[EPEL-devel] Fedora EPEL 6 updates-testing report

Fri, 13 Nov 2015 12:50:29 -0800 

The following Fedora EPEL 6 Security updates need testing:
 Age  URL
 145  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828   
chicken-4.9.0.1-4.el6
 128  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031   
python-virtualenv-12.0.7-1.el6
 122  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168   
rubygem-crack-0.3.2-2.el6
  53  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8148   
optipng-0.7.5-5.el6
  53  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156   
nagios-4.0.8-1.el6
  41  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-68a2c2db36   
python-pymongo-3.0.3-1.el6
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb   
mcollective-2.8.4-1.el6
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-28606b6d1d   
perl-HTML-Scrubber-0.15-1.el6.1
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-5d63583df0   
metis-5.1.0-7.el6
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e195439195   
drupal7-jquery_update-2.7-1.el6
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-967595b7c1   
wildmagic5-5.13-12.el6
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8fc6f35cc9   
MUMPS-5.0.1-4.el6
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-d47ae2d16b   
owncloud-7.0.11-1.el6
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-a7d37297d4   
telegram-cli-1.3.1-7.20150730git2052f4.el6
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-0ae4daf2d6   
tubo-5.0.15-3.el6
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-b4ebe76583   
putty-0.63-5.el6
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-20cb365c26   
zarafa-7.1.14-1.el6
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-260d131310   
libpng10-1.0.64-1.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    gnudos-1.8-4.el6
    libpng10-1.0.64-1.el6
    nodejs-ee-first-1.1.1-1.el6
    perl-Authen-Credential-1.1-1.el6
    perl-Directory-Queue-1.9-1.el6
    php-theseer-autoload-1.21.0-1.el6
    uwsgi-2.0.11.2-1.el6
    zabbix20-2.0.16-1.el6
    zabbix22-2.2.11-1.el6

Details about builds:


================================================================================
 gnudos-1.8-4.el6 (FEDORA-EPEL-2015-5f297f80d2)
 The GnuDOS library for GNU/Linux
--------------------------------------------------------------------------------
Update Information:

More bug fixes!
--------------------------------------------------------------------------------


================================================================================
 libpng10-1.0.64-1.el6 (FEDORA-EPEL-2015-260d131310)
 Old version of libpng, needed to run old binaries
--------------------------------------------------------------------------------
Update Information:

An out-of-bounds read in png_convert_to_rfc1123() in png.c could potentially be
exploited by a crafted PNG file to leak information from an application's memory
(CVE-2015-7981).  Buffer overflow vulnerabilities in functions
png_get_PLTE/png_set_PLTE, allowing remote attackers to cause DoS to application
or have unspecified other impact (CVE-2015-8126).  Also includes various other
small bug fixes as detailed in the package changelog.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1276416 - CVE-2015-7981 libpng: Out-of-bounds read in 
png_convert_to_rfc1123
        https://bugzilla.redhat.com/show_bug.cgi?id=1276416
  [ 2 ] Bug #1281756 - CVE-2015-8126 libpng: Buffer overflow vulnerabilities in 
png_get_PLTE/png_set_PLTE functions
        https://bugzilla.redhat.com/show_bug.cgi?id=1281756
--------------------------------------------------------------------------------


================================================================================
 nodejs-ee-first-1.1.1-1.el6 (FEDORA-EPEL-2015-9bb895f7ff)
 Get the first event in a set of event emitters and event pairs
--------------------------------------------------------------------------------
Update Information:

Initial packaging
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1269648 - Review Request: nodejs-ee-first - Get the first event in 
a set of event emitters and event pairs
        https://bugzilla.redhat.com/show_bug.cgi?id=1269648
--------------------------------------------------------------------------------


================================================================================
 perl-Authen-Credential-1.1-1.el6 (FEDORA-EPEL-2015-78bd81efa9)
 Abstraction of a credential
--------------------------------------------------------------------------------
Update Information:

Upgraded to latest version from CPAN: 1.1.
--------------------------------------------------------------------------------


================================================================================
 perl-Directory-Queue-1.9-1.el6 (FEDORA-EPEL-2015-8ddd959853)
 Object oriented interface to a directory based queue
--------------------------------------------------------------------------------
Update Information:

Update to upstream version 1.9, fixes rhbz #1281294.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1281294 - Upgrade perl-Directory-Queue to 1.9
        https://bugzilla.redhat.com/show_bug.cgi?id=1281294
--------------------------------------------------------------------------------


================================================================================
 php-theseer-autoload-1.21.0-1.el6 (FEDORA-EPEL-2015-0dfa260bec)
 A tool and library to generate autoload code
--------------------------------------------------------------------------------
Update Information:

**Version 1.21.0**  * Added --hash option to explicitly choose hash algorithm
for phar generation (defaults to best available)
--------------------------------------------------------------------------------


================================================================================
 uwsgi-2.0.11.2-1.el6 (FEDORA-EPEL-2015-9a50f245d1)
 Fast, self-healing, application container server
--------------------------------------------------------------------------------
Update Information:

With latest stable
--------------------------------------------------------------------------------


================================================================================
 zabbix20-2.0.16-1.el6 (FEDORA-EPEL-2015-4ad574547e)
 Open-source monitoring solution for your IT infrastructure
--------------------------------------------------------------------------------
Update Information:

http://www.zabbix.com/rn2.0.16.php
--------------------------------------------------------------------------------


================================================================================
 zabbix22-2.2.11-1.el6 (FEDORA-EPEL-2015-ad3006a1e9)
 Open-source monitoring solution for your IT infrastructure
--------------------------------------------------------------------------------
Update Information:

http://www.zabbix.com/rn2.2.11.php
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list
epel-devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/epel-devel

Reply via email to