The following Fedora EPEL 7 Security updates need testing:
Age URL
1038 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7
800 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7
383 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7
280 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe mod_cluster-1.3.3-10.el7
112 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e27758bd23 libmspack-0.6-0.1.alpha.el7
49 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e64eeb6ece nagios-4.3.4-5.el7
38 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d704442ae7 qpid-cpp-1.37.0-1.el7
13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8d57a2487b monit-5.25.1-1.el7
10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-753e392fc4 xrdp-0.9.5-1.el7
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-2e2d08b1ff awstats-7.6-4.el7
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-49ca8440a1 gifsicle-1.90-1.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-28611aa33f python-bottle-0.12.13-1.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-885bb5ec89 poco-1.6.1-3.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
R-RInside-0.2.14-5.el7
gammu-1.39.0-1.el7
kompose-1.7.0-1.el7
lizardfs-3.12.0-1.el7
mongodb-2.6.12-5.el7
orangefs-2.9.7-1.el7
pdns-3.4.11-2.el7
poco-1.6.1-3.el7
python-bottle-0.12.13-1.el7
python-gammu-2.11-2.el7
python3-dns-1.15.0-7.el7
wammu-0.44-3.el7
yaml-cpp-0.5.3-7.el7
Details about builds:
================================================================================
R-RInside-0.2.14-5.el7 (FEDORA-EPEL-2018-1141973a4a)
C++ Classes to Embed R in C++ Applications
--------------------------------------------------------------------------------
Update Information:
Rebuild with updated R-Rcpp.
--------------------------------------------------------------------------------
================================================================================
gammu-1.39.0-1.el7 (FEDORA-EPEL-2018-3c49613978)
Command Line utility to work with mobile phones
--------------------------------------------------------------------------------
Update Information:
Update gammu, python-gammu and wammu
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1531832 - wammu-0.44 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1531832
[ 2 ] Bug #1531519 - gammu-1.39.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1531519
[ 3 ] Bug #1504333 - gammu-1.38.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1504333
[ 4 ] Bug #1531828 - python-gammu-2.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1531828
[ 5 ] Bug #1510442 - python-gammu-2.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1510442
--------------------------------------------------------------------------------
================================================================================
kompose-1.7.0-1.el7 (FEDORA-EPEL-2018-21ad37dfbd)
Tool to move from 'docker-compose' to Kubernetes
--------------------------------------------------------------------------------
Update Information:
Update to kompose-1.7.0 source
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1478152 - kompose tries to install docker
https://bugzilla.redhat.com/show_bug.cgi?id=1478152
[ 2 ] Bug #1486973 - kompose-v1.7.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1486973
--------------------------------------------------------------------------------
================================================================================
lizardfs-3.12.0-1.el7 (FEDORA-EPEL-2018-a88951b7c0)
Distributed, fault tolerant file system
--------------------------------------------------------------------------------
Update Information:
An update that adds support for rich (NFS4) ACLs and advanced chunkserver
options. For the smoothest upgrade experience, first upgrade your metadata
shadows and loggers, then the metadata master, then the chunkservers, and
finally the clients. See the notes at
https://docs.lizardfs.com/adminguide/upgrading.html for more details (the 3.10
upgrade notes apply if 3.12 are still missing).
--------------------------------------------------------------------------------
================================================================================
mongodb-2.6.12-5.el7 (FEDORA-EPEL-2018-c4856b5c5a)
High-performance, schema-free document-oriented database
--------------------------------------------------------------------------------
Update Information:
Updated yaml-cpp to 0.5.3 per request in RHBZ#1493710.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1493710 - Please rebase yaml-cpp from 0.5.1 to 0.5.3 (from F26)
https://bugzilla.redhat.com/show_bug.cgi?id=1493710
--------------------------------------------------------------------------------
================================================================================
orangefs-2.9.7-1.el7 (FEDORA-EPEL-2018-be24fc1985)
Parallel network file system client
--------------------------------------------------------------------------------
Update Information:
Update to 2.9.7.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1530679 - please build orangefs for EPEL
https://bugzilla.redhat.com/show_bug.cgi?id=1530679
--------------------------------------------------------------------------------
================================================================================
pdns-3.4.11-2.el7 (FEDORA-EPEL-2018-c4856b5c5a)
A modern, advanced and high performance authoritative-only nameserver
--------------------------------------------------------------------------------
Update Information:
Updated yaml-cpp to 0.5.3 per request in RHBZ#1493710.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1493710 - Please rebase yaml-cpp from 0.5.1 to 0.5.3 (from F26)
https://bugzilla.redhat.com/show_bug.cgi?id=1493710
--------------------------------------------------------------------------------
================================================================================
poco-1.6.1-3.el7 (FEDORA-EPEL-2018-885bb5ec89)
C++ class libraries for network-centric applications
