The following Fedora EPEL 6 Security updates need testing:
Age URL
191
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828
chicken-4.9.0.1-4.el6
173
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031
python-virtualenv-12.0.7-1.el6
167
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168
rubygem-crack-0.3.2-2.el6
98
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8148 optipng-0.7.5-5.el6
98
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6
87
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-68a2c2db36
python-pymongo-3.0.3-1.el6
57
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb
mcollective-2.8.4-1.el6
29
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9
thttpd-2.25b-24.el6
20
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-c1e2a347ee
xsupplicant-2.2.0-13.el6
16
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-df28a72135
shellinabox-2.19-1.el6
14
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-4ea455db6d
gwenhywfar-4.13.1-2.el6
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-06bd1d268e
nodejs-handlebars-4.0.5-1.el6
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-26f2bb9749
libpng10-1.0.66-1.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e29b297036
phpMyAdmin-4.0.10.12-1.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-d47aefe0b2
roundcubemail-1.0.8-1.el6
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-b94af2e025
seamonkey-2.39-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
nodejs-strip-json-comments-1.0.2-1.el6
nsd-4.1.7-3.el6
opendkim-2.10.3-3.el6
php-doctrine-cache-1.5.4-1.el6
php-solarium-3.5.1-1.el6
php-udan11-sql-parser-3.0.8-1.el6
phpMyAdmin-4.0.10.12-1.el6
python-configparser-3.5.0b2-1.el6
roundcubemail-1.0.8-1.el6
seamonkey-2.39-1.el6
sscep-0.6.1-1.20151228git68e354a.el6
wine-1.8-1.el6
Details about builds:
================================================================================
nodejs-strip-json-comments-1.0.2-1.el6 (FEDORA-EPEL-2015-4c5b9aa860)
Strip comments from JSON
--------------------------------------------------------------------------------
Update Information:
Upstream has released new version
--------------------------------------------------------------------------------
================================================================================
nsd-4.1.7-3.el6 (FEDORA-EPEL-2015-3f702eb49d)
Fast and lean authoritative DNS Name Server
--------------------------------------------------------------------------------
Update Information:
Improved integration for systemd, use PrivateTmp
--------------------------------------------------------------------------------
================================================================================
opendkim-2.10.3-3.el6 (FEDORA-EPEL-2015-5e01f07dc5)
A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail
--------------------------------------------------------------------------------
Update Information:
Added OpenLDAP support
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1293279 - opendkim miss LDAP support
https://bugzilla.redhat.com/show_bug.cgi?id=1293279
--------------------------------------------------------------------------------
================================================================================
php-doctrine-cache-1.5.4-1.el6 (FEDORA-EPEL-2015-f17b123872)
Doctrine Cache
--------------------------------------------------------------------------------
Update Information:
### v1.5.4 * 127: Path length of 259 is also not possible due to php bug ###
v1.5.3 * 113: Perform various tests on windows and this correction solved the
problem * 121: FileCache.php bug at line 140 in protected function getFilename *
122: Hotfix - #113 testing/correcting hashing for windows file path length
limitations * 124: Filenames are too long for windows * 125: Fix FileCache on
Windows ### v1.5.2 * 105: Fix fetch multiple with false * 107: fix file cache
naming under windows surpassing MAX_PATH * 108: Avoid MongoCursorException with
MongoCache ### v1.5.1 * 104: fetchMultiple problems with null and falsey
values ### v1.5.0 * 87: [enhancement] Predis cache improvement * 91: No need
to save the default namespace version * 92: travis: use container based build,
PHP 7 added * 94: fix file naming based on cache key * 97: unify bool(ean) and
add multi get support for wincache * 98: add travis cache and fix apcu
installation * 99: Update LICENSE * 100: composer: use PSR-4 autoload * 101:
Additional tests added ### v1.4.4 * 104: fetchMultiple problems with null and
falsey values ### v1.4.3 * 90: Fix CacheProvider::fetchMultiple if keys array
is empty * 91: No need to save the default namespace version * 95: Fix delete()
and flushAll()
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1276019 - php-doctrine-cache-v1.5.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1276019
--------------------------------------------------------------------------------
================================================================================
php-solarium-3.5.1-1.el6 (FEDORA-EPEL-2015-47b416e6a6)
Solarium PHP Solr client library
