The following Fedora EPEL 6 Security updates need testing:
Age URL
228
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828
chicken-4.9.0.1-4.el6
210
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031
python-virtualenv-12.0.7-1.el6
204
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168
rubygem-crack-0.3.2-2.el6
135
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8148 optipng-0.7.5-5.el6
135
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6
94
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb
mcollective-2.8.4-1.el6
66
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9
thttpd-2.25b-24.el6
26
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-819f6356ea
tomcat-7.0.65-1.el6
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-a0881ad244
gsi-openssh-5.3p1-12.el6
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-2fac4bfaba
privoxy-3.0.23-2.el6
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-d0e6303e27
p7zip-15.09-9.el6
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-579c4e2951
prosody-0.9.10-1.el6
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6eee18cd6e
phpMyAdmin-4.0.10.14-1.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-eb496fe204
python-pymongo-2.5.2-3.el6.1
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-cd56c646d5
wordpress-4.4.2-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
copr-cli-1.47-1.el6
csmock-1.9.0-1.el6
cswrap-1.3.1-1.el6
freight-0.3.5-5.el6
python-boto-2.39.0-1.el6
python-copr-1.65-1.el6
python-mwclient-0.8.0-2.el6
python-pymongo-2.5.2-3.el6.1
rubygem-rest-client-1.6.1-3.el6
sundials-2.6.2-15.el6
wordpress-4.4.2-1.el6
Details about builds:
================================================================================
copr-cli-1.47-1.el6 (FEDORA-EPEL-2016-0b304178f6)
Command line interface for COPR
--------------------------------------------------------------------------------
Update Information:
Bug fixes. ---- Allow to send builds in the group project.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1261125 - Use requests-toolbelt to upload srpms
https://bugzilla.redhat.com/show_bug.cgi?id=1261125
[ 2 ] Bug #1292033 - copr-cli ignores multiple package arguments if the first is a local
file
https://bugzilla.redhat.com/show_bug.cgi?id=1292033
[ 3 ] Bug #1298672 - copr-cli create raises TypeError
https://bugzilla.redhat.com/show_bug.cgi?id=1298672
[ 4 ] Bug #1298674 - copr-cli build hangs during upload
https://bugzilla.redhat.com/show_bug.cgi?id=1298674
[ 5 ] Bug #1302615 - UnboundLocalError: local variable 'bar' referenced before
assignment when building from URLs
https://bugzilla.redhat.com/show_bug.cgi?id=1302615
[ 6 ] Bug #1276105 - copr-cli 1.45 errors on el6
https://bugzilla.redhat.com/show_bug.cgi?id=1276105
[ 7 ] Bug #1299243 - RFE: New version of copr-cli (requires rebase of python-copr too)
https://bugzilla.redhat.com/show_bug.cgi?id=1299243
--------------------------------------------------------------------------------
================================================================================
csmock-1.9.0-1.el6 (FEDORA-EPEL-2016-4808a6820e)
A mock wrapper for Static Analysis tools
--------------------------------------------------------------------------------
Update Information:
update to latest upstream
--------------------------------------------------------------------------------
================================================================================
cswrap-1.3.1-1.el6 (FEDORA-EPEL-2016-4808a6820e)
Generic compiler wrapper
--------------------------------------------------------------------------------
Update Information:
update to latest upstream
--------------------------------------------------------------------------------
================================================================================
freight-0.3.5-5.el6 (FEDORA-EPEL-2016-e6d7b375ed)
A modern take on the Debian archive
--------------------------------------------------------------------------------
Update Information:
- Fix compatibility with apt 1.1 (Debian Stretch, Ubuntu Xenial)
--------------------------------------------------------------------------------
================================================================================
python-boto-2.39.0-1.el6 (FEDORA-EPEL-2016-e7a11b633e)
A simple, lightweight interface to Amazon Web Services
--------------------------------------------------------------------------------
Update Information:
This update fixes several bugs and adds support for the new ap-northeast-2 AWS
region. For more details, see the [full
changelog](http://boto.cloudhackers.com/en/latest/releasenotes/v2.39.0.html)
from upstream.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1300424 - Update python-boto to 2.39
https://bugzilla.redhat.com/show_bug.cgi?id=1300424
--------------------------------------------------------------------------------
================================================================================
python-copr-1.65-1.el6 (FEDORA-EPEL-2016-0b304178f6)
Python interface for Copr