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2017-1000472
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1532129 - poco: Improper path restriction in ZipCommon.cpp allows for arbitrary files to be written
https://bugzilla.redhat.com/show_bug.cgi?id=1532129
--------------------------------------------------------------------------------
================================================================================
python-bottle-0.12.13-1.el7 (FEDORA-EPEL-2018-28611aa33f)
Fast and simple WSGI-framework for small web-applications
--------------------------------------------------------------------------------
Update Information:
Update to 0.12.13
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1405418 - CVE-2016-9964 python-bottle: redirect() doesn't filter "\r\n" which allows for CRLF attack [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1405418
--------------------------------------------------------------------------------
================================================================================
python-gammu-2.11-2.el7 (FEDORA-EPEL-2018-3c49613978)
Python bindings for Gammu
--------------------------------------------------------------------------------
Update Information:
Update gammu, python-gammu and wammu
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1531832 - wammu-0.44 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1531832
[ 2 ] Bug #1531519 - gammu-1.39.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1531519
[ 3 ] Bug #1504333 - gammu-1.38.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1504333
[ 4 ] Bug #1531828 - python-gammu-2.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1531828
[ 5 ] Bug #1510442 - python-gammu-2.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1510442
--------------------------------------------------------------------------------
================================================================================
python3-dns-1.15.0-7.el7 (FEDORA-EPEL-2018-72b2cdeba8)
DNS toolkit for Python
--------------------------------------------------------------------------------
Update Information:
Remove default file permissions
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1526662 - Review Request: python3-dns - DNS toolkit for Python
https://bugzilla.redhat.com/show_bug.cgi?id=1526662
[ 2 ] Bug #1526627 - Python 3.4 python-dns is not available in EPEL 7
https://bugzilla.redhat.com/show_bug.cgi?id=1526627
--------------------------------------------------------------------------------
================================================================================
wammu-0.44-3.el7 (FEDORA-EPEL-2018-3c49613978)
Mobile Phone Manager - Gammu GUI
--------------------------------------------------------------------------------
Update Information:
Update gammu, python-gammu and wammu
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1531832 - wammu-0.44 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1531832
[ 2 ] Bug #1531519 - gammu-1.39.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1531519
[ 3 ] Bug #1504333 - gammu-1.38.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1504333
[ 4 ] Bug #1531828 - python-gammu-2.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1531828
[ 5 ] Bug #1510442 - python-gammu-2.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1510442
--------------------------------------------------------------------------------
================================================================================
yaml-cpp-0.5.3-7.el7 (FEDORA-EPEL-2018-c4856b5c5a)
A YAML parser and emitter for C++
--------------------------------------------------------------------------------
Update Information:
Updated yaml-cpp to 0.5.3 per request in RHBZ#1493710.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1493710 - Please rebase yaml-cpp from 0.5.1 to 0.5.3 (from F26)
https://bugzilla.redhat.com/show_bug.cgi?id=1493710
--------------------------------------------------------------------------------
Dear all,
You are kindly invited to the meeting:
EPEL Steering Committee on 2018-01-10 from 18:00:00 to 19:00:00 GMT
At fedora-meeting(a)irc.freenode.net
The meeting will be about:
The EPEL Steering Committee will have a weekly meeting to cover current tasks and problems needed to keep EPEL going.
Source: https://apps.fedoraproject.org/calendar/meeting/8724/
The following Fedora EPEL 7 Security updates need testing:
Age URL
1037 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7
800 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7
382 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7
279 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe mod_cluster-1.3.3-10.el7
111 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e27758bd23 libmspack-0.6-0.1.alpha.el7
48 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e64eeb6ece nagios-4.3.4-5.el7
37 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d704442ae7 qpid-cpp-1.37.0-1.el7
18 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-957aa05f33 heketi-5.0.1-1.el7
12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8d57a2487b monit-5.25.1-1.el7
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-753e392fc4 xrdp-0.9.5-1.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-2e2d08b1ff awstats-7.6-4.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-49ca8440a1 gifsicle-1.90-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
easy-rsa-3.0.3-1.el7
librdkafka-0.11.3-1.el7
mint-x-icons-1.4.6-5.el7
mint-y-icons-1.1.3-2.el7
paper-icon-theme-1.4.0-2.el7
php-bartlett-php-compatinfo-db-1.28.0-1.el7
python-pymod2pkg-0.11.0-1.el7
rdopkg-0.45.0-5.el7
rho-0.0.31-1.el7
tcl-tclnagios-1.3-5.el7
Details about builds:
================================================================================
easy-rsa-3.0.3-1.el7 (FEDORA-EPEL-2018-f3e8fb0991)
Simple shell based CA utility
--------------------------------------------------------------------------------
Update Information:
Update to 3.0.3 for modern openssl and ciphers.
