The following Fedora EPEL 6 Security updates need testing:
Age URL
182
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828
chicken-4.9.0.1-4.el6
164
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031
python-virtualenv-12.0.7-1.el6
158
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168
rubygem-crack-0.3.2-2.el6
89
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8148 optipng-0.7.5-5.el6
89
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6
78
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-68a2c2db36
python-pymongo-3.0.3-1.el6
48
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb
mcollective-2.8.4-1.el6
20
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9
thttpd-2.25b-24.el6
14
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-da771a002d
moodle-2.7.11-1.el6
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-c1e2a347ee
xsupplicant-2.2.0-13.el6
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-df28a72135
shellinabox-2.19-1.el6
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-4ea455db6d
gwenhywfar-4.13.1-2.el6
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-06bd1d268e
nodejs-handlebars-4.0.5-1.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-26f2bb9749
libpng10-1.0.66-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
dpm-xrootd-3.6.0-1.el6
innotop-1.10.0-0.3.81da83f.el6
libpng10-1.0.66-1.el6
nodejs-d-1.0.0-1.el6
nodejs-es5-ext-0.10.10-1.el6
nodejs-es6-iterator-2.0.0-1.el6
nodejs-es6-symbol-3.0.2-1.el6
nodejs-is-windows-0.1.0-1.el6
nodejs-next-tick-0.2.2-2.el6
pcsc-cyberjack-3.99.5final.SP08-2.el6
perl-Net-Whois-IP-1.18-1.el6
shinken-2.4.2-2.el6
sysreporter-3.0.2-1.el6
Details about builds:
================================================================================
dpm-xrootd-3.6.0-1.el6 (FEDORA-EPEL-2015-f3987cf642)
XROOT interface to the Disk Pool Manager (DPM)
--------------------------------------------------------------------------------
Update Information:
- introduced the XrdDPMStatInfo plugin - updated rpm spec to require at least
xrootd 4.2
--------------------------------------------------------------------------------
================================================================================
innotop-1.10.0-0.3.81da83f.el6 (FEDORA-EPEL-2015-154331c792)
A MySQL and InnoDB monitor program
--------------------------------------------------------------------------------
Update Information:
Fix for MariaDB 10.1 and 10.2, align with upstream
--------------------------------------------------------------------------------
================================================================================
libpng10-1.0.66-1.el6 (FEDORA-EPEL-2015-26f2bb9749)
Old version of libpng, needed to run old binaries
--------------------------------------------------------------------------------
Update Information:
An underflow read was found in png_check_keyword in libpng10. An attacker could
possibly use this flaw to cause an out-of-bounds read by tricking an
unsuspecting user into processing a specially crafted PNG image. ---- The fix
for CVE-8126 was incomplete in the previous 1.0.64 update.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1291312 - CVE-2015-8540 libpng: underflow read in png_check_keyword()
https://bugzilla.redhat.com/show_bug.cgi?id=1291312
[ 2 ] Bug #1281756 - CVE-2015-8126 CVE-2015-8472 libpng: Buffer overflow vulnerabilities
in png_get_PLTE/png_set_PLTE functions
https://bugzilla.redhat.com/show_bug.cgi?id=1281756
--------------------------------------------------------------------------------
================================================================================
nodejs-d-1.0.0-1.el6 (FEDORA-EPEL-2015-03ce51864d)
Property descriptor factory
--------------------------------------------------------------------------------
Update Information:
Update to upstream 1.0.0 release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1292424 - Review Request: nodejs-d - Property descriptor factory
https://bugzilla.redhat.com/show_bug.cgi?id=1292424
--------------------------------------------------------------------------------
================================================================================
nodejs-es5-ext-0.10.10-1.el6 (FEDORA-EPEL-2015-7354dc4f7f)
ECMAScript 5 extensions and ES6 shims
--------------------------------------------------------------------------------
Update Information:
Update to upstream 0.10.10 release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1292416 - Review Request: nodejs-es5-ext - ECMAScript 5 extensions and ES6
shims
https://bugzilla.redhat.com/show_bug.cgi?id=1292416
--------------------------------------------------------------------------------
================================================================================
nodejs-es6-iterator-2.0.0-1.el6 (FEDORA-EPEL-2015-9d6dd21160)
Iterator abstraction based on ES6 specification
--------------------------------------------------------------------------------
Update Information:
Initial packaging
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1292413 - Review Request: nodejs-es6-iterator - Iterator abstraction based on
ES6 specification
https://bugzilla.redhat.com/show_bug.cgi?id=1292413
--------------------------------------------------------------------------------
================================================================================
nodejs-es6-symbol-3.0.2-1.el6 (FEDORA-EPEL-2015-e5a22e98d5)
ECMAScript 6 Symbol polyfill
--------------------------------------------------------------------------------
Update Information:
Update to upstream 3.0.2 release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1292412 - Review Request: nodejs-es6-symbol - ECMAScript 6 Symbol polyfill
https://bugzilla.redhat.com/show_bug.cgi?id=1292412
--------------------------------------------------------------------------------
================================================================================
nodejs-is-windows-0.1.0-1.el6 (FEDORA-EPEL-2015-516682f7f0)
Returns true if the platform is windows
--------------------------------------------------------------------------------
Update Information:
Initial packaging
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1292295 - Review Request: nodejs-is-windows - Returns true if the platform is
windows
https://bugzilla.redhat.com/show_bug.cgi?id=1292295
--------------------------------------------------------------------------------
================================================================================
nodejs-next-tick-0.2.2-2.el6 (FEDORA-EPEL-2015-7c380807dc)
Environment agnostic nextTick polyfill
--------------------------------------------------------------------------------
Update Information:
Initial packaging
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1292400 - Review Request: nodejs-next-tick - Environment agnostic nextTick
polyfill
https://bugzilla.redhat.com/show_bug.cgi?id=1292400
--------------------------------------------------------------------------------
================================================================================
pcsc-cyberjack-3.99.5final.SP08-2.el6 (FEDORA-EPEL-2015-3c011e013b)
PC/SC driver for REINER SCT cyberjack USB chip card reader
--------------------------------------------------------------------------------
Update Information:
New upstream, spec-file cleanup.
--------------------------------------------------------------------------------
================================================================================
perl-Net-Whois-IP-1.18-1.el6 (FEDORA-EPEL-2015-d6b9531f80)
Perl extension for looking up the whois information for ip addresses
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release 1.18 (rhbz#1290619)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1290619 - perl-Net-Whois-IP-1.18 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1290619
--------------------------------------------------------------------------------
================================================================================
shinken-2.4.2-2.el6 (FEDORA-EPEL-2015-39af137508)
Python Monitoring tool
--------------------------------------------------------------------------------
Update Information:
subtitute bad user to nagios,
--------------------------------------------------------------------------------
================================================================================
sysreporter-3.0.2-1.el6 (FEDORA-EPEL-2015-e12d03b67f)
Basic system reporter with emailing
--------------------------------------------------------------------------------
Update Information:
Update to 3.0.2 ---- Upgrade to alpha4 ---- Initial build of sysreporter
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1292659 - sysreporter-v3.0.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1292659
[ 2 ] Bug #1291459 - Review Request: sysreporter - Basic system reporter with emailing
https://bugzilla.redhat.com/show_bug.cgi?id=1291459
--------------------------------------------------------------------------------