The following Fedora EPEL 7 Security updates need testing:
Age URL
1083 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7
846 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7
428 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7
325 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe mod_cluster-1.3.3-10.el7
157 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e27758bd23 libmspack-0.6-0.1.alpha.el7
95 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e64eeb6ece nagios-4.3.4-5.el7
44 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-73ee944e65 rootsh-1.5.3-17.el7
18 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-7134fc92a1 jhead-3.00-7.el7
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-276ec6ee2b exim-4.90.1-2.el7
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-e50c94a832 seamonkey-2.49.2-2.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-525417d3d4 mbedtls-2.7.0-1.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-cee77fc9b3 knot-resolver-2.1.0-1.el7
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-b7a74678b1 openjpeg2-2.3.0-6.el7
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-50566f0a39 uwsgi-2.0.16-1.el7
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-0296296d7c mingw-wavpack-5.1.0-4.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-9111777f91 freexl-1.0.5-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
copr-cli-1.67-1.el7
drupal7-7.57-1.el7
lxqt-config-0.11.1-9.el7
python-copr-1.86-1.el7
python-crypto-2.6.1-15.el7
python2-zope-interface-4.0.5-0.el7
tlp-1.1-1.el7
Details about builds:
================================================================================
copr-cli-1.67-1.el7 (FEDORA-EPEL-2018-e25b4fc6da)
Command line interface for COPR
--------------------------------------------------------------------------------
Update Information:
- remove Group tag - Shebangs cleanup - fix deps in spec - allow running tests
only for epel7 - tests also for python2 during builds - new custom source method
- require to specify project when building module ---- - allow to set
use_bootstrap_container via API ---- - add SCM api - add deprecation warnings
for tito and mockscm methods ---- - fix unittests - run tests with python3 -
pag#130 update requirements - pag#125 copr build copr pkgs [pkgs ...] builds
only the first SRPM - pag#112 [RFE] copr-cli whoami - Bug 1431035 - coprs should
check credentials before uploading source rpm - Spelling fixes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1431035 - coprs should check credentials before uploading source rpm
https://bugzilla.redhat.com/show_bug.cgi?id=1431035
--------------------------------------------------------------------------------
================================================================================
drupal7-7.57-1.el7 (FEDORA-EPEL-2018-3e70a38ad4)
An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:
This update fixes multiple security vulnerabilities. Read more details here:
https://www.drupal.org/SA-CORE-2018-001
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1548191 - drupal7: drupal: JavaScript cross-site scripting in checkPlain function [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1548191
[ 2 ] Bug #1548326 - drupal7: drupal: Multiple vulnerabilities fixed in 7.57 and 8.4.5 (SA-CORE-2018-001) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1548326
[ 3 ] Bug #1548202 - drupal7: drupal: External link injection on 404 pages when linking to the current page [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1548202
[ 4 ] Bug #1548198 - drupal7: drupal: jQuery vulnerability with untrusted domains requests via Ajax [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1548198
[ 5 ] Bug #1548194 - drupal7: drupal: Private file access bypass in Drupal private file system [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1548194
[ 6 ] Bug #1548190 - drupal7: drupal: JavaScript cross-site scripting in checkPlain function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1548190
[ 7 ] Bug #1547793 - drupal7-7.57 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1547793
--------------------------------------------------------------------------------
================================================================================
lxqt-config-0.11.1-9.el7 (FEDORA-EPEL-2018-ee985ab75d)
Config tools for LXQt desktop suite
--------------------------------------------------------------------------------
Update Information:
Enabled aarch64 on EPEL 7.
