The following Fedora EPEL 6 Security updates need testing: Age URL 302 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828 chicken-4.9.0.1-4.el6 284 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 278 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 210 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6 168 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 140 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6 38 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-44de0606ef python-tgcaptcha2-0.3.1-1.el6 33 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8fbd838843 dropbear-2016.72-1.el6 33 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-7640e3144a proftpd-1.3.3g-9.el6 26 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-30a8346813 vtun-3.0.1-10.el6 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-55f139473e latex2rtf-2.3.10-1.el6.1 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-9e3b8fecbf qpid-proton-0.12.1-1.el6 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-0fc5375dc7 optipng-0.7.6-1.el6 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-628be2e77a drupal7-block_class-2.3-1.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e912272569 asterisk-1.8.32.3-2.el6 libsrtp-1.5.4-3.el6 pjproject-2.3-7.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-bfe0ea574f ansible1.9-1.9.6-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
ansible1.9-1.9.6-1.el6 asterisk-1.8.32.3-2.el6 cmake3-3.5.2-1.el6 libabigail-1.0-0.8.rc4.1.el6 libsrtp-1.5.4-3.el6 pjproject-2.3-7.el6
Details about builds:
================================================================================ ansible1.9-1.9.6-1.el6 (FEDORA-EPEL-2016-bfe0ea574f) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information:
Update to 1.9.6. Fixes bug #1327744 as well as CVE-2016-3096 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1322925 - CVE-2016-3096 ansible: Code execution vulnerability in lxc_container https://bugzilla.redhat.com/show_bug.cgi?id=1322925 --------------------------------------------------------------------------------
================================================================================ asterisk-1.8.32.3-2.el6 (FEDORA-EPEL-2016-e912272569) The Open Source PBX -------------------------------------------------------------------------------- Update Information:
Update to 1.5.4. Includes security fix for CVE-2015-6360 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1323702 - CVE-2015-6360 libsrtp: improper handling of CSRC count and extension header length in RTP header https://bugzilla.redhat.com/show_bug.cgi?id=1323702 --------------------------------------------------------------------------------
================================================================================ cmake3-3.5.2-1.el6 (FEDORA-EPEL-2016-43c9f12406) Cross-platform make system -------------------------------------------------------------------------------- Update Information:
Update to 3.5.2 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1327794 - cmake-3.5.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1327794 --------------------------------------------------------------------------------
================================================================================ libabigail-1.0-0.8.rc4.1.el6 (FEDORA-EPEL-2016-333925f376) Set of ABI analysis tools -------------------------------------------------------------------------------- Update Information:
Update to upstream 1.0.rc4 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1311105 - False negative when running abipkgdiff against ppc64 packages https://bugzilla.redhat.com/show_bug.cgi?id=1311105 --------------------------------------------------------------------------------
================================================================================ libsrtp-1.5.4-3.el6 (FEDORA-EPEL-2016-e912272569) An implementation of the Secure Real-time Transport Protocol (SRTP) -------------------------------------------------------------------------------- Update Information:
Update to 1.5.4. Includes security fix for CVE-2015-6360 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1323702 - CVE-2015-6360 libsrtp: improper handling of CSRC count and extension header length in RTP header https://bugzilla.redhat.com/show_bug.cgi?id=1323702 --------------------------------------------------------------------------------
================================================================================ pjproject-2.3-7.el6 (FEDORA-EPEL-2016-e912272569) Libraries for building embedded/non-embedded VoIP applications -------------------------------------------------------------------------------- Update Information:
Update to 1.5.4. Includes security fix for CVE-2015-6360 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1323702 - CVE-2015-6360 libsrtp: improper handling of CSRC count and extension header length in RTP header https://bugzilla.redhat.com/show_bug.cgi?id=1323702 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org