (FEDORA-EPEL-2015-8102) Blog tool and publishing platform -------------------------------------------------------------------------------- Update Information:
**WordPress 4.3.1 Security and Maintenance Release** [Upstream announcement](https://wordpress.org/news/2015/09/wordpress-4-3-1/): WordPress 4.3.1 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. This release addresses three issues, including two cross-site scripting vulnerabilities and a potential privilege escalation. * WordPress versions 4.3 and earlier are vulnerable to a cross-site scripting vulnerability when processing shortcode tags (CVE-2015-5714). Reported by Shahar Tal and Netanel Rubin of Check Point. * A separate cross-site scripting vulnerability was found in the user list table. Reported by Ben Bidner of the WordPress security team. * Finally, in certain cases, users without proper permissions could publish private posts and make them sticky (CVE-2015-5715). Reported by Shahar Tal and Netanel Rubin of Check Point. WordPress 4.3.1 also fixes twenty-six bugs. For more information, see the [release notes](https://codex.wordpress.org/Version_4.3.1) or consult the [list of changes](https://core.trac.wordpress.org/log/branches/4.3/?rev=34199&st op_rev=33647). -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1263657 - CVE-2015-5714 CVE-2015-5715 wordpress: XSS and permission issue fixed in wordpress 4.3.1 https://bugzilla.redhat.com/show_bug.cgi?id=1263657 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org
-
updates@fedoraproject.org