The following Fedora EPEL 6 Security updates need testing:
Age URL
956
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168
rubygem-crack-0.3.2-2.el6
846
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb
mcollective-2.8.4-1.el6
817
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9
thttpd-2.25b-24.el6
428
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac
libbsd-0.8.3-2.el6
157
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4c76ddcc92
libmspack-0.6-0.1.alpha.el6
77
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6aaee32b7e
optipng-0.7.6-6.el6
48
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-8c9006d462
heimdal-7.5.0-1.el6
43
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-752a7c9ad4
rootsh-1.5.3-17.el6
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-f742513635
jhead-3.00-9.el6
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-be69c94866
clamav-0.99.3-8.el6
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-87b20f1b26
exim-4.90.1-2.el6
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c8346d8e5
mbedtls-2.7.0-1.el6
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-76121890f9
seamonkey-2.49.2-2.el6
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-6ac908eac8
openjpeg2-2.3.0-6.el6
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-2ffe688829
freexl-1.0.5-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
copr-cli-1.67-1.el6
drupal7-7.57-1.el6
python-copr-1.86-1.el6
python2-zope-interface-3.5.2-0.el6
Details about builds:
================================================================================
copr-cli-1.67-1.el6 (FEDORA-EPEL-2018-df2ed07775)
Command line interface for COPR
--------------------------------------------------------------------------------
Update Information:
- remove Group tag - Shebangs cleanup - fix deps in spec - allow running tests
only for epel7 - tests also for python2 during builds - new custom source method
- require to specify project when building module ---- - allow to set
use_bootstrap_container via API
--------------------------------------------------------------------------------
================================================================================
drupal7-7.57-1.el6 (FEDORA-EPEL-2018-5d12c76136)
An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:
This update fixes multiple security vulnerabilities. Read more details here:
https://www.drupal.org/SA-CORE-2018-001
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1548191 - drupal7: drupal: JavaScript cross-site scripting in checkPlain
function [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1548191
[ 2 ] Bug #1548326 - drupal7: drupal: Multiple vulnerabilities fixed in 7.57 and 8.4.5
(SA-CORE-2018-001) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1548326
[ 3 ] Bug #1548202 - drupal7: drupal: External link injection on 404 pages when linking
to the current page [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1548202
[ 4 ] Bug #1548198 - drupal7: drupal: jQuery vulnerability with untrusted domains
requests via Ajax [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1548198
[ 5 ] Bug #1548194 - drupal7: drupal: Private file access bypass in Drupal private file
system [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1548194
[ 6 ] Bug #1548190 - drupal7: drupal: JavaScript cross-site scripting in checkPlain
function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1548190
[ 7 ] Bug #1547793 - drupal7-7.57 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1547793
--------------------------------------------------------------------------------
================================================================================
python-copr-1.86-1.el6 (FEDORA-EPEL-2018-b1a98eef28)
Python interface for Copr
--------------------------------------------------------------------------------
Update Information:
- remove Group tag - build python2-copr package conditionally - Remove
unnecessary shebang sed in copr-cli.spec and python-copr.spec - fix deps in spec
- new custom source method - use username from config if nothing is explicitly
specified - remove outdated modularity code - require to specify project when
building module
--------------------------------------------------------------------------------
================================================================================
python2-zope-interface-3.5.2-0.el6 (FEDORA-EPEL-2018-890235d0f2)
Dummy package depending on python-zope-interface
--------------------------------------------------------------------------------
Update Information:
This package exists only to allow packagers to uniformly depend upon python2
-zope-interface.
--------------------------------------------------------------------------------