The following Fedora EPEL 6 Security updates need testing: Age URL 310 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828 chicken-4.9.0.1-4.el6 292 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 286 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 217 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6 176 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 148 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6 40 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8fbd838843 dropbear-2016.72-1.el6 40 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-7640e3144a proftpd-1.3.3g-9.el6 33 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-30a8346813 vtun-3.0.1-10.el6 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-628be2e77a drupal7-block_class-2.3-1.el6 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e912272569 asterisk-1.8.32.3-2.el6 libsrtp-1.5.4-3.el6 pjproject-2.3-7.el6 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-bfe0ea574f ansible1.9-1.9.6-1.el6 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-09ad0ba4a5 ansible-2.0.2.0-1.el6 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-522ecc9bb5 roundcubemail-1.0.9-1.el6 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-9ead85c2cf php-getid3-1.9.12-1.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-45e9f8440b cacti-0.8.8g-2.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
Lmod-6.3.1-1.el6 cacti-0.8.8g-2.el6 engauge-digitizer-7.2-1.el6 epson-inkjet-printer-escpr-1.5.2-3.1lsb3.2.el6 epson-inkjet-printer-escpr-1.6.5-1.1lsb3.2.el6 golang-github-go-ini-ini-1.9.0-0.1.git193d1ec.el6 osbs-client-0.22-1.el6
Details about builds:
================================================================================ Lmod-6.3.1-1.el6 (FEDORA-EPEL-2016-81e9d1896a) Environmental Modules System in Lua -------------------------------------------------------------------------------- Update Information:
Update to 6.3.1 - protects it from user changes to LUA_PATH and LUA_CPATH by using these values at configuration time. - Fixed bug with Capital Letters in a version string. - Do not overwrite MODULEPATH (bug #1326075) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1326075 - Lmod packages prevent the correct function of `module use`, upon further bash/csh invocations https://bugzilla.redhat.com/show_bug.cgi?id=1326075 --------------------------------------------------------------------------------
================================================================================ cacti-0.8.8g-2.el6 (FEDORA-EPEL-2016-45e9f8440b) An rrd based graphing tool -------------------------------------------------------------------------------- Update Information:
- Update to 0.8.8g Release notes: http://www.cacti.net/release_notes_0_8_8g.php -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1259276 - Version of cacti in repos' is pretty old for EL6 and EL7 https://bugzilla.redhat.com/show_bug.cgi?id=1259276 [ 2 ] Bug #1082936 - CVE-2014-2327 CVE-2014-2326 CVE-2014-2328 cacti: multiple flaws reported by Deutsche Telekom [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1082936 [ 3 ] Bug #1004548 - Tree not collapsing in graph mode in version 0.8.8b https://bugzilla.redhat.com/show_bug.cgi?id=1004548 [ 4 ] Bug #1323943 - CVE-2016-3659 cacti: SQL injection vulnerability in graph_view.php [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1323943 [ 5 ] Bug #1317550 - CVE-2016-3172 cacti: SQL injection vulnerability in /cacti/tree.php [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1317550 [ 6 ] Bug #1306530 - CVE-2016-2313 cacti: authentication bypass [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1306530 [ 7 ] Bug #1295782 - CVE-2015-8604 cacti: SQL injection in graps_new.php via cg_g parameter [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1295782 [ 8 ] Bug #1291779 - CVE-2015-8369 cacti: SQL injection in graph.php [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1291779 [ 9 ] Bug #1291223 - CVE-2015-8377 cacti: SQL injection in graphs_new.php [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1291223 [ 10 ] Bug #1242868 - CVE-2015-4634 cacti: multiple SQL injection flaws fixed in Cacti 0.8.8e [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1242868 [ 11 ] Bug #1233833 - CVE-2015-4454 CVE-2015-2665 cacti: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1233833 [ 12 ] Bug #1230297 - CVE-2015-4342 cacti: SQL Injection and Location header injection from cdef id [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1230297 [ 13 ] Bug #1129764 - cacti: remote code execution and SQL injection [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1129764 [ 14 ] Bug #1121468 - cacti: cross-site scripting issues [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1121468 [ 15 ] Bug #1128298 - cacti-spine not available https://bugzilla.redhat.com/show_bug.cgi?id=1128298 [ 16 ] Bug #1123884 - %post scriptlet error on install https://bugzilla.redhat.com/show_bug.cgi?id=1123884 --------------------------------------------------------------------------------
================================================================================ engauge-digitizer-7.2-1.el6 (FEDORA-EPEL-2016-90481bab12) Convert graphs or map files into numbers -------------------------------------------------------------------------------- Update Information:
- Update to 7.2 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1279184 - engauge on el6: not built for missing BR package, log4cpp. https://bugzilla.redhat.com/show_bug.cgi?id=1279184 --------------------------------------------------------------------------------
================================================================================ epson-inkjet-printer-escpr-1.5.2-3.1lsb3.2.el6 (FEDORA-EPEL-2016-0240e3d1fa) Drivers for Epson inkjet printers -------------------------------------------------------------------------------- Update Information:
Roll back to earlier version due to segfaults in the 1.6.x series. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1327002 - Printer prints only half of the page, epson-escpr crashes https://bugzilla.redhat.com/show_bug.cgi?id=1327002 [ 2 ] Bug #1326572 - [abrt] epson-inkjet-printer-escpr: XFIFOClose(): epson-escpr killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1326572 [ 3 ] Bug #1252376 - [abrt] epson-inkjet-printer-escpr: set_pips_parameter(): epson-escpr killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1252376 --------------------------------------------------------------------------------
================================================================================ epson-inkjet-printer-escpr-1.6.5-1.1lsb3.2.el6 (FEDORA-EPEL-2016-62625f1a09) Drivers for Epson inkjet printers -------------------------------------------------------------------------------- Update Information:
Update to 1.6.5. ---- Update to 1.6.4. Make sure drivers are properly detected on Fedora platform. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1327002 - Printer prints only half of the page, epson-escpr crashes https://bugzilla.redhat.com/show_bug.cgi?id=1327002 [ 2 ] Bug #1326572 - [abrt] epson-inkjet-printer-escpr: XFIFOClose(): epson-escpr killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1326572 [ 3 ] Bug #1252376 - [abrt] epson-inkjet-printer-escpr: set_pips_parameter(): epson-escpr killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1252376 [ 4 ] Bug #1323033 - Epson inkjet driver RPM does not advertise the printers it supports https://bugzilla.redhat.com/show_bug.cgi?id=1323033 --------------------------------------------------------------------------------
================================================================================ golang-github-go-ini-ini-1.9.0-0.1.git193d1ec.el6 (FEDORA-EPEL-2016-4d3bf84d8e) Package ini provides INI file read and write functionality in Go -------------------------------------------------------------------------------- Update Information:
First package for Fedora -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1327497 - Review Request: golang-github-go-ini-ini - Package ini provides INI file read and write functionality in Go https://bugzilla.redhat.com/show_bug.cgi?id=1327497 --------------------------------------------------------------------------------
================================================================================ osbs-client-0.22-1.el6 (FEDORA-EPEL-2016-84663d68f2) Python command line client for OpenShift Build Service -------------------------------------------------------------------------------- Update Information:
New upstream release. ---- New upstream release. ---- New upstream release. ---- New upstream release. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1329027 - osbs-client-0.21 is available https://bugzilla.redhat.com/show_bug.cgi?id=1329027 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org