--------------------------------------------------------------------------------
Update Information:
**Version 3.5.1** - 2015-12-19 * Fix BC break in 3.5.0 release **Version
3.5.0** - 2015-12-09 - improvement: lots of code style fixes - improvement:
refactored 'base' plugin class to AbstractPlugin - improvement: removed old PHP
environments for Travis, added PHP7 - improvement: set license to a valid SPDX
license identifier - bugfix: PHAR generator updated to support namespacing -
bugfix: Collations broken for Solr 5 data format - added: Make it possible to
bypass (system-wide) proxy setting in Curl adapter - improvement: Added
SensioLabs Insight (including lots of fixed in the code based on report) -
added: ClientInterface - improvement: Set hard paths in .gitignore to prevent
tree lookups - added: Support for facet.contains settings - improvement: updated
Symfony event dispatcher dependency to a maintained version - added: docs in
repository (markdown format)
--------------------------------------------------------------------------------
================================================================================
php-udan11-sql-parser-3.0.8-1.el6 (FEDORA-EPEL-2015-7ad1d25ae8)
A validating SQL lexer and parser with a focus on MySQL dialect
--------------------------------------------------------------------------------
Update Information:
Bugfix version for phpMyAdmin 4.5.3
--------------------------------------------------------------------------------
================================================================================
phpMyAdmin-4.0.10.12-1.el6 (FEDORA-EPEL-2015-e29b297036)
Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:
phpMyAdmin 4.0.10.12 (2015-12-25) ================================= -
[Security] Path disclosure, see PMASA-2015-6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1294254 - PMASA-2015-6 phpMyAdmin: Path disclosure
https://bugzilla.redhat.com/show_bug.cgi?id=1294254
--------------------------------------------------------------------------------
================================================================================
python-configparser-3.5.0b2-1.el6 (FEDORA-EPEL-2015-ff4bb5fd70)
Backport of Python 3 configparser module
--------------------------------------------------------------------------------
Update Information:
Updated to build for el6 and Python3 and other minor changes
--------------------------------------------------------------------------------
================================================================================
roundcubemail-1.0.8-1.el6 (FEDORA-EPEL-2015-d47aefe0b2)
Round Cube Webmail is a browser-based multilingual IMAP client
--------------------------------------------------------------------------------
Update Information:
**Release 1.0.8** - Add workaround for
https://bugs.php.net/bug.php?id=70757
(#1490582) - Fix HTML sanitizer to skip <!-- node type X --> in output
(#1490583) - Fix charset encoding of message/rfc822 part bodies (#1490606) - Fix
handling of message/rfc822 attachments on replies and forwards (#1490607) - Fix
PDF support detection in Firefox > 19 (#1490610) - Fix path traversal
vulnerability (CWE-22) in setting a skin (#1490620) - Fix so drag-n-drop of text
(e.g. recipient addresses) on compose page actually works (#1490619) - Fix
.htaccess rewrite rules to not block .well-known URIs (#1490615)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1269155 - Insecure permissions of /var/lib/roundcubemail and
/var/log/roundcubemail
https://bugzilla.redhat.com/show_bug.cgi?id=1269155
--------------------------------------------------------------------------------
================================================================================
seamonkey-2.39-1.el6 (FEDORA-EPEL-2015-b94af2e025)
Web browser, e-mail, news, IRC client, HTML editor
--------------------------------------------------------------------------------
Update Information:
Update to 2.39 Fixes various security issues, see
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html for more
info. ---- Update to 2.38 Fixes various security issues, see
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html for more
info.
--------------------------------------------------------------------------------
================================================================================
sscep-0.6.1-1.20151228git68e354a.el6 (FEDORA-EPEL-2015-8399f5b3f3)
Simple SCEP client with modifications for engine support & more
--------------------------------------------------------------------------------
Update Information:
Rebase on 0.6.1 release
--------------------------------------------------------------------------------
================================================================================
wine-1.8-1.el6 (FEDORA-EPEL-2015-9c3823ed0f)
A compatibility layer for windows applications
--------------------------------------------------------------------------------
Update Information:
Version 1.8
https://www.winehq.org/announce/1.8
--------------------------------------------------------------------------------