--------------------------------------------------------------------------------
================================================================================
python-copr-1.86-1.el7 (FEDORA-EPEL-2018-72e5f79860)
Python interface for Copr
--------------------------------------------------------------------------------
Update Information:
- remove Group tag - build python2-copr package conditionally - Remove
unnecessary shebang sed in copr-cli.spec and python-copr.spec - fix deps in spec
- new custom source method - use username from config if nothing is explicitly
specified - remove outdated modularity code - require to specify project when
building module
--------------------------------------------------------------------------------
================================================================================
python-crypto-2.6.1-15.el7 (FEDORA-EPEL-2018-a3ae6e7571)
Cryptography library for Python
--------------------------------------------------------------------------------
Update Information:
The textbook ElGamal implementation is not secure. PyCrypto and some other
implementations use the wrong algorithm, which may lead to some information
disclosure simply by looking at the encrypted text. For a full description, see
https://github.com/dlitz/pycrypto/issues/253 This update includes a fix for
this problem backported from pycryptodome. This is CVE-2018-6594.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1542313 - CVE-2018-6594 python-crypto: Weak ElGamal key parameters in PublicKey/ElGamal.py allow attackers to obtain sensitive information by reading ciphertext
https://bugzilla.redhat.com/show_bug.cgi?id=1542313
--------------------------------------------------------------------------------
================================================================================
python2-zope-interface-4.0.5-0.el7 (FEDORA-EPEL-2018-a3e7bd9aee)
Dummy package depending on python-zope-interface
--------------------------------------------------------------------------------
Update Information:
This package exists only to allow packagers to uniformly depend upon python2
-zope-interface.
--------------------------------------------------------------------------------
================================================================================
tlp-1.1-1.el7 (FEDORA-EPEL-2018-012aa3f97e)
Advanced power management tool for Linux
--------------------------------------------------------------------------------
Update Information:
Update to 1.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1538383 - tlp-1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1538383
--------------------------------------------------------------------------------
The following Fedora EPEL 7 Security updates need testing:
Age URL
1082 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7
845 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7
427 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7
324 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe mod_cluster-1.3.3-10.el7
156 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e27758bd23 libmspack-0.6-0.1.alpha.el7
93 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e64eeb6ece nagios-4.3.4-5.el7
43 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-73ee944e65 rootsh-1.5.3-17.el7
17 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-7134fc92a1 jhead-3.00-7.el7
16 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-069884a87f p7zip-16.02-10.el7
7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-72e5d3ef89 suricata-4.0.4-1.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-276ec6ee2b exim-4.90.1-2.el7
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-e50c94a832 seamonkey-2.49.2-2.el7
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-525417d3d4 mbedtls-2.7.0-1.el7
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-cee77fc9b3 knot-resolver-2.1.0-1.el7
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-b7a74678b1 openjpeg2-2.3.0-6.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-50566f0a39 uwsgi-2.0.16-1.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-0296296d7c mingw-wavpack-5.1.0-4.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
datagrepper-0.9.1-2.el7
freexl-1.0.5-1.el7
lcgdm-1.10.0-5.el7
lynis-2.6.2-1.el7
meson-0.44.1-1.el7
nsd-4.1.20-1.el7
php-cs-fixer-2.2.17-1.el7
python-toml-0.9.4-3.el7
spglib-1.10.3-1.el7
Details about builds:
================================================================================
datagrepper-0.9.1-2.el7 (FEDORA-EPEL-2018-954236b0e6)
A webapp to query fedmsg history
--------------------------------------------------------------------------------
Update Information:
Latest upstream.
--------------------------------------------------------------------------------
================================================================================
freexl-1.0.5-1.el7 (FEDORA-EPEL-2018-9111777f91)
Library to extract data from within an Excel spreadsheet
--------------------------------------------------------------------------------
Update Information:
Fixes several heap-buffer-overflows, see related Bugzilla tickets!
