The following Fedora EPEL 6 Security updates need testing:
Age URL
790
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3....
137
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0440/fwsnort-1.6...
122
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0590/oath-toolki...
81
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1011/php-ZendFra...
31
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1471/chicken-4.8...
27
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1477/drupal7-vie...
17
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1563/mono-2.10.8...
16
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1572/chkrootkit-...
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1584/python-djbl...
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7....
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1608/mcollective...
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1612/tor-0.2.4.2...
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1628/hiera-1.0.0...
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1634/python-djan...
6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1648/owncloud-6....
6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1649/python-jinj...
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1657/lynis-1.5.6...
3
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1627/php-horde-H...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1694/zabbix-1.8....
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1693/perl-Email-...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1698/zabbix20-2....
The following builds have been pushed to Fedora EPEL 6 updates-testing
libgit2-0.21.0-1.el6
perl-Email-Address-1.905-1.el6
silvia-0.2.2-0.6.f14d948git.el6
sys_basher-2.0.1-5.el6
zabbix-1.8.20-2.el6
zabbix20-2.0.12-2.el6
Details about builds:
================================================================================
libgit2-0.21.0-1.el6 (FEDORA-EPEL-2014-1692)
C implementation of the Git core methods as a library with a solid API
--------------------------------------------------------------------------------
Update Information:
libgit 0.21.0
--------------------------------------------------------------------------------
================================================================================
perl-Email-Address-1.905-1.el6 (FEDORA-EPEL-2014-1693)
RFC 2822 Address Parsing and Creation
--------------------------------------------------------------------------------
Update Information:
Update to 1.905, fixes CVE-2014-0477.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jun 20 2014 Tom Callaway <spot(a)fedoraproject.org> - 1.905-1
- update to 1.905
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.903-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue Apr 22 2014 Tom Callaway <spot(a)fedoraproject.org> - 1.903-1
- update to 1.903
* Thu Feb 13 2014 Tom Callaway <spot(a)fedoraproject.org> - 1.901-1
- update to 1.901
* Fri Aug 16 2013 Tom Callaway <spot(a)fedoraproject.org> - 1.900-1
- update to 1.900
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.898-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sat Jul 20 2013 Petr Pisar <ppisar(a)redhat.com> - 1.898-3
- Perl 5.18 rebuild
* Wed Jun 26 2013 Jitka Plesnikova <jplesnik(a)redhat.com> - 1.898-2
- Specify all dependencies
- Drop %defattr, remove %clean section
- Don't need to remove empty directories from the buildroot
- Use DESTDIR rather than PERL_INSTALL_ROOT
* Fri Feb 8 2013 Tom Callaway <spot(a)fedoraproject.org> - 1.898-1
- update to 1.898
* Wed Dec 19 2012 Tom Callaway <spot(a)fedoraproject.org> - 1.897-1
- update to 1.897
* Tue Sep 18 2012 Marcela Mašláňová <mmaslano(a)redhat.com> 1.896-1
- update to 1.896
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.889-12
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Tue Jun 12 2012 Petr Pisar <ppisar(a)redhat.com> - 1.889-11
- Perl 5.16 rebuild
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.889-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Mon Jun 20 2011 Marcela Mašláňová <mmaslano(a)redhat.com> - 1.889-9
- Perl mass rebuild
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.889-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Thu Dec 16 2010 Marcela Maslanova <mmaslano(a)redhat.com> - 1.889-7
- 661697 rebuild for fixing problems with vendorach/lib
* Sat May 1 2010 Marcela Maslanova <mmaslano(a)redhat.com> - 1.889-6
- Mass rebuild with perl-5.12.0
* Fri Apr 30 2010 Marcela Maslanova <mmaslano(a)redhat.com> - 1.889-5
- Mass rebuild with perl-5.12.0
* Mon Dec 7 2009 Stepan Kasal <skasal(a)redhat.com> - 1.889-4
- rebuild against perl 5.10.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1110723 - CVE-2014-0477 perl-Email-Address: Denial-of-Service in
Email::Address::parse
https://bugzilla.redhat.com/show_bug.cgi?id=1110723
--------------------------------------------------------------------------------
================================================================================
silvia-0.2.2-0.6.f14d948git.el6 (FEDORA-EPEL-2014-1695)
SImple Library for the Verification and Issuance of Attributes
--------------------------------------------------------------------------------
Update Information:
Update to newest git version.
This version introduces silvia_manager and silvia_proxy.
--------------------------------------------------------------------------------
================================================================================
sys_basher-2.0.1-5.el6 (FEDORA-EPEL-2014-1691)
A multithreaded hardware exerciser
--------------------------------------------------------------------------------
Update Information:
Added the ability to identify an individual DIMM
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 19 2014 Joshua Rosen <bjrosen(a)polybus.com>
- 2.0.1-5 Excluded all arms, added CPU Frequency tracking, added sys_basher_setup script
to generate DMI info for sys_basher
* Wed Jun 18 2014 Joshua Rosen <bjrosen(a)polybus.com>
- 2.0.1-4 Excluded armv7hl
* Tue Jun 17 2014 Joshua Rosen <bjrosen(a)polybus.com>
- 2.0.1-2 Can now identify the location of a bad DIMM
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.1.25-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
zabbix-1.8.20-2.el6 (FEDORA-EPEL-2014-1694)
Open-source monitoring solution for your IT infrastructure
--------------------------------------------------------------------------------
Update Information:
Patch CVE-2014-3005 (local file inclusion via XXE attack)
https://support.zabbix.com/browse/ZBX-8151
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jun 20 2014 Volker Fröhlich <volker27(a)gmx.at> - 1.8.20-2
- Patch for ZBX-8151 (Local file inclusion via XXE attack) -- CVE-2014-3005
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1110496 - CVE-2014-3005 zabbix: local file inclusion via XXE attack
https://bugzilla.redhat.com/show_bug.cgi?id=1110496
--------------------------------------------------------------------------------
================================================================================
zabbix20-2.0.12-2.el6 (FEDORA-EPEL-2014-1698)
Open-source monitoring solution for your IT infrastructure
--------------------------------------------------------------------------------
Update Information:
Patch CVE-2014-3005 (local file inclusion via XXE attack)
https://support.zabbix.com/browse/ZBX-8151
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jun 20 2014 Volker Fröhlich <volker27(a)gmx.at> - 2.0.12-2
- Patch for ZBX-8151 (Local file inclusion via XXE attack) -- CVE-2014-3005
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1110496 - CVE-2014-3005 zabbix: local file inclusion via XXE attack
https://bugzilla.redhat.com/show_bug.cgi?id=1110496
--------------------------------------------------------------------------------