The following Fedora EPEL 6 Security updates need testing:
Age URL
143
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828
chicken-4.9.0.1-4.el6
126
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031
python-virtualenv-12.0.7-1.el6
120
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168
rubygem-crack-0.3.2-2.el6
51
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8148 optipng-0.7.5-5.el6
51
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6
39
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-68a2c2db36
python-pymongo-3.0.3-1.el6
15
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-ba19b1c7eb
php-horde-horde-5.2.8-1.el6 php-horde-imp-6.2.11-1.el6 php-horde-ingo-3.2.7-1.el6
php-horde-passwd-5.0.4-1.el6
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb
mcollective-2.8.4-1.el6
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-28606b6d1d
perl-HTML-Scrubber-0.15-1.el6.1
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-5d63583df0
metis-5.1.0-7.el6
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e195439195
drupal7-jquery_update-2.7-1.el6
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-967595b7c1
wildmagic5-5.13-12.el6
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8fc6f35cc9
MUMPS-5.0.1-4.el6
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-d47ae2d16b
owncloud-7.0.11-1.el6
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-a7d37297d4
telegram-cli-1.3.1-7.20150730git2052f4.el6
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-0ae4daf2d6
tubo-5.0.15-3.el6
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-b4ebe76583
putty-0.63-5.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-20cb365c26
zarafa-7.1.14-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
clustershell-1.7-1.el6
livecd-tools-13.4.9-1.el6
sec-2.7.7-3.el6
zarafa-7.1.14-1.el6
Details about builds:
================================================================================
clustershell-1.7-1.el6 (FEDORA-EPEL-2015-597f247f89)
Python framework for efficient cluster administration
--------------------------------------------------------------------------------
Update Information:
clustershell-1.7-1.el6 - update to 1.7 - add explicit file attributes
required for ghost groups file
--------------------------------------------------------------------------------
================================================================================
livecd-tools-13.4.9-1.el6 (FEDORA-EPEL-2015-b5ec93dc2b)
Tools for building live CDs
--------------------------------------------------------------------------------
Update Information:
livecd-tools-13.4.9-1.el6 - Version 13.4.9 (bcl) - python-imgcreate: remove
-f from second lokkit call (#769457) (bcl)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1259864 - firewall rules in kickstart script are overwritten due to lokkit -f
call in /usr/lib/python2.6/site-packages/imgcreate/kickstart.py
https://bugzilla.redhat.com/show_bug.cgi?id=1259864
--------------------------------------------------------------------------------
================================================================================
sec-2.7.7-3.el6 (FEDORA-EPEL-2015-70084b08e9)
Simple Event Correlator script to filter log file entries
--------------------------------------------------------------------------------
Update Information:
Add an optional timeout to the init script rule stop ---- Update init script
in order to send SIGTERM instead of SIGKILL for stop rule ---- While rotating
logfiles do not do a full restart of the sec instance
--------------------------------------------------------------------------------
================================================================================
zarafa-7.1.14-1.el6 (FEDORA-EPEL-2015-20cb365c26)
Open Source Edition of the Zarafa Collaboration Platform
--------------------------------------------------------------------------------
Update Information:
Zarafa Collaboration Platform 7.1.14 final [51822]
================================================== - ZCP-13581: update fck-
editor (for webaccess) to solve CVE-2012-4000 - ZCP-13572: CVE-2015-6566 -
zarafa-autorespond suffers from a potential local privilege escalation -
ZCP-13087: Meeting requests are not being sent with Thunderbird Lightning due to
new functionality - ZCP-13608: Attachments are missing in the Sent items folder
when using a cache profile - ZCP-13243: ser_safe_mode falsely reports that it
would delete users
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1263006 - CVE-2015-6566 zarafa: Potential local privilege escalation in
zarafa-autorespond
https://bugzilla.redhat.com/show_bug.cgi?id=1263006
--------------------------------------------------------------------------------