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1547892 - heap-buffer-overflow in freexl.c:3912 read_mini_biff_next_record of FreeXL 1.0.4
https://bugzilla.redhat.com/show_bug.cgi?id=1547892
[ 2 ] Bug #1547889 - heap-buffer-overflow in freexl.c:383 parse_unicode_string of FreeXL 1.0.4
https://bugzilla.redhat.com/show_bug.cgi?id=1547889
[ 3 ] Bug #1547885 - heap-buffer-overflow in freexl.c:1866 parse_SST of FreeXL 1.0.4
https://bugzilla.redhat.com/show_bug.cgi?id=1547885
[ 4 ] Bug #1547883 - heap-buffer-overflow in freexl.c:1805 parse_SST parse_SST
https://bugzilla.redhat.com/show_bug.cgi?id=1547883
[ 5 ] Bug #1547879 - heap-buffer-overflow in freexl::destroy_cell of FreeXL 1.0.4
https://bugzilla.redhat.com/show_bug.cgi?id=1547879
--------------------------------------------------------------------------------
================================================================================
lcgdm-1.10.0-5.el7 (FEDORA-EPEL-2018-a914bf925b)
LHC Computing Grid Data Management
--------------------------------------------------------------------------------
Update Information:
* new upstream release ---- * new upstream release
--------------------------------------------------------------------------------
================================================================================
lynis-2.6.2-1.el7 (FEDORA-EPEL-2018-d7a6cbf9d8)
Security and system auditing tool
--------------------------------------------------------------------------------
Update Information:
Update to 2.6.2 (rhbz #1539272) ---- Update to 2.6.1 (rhbz #1539272)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1539272 - lynis-2.6.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1539272
--------------------------------------------------------------------------------
================================================================================
meson-0.44.1-1.el7 (FEDORA-EPEL-2018-9e6b270e6f)
High productivity build system
--------------------------------------------------------------------------------
Update Information:
Update to 0.44.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1547304 - meson-0.44.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1547304
--------------------------------------------------------------------------------
================================================================================
nsd-4.1.20-1.el7 (FEDORA-EPEL-2018-faef4af4e5)
Fast and lean authoritative DNS Name Server
--------------------------------------------------------------------------------
Update Information:
Updated to 4.1.20 (fixup memory leaks)
--------------------------------------------------------------------------------
================================================================================
php-cs-fixer-2.2.17-1.el7 (FEDORA-EPEL-2018-b768043f85)
A tool to automatically fix PHP code style
--------------------------------------------------------------------------------
Update Information:
Changelog for v2.2.17 --------------------- * bug #3504
NoBlankLinesAfterPhpdocFixer - allow blank line before declare statement
(julienfalque) * bug #3522 Remove LOCK_EX (SpacePossum) * bug #3560
SelfAccessorFixer is risky (Slamdunk) * minor #3435 Add tests for
general_phpdoc_annotation_remove (BackEndTea) * minor #3484 Create
Tokens::findBlockStart (ntzm) * minor #3512 Add missing array typehints (ntzm) *
minor #3516 Use null|type instead of ?type in PHPDocs (ntzm) * minor #3518
FixerFactoryTest - Test each priority test file is listed as test (SpacePossum)
* minor #3520 Fix typos: ran vs. run (SpacePossum) * minor #3521 Use HTTPS
(carusogabriel) * minor #3526 Remove gecko dependency (SpacePossum, keradus,
julienfalque) * minor #3531 Backport PHPMD to LTS version to ease
maintainability (keradus) * minor #3532 Implement Tokens::findOppositeBlockEdge
(ntzm) * minor #3533 DX: SCA - drop src/Resources exclusion (keradus) * minor
#3538 Don't use third parameter of Tokens::findBlockStart (ntzm) * minor #3542
Enhancement: Run composer-normalize on Travis CI (localheinz, keradus) * minor
#3555 DX: composer.json - drop branch-alias, branch is already following the
version (keradus) * minor #3556 DX: Add AutoReview/ComposerTest (keradus) *
minor #3559 Don't expose new files under Test namespace (keradus)
--------------------------------------------------------------------------------
================================================================================
python-toml-0.9.4-3.el7 (FEDORA-EPEL-2018-13d8b1e6c1)
Python Library for Tom's Obvious, Minimal Language
--------------------------------------------------------------------------------
Update Information:
Make changes to build the package for EPEL
--------------------------------------------------------------------------------
================================================================================
spglib-1.10.3-1.el7 (FEDORA-EPEL-2018-80f11c510b)
C library for finding and handling crystal symmetries
--------------------------------------------------------------------------------
Update Information:
- Update to 1.10.3
--------------------------------------------------------------------------------
The following Fedora EPEL 7 Security updates need testing:
Age URL
1081 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7
843 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7
426 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7
323 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe mod_cluster-1.3.3-10.el7
155 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e27758bd23 libmspack-0.6-0.1.alpha.el7
