The following Fedora EPEL 6 Security updates need testing: Age URL 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-8905ccaea7 libidn2-2.3.0-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
hitch-1.5.0-4.el6 php-theseer-autoload-1.25.8-1.el6 tnef-1.4.18-1.el6
Details about builds:
================================================================================ hitch-1.5.0-4.el6 (FEDORA-EPEL-2019-d72e8adb23) Network proxy that terminates TLS/SSL connections -------------------------------------------------------------------------------- Update Information:
* Added a systemd limit.conf with defaults LimitCORE=infinity, LimitNOFILE=10240 * Hitch now supports a directory of certificate pem files; added pem-dir = "/etc/pki/tls/private" to the example config. * Changed systemd Type=forking matching the example config * This version is also packed for epel8 -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 12 2019 Ingvar Hagelund ingvar@redpill-linpro.com - 1.5.0-4 - Added support for epel8 - Added a systemd limit.conf with defaults LimitCORE=infinity, LimitNOFILE=10240 - Added pem-dir = "/etc/pki/tls/private" to the example config - Changed systemd Type=forking matching the example config, fixes bz #1731420 - Simplified handling of the _docdir macro * Thu Jul 25 2019 Fedora Release Engineering releng@fedoraproject.org - 1.5.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 1.5.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1731420 - Hitch service file not configured to detect error during initialization (Type=simple) https://bugzilla.redhat.com/show_bug.cgi?id=1731420 --------------------------------------------------------------------------------
================================================================================ php-theseer-autoload-1.25.8-1.el6 (FEDORA-EPEL-2019-3b231130df) A tool and library to generate autoload code -------------------------------------------------------------------------------- Update Information:
**Release 1.25.8** * Fix Regression [#92](https://github.com/theseer/Autoload/issues/92): PHPAB 1.25.7 generates broken PHAR for PHPUnit ---- **Release 1.25.7** * Fix: Static require or compile lists now properly process pathes relative to and above the base directory -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 25 2019 Remi Collet remi@remirepo.net - 1.25.8-1 - update to 1.25.8 * Fri Nov 15 2019 Remi Collet remi@remirepo.net - 1.25.7-1 - update to 1.25.7 --------------------------------------------------------------------------------
================================================================================ tnef-1.4.18-1.el6 (FEDORA-EPEL-2019-070e713b93) Extract files from email attachments like WINMAIL.DAT -------------------------------------------------------------------------------- Update Information:
tnef release 1.4.18. Security release to resolve [CVE-2019-18849](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18849) in which it may be possible to attack via a crafted email message extracted via tnef. -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 26 2019 David Timms iinet.net.au@dtimms - 1.4.18-1 - Update to release 1.4.18. Fixes CVE-2019-18849 - bug #1771891 - Add global builddolphin to enable -dolphin subpackage when available. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1771892 - CVE-2019-18849 tnef: security bypass in .ssh/authorized_keys file via an e-mail message [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1771892 [ 2 ] Bug #1771893 - CVE-2019-18849 tnef: security bypass in .ssh/authorized_keys file via an e-mail message [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1771893 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org