The following Fedora EPEL 6 Security updates need testing:
Age URL
235
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828
chicken-4.9.0.1-4.el6
217
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031
python-virtualenv-12.0.7-1.el6
211
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168
rubygem-crack-0.3.2-2.el6
143
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8148 optipng-0.7.5-5.el6
143
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6
101
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb
mcollective-2.8.4-1.el6
73
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9
thttpd-2.25b-24.el6
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-579c4e2951
prosody-0.9.10-1.el6
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6eee18cd6e
phpMyAdmin-4.0.10.14-1.el6
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-eb496fe204
python-pymongo-2.5.2-3.el6.1
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-cd56c646d5
wordpress-4.4.2-1.el6
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-cb3b95bd2f
firebird-2.5.5.26952.0-2.el6
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8aee7a9340
php-horde-horde-5.2.9-1.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-f61ec30f9f
poco-1.4.2p1-3.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-791080c274
nodejs-0.10.42-4.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
enca-1.18-1.el6
globus-gram-job-manager-14.27-3.el6
knot-1.6.7-1.el6
libecb-0.20160209-1.el6
miniz-1.15-3.r4.el6
nodejs-0.10.42-4.el6
perl-File-Edit-Portable-1.18-1.el6
perl-Tie-Hash-Method-0.02-2.el6
python-pg8000-1.10.3-4.el6
rubygem-sequel-4.31.0-1.el6
shogun-data-0.10-1.el6
Details about builds:
================================================================================
enca-1.18-1.el6 (FEDORA-EPEL-2016-0b85185319)
Character set analyzer and detector
--------------------------------------------------------------------------------
Update Information:
Update to 1.18
--------------------------------------------------------------------------------
================================================================================
globus-gram-job-manager-14.27-3.el6 (FEDORA-EPEL-2016-e9edacf3d5)
Globus Toolkit - GRAM Jobmanager
--------------------------------------------------------------------------------
Update Information:
Adjust build requires due to perl package split.
--------------------------------------------------------------------------------
================================================================================
knot-1.6.7-1.el6 (FEDORA-EPEL-2016-c8569ec639)
An authoritative DNS daemon
--------------------------------------------------------------------------------
Update Information:
new upstream release: - improvement: Log change of the zone serial number after
IXFR transfer - improvement: Document operational impact of various RRL settings
- improvement: Add support for rate-limit-slip zero - improvement: Add 'timer-
db' configuration option
--------------------------------------------------------------------------------
================================================================================
libecb-0.20160209-1.el6 (FEDORA-EPEL-2016-58fcd093aa)
Compiler built-ins
--------------------------------------------------------------------------------
Update Information:
This package provides a header library with compiler built-ins.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1305847 - libecb: please provide el6, epel7 branches
https://bugzilla.redhat.com/show_bug.cgi?id=1305847
--------------------------------------------------------------------------------
================================================================================
miniz-1.15-3.r4.el6 (FEDORA-EPEL-2016-13a260bdbe)
Compression library implementing the zlib and Deflate
--------------------------------------------------------------------------------
Update Information:
This package implements zlib and Deflate compression and decompression.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1305241 - miniz: please provide epel branches
https://bugzilla.redhat.com/show_bug.cgi?id=1305241
--------------------------------------------------------------------------------
================================================================================
nodejs-0.10.42-4.el6 (FEDORA-EPEL-2016-791080c274)
JavaScript runtime
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2016-2216, CVE-2016-2086
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1306203 - CVE-2016-2216 nodejs: Response splitting vulnerability using
Unicode characters
https://bugzilla.redhat.com/show_bug.cgi?id=1306203
[ 2 ] Bug #1306200 - CVE-2016-2086 nodejs: Request smuggling vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=1306200
--------------------------------------------------------------------------------
================================================================================
perl-File-Edit-Portable-1.18-1.el6 (FEDORA-EPEL-2016-e0c8bb15b2)
Read and write files while keeping the original line-endings intact
--------------------------------------------------------------------------------
Update Information:
1.18 2016-01-28 - flock() now disabled for all FreeBSD amd64 versions 1.17
2016-01-26 - dir() in write mode now does the transform with a file handle
instead of slurping the entire file into an array (performance) (closes #16) -
fixed bugtracker link in POD (fixes #17) - bumped prereq version of Mock::Sub to
1.06 due to new efficiencies - FreeBSD 10.1 and 9.2 amd64 fail on flock() in
write(), so we check for these versions and skip over the lock (prereq POSIX)
1.16 2016-01-22 - removed the write() lock test completely (closes #15) -
platform_recsep() can be used as the custom recsep to write(). Added tests to
confirm this (closes #12) - splice() now croaks if the 'line' param is sent in,
and it doesn't consist of only an integer (closes #10) - RHEL vendor .list build
files now ignored in MANIFEST (closes #14) - splice() now accepts both quoted
strings and qr// objects in the 'find' parameter (closes #13) - major POD
updates/fixes (closes #11) 1.15 2016-01-18 - we now LOCK_EX in write()
(prereq Fcntl) - new build prereqs File::Tempdir and File::Spec for tests -
cleaned up test data files - all temporary test files created with
File::Tempdir, removed several unlink()s within tests (and their accompanying
tests) 1.14 20160115 - build prereq Mock::Sub 1.01 added - test coverage
now at 100% 1.13 20151229 - closes #3; splice() now warns if both 'find'
and 'line' params are sent in, and 'line' takes precedence (and find
isn't used)
- closes #4; in dir()s write() call, the recsep is now checked with defined-or,
not for truth 1.12 20151209 - closes #1; Changes didn't contain 1.10
update - POD updates
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1285518 - Review Request: perl-File-Edit-Portable - Read and write files
while keeping the original line-endings intact
https://bugzilla.redhat.com/show_bug.cgi?id=1285518
--------------------------------------------------------------------------------
================================================================================
perl-Tie-Hash-Method-0.02-2.el6 (FEDORA-EPEL-2016-4ed75a3a68)
Tied hash with specific methods overridden by callbacks
--------------------------------------------------------------------------------
Update Information:
0.01 2008-07-24T21:59:18 CEST - Initial release 0.02
2008-07-25T00:04:22 CEST - Fixup release. Liz made some points which were
compelling enough I rewrote a chunk of the code. Some of the previous interface
changes, but hopefully for the better. And considering its only been released
for a few hours i think it shouldn't matter anyway.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1306198 - perl-Tie-Hash-Method: please provide el6, epel7 branch
https://bugzilla.redhat.com/show_bug.cgi?id=1306198
--------------------------------------------------------------------------------
================================================================================
python-pg8000-1.10.3-4.el6 (FEDORA-EPEL-2016-89b38eaf37)
Pure Python PostgreSQL Driver
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
================================================================================
rubygem-sequel-4.31.0-1.el6 (FEDORA-EPEL-2016-faf9e960f8)
The Database Toolkit for Ruby
--------------------------------------------------------------------------------
Update Information:
Updated to sequel 4.31.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1303792 - rubygem-sequel-4.31.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1303792
--------------------------------------------------------------------------------
================================================================================
shogun-data-0.10-1.el6 (FEDORA-EPEL-2016-6e08901be1)
Data-files for the SHOGUN machine learning toolbox
--------------------------------------------------------------------------------
Update Information:
new upstream release
--------------------------------------------------------------------------------