--------------------------------------------------------------------------------
================================================================================
librdkafka-0.11.3-1.el7 (FEDORA-EPEL-2018-e49cc220fa)
The Apache Kafka C library
--------------------------------------------------------------------------------
Update Information:
Default changes Change default queue.buffering.max.kbytes and
queued.max.message.kbytes to 1GB (#1304) win32: Use
sasl.kerberos.service.name for broker principal, not sasl.kerberos.principal
(#1502) Enhancements Default producer message offsets to OFFSET_INVALID
rather than 0 new nuget package layout + debian9 librdkafka build (#1513,
@mhowlett) Allow for calling rd_kafka_queue_io_event_enable() from the C++
world (#1483, @akhi3030) rdkafka_performance: allow testing latency with
different size messages (#1482, @tbsaunde) Fixes Improved stability on
termination (internal queues, ERR__DESTROY event) offsets_for_times() return
ERR__TIMED_OUT if brokers did not respond in time Let list_groups() return
ERR__PARTIAL with a partial group list (#1508) Properly handle infinite (-1)
rd_timeout:s throughout the code (#1539) Fix offsets_store() return value
when at least one valid partition portability: rdendian: add le64toh() alias
for older glibc (#1463) Add MIPS build and fix CRC32 to work on big endian
CPUs (@andoma, closes #1498) osx: fix endian checking for software crc32c
Fix comparison in rd_list_remove_cmp (closes #1493) stop calling
cnd_timedwait() with a timeout of 0h (#1481, @tbsaunde) Fix DNS cache logic
broker.address.ttl (#1491, @dacjames) Fix broker thread "hang" in CONNECT
state (#1397) Reset rkb_blocking_max_ms on broker DOWN to avoid busy-loop
during CONNECT (#1397) Fix memory leak when producev() fails (#1478)
Raise cmake minimum version to 3.2 (#1460) Do not assume LZ4 worst (best?)
case 255x compression (#1446 by @tudor) Fix ALL_BROKERS_DOWN re-generation
(fix by @ciprianpascu, #1101) rdkafka-performance: busy wait to wait short
periods of time source: https://github.com/edenhill/librdkafka/releases
--------------------------------------------------------------------------------
================================================================================
mint-x-icons-1.4.6-5.el7 (FEDORA-EPEL-2018-5e92e7eb55)
Icon theme for Linux Mint
--------------------------------------------------------------------------------
Update Information:
- Use rpm filetriggers on Fedora and/or RHEL >= 8
--------------------------------------------------------------------------------
================================================================================
mint-y-icons-1.1.3-2.el7 (FEDORA-EPEL-2018-d86af40c33)
The Mint-Y icon theme
--------------------------------------------------------------------------------
Update Information:
- Use rpm filetriggers on Fedora and/or RHEL >= 8
--------------------------------------------------------------------------------
================================================================================
paper-icon-theme-1.4.0-2.el7 (FEDORA-EPEL-2018-040e7dd0a3)
Modern freedesktop icon theme
--------------------------------------------------------------------------------
Update Information:
- Use rpm filetriggers on Fedora and/or RHEL >= 8
--------------------------------------------------------------------------------
================================================================================
php-bartlett-php-compatinfo-db-1.28.0-1.el7 (FEDORA-EPEL-2018-83d84f5a97)
Reference Database to be used with php-compatinfo library
--------------------------------------------------------------------------------
Update Information:
**Version 1.28.0** - 2018-01-08 * **Added** - Support to PHP 5.6.33 ----
**Version 1.27.0** - 2018-01-04 * **Added** - Support to PHP 7.1.13 -
Support to PHP 7.0.27 * **Changed** - APCu reference updated to version
5.1.9 (stable) - Redis reference updated to version 3.1.6 (stable) - Zip
reference updated to version 1.15.2 (stable)
--------------------------------------------------------------------------------
================================================================================
python-pymod2pkg-0.11.0-1.el7 (FEDORA-EPEL-2018-ffa8ede1b6)
python module name to package name map
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream version 0.11.0 ---- Initial package build.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1246192 - Review Request: python-pymod2pkg - python module to package map
https://bugzilla.redhat.com/show_bug.cgi?id=1246192
--------------------------------------------------------------------------------
================================================================================
rdopkg-0.45.0-5.el7 (FEDORA-EPEL-2018-c44e6cb110)
RPM packaging automation tool CLI
--------------------------------------------------------------------------------
Update Information:
Remove unneeded requirement on arbitrary pyOpenSSL version that isn't available
from EPEL 7. It was previously added as a workaround that is no longer needed.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1491557 - retire rdopkg on epel7
https://bugzilla.redhat.com/show_bug.cgi?id=1491557
--------------------------------------------------------------------------------
================================================================================
rho-0.0.31-1.el7 (FEDORA-EPEL-2018-3abca1d074)
An SSH system profiler
--------------------------------------------------------------------------------
Update Information:
# Testing Rho To set up Rho, you create profiles that control how to run each
scan. - Authentication profiles contain user credentials for a user with
sufficient authority to complete the scan (for example, a root user or one with
root-level access obtained through -sudo privilege escalation). - Network
profiles contain network identifiers (for example, a hostname, IP address, or
range of IP addresses) and the authentication profiles to be used for a scan.
