The following Fedora EPEL 6 Security updates need testing:
Age URL
787
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031
python-virtualenv-12.0.7-1.el6
781
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168
rubygem-crack-0.3.2-2.el6
671
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb
mcollective-2.8.4-1.el6
643
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9
thttpd-2.25b-24.el6
253
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac
libbsd-0.8.3-2.el6
149
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-c0d33ae70f
tnef-1.4.14-1.el6
51
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e8124f23c8
heimdal-7.4.0-1.el6
15
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-3f527c60d9
firebird-2.5.7.27050.0-1.el6
15
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-0ad4c424f0
redis-3.2.10-2.el6
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-01dbc69547
exim-4.89-2.el6
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-f14c660f60
tomcat-7.0.81-1.el6
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-c28c0c3e0c
cacti-1.1.19-1.el6
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-dc232b17d0
mbedtls-2.6.0-1.el6
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-63bdf1b0d8
libidn2-2.0.4-1.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-225c9fc495
freexl-1.0.0i-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
abi-compliance-checker-2.2-1.el6
abi-dumper-1.1-1.el6
abi-tracker-1.11-1.el6
clustershell-1.7.81-1.el6
fedpkg-1.29-3.el6
freexl-1.0.0i-1.el6
rpkg-1.50-2.el6
xrdhttpvoms-0.2.5-2.el6
youtube-dl-2017.09.02-1.el6
Details about builds:
================================================================================
abi-compliance-checker-2.2-1.el6 (FEDORA-EPEL-2017-eb0a63456d)
An ABI Compliance Checker
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream releases.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1486717 - abi-compliance-checker-2.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1486717
[ 2 ] Bug #1486719 - abi-dumper-1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1486719
[ 3 ] Bug #1486720 - abi-tracker-1.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1486720
--------------------------------------------------------------------------------
================================================================================
abi-dumper-1.1-1.el6 (FEDORA-EPEL-2017-eb0a63456d)
Tool to dump ABI of an ELF object containing DWARF debug info
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream releases.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1486717 - abi-compliance-checker-2.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1486717
[ 2 ] Bug #1486719 - abi-dumper-1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1486719
[ 3 ] Bug #1486720 - abi-tracker-1.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1486720
--------------------------------------------------------------------------------
================================================================================
abi-tracker-1.11-1.el6 (FEDORA-EPEL-2017-eb0a63456d)
Tool to visualize ABI changes timeline of a C/C++ library
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream releases.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1486717 - abi-compliance-checker-2.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1486717
[ 2 ] Bug #1486719 - abi-dumper-1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1486719
[ 3 ] Bug #1486720 - abi-tracker-1.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1486720
--------------------------------------------------------------------------------
================================================================================
clustershell-1.7.81-1.el6 (FEDORA-EPEL-2017-6dd48712c3)
Python framework for efficient cluster administration
--------------------------------------------------------------------------------
Update Information:
ClusterShell 1.8 beta1 targeted for updates-testing only.
--------------------------------------------------------------------------------
================================================================================
fedpkg-1.29-3.el6 (FEDORA-EPEL-2017-1c685ce277)
Fedora utility for working with dist-git
--------------------------------------------------------------------------------
Update Information:
# Highlight - Read Koji configuration from profile. - fedpkg-stage is usable -
Non-zero is returned when local command fails - More Python 3 compatible - Allow
container builds from any namespace - Supply namespace to lookaside (if enabled)
UPDATED: Please test command ``container-build``. # rpkg - Fix PEP8 error
(cqi) - Spelling fixes (ville.skytta) - Reword help and description of new-
