The following Fedora EPEL 6 Security updates need testing: Age URL 239 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828 chicken-4.9.0.1-4.el6 221 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 215 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 147 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8148 optipng-0.7.5-5.el6 147 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6 105 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 77 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-579c4e2951 prosody-0.9.10-1.el6 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6eee18cd6e phpMyAdmin-4.0.10.14-1.el6 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-eb496fe204 python-pymongo-2.5.2-3.el6.1 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-cd56c646d5 wordpress-4.4.2-1.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-cb3b95bd2f firebird-2.5.5.26952.0-2.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8aee7a9340 php-horde-horde-5.2.9-1.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-f61ec30f9f poco-1.4.2p1-3.el6 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-791080c274 nodejs-0.10.42-4.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-eb24bfea0d octave-3.4.3-2.el6 gdl-0.9.5-4.el6 GraphicsMagick-1.3.23-4.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
GraphicsMagick-1.3.23-4.el6 MUMPS-5.0.1-12.el6 exim-4.72-8.el6 freight-0.3.5-7.el6 gdl-0.9.5-4.el6 octave-3.4.3-2.el6 osbs-client-0.17-1.el6 perl-Text-Levenshtein-Damerau-XS-3.1-3.el6 php-horde-kronolith-4.2.14-1.el6 xrootd-4.2.3-5.el6
Details about builds:
================================================================================ GraphicsMagick-1.3.23-4.el6 (FEDORA-EPEL-2016-eb24bfea0d) An ImageMagick fork, offering faster image generation and better quality -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2015-8808 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1305505 - CVE-2015-8808 GraphicsMagick: out-of-bound read in the parsing of GIF files https://bugzilla.redhat.com/show_bug.cgi?id=1305505 --------------------------------------------------------------------------------
================================================================================ MUMPS-5.0.1-12.el6 (FEDORA-EPEL-2016-79dda7684e) A MUltifrontal Massively Parallel sparse direct Solver -------------------------------------------------------------------------------- Update Information:
- Added linker flags to fix unused-direct-shlib-dependency --------------------------------------------------------------------------------
================================================================================ exim-4.72-8.el6 (FEDORA-EPEL-2016-8e8ac9dfda) The exim mail transfer agent -------------------------------------------------------------------------------- Update Information:
This is an update backporting openssl_options which can be used for e.g. disablement of SSLv3. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1274822 - Why there is still exim 4.72 in epel 6? https://bugzilla.redhat.com/show_bug.cgi?id=1274822 --------------------------------------------------------------------------------
================================================================================ freight-0.3.5-7.el6 (FEDORA-EPEL-2016-e6d7b375ed) A modern take on the Debian archive -------------------------------------------------------------------------------- Update Information:
- Fix compatibility with apt 1.1 (Debian Stretch, Ubuntu Xenial) --------------------------------------------------------------------------------
================================================================================ gdl-0.9.5-4.el6 (FEDORA-EPEL-2016-eb24bfea0d) GNU Data Language -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2015-8808 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1305505 - CVE-2015-8808 GraphicsMagick: out-of-bound read in the parsing of GIF files https://bugzilla.redhat.com/show_bug.cgi?id=1305505 --------------------------------------------------------------------------------
================================================================================ octave-3.4.3-2.el6 (FEDORA-EPEL-2016-eb24bfea0d) A high-level language for numerical computations -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2015-8808 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1305505 - CVE-2015-8808 GraphicsMagick: out-of-bound read in the parsing of GIF files https://bugzilla.redhat.com/show_bug.cgi?id=1305505 --------------------------------------------------------------------------------
================================================================================ osbs-client-0.17-1.el6 (FEDORA-EPEL-2016-2ec215e35e) Python command line client for OpenShift Build Service -------------------------------------------------------------------------------- Update Information:
New upstream release. --------------------------------------------------------------------------------
================================================================================ perl-Text-Levenshtein-Damerau-XS-3.1-3.el6 (FEDORA-EPEL-2016-c57b34286a) XS Damerau Levenshtein edit distance -------------------------------------------------------------------------------- Update Information:
3.1 Wed Jan 27 13:48:56 - Better maxDistance short circuiting - Fix a possible read-past-by-1 loop memory problem pointed out (reported by Karl Williamson) 3.0 Fri Jun 01 22:29:17 - maxDistance incorrect results patched with non- optimal solution - some XS API changes to try and pass weird OpenBSD failures 2.9 Wed May 22 14:39:31 2013 - Hacked in fix for maxDistance, needs to be redone optimally 2.8 Fri Jan 25 10:41:04 2013 - Removed unused function causing problems on certain windows builds. 2.7 Wed Jan 23 10:52:38 2013 - Fixed memory leak from alloca->malloc switch 2.6 Sat Jan 19 12:09:57 2013 - Changed alloca to malloc for source/target strings -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1308272 - perl-Text-Levenshtein-Damerau-XS: additional builds https://bugzilla.redhat.com/show_bug.cgi?id=1308272 --------------------------------------------------------------------------------
================================================================================ php-horde-kronolith-4.2.14-1.el6 (FEDORA-EPEL-2016-3875388cfc) A web based calendar -------------------------------------------------------------------------------- Update Information:
**Kronolith 4.2.14** * [mjr] Fix issue deleting and closing event dialog during event deletion. * [mjr] Honor the SCHEDULE-AGENT attribute during CalDAV import. ---- **Kronolith 4.2.13** * [mjr] Add missing EAS ghosted property support for all EAS versions. Prevents potential loss of event data during synchronization. **Kronolith 4.2.12** * [mjr] Fix missing truncated event description when using ActiveSync. * [jan] Fix week number in basic view if week starts on Sundays. * [mjr] Fix issue where new event could be created with exceptions from previously edited event. * [jan] Mark preferences only available in basic mode. * [jan] Use access rules compatible with both Apache 2.2 and 2.4. * [jan] Fix accidental deletion of events if importing recurring events without a UID attribute (Bug #14208). * [mjr] Honor confirm_delete preference in dynamic view (Bug #14188). * [mjr] Correctly deal with cancelled meetings via ActiveSync. * [mjr] Fix visibility of alarm titles when alarm is generated via CLI (Bug #14154). * [mjr] Fix display of embed code by adding the full url. --------------------------------------------------------------------------------
================================================================================ xrootd-4.2.3-5.el6 (FEDORA-EPEL-2016-804c340f3c) Extended ROOT file server -------------------------------------------------------------------------------- Update Information:
- Use upstream's patch for the pthread segfault - Backport fixes for gcc 6 from upstream -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1308258 - xrootd: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1308258 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org