Complete the following steps, repeating them as necessary to access all parts of
your environment that you want to scan: 1. Create at least one authentication
profile with root-level access to Rho: ``` rho auth add --name auth_name
--username root_name(--sshkeyfile key_file | --password) ``` a. At the Rho
vault password prompt, create a new Rho vault password. This password is
required to access the encrypted Rho data, such as authentication and network
profiles, scan data, and other information. b. If you did not use the
sshkeyfile option to provide an SSH key for the username value, enter the
password of the user with root-level access at the connection password prompt.
For example, for an authentication profile where the authentication profile name
is roothost1, the user with root-level access is root, and the SSH key for the
user is in the path ~/.ssh/id_rsa, you would enter the following command: ```
rho auth add --name roothost1 --username root --sshkeyfile ~/.ssh/id_rsa ``` You
can also use the sudo-password option to create an authentication profile for a
user with root-level access who requires a password to obtain this privilege.
You can use the sudo-password option with either the sshkeyfile or the password
option. For example, for an authentication profile where the authentication
profile name is sudouser1, the user with root-level access is sysadmin, and the
access is obtained through the password option, you would enter the following
command: ``` rho auth add --name sudouser1 --username sysadmin --password
--sudo-password ``` After you enter this command, you are prompted to enter two
passwords. First, you would enter the connection password for the username user,
and then you would enter the password for the sudo command. 2. Create at least
one network profile that specifies one or more network identifiers, such as a
host name, an IP address, a list of IP addresses, or an IP range, and one or
more authentication profiles to be used for the scan: ``` rho profile add --name
profile_name --hosts host_name_or_file --auth auth_name ``` For example, for a
network profile where the name of the network profile is mynetwork, the network
to be scanned is the 192.0.2.0/24 subnet, and the authentication profiles that
are used to run the scan are roothost1 and roothost2, you would enter the
following command: ``` rho profile add --name mynetwork --hosts 192.0.2.[1:254]
--auth roothost1 roothost2 ``` You can also use a file to pass in the network
identifiers. If you use a file to enter multiple network identifiers, such as
multiple individual IP addresses, enter each on a single line. For example, for
a network profile where the path to this file is /home/user1/hosts_file, you
would enter the following command: ``` rho profile add --name mynetwork --hosts
/home/user1/hosts_file --auth roothost1 roothost2 ``` # Running a scan Run the
scan by using the scan command, specifying a network profile for the profile
option and a location to store the output as a file in the comma-separated
variables (CSV) format for the reportfile option: ``` rho scan --profile
profile_name --reportfile filename.csv ``` For example, if you want to use the
network profile mynetwork and save the report as mynetwork_scan1.csv, you would
enter the following command: ``` rho scan --profile mynetwork --reportfile
mynetwork_scan1.csv ```
--------------------------------------------------------------------------------
================================================================================
tcl-tclnagios-1.3-5.el7 (FEDORA-EPEL-2018-70dca7274c)
Library to assist with writing Nagios plugins in Tcl
--------------------------------------------------------------------------------
Update Information:
Add patch to fix boundary conditions when using range comparisons (eg the range
0:5 should now match 0 and 5)
--------------------------------------------------------------------------------
The following Fedora EPEL 6 Security updates need testing:
Age URL
910 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6
800 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6
771 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6
382 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac libbsd-0.8.3-2.el6
111 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4c76ddcc92 libmspack-0.6-0.1.alpha.el6
30 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6aaee32b7e optipng-0.7.6-6.el6
12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6e4ce19598 monit-5.25.1-1.el6
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-37c8dbd6f1 gifsicle-1.90-1.el6
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-8c9006d462 heimdal-7.5.0-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
easy-rsa-3.0.3-1.el6
rho-0.0.31-1.el6
Details about builds:
================================================================================
easy-rsa-3.0.3-1.el6 (FEDORA-EPEL-2018-4a6cbdd222)
Simple shell based CA utility
--------------------------------------------------------------------------------
Update Information:
Update to 3.0.3 for modern openssl and ciphers.
--------------------------------------------------------------------------------
================================================================================
rho-0.0.31-1.el6 (FEDORA-EPEL-2018-4846ddf8ae)
An SSH system profiler
--------------------------------------------------------------------------------
Update Information:
# Testing Rho To set up Rho, you create profiles that control how to run each
scan. - Authentication profiles contain user credentials for a user with
sufficient authority to complete the scan (for example, a root user or one with
root-level access obtained through -sudo privilege escalation). - Network
profiles contain network identifiers (for example, a hostname, IP address, or
range of IP addresses) and the authentication profiles to be used for a scan.