92 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e64eeb6ece nagios-4.3.4-5.el7
42 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-73ee944e65 rootsh-1.5.3-17.el7
16 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-7134fc92a1 jhead-3.00-7.el7
15 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-069884a87f p7zip-16.02-10.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-72e5d3ef89 suricata-4.0.4-1.el7
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-276ec6ee2b exim-4.90.1-2.el7
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-e50c94a832 seamonkey-2.49.2-2.el7
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-525417d3d4 mbedtls-2.7.0-1.el7
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-cee77fc9b3 knot-resolver-2.1.0-1.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-b7a74678b1 openjpeg2-2.3.0-6.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-50566f0a39 uwsgi-2.0.16-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
GMT-5.4.3-1.el7
argparse-manpage-1.0.0-1.el7
cargo-0.25.0-1.el7
fldigi-4.0.16-1.el7.1
freedv-1.2.2-1.el7.1
getdns-1.4.0-1.el7
hamlib-3.1-11.el7
ima-evm-utils-1.1-1.el7
llvm5.0-5.0.1-5.el7
lynis-2.6.1-1.el7
mingw-wavpack-5.1.0-4.el7
nova-agent-2.1.12-1.el7
perl-HTTP-Lite-2.44-12.el7
python-certbot-dns-cloudflare-0.21.1-1.el7
python-certbot-dns-cloudxns-0.21.1-1.el7
python-certbot-dns-luadns-0.21.1-1.el7
qsstv-9.2.6-1.el7.1
rust-1.24.0-2.el7
Details about builds:
================================================================================
GMT-5.4.3-1.el7 (FEDORA-EPEL-2018-0c8e266959)
Generic Mapping Tools
--------------------------------------------------------------------------------
Update Information:
- Update to 5.4.3 - Fix GSHHG_ROOT (bug #1545256)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1545256 - gmt cannot find gshhg files
https://bugzilla.redhat.com/show_bug.cgi?id=1545256
[ 2 ] Bug #1449426 - GMT-5.4.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1449426
--------------------------------------------------------------------------------
================================================================================
argparse-manpage-1.0.0-1.el7 (FEDORA-EPEL-2018-d274033e1d)
Build manual page from Python ArgumentParser object
--------------------------------------------------------------------------------
Update Information:
build man page from python ArgParse object
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1546801 - Review Request: argparse-manpage - Build manual page from Python ArgumentParser object
https://bugzilla.redhat.com/show_bug.cgi?id=1546801
--------------------------------------------------------------------------------
================================================================================
cargo-0.25.0-1.el7 (FEDORA-EPEL-2018-592dd11f3d)
Rust's package manager and build tool
--------------------------------------------------------------------------------
Update Information:
New versions of Rust and Cargo -- see the release notes for [1.24](https://blog
.rust-lang.org/2018/02/15/Rust-1.24.html).
--------------------------------------------------------------------------------
================================================================================
fldigi-4.0.16-1.el7.1 (FEDORA-EPEL-2018-cf02b4f677)
Digital modem program for Linux
--------------------------------------------------------------------------------
Update Information:
Updating hamlib to 3.1 as it is required for wsjtx. ---- * Changed the .pro
file for autodetecing correct libopenjpg2 (DL1JBE -Tom) * ftp transfer -
initialize bug fix (VK6MN- Mike) * Help manual -> path correction and corrected
some typo's (DJ0MBA- Marinus) * SSTV initialize bug fix (Adrian) * Camera
support for Raspberry PI Cam * fixed audio loopback use * fixed transmission
after stop, image was not restarted at top ---- Version 4.0.16 - Maintenance
release wo seg fault * fix seg fault in waterfall only mode 8psk
lockup problem * correct lockup associated with S/N and IMD disply when
using 8psk mode. Code change fixes problem reported by K0OG. I was not
able to replicate the lockup on test machines. Miscellaneous menu *
provide access to various miscellaneous config tabs pskrep autostart *
allow user to control pskrep start during program initialization OS X build
script * Modified to only build dmg with dylibs Grid Square Contest *
Add Grid Square to generic contest log fields Logbook Export * Add LoTW
sent/rcvd to export values * Create unverified.txt flat file when LoTW
download contains unmatched records - notifier dialog shows #
records # matched # unmatched Greek translation update *
update to el.po Alert timeouts * FSQ change message received alert from
fl_alert2 to notify(...) - notify dialog is not modal - can be set
to a timeout interval - displays timeout sequencing as clock dial -
does not inhibit decoding or UI with main dialog. * LoTW changed - fl_alert2
to notify_dialog * Logbook merger - changed fl_alert2 to notify_dialog
video * Correct lock up caused by waterfall video stream
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1428966 - "Repeater" config Dialog has no function
https://bugzilla.redhat.com/show_bug.cgi?id=1428966
[ 2 ] Bug #1514286 - qsstv-9.2.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1514286
[ 3 ] Bug #1536703 - fldigi-4.0.16 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1536703
--------------------------------------------------------------------------------
================================================================================
