[EPEL-devel] Fedora EPEL 6 updates-testing report

updates Fri, 20 Jul 2018 10:28:38 -0700

The following Fedora EPEL 6 Security updates need testing:
 Age  URL
  40  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-b6c663378c   
unrtf-0.21.9-8.el6
  14  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-8c4ebc0d2d   
wordpress-4.9.7-1.el6
   8  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-d801e05f92   
uwsgi-2.0.17.1-1.el6
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-aeb81e4fba   
libpng10-1.0.69-5.el6



The following builds have been pushed to Fedora EPEL 6 updates-testing

    gnudos-1.11-5.el6
    optipng-0.7.7-1.el6
    redis-3.2.12-1.el6

Details about builds:


================================================================================
 gnudos-1.11-5.el6 (FEDORA-EPEL-2018-deee77598e)
 The GnuDOS library for GNU/Linux
--------------------------------------------------------------------------------
Update Information:

Added BuildRequires: gcc
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 20 2018 Mohammed Isam <mohammed_isam1...@yahoo.com> 1.11-5
- Added BuildRequires: gcc
* Sat May 12 2018 Mohammed Isam <mohammed_isam1...@yahoo.com> 1.11-4
- Bugfixes
* Sat May 12 2018 Mohammed Isam <mohammed_isam1...@yahoo.com> 1.11-3
- Added missing copyright notice for ChangeLog file
* Fri May 11 2018 Mohammed Isam <mohammed_isam1...@yahoo.com> 1.11-2
- Added THANKS file and fixed missing copyright notices
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1604166 - gnudos: FTBFS in Fedora rawhide
        https://bugzilla.redhat.com/show_bug.cgi?id=1604166
--------------------------------------------------------------------------------


================================================================================
 optipng-0.7.7-1.el6 (FEDORA-EPEL-2018-bc1f8c9269)
 PNG optimizer and converter
--------------------------------------------------------------------------------
Update Information:

Update to 0.7.7
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jul 14 2018 Peter Hanecak <h...@hany.sk> - 0.7.7-1
- Update to 0.7.7
- Dropped pathes (both CVEs fixed in 0.7.7)
- Added BuildRequires: gcc
  (https://fedoraproject.org/wiki/Changes/Remove_GCC_from_BuildRoot)
* Fri Jul 13 2018 Fedora Release Engineering <rel...@fedoraproject.org> - 
0.7.6-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu Feb  8 2018 Fedora Release Engineering <rel...@fedoraproject.org> - 
0.7.6-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 redis-3.2.12-1.el6 (FEDORA-EPEL-2018-a83d5ad82b)
 A persistent key-value database
--------------------------------------------------------------------------------
Update Information:

Upstream 3.2.12 security fix release.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 20 2018 Nathan Scott <nath...@redhat.com> - 3.2.12-1
- Upstream 3.2.12 security fix release.
- Fixes CVE-2017-15047: Lack clusterLoadConfig input validation (RHBZ #1499153)
- Fixes CVE-2018-11218: Heap corruption in lua_cmsgpack.c (RHBZ #1591537)
- Fixes CVE-2018-11219: Integer overflow in lua_struct.c b_unpack (RHBZ 
#1591538)
- Fixes CVE-2018-12326: code execution via a crafted command line (RHBZ 
#1594294)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1594294 - CVE-2018-12326 redis: code execution via a crafted 
command line [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1594294
  [ 2 ] Bug #1592931 - /var/run/redis directory not created by RPM 
(redis-3.2.11-1.el6.x86_64.rpm)
        https://bugzilla.redhat.com/show_bug.cgi?id=1592931
  [ 3 ] Bug #1591538 - CVE-2018-11219 redis: Integer overflow in 
lua_struct.c:b_unpack() [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1591538
  [ 4 ] Bug #1591537 - CVE-2018-11218 redis: Heap corruption in lua_cmsgpack.c 
[epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1591537
  [ 5 ] Bug #1499153 - CVE-2017-15047 redis: Insufficient input validation in 
the clusterLoadConfig function [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1499153
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org/message/IIYRDFKSZNHJTJT5TLSSTXH4FQJ5I2ST/

[EPEL-devel] Fedora EPEL 6 updates-testing report

Reply via email to