Complete the following steps, repeating them as necessary to access all parts of
your environment that you want to scan: 1. Create at least one authentication
profile with root-level access to Rho: ``` rho auth add --name auth_name
--username root_name(--sshkeyfile key_file | --password) ``` a. At the Rho
vault password prompt, create a new Rho vault password. This password is
required to access the encrypted Rho data, such as authentication and network
profiles, scan data, and other information. b. If you did not use the
sshkeyfile option to provide an SSH key for the username value, enter the
password of the user with root-level access at the connection password prompt.
For example, for an authentication profile where the authentication profile name
is roothost1, the user with root-level access is root, and the SSH key for the
user is in the path ~/.ssh/id_rsa, you would enter the following command: ```
rho auth add --name roothost1 --username root --sshkeyfile ~/.ssh/id_rsa ``` You
can also use the sudo-password option to create an authentication profile for a
user with root-level access who requires a password to obtain this privilege.
You can use the sudo-password option with either the sshkeyfile or the password
option. For example, for an authentication profile where the authentication
profile name is sudouser1, the user with root-level access is sysadmin, and the
access is obtained through the password option, you would enter the following
command: ``` rho auth add --name sudouser1 --username sysadmin --password
--sudo-password ``` After you enter this command, you are prompted to enter two
passwords. First, you would enter the connection password for the username user,
and then you would enter the password for the sudo command. 2. Create at least
one network profile that specifies one or more network identifiers, such as a
host name, an IP address, a list of IP addresses, or an IP range, and one or
more authentication profiles to be used for the scan: ``` rho profile add --name
profile_name --hosts host_name_or_file --auth auth_name ``` For example, for a
network profile where the name of the network profile is mynetwork, the network
to be scanned is the 192.0.2.0/24 subnet, and the authentication profiles that
are used to run the scan are roothost1 and roothost2, you would enter the
following command: ``` rho profile add --name mynetwork --hosts 192.0.2.[1:254]
--auth roothost1 roothost2 ``` You can also use a file to pass in the network
identifiers. If you use a file to enter multiple network identifiers, such as
multiple individual IP addresses, enter each on a single line. For example, for
a network profile where the path to this file is /home/user1/hosts_file, you
would enter the following command: ``` rho profile add --name mynetwork --hosts
/home/user1/hosts_file --auth roothost1 roothost2 ``` # Running a scan Run the
scan by using the scan command, specifying a network profile for the profile
option and a location to store the output as a file in the comma-separated
variables (CSV) format for the reportfile option: ``` rho scan --profile
profile_name --reportfile filename.csv ``` For example, if you want to use the
network profile mynetwork and save the report as mynetwork_scan1.csv, you would
enter the following command: ``` rho scan --profile mynetwork --reportfile
mynetwork_scan1.csv ```
--------------------------------------------------------------------------------
The following Fedora EPEL 7 Security updates need testing:
Age URL
1036 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7
799 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7
381 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7
278 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe mod_cluster-1.3.3-10.el7
110 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e27758bd23 libmspack-0.6-0.1.alpha.el7
48 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e64eeb6ece nagios-4.3.4-5.el7
36 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d704442ae7 qpid-cpp-1.37.0-1.el7
17 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-957aa05f33 heketi-5.0.1-1.el7
11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8d57a2487b monit-5.25.1-1.el7
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-753e392fc4 xrdp-0.9.5-1.el7
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-2e2d08b1ff awstats-7.6-4.el7
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-49ca8440a1 gifsicle-1.90-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
composer-1.6.2-1.el7
debootstrap-1.0.93-1.el7
dh-make-2.201701-1.el7
ocserv-0.11.10-1.el7
php-composer-spdx-licenses-1.2.0-1.el7
python-www-authenticate-0.9.2-3.el7
shorewall-5.1.10.2-1.el7
Details about builds:
================================================================================
composer-1.6.2-1.el7 (FEDORA-EPEL-2018-a6e741d0c1)
Dependency Manager for PHP
--------------------------------------------------------------------------------
Update Information:
**composer 1.6.2** - 2018-01-05 * Fixed more autoloader regressions * Fixed
support for updating dist refs in gitlab URLs --- **composer 1.6.1** -
2018-01-04 * Fixed upgrade regression due to some autoloader cleanups *
Fixed some overly loose version constraints ---- **composer 1.6.0** -
2018-01-04 * Added support for SPDX license identifiers v3.0, deprecates
GPL/LGPL/AGPL identifiers, which should now have a `-only` or `-or-later` suffix
added. * Added support for COMPOSER_MEMORY_LIMIT env var to make Composer set
the PHP memory limit explicitly * Added support for simple strings for the
`bin` * Fixed `check-platform-reqs` bug in version checking --- **composer
1.6.0RC** - 2017-12-19 * Improved performance of installs and updates from
git clones when checking out known commits * Added `check-platform-reqs`
command that checks that your PHP and extensions versions match the platform
requirements of the installed packages * Added `--with-all-dependencies` to
the `update` and `require` commands which updates all dependencies of the listed
packages, including those that are direct root requirements * Added `scripts-
descriptions` key to composer.json to customize the description and document
your custom commands * Added support for the uppercase NO_PROXY env var *
Added support for COMPOSER_DEFAULT_{AUTHOR,LICENSE,EMAIL,VENDOR} env vars to
pre-populate init command values * Added support for local fossil repositories
* Added suggestions for alternative spellings when entering packages in `init`
and `require` commands and nothing can be found * Fixed installed.json data to
be sorted alphabetically by package name * Fixed compatibility with Symfony
4.x components that Composer uses --- **spdx-licenses 1.2.0** - 2018-01-03
* Added: deprecation status for all licenses and a
`SpdxLicenses::isDeprecatedByIdentifier` method. * Changed: updated licenses
list to SPDX 3.0.