freedv-1.2.2-1.el7.1 (FEDORA-EPEL-2018-cf02b4f677)
FreeDV Digital Voice
--------------------------------------------------------------------------------
Update Information:
Updating hamlib to 3.1 as it is required for wsjtx. ---- * Changed the .pro
file for autodetecing correct libopenjpg2 (DL1JBE -Tom) * ftp transfer -
initialize bug fix (VK6MN- Mike) * Help manual -> path correction and corrected
some typo's (DJ0MBA- Marinus) * SSTV initialize bug fix (Adrian) * Camera
support for Raspberry PI Cam * fixed audio loopback use * fixed transmission
after stop, image was not restarted at top ---- Version 4.0.16 - Maintenance
release wo seg fault * fix seg fault in waterfall only mode 8psk
lockup problem * correct lockup associated with S/N and IMD disply when
using 8psk mode. Code change fixes problem reported by K0OG. I was not
able to replicate the lockup on test machines. Miscellaneous menu *
provide access to various miscellaneous config tabs pskrep autostart *
allow user to control pskrep start during program initialization OS X build
script * Modified to only build dmg with dylibs Grid Square Contest *
Add Grid Square to generic contest log fields Logbook Export * Add LoTW
sent/rcvd to export values * Create unverified.txt flat file when LoTW
download contains unmatched records - notifier dialog shows #
records # matched # unmatched Greek translation update *
update to el.po Alert timeouts * FSQ change message received alert from
fl_alert2 to notify(...) - notify dialog is not modal - can be set
to a timeout interval - displays timeout sequencing as clock dial -
does not inhibit decoding or UI with main dialog. * LoTW changed - fl_alert2
to notify_dialog * Logbook merger - changed fl_alert2 to notify_dialog
video * Correct lock up caused by waterfall video stream
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1428966 - "Repeater" config Dialog has no function
https://bugzilla.redhat.com/show_bug.cgi?id=1428966
[ 2 ] Bug #1514286 - qsstv-9.2.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1514286
[ 3 ] Bug #1536703 - fldigi-4.0.16 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1536703
--------------------------------------------------------------------------------
================================================================================
getdns-1.4.0-1.el7 (FEDORA-EPEL-2018-92eec623b7)
Modern asynchronous API to the DNS
--------------------------------------------------------------------------------
Update Information:
Updated to 1.4.0 (which includes previous patch)
--------------------------------------------------------------------------------
================================================================================
hamlib-3.1-11.el7 (FEDORA-EPEL-2018-cf02b4f677)
Run-time library to control radio transceivers and receivers
--------------------------------------------------------------------------------
Update Information:
Updating hamlib to 3.1 as it is required for wsjtx. ---- * Changed the .pro
file for autodetecing correct libopenjpg2 (DL1JBE -Tom) * ftp transfer -
initialize bug fix (VK6MN- Mike) * Help manual -> path correction and corrected
some typo's (DJ0MBA- Marinus) * SSTV initialize bug fix (Adrian) * Camera
support for Raspberry PI Cam * fixed audio loopback use * fixed transmission
after stop, image was not restarted at top ---- Version 4.0.16 - Maintenance
release wo seg fault * fix seg fault in waterfall only mode 8psk
lockup problem * correct lockup associated with S/N and IMD disply when
using 8psk mode. Code change fixes problem reported by K0OG. I was not
able to replicate the lockup on test machines. Miscellaneous menu *
provide access to various miscellaneous config tabs pskrep autostart *
allow user to control pskrep start during program initialization OS X build
script * Modified to only build dmg with dylibs Grid Square Contest *
Add Grid Square to generic contest log fields Logbook Export * Add LoTW
sent/rcvd to export values * Create unverified.txt flat file when LoTW
download contains unmatched records - notifier dialog shows #
records # matched # unmatched Greek translation update *
update to el.po Alert timeouts * FSQ change message received alert from
fl_alert2 to notify(...) - notify dialog is not modal - can be set
to a timeout interval - displays timeout sequencing as clock dial -
does not inhibit decoding or UI with main dialog. * LoTW changed - fl_alert2
to notify_dialog * Logbook merger - changed fl_alert2 to notify_dialog
video * Correct lock up caused by waterfall video stream
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1428966 - "Repeater" config Dialog has no function
https://bugzilla.redhat.com/show_bug.cgi?id=1428966
[ 2 ] Bug #1514286 - qsstv-9.2.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1514286
[ 3 ] Bug #1536703 - fldigi-4.0.16 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1536703
--------------------------------------------------------------------------------
================================================================================
ima-evm-utils-1.1-1.el7 (FEDORA-EPEL-2018-6e526ba359)
IMA/EVM support utilities
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
================================================================================
llvm5.0-5.0.1-5.el7 (FEDORA-EPEL-2018-592dd11f3d)
The Low Level Virtual Machine
--------------------------------------------------------------------------------
Update Information:
New versions of Rust and Cargo -- see the release notes for [1.24](https://blog
.rust-lang.org/2018/02/15/Rust-1.24.html).