--------------------------------------------------------------------------------
Update Information:
Bug fixes. ---- Allow to send builds in the group project.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1261125 - Use requests-toolbelt to upload srpms
https://bugzilla.redhat.com/show_bug.cgi?id=1261125
[ 2 ] Bug #1292033 - copr-cli ignores multiple package arguments if the first is a local
file
https://bugzilla.redhat.com/show_bug.cgi?id=1292033
[ 3 ] Bug #1298672 - copr-cli create raises TypeError
https://bugzilla.redhat.com/show_bug.cgi?id=1298672
[ 4 ] Bug #1298674 - copr-cli build hangs during upload
https://bugzilla.redhat.com/show_bug.cgi?id=1298674
[ 5 ] Bug #1302615 - UnboundLocalError: local variable 'bar' referenced before
assignment when building from URLs
https://bugzilla.redhat.com/show_bug.cgi?id=1302615
[ 6 ] Bug #1276105 - copr-cli 1.45 errors on el6
https://bugzilla.redhat.com/show_bug.cgi?id=1276105
[ 7 ] Bug #1299243 - RFE: New version of copr-cli (requires rebase of python-copr too)
https://bugzilla.redhat.com/show_bug.cgi?id=1299243
--------------------------------------------------------------------------------
================================================================================
python-mwclient-0.8.0-2.el6 (FEDORA-EPEL-2016-7e09252542)
Mwclient is a client to the MediaWiki API
--------------------------------------------------------------------------------
Update Information:
This update provides the new release of python-mwclient. The major new feature
in this release is Python 3 compatibility, so a python3-mwclient subpackage is
added for Fedora releases (not yet for EPEL, as I'm waiting for the whole
question of how we're going to do Python 3 on EPEL to be nailed down). python-
mwclient is renamed to python2-mwclient, with appropriate Provides and
Obsoletes. There is one minor backwards compatibility break; `Page.save()`'s
behaviour has changed slightly, in that if you previously passed a section
number to `Page.text()`, it will not be used for a subsequent `Page.save()`
call. This change should not affect either of Fedora's packaged consumers
(parley and python-wikitcms). More details on this and the other changes in the
new release can be found in `RELEASE-NOTES.md`.
--------------------------------------------------------------------------------
================================================================================
python-pymongo-2.5.2-3.el6.1 (FEDORA-EPEL-2016-eb496fe204)
Python driver for MongoDB
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2013-2099, CVE-2013-7440
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1224999 - CVE-2013-7440 python: wildcard matching rules do not follow RFC
6125
https://bugzilla.redhat.com/show_bug.cgi?id=1224999
[ 2 ] Bug #963260 - CVE-2013-2099 python: ssl.match_hostname() DoS via certificates with
specially crafted hostname wildcard patterns
https://bugzilla.redhat.com/show_bug.cgi?id=963260
--------------------------------------------------------------------------------
================================================================================
rubygem-rest-client-1.6.1-3.el6 (FEDORA-EPEL-2016-0ad1e24118)
Simple REST client for Ruby
--------------------------------------------------------------------------------
Update Information:
Re-import in EPEL 6. After the package has been retired because orphaned for
more than 6 weeks.
--------------------------------------------------------------------------------
================================================================================
sundials-2.6.2-15.el6 (FEDORA-EPEL-2016-d99bef4fcc)
Suite of nonlinear solvers
--------------------------------------------------------------------------------
Update Information:
- Built on EPEL6 - Fix OpenMPI compilers - MPICH libraries enabled - Cmake's MPI
Fortran compiler test disabled - Included pkgconfig files for MPICH libraries
--------------------------------------------------------------------------------
================================================================================
wordpress-4.4.2-1.el6 (FEDORA-EPEL-2016-cd56c646d5)
Blog tool and publishing platform
--------------------------------------------------------------------------------
Update Information:
**WordPress 4.4.2 Security and Maintenance Release** WordPress 4.4.2 is now
available. This is a security release for all previous versions and we strongly
encourage you to update your sites immediately. WordPress versions 4.4.1 and
earlier are affected by two security issues: a possible SSRF for certain local
URIs, reported by Ronni Skansing; and an open redirection attack, reported by
Shailesh Suthar. Thank you to both reporters for practicing responsible
disclosure. In addition to the security issues above, WordPress 4.4.2 fixes 17
bugs from 4.4 and 4.4.1. For more information, see the [release
notes](https://codex.wordpress.org/Version_4.4.2) or consult the [list of
changes](https://core.trac.wordpress.org/query?milestone=4.4.2).
--------------------------------------------------------------------------------