--------------------------------------------------------------------------------
================================================================================
debootstrap-1.0.93-1.el7 (FEDORA-EPEL-2018-082cb9794e)
Debian GNU/Linux bootstrapper
--------------------------------------------------------------------------------
Update Information:
Update to 1.0.93 (#1523424)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1523424 - debootstrap-1.0.93 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1523424
--------------------------------------------------------------------------------
================================================================================
dh-make-2.201701-1.el7 (FEDORA-EPEL-2018-f7eb7c1747)
Tool that converts source archives into Debian package source
--------------------------------------------------------------------------------
Update Information:
Update to 2.201701 (#1527706)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1527706 - dh-make-2.201701 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1527706
--------------------------------------------------------------------------------
================================================================================
ocserv-0.11.10-1.el7 (FEDORA-EPEL-2018-79a28d694f)
OpenConnect SSL VPN server
--------------------------------------------------------------------------------
Update Information:
- Update to upstream 0.11.10 release
--------------------------------------------------------------------------------
================================================================================
php-composer-spdx-licenses-1.2.0-1.el7 (FEDORA-EPEL-2018-a6e741d0c1)
SPDX licenses list and validation library
--------------------------------------------------------------------------------
Update Information:
**composer 1.6.2** - 2018-01-05 * Fixed more autoloader regressions * Fixed
support for updating dist refs in gitlab URLs --- **composer 1.6.1** -
2018-01-04 * Fixed upgrade regression due to some autoloader cleanups *
Fixed some overly loose version constraints ---- **composer 1.6.0** -
2018-01-04 * Added support for SPDX license identifiers v3.0, deprecates
GPL/LGPL/AGPL identifiers, which should now have a `-only` or `-or-later` suffix
added. * Added support for COMPOSER_MEMORY_LIMIT env var to make Composer set
the PHP memory limit explicitly * Added support for simple strings for the
`bin` * Fixed `check-platform-reqs` bug in version checking --- **composer
1.6.0RC** - 2017-12-19 * Improved performance of installs and updates from
git clones when checking out known commits * Added `check-platform-reqs`
command that checks that your PHP and extensions versions match the platform
requirements of the installed packages * Added `--with-all-dependencies` to
the `update` and `require` commands which updates all dependencies of the listed
packages, including those that are direct root requirements * Added `scripts-
descriptions` key to composer.json to customize the description and document
your custom commands * Added support for the uppercase NO_PROXY env var *
Added support for COMPOSER_DEFAULT_{AUTHOR,LICENSE,EMAIL,VENDOR} env vars to
pre-populate init command values * Added support for local fossil repositories
* Added suggestions for alternative spellings when entering packages in `init`
and `require` commands and nothing can be found * Fixed installed.json data to
be sorted alphabetically by package name * Fixed compatibility with Symfony
4.x components that Composer uses --- **spdx-licenses 1.2.0** - 2018-01-03
* Added: deprecation status for all licenses and a
`SpdxLicenses::isDeprecatedByIdentifier` method. * Changed: updated licenses
list to SPDX 3.0.
