The following Fedora EPEL 6 Security updates need testing:
Age URL
148
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828
chicken-4.9.0.1-4.el6
130
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031
python-virtualenv-12.0.7-1.el6
124
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168
rubygem-crack-0.3.2-2.el6
56
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8148 optipng-0.7.5-5.el6
56
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6
44
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-68a2c2db36
python-pymongo-3.0.3-1.el6
14
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb
mcollective-2.8.4-1.el6
14
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-28606b6d1d
perl-HTML-Scrubber-0.15-1.el6.1
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-5d63583df0
metis-5.1.0-7.el6
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e195439195
drupal7-jquery_update-2.7-1.el6
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-967595b7c1
wildmagic5-5.13-12.el6
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8fc6f35cc9
MUMPS-5.0.1-4.el6
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-d47ae2d16b
owncloud-7.0.11-1.el6
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-a7d37297d4
telegram-cli-1.3.1-7.20150730git2052f4.el6
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-0ae4daf2d6
tubo-5.0.15-3.el6
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-b4ebe76583
putty-0.63-5.el6
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-20cb365c26
zarafa-7.1.14-1.el6
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-260d131310
libpng10-1.0.64-1.el6
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8161a5151b
ProDy-1.7.1-1.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-b76c1e5912
potrace-1.13-2.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-2fad2e45f6
monitorix-3.8.1-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
monitorix-3.8.1-1.el6
proftpd-1.3.3g-7.el6
python-dirq-1.7-1.el6
Details about builds:
================================================================================
monitorix-3.8.1-1.el6 (FEDORA-EPEL-2015-2fad2e45f6)
A free, open source, lightweight system monitoring tool
--------------------------------------------------------------------------------
Update Information:
This is a maintenance release that mainly fixes a Document Object Model
(DOM)-based cross-site scripting (XSS) vulnerability in the monitorix.cgi file.
Such vulnerability is by injection a JS code in the when parameter of the URL
shown after generating the graphs. Additionally, a potential denial of service
(DoS) issue was discovered in the same when parameter of the URL which could
lead in the creation of an enormous amount of .png files in the imgs directory
of the server.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1281979 - monitorix-3.8.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1281979
--------------------------------------------------------------------------------
================================================================================
proftpd-1.3.3g-7.el6 (FEDORA-EPEL-2015-a57010c117)
Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:
This update adds support for specifying TLSv1.1 and TLSv1.2 as values for
TLSProtocol in the mod_tls configuration. The mod_tls module is still disabled
by default and the default value for TLSProtocol remains as "SSLv23 TLSv1", so
the newer protocols must be explicitly enabled if desired.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1281493 - Unable to use TLSv1.1 or TLSv1.2 protocol when TLSProtocol is set
to TLSv1
https://bugzilla.redhat.com/show_bug.cgi?id=1281493
--------------------------------------------------------------------------------
================================================================================
python-dirq-1.7-1.el6 (FEDORA-EPEL-2015-1ac94fc8d0)
Directory based queue
--------------------------------------------------------------------------------
Update Information:
Updated to latest upstream version.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1281769 - python-dirq-1.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1281769
--------------------------------------------------------------------------------