sources and upload commands - 1248737 (cqi) - Set autorebuild enabled by
default (bfontecc) - Add commands to whitelist_externals (cqi) - Declare Python
3 versions to support in setup.py (cqi) - Replace unicode with six.text_type
(cqi) - Run tests in both Python 2 and 3 with tox (cqi) - Make tests and covered
code compatible with Py3 (cqi) - Add requirements files (cqi) - Do not build
srpm in test (cqi) - Do not actually run git-diff in tests (cqi) - Remove
deprecated modules used in koji (cqi) - Non-zero exit when rpmbuild fails in
local command (cqi) - Report deprecation of config via logger (lsedlar) - Print
--dist deprecation warning explicitly (lsedlar) - utils: Avoid
DeprecationWarning for messages for users (lsedlar) - Supply namespace to
lookaside (if enabled) (lsedlar) - Support reading koji config from profile -
#187 (cqi) - Remove kitchen (cqi) - Fix string format (cqi) - Recommend
--release instead of --dist in mockbuild --help (tmz) - Allow overriding
container build target by downstream (lsedlar) - Add a separate property for
namespace (lsedlar) - Allow container builds from any namespace (maxamillion) -
Make osbs support optional (cqi) - make osbs dependency optional (pavlix) -
Allow explicit namespaces with slashes (lsedlar) - Do not hang indefinitely when
lookaside cache server stops sending data (jkaluza) - Make --module-name work
with namespaces - #216 (lsedlar) - Include README.rst in dist package (cqi) -
More document in README - #189 (cqi) - Make new command be able to print unicode
- #205 (cqi) - Allow to specify custom info to a dummy commit (cqi) - Load
module name correctly even if push url ends in slash - #192 (cqi) - Replace
fedorahosted.org with pagure.io - #202 (cqi) - Fix rpm command to get changelog
from SPEC - rhbz#1412224 (cqi) - Rewrite tests to avoid running rpmbuild and
rpmlint (cqi) - Use fake value to make Command in test (cqi) - Python 3.6
invalid escape sequence deprecation fixes (ville.skytta) # fedpkg - Remove
unused variable in Commands.retire (cqi) - No more pkgdb. (rbean) - Add --arches
to build completions (ville.skytta) - Add ppc64le to arch completions
(ville.skytta) - Explain how to write a note in multiple lines in update
template - #123 (cqi) - Remove code that handles secondary arch (cqi) - Simplify
passing arguments when creating Command object - #14 (cqi) - Set koji profile
for secondary arch immediately (cqi) - Use profile to load Koji configuration -
#97 (cqi) - Remove push.default from clone_default - #109 (cqi) - remove special
handling of s390 specific packages (dan) - Replace
fedorahosted.org with
pagure.io in manpage - #113 (cqi) - Remove tracbaseurl from conf file - #112
(cqi) - Set disttag properly (cqi) - koji stage config moved, update fedpkg
defaults (maxamillion) - Specific help of --release for fedpkg - rhbz#1054440
(cqi)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1487383 - cannot do build
https://bugzilla.redhat.com/show_bug.cgi?id=1487383
[ 2 ] Bug #1248737 - What is the difference between new-sources and upload?
https://bugzilla.redhat.com/show_bug.cgi?id=1248737
[ 3 ] Bug #1412224 - fedpkg update fails: Could not execute update: error: Unable to
open /home/jsynacek/rpmbuild/SOURCES/triggers.systemd: No such file or directory
https://bugzilla.redhat.com/show_bug.cgi?id=1412224
[ 4 ] Bug #1410300 - "fedpkg local" should return nonzero exitcode when build
fails
https://bugzilla.redhat.com/show_bug.cgi?id=1410300
--------------------------------------------------------------------------------
================================================================================
freexl-1.0.0i-1.el6 (FEDORA-EPEL-2017-225c9fc495)
Library to extract data from within an Excel spreadsheet
--------------------------------------------------------------------------------
Update Information:
Solve CVE-2015-2753, CVE-2015-2754 and CVE-2015-2776 (multiple flaws when
parsing malformed input)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1207143 - CVE-2015-2754 CVE-2015-2776 CVE-2015-2753 freexl: multiple flaws
when parsing malformed input [epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=1207143
--------------------------------------------------------------------------------
================================================================================
rpkg-1.50-2.el6 (FEDORA-EPEL-2017-1c685ce277)
Python library for interacting with rpm+git
--------------------------------------------------------------------------------
Update Information:
# Highlight - Read Koji configuration from profile. - fedpkg-stage is usable -
Non-zero is returned when local command fails - More Python 3 compatible - Allow