--------------------------------------------------------------------------------
================================================================================
python-www-authenticate-0.9.2-3.el7 (FEDORA-EPEL-2018-f71d518c58)
Python library for parsing WWW-Authenticate HTTP header values
--------------------------------------------------------------------------------
Update Information:
Parsing WWW-Authenticate headers is difficult. Let this tiny library do all the
hard work for you.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1530413 - No EPEL 7 Build
https://bugzilla.redhat.com/show_bug.cgi?id=1530413
--------------------------------------------------------------------------------
================================================================================
shorewall-5.1.10.2-1.el7 (FEDORA-EPEL-2017-d833f44e88)
An iptables front end for firewall configuration
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1401739 - shorewall-5.1.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1401739
[ 2 ] Bug #1513472 - Needs update
https://bugzilla.redhat.com/show_bug.cgi?id=1513472
[ 3 ] Bug #1498461 - Perl script incompatibility
https://bugzilla.redhat.com/show_bug.cgi?id=1498461
[ 4 ] Bug #1476138 - Accounting is broken in shorewall-5.0.14.1-2.el7
https://bugzilla.redhat.com/show_bug.cgi?id=1476138
--------------------------------------------------------------------------------
The following Fedora EPEL 6 Security updates need testing:
Age URL
914 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6
908 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6
798 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6
770 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6
380 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac libbsd-0.8.3-2.el6
109 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4c76ddcc92 libmspack-0.6-0.1.alpha.el6
29 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6aaee32b7e optipng-0.7.6-6.el6
11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6e4ce19598 monit-5.25.1-1.el6
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-37c8dbd6f1 gifsicle-1.90-1.el6
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-8c9006d462 heimdal-7.5.0-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
bouncycastle-1.58-2.el6
canl-java-2.5.0-1.el6
jglobus-2.1.0-4.el6
voms-api-java-3.2.0-5.el6
voms-clients-java-3.0.7-5.el6
yuicompressor-2.4.8-1.el6
Details about builds:
================================================================================
bouncycastle-1.58-2.el6 (FEDORA-EPEL-2018-71db8f6f28)
Bouncy Castle Cryptography APIs for Java
--------------------------------------------------------------------------------
Update Information:
Update bouncycastle - all subpackages now built from the same source package.
Some are new in EPEL 6. Add canl-java and voms-clients-java to EPEL 6.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1233527 - bouncycastle-mail in EPEL 6
https://bugzilla.redhat.com/show_bug.cgi?id=1233527
--------------------------------------------------------------------------------
================================================================================
canl-java-2.5.0-1.el6 (FEDORA-EPEL-2018-71db8f6f28)
EMI Common Authentication library - bindings for Java
--------------------------------------------------------------------------------
Update Information:
Update bouncycastle - all subpackages now built from the same source package.
Some are new in EPEL 6. Add canl-java and voms-clients-java to EPEL 6.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1233527 - bouncycastle-mail in EPEL 6
https://bugzilla.redhat.com/show_bug.cgi?id=1233527
--------------------------------------------------------------------------------
================================================================================
jglobus-2.1.0-4.el6 (FEDORA-EPEL-2018-71db8f6f28)
Globus Java client libraries
--------------------------------------------------------------------------------
Update Information:
Update bouncycastle - all subpackages now built from the same source package.
Some are new in EPEL 6. Add canl-java and voms-clients-java to EPEL 6.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1233527 - bouncycastle-mail in EPEL 6
https://bugzilla.redhat.com/show_bug.cgi?id=1233527
--------------------------------------------------------------------------------
================================================================================
voms-api-java-3.2.0-5.el6 (FEDORA-EPEL-2018-71db8f6f28)
Virtual Organization Membership Service Java API
--------------------------------------------------------------------------------
Update Information:
Update bouncycastle - all subpackages now built from the same source package.
Some are new in EPEL 6. Add canl-java and voms-clients-java to EPEL 6.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1233527 - bouncycastle-mail in EPEL 6
https://bugzilla.redhat.com/show_bug.cgi?id=1233527
--------------------------------------------------------------------------------
================================================================================
voms-clients-java-3.0.7-5.el6 (FEDORA-EPEL-2018-71db8f6f28)
Virtual Organization Membership Service Java clients
--------------------------------------------------------------------------------
Update Information:
Update bouncycastle - all subpackages now built from the same source package.
