The following Fedora EPEL 6 Security updates need testing: Age URL 973 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.14-2.el6 192 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.26-1.el6 63 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3434/pylint-1.3.1-1.el6,python-astroid-1.2.1-2.el6,python-logilab-common-0.62.1-2.el6 38 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4008/cross-binutils-2.23.51.0.3-1.el6.1 26 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4242/facter-1.6.18-8.el6 15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4485/python-tornado-2.2.1-7.el6 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4624/xrdp-0.6.1-1.el6 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4575/links-2.8-4.el6 10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4563/firebird-2.5.3.26778.0-2.el6 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4669/libhtp-0.5.16-1.el6 6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4693/denyhosts-2.6-19.el6.1 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4737/docker-io-1.4.0-2.el6 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4729/ettercap-0.7.5-4.el6.1.20120906gitc796e5 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4766/mediawiki119-1.19.23-1.el6 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4773/unrtf-0.21.7-1.el6 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4807/libssh-0.5.5-3.el6 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4829/roundcubemail-1.0.4-2.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing roundcubemail-1.0.4-2.el6 Details about builds: ================================================================================ roundcubemail-1.0.4-2.el6 (FEDORA-EPEL-2014-4829) Round Cube Webmail is a browser-based multilingual IMAP client -------------------------------------------------------------------------------- Update Information: This update provides Roundcube 1.0.4. This is a stable security update: the security fix is described by upstream as "Fix possible CSRF attacks to some address book operations as well as to the ACL and Managesieve plugins." More details on the update are available at http://roundcube.net/news/2014/12/18/update-1.0.4-released/ . The update should apply without any special handling by the system administrator. -------------------------------------------------------------------------------- ChangeLog: * Sat Dec 20 2014 Adam Williamson <awill...@redhat.com> - 1.0.4-2 - drop tinymce bbcode plugin for safety (CVE-2012-4230) * Sat Dec 20 2014 Adam Williamson <awill...@redhat.com> - 1.0.4-1 - new release 1.0.4 (security update) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1091438 - CVE-2012-4230 tinymce: XSS attacks via security policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=1091438 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list epel-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/epel-devel