container builds from any namespace - Supply namespace to lookaside (if enabled)
UPDATED: Please test command ``container-build``. # rpkg - Fix PEP8 error
(cqi) - Spelling fixes (ville.skytta) - Reword help and description of new-
sources and upload commands - 1248737 (cqi) - Set autorebuild enabled by
default (bfontecc) - Add commands to whitelist_externals (cqi) - Declare Python
3 versions to support in setup.py (cqi) - Replace unicode with six.text_type
(cqi) - Run tests in both Python 2 and 3 with tox (cqi) - Make tests and covered
code compatible with Py3 (cqi) - Add requirements files (cqi) - Do not build
srpm in test (cqi) - Do not actually run git-diff in tests (cqi) - Remove
deprecated modules used in koji (cqi) - Non-zero exit when rpmbuild fails in
local command (cqi) - Report deprecation of config via logger (lsedlar) - Print
--dist deprecation warning explicitly (lsedlar) - utils: Avoid
DeprecationWarning for messages for users (lsedlar) - Supply namespace to
lookaside (if enabled) (lsedlar) - Support reading koji config from profile -
#187 (cqi) - Remove kitchen (cqi) - Fix string format (cqi) - Recommend
--release instead of --dist in mockbuild --help (tmz) - Allow overriding
container build target by downstream (lsedlar) - Add a separate property for
namespace (lsedlar) - Allow container builds from any namespace (maxamillion) -
Make osbs support optional (cqi) - make osbs dependency optional (pavlix) -
Allow explicit namespaces with slashes (lsedlar) - Do not hang indefinitely when
lookaside cache server stops sending data (jkaluza) - Make --module-name work
with namespaces - #216 (lsedlar) - Include README.rst in dist package (cqi) -
More document in README - #189 (cqi) - Make new command be able to print unicode
- #205 (cqi) - Allow to specify custom info to a dummy commit (cqi) - Load
module name correctly even if push url ends in slash - #192 (cqi) - Replace
fedorahosted.org with pagure.io - #202 (cqi) - Fix rpm command to get changelog
from SPEC - rhbz#1412224 (cqi) - Rewrite tests to avoid running rpmbuild and
rpmlint (cqi) - Use fake value to make Command in test (cqi) - Python 3.6
invalid escape sequence deprecation fixes (ville.skytta) # fedpkg - Remove
unused variable in Commands.retire (cqi) - No more pkgdb. (rbean) - Add --arches
to build completions (ville.skytta) - Add ppc64le to arch completions
(ville.skytta) - Explain how to write a note in multiple lines in update
template - #123 (cqi) - Remove code that handles secondary arch (cqi) - Simplify
passing arguments when creating Command object - #14 (cqi) - Set koji profile
for secondary arch immediately (cqi) - Use profile to load Koji configuration -
#97 (cqi) - Remove push.default from clone_default - #109 (cqi) - remove special
handling of s390 specific packages (dan) - Replace
fedorahosted.org with
pagure.io in manpage - #113 (cqi) - Remove tracbaseurl from conf file - #112
(cqi) - Set disttag properly (cqi) - koji stage config moved, update fedpkg
defaults (maxamillion) - Specific help of --release for fedpkg - rhbz#1054440
(cqi)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1487383 - cannot do build
https://bugzilla.redhat.com/show_bug.cgi?id=1487383
[ 2 ] Bug #1248737 - What is the difference between new-sources and upload?
https://bugzilla.redhat.com/show_bug.cgi?id=1248737
[ 3 ] Bug #1412224 - fedpkg update fails: Could not execute update: error: Unable to
open /home/jsynacek/rpmbuild/SOURCES/triggers.systemd: No such file or directory
https://bugzilla.redhat.com/show_bug.cgi?id=1412224
[ 4 ] Bug #1410300 - "fedpkg local" should return nonzero exitcode when build
fails
https://bugzilla.redhat.com/show_bug.cgi?id=1410300
--------------------------------------------------------------------------------
================================================================================
xrdhttpvoms-0.2.5-2.el6 (FEDORA-EPEL-2017-05bb0bd053)
VOMS security extractor plugin for XrdHTTP
--------------------------------------------------------------------------------
Update Information:
* new upstream release
--------------------------------------------------------------------------------
================================================================================
youtube-dl-2017.09.02-1.el6 (FEDORA-EPEL-2017-8b33e17801)
A small command-line program to download online videos
--------------------------------------------------------------------------------
Update Information:
Update to the latest upstream release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1482730 - youtube-dl-2017.09.02 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1482730
--------------------------------------------------------------------------------