--------------------------------------------------------------------------------
================================================================================
lynis-2.6.1-1.el7 (FEDORA-EPEL-2018-2fabdd3a4a)
Security and system auditing tool
--------------------------------------------------------------------------------
Update Information:
Update to 2.6.1 (rhbz #1539272)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1539272 - lynis-2.6.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1539272
--------------------------------------------------------------------------------
================================================================================
mingw-wavpack-5.1.0-4.el7 (FEDORA-EPEL-2018-0296296d7c)
Completely open audiocodec
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2018-6767, CVE-2018-7253, and CVE-2018-7254
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1547735 - CVE-2018-7254 wavpack: Heap-based buffer over-read in ParseCaffHeaderConfig function in cli/caff.c
https://bugzilla.redhat.com/show_bug.cgi?id=1547735
[ 2 ] Bug #1547719 - CVE-2018-7253 wavpack: Heap-based buffer over-read in ParseDsdiffHeaderConfig function in cli/dsdiff.c
https://bugzilla.redhat.com/show_bug.cgi?id=1547719
[ 3 ] Bug #1542550 - CVE-2018-6767 wavpack: stack buffer overread via crafted wav file
https://bugzilla.redhat.com/show_bug.cgi?id=1542550
--------------------------------------------------------------------------------
================================================================================
nova-agent-2.1.12-1.el7 (FEDORA-EPEL-2018-ce9f5c5759)
Agent for setting up clean servers on Xen
--------------------------------------------------------------------------------
Update Information:
- Latest upstream
--------------------------------------------------------------------------------
================================================================================
perl-HTTP-Lite-2.44-12.el7 (FEDORA-EPEL-2018-2b6a247182)
Lightweight HTTP implementation
--------------------------------------------------------------------------------
Update Information:
This update allows EPEL7 to install the perl module HTTP::Lite.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1546268 - Please provide a package for EPEL7
https://bugzilla.redhat.com/show_bug.cgi?id=1546268
--------------------------------------------------------------------------------
================================================================================
python-certbot-dns-cloudflare-0.21.1-1.el7 (FEDORA-EPEL-2018-e936db8d39)
Cloudflare DNS Authenticator plugin for Certbot
--------------------------------------------------------------------------------
Update Information:
Initial build
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1547617 - Review Request: python-certbot-dns-cloudflare - Cloudflare DNS Authenticator plugin for Certbot
https://bugzilla.redhat.com/show_bug.cgi?id=1547617
--------------------------------------------------------------------------------
================================================================================
python-certbot-dns-cloudxns-0.21.1-1.el7 (FEDORA-EPEL-2018-8485d945fc)
CloudXNS DNS Authenticator plugin for Certbot
--------------------------------------------------------------------------------
Update Information:
Initial build
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1547611 - Review Request: python-certbot-dns-cloudxns - CloudXNS DNS Authenticator plugin for Certbot
https://bugzilla.redhat.com/show_bug.cgi?id=1547611
--------------------------------------------------------------------------------
================================================================================
python-certbot-dns-luadns-0.21.1-1.el7 (FEDORA-EPEL-2018-7c4aa35266)
LuaDNS Authenticator plugin for Certbot
--------------------------------------------------------------------------------
Update Information:
Initial build
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1547601 - Review Request: python-certbot-dns-luadns - LuaDNS Authenticator plugin for Certbot
https://bugzilla.redhat.com/show_bug.cgi?id=1547601
--------------------------------------------------------------------------------
================================================================================
qsstv-9.2.6-1.el7.1 (FEDORA-EPEL-2018-cf02b4f677)
Qt-based slow-scan TV and fax
--------------------------------------------------------------------------------
Update Information:
Updating hamlib to 3.1 as it is required for wsjtx. ---- * Changed the .pro
file for autodetecing correct libopenjpg2 (DL1JBE -Tom) * ftp transfer -
initialize bug fix (VK6MN- Mike) * Help manual -> path correction and corrected
some typo's (DJ0MBA- Marinus) * SSTV initialize bug fix (Adrian) * Camera
support for Raspberry PI Cam * fixed audio loopback use * fixed transmission
after stop, image was not restarted at top ---- Version 4.0.16 - Maintenance
release wo seg fault * fix seg fault in waterfall only mode 8psk
lockup problem * correct lockup associated with S/N and IMD disply when
using 8psk mode. Code change fixes problem reported by K0OG. I was not
able to replicate the lockup on test machines. Miscellaneous menu *
provide access to various miscellaneous config tabs pskrep autostart *
allow user to control pskrep start during program initialization OS X build
script * Modified to only build dmg with dylibs Grid Square Contest *
Add Grid Square to generic contest log fields Logbook Export * Add LoTW
sent/rcvd to export values * Create unverified.txt flat file when LoTW
download contains unmatched records - notifier dialog shows #
records # matched # unmatched Greek translation update *
update to el.po Alert timeouts * FSQ change message received alert from
fl_alert2 to notify(...) - notify dialog is not modal - can be set
to a timeout interval - displays timeout sequencing as clock dial -
does not inhibit decoding or UI with main dialog. * LoTW changed - fl_alert2
to notify_dialog * Logbook merger - changed fl_alert2 to notify_dialog
video * Correct lock up caused by waterfall video stream
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1428966 - "Repeater" config Dialog has no function
https://bugzilla.redhat.com/show_bug.cgi?id=1428966
[ 2 ] Bug #1514286 - qsstv-9.2.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1514286
[ 3 ] Bug #1536703 - fldigi-4.0.16 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1536703
--------------------------------------------------------------------------------
================================================================================
rust-1.24.0-2.el7 (FEDORA-EPEL-2018-592dd11f3d)
The Rust Programming Language
--------------------------------------------------------------------------------
Update Information:
New versions of Rust and Cargo -- see the release notes for [1.24](https://blog
.rust-lang.org/2018/02/15/Rust-1.24.html).
--------------------------------------------------------------------------------
The following Fedora EPEL 6 Security updates need testing:
Age URL
953 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6
843 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6
814 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6
425 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac libbsd-0.8.3-2.el6
154 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4c76ddcc92 libmspack-0.6-0.1.alpha.el6
73 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6aaee32b7e optipng-0.7.6-6.el6
45 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-8c9006d462 heimdal-7.5.0-1.el6
40 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-752a7c9ad4 rootsh-1.5.3-17.el6
14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-bc1949f307 p7zip-16.02-10.el6
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-f742513635 jhead-3.00-9.el6
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-be69c94866 clamav-0.99.3-8.el6
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-87b20f1b26 exim-4.90.1-2.el6
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c8346d8e5 mbedtls-2.7.0-1.el6
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-76121890f9 seamonkey-2.49.2-2.el6
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-6ac908eac8 openjpeg2-2.3.0-6.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
distribution-gpg-keys-1.19-1.el6
dmlite-1.10.0-2.el6
fedfind-4.1.0-1.el6
fts-monitoring-3.7.8-1.el6
opensc-0.17.0-6.el6
uwsgi-2.0.16-1.el6
Details about builds:
================================================================================
distribution-gpg-keys-1.19-1.el6 (FEDORA-EPEL-2018-827d067538)
GPG keys of various Linux distributions
--------------------------------------------------------------------------------
Update Information:
- updated copr keys
--------------------------------------------------------------------------------
================================================================================
dmlite-1.10.0-2.el6 (FEDORA-EPEL-2018-ae496d96ba)
Lcgdm grid data management and storage framework
--------------------------------------------------------------------------------
Update Information:
* new upstream release
--------------------------------------------------------------------------------
================================================================================
fedfind-4.1.0-1.el6 (FEDORA-EPEL-2018-35de7d3f2f)
Fedora compose and image finder
--------------------------------------------------------------------------------
Update Information:
This update provides a new (fully backwards compatible) release of fedfind. The
major change is to reintroduce