Some are new in EPEL 6. Add canl-java and voms-clients-java to EPEL 6.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1233527 - bouncycastle-mail in EPEL 6
https://bugzilla.redhat.com/show_bug.cgi?id=1233527
--------------------------------------------------------------------------------
================================================================================
yuicompressor-2.4.8-1.el6 (FEDORA-EPEL-2018-918403bb27)
YUI Compressor - The Yahoo JavaScript and CSS Compressor
--------------------------------------------------------------------------------
Update Information:
The YUI Compressor is a JavaScript compressor which, in addition to removing
comments and white-spaces, obfuscates local variables using the smallest
possible variable name. This obfuscation is safe, even when using constructs
such as 'eval' or 'with' (although the compression is not optimal in those
cases) Compared to jsmin, the average savings is around 20%. The YUI Compressor
is also able to safely compress CSS files. The decision on which compressor is
being used is made on the file extension (js or css).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1523302 - Review Request: yuicompressor - YUI Compressor - The Yahoo JavaScript and CSS Compressor
https://bugzilla.redhat.com/show_bug.cgi?id=1523302
--------------------------------------------------------------------------------
The following Fedora EPEL 7 Security updates need testing:
Age URL
1036 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7
798 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7
380 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7
278 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe mod_cluster-1.3.3-10.el7
109 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e27758bd23 libmspack-0.6-0.1.alpha.el7
47 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e64eeb6ece nagios-4.3.4-5.el7
36 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d704442ae7 qpid-cpp-1.37.0-1.el7
17 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-957aa05f33 heketi-5.0.1-1.el7
11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8d57a2487b monit-5.25.1-1.el7
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-753e392fc4 xrdp-0.9.5-1.el7
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-2e2d08b1ff awstats-7.6-4.el7
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-49ca8440a1 gifsicle-1.90-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
bouncycastle-1.58-1.el7
canl-java-2.5.0-1.el7
homebank-5.1.7-1.el7
js-jquery-ui-touch-punch-0.2.3-0.1.20141219git4bc0091.el7
js-jsroot-5.3.4-2.el7
voms-api-java-3.2.0-5.el7
voms-clients-java-3.0.7-5.el7
yuicompressor-2.4.8-1.el7
Details about builds:
================================================================================
bouncycastle-1.58-1.el7 (FEDORA-EPEL-2018-50d69f64bd)
Bouncy Castle Cryptography APIs for Java
--------------------------------------------------------------------------------
Update Information:
Update bouncycastle - all subpackages now built from the same source package.
Some are new in EPEL 7. Update canl-java to latest version.
--------------------------------------------------------------------------------
================================================================================
canl-java-2.5.0-1.el7 (FEDORA-EPEL-2018-50d69f64bd)
EMI Common Authentication library - bindings for Java
--------------------------------------------------------------------------------
Update Information:
Update bouncycastle - all subpackages now built from the same source package.
Some are new in EPEL 7. Update canl-java to latest version.
--------------------------------------------------------------------------------
================================================================================
homebank-5.1.7-1.el7 (FEDORA-EPEL-2018-0bd991204e)
Free easy personal accounting for all
--------------------------------------------------------------------------------
Update Information:
- Update to 5.1.7
--------------------------------------------------------------------------------
================================================================================
js-jquery-ui-touch-punch-0.2.3-0.1.20141219git4bc0091.el7 (FEDORA-EPEL-2018-90b3e1f4eb)
Touch Event Support for jQuery UI
--------------------------------------------------------------------------------
Update Information:
jQuery UI Touch Punch is a small hack that enables the use of touch events on
sites using the jQuery UI user interface library.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1528186 - Review Request: js-jquery-ui-touch-punch - Touch Event Support for jQuery UI
https://bugzilla.redhat.com/show_bug.cgi?id=1528186
--------------------------------------------------------------------------------
================================================================================
js-jsroot-5.3.4-2.el7 (FEDORA-EPEL-2018-377ad5b245)
JavaScript ROOT - Interactive numerical data analysis graphics
--------------------------------------------------------------------------------
Update Information:
JavaScript ROOT provides interactive ROOT-like graphics in web browsers. Data
can be read and displayed from binary and JSON ROOT files.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1529012 - Review Request: js-jsroot - JavaScript ROOT
https://bugzilla.redhat.com/show_bug.cgi?id=1529012
--------------------------------------------------------------------------------
================================================================================
voms-api-java-3.2.0-5.el7 (FEDORA-EPEL-2018-50d69f64bd)
Virtual Organization Membership Service Java API
--------------------------------------------------------------------------------
Update Information:
Update bouncycastle - all subpackages now built from the same source package.
Some are new in EPEL 7. Update canl-java to latest version.
--------------------------------------------------------------------------------
================================================================================
voms-clients-java-3.0.7-5.el7 (FEDORA-EPEL-2018-50d69f64bd)
Virtual Organization Membership Service Java clients
--------------------------------------------------------------------------------
Update Information:
Update bouncycastle - all subpackages now built from the same source package.
Some are new in EPEL 7. Update canl-java to latest version.
--------------------------------------------------------------------------------
================================================================================
yuicompressor-2.4.8-1.el7 (FEDORA-EPEL-2018-35e5d63125)
YUI Compressor - The Yahoo JavaScript and CSS Compressor
--------------------------------------------------------------------------------
Update Information:
The YUI Compressor is a JavaScript compressor which, in addition to removing
comments and white-spaces, obfuscates local variables using the smallest
possible variable name. This obfuscation is safe, even when using constructs
such as 'eval' or 'with' (although the compression is not optimal in those
cases) Compared to jsmin, the average savings is around 20%. The YUI Compressor
is also able to safely compress CSS files. The decision on which compressor is
being used is made on the file extension (js or css).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1523302 - Review Request: yuicompressor - YUI Compressor - The Yahoo JavaScript and CSS Compressor
https://bugzilla.redhat.com/show_bug.cgi?id=1523302
--------------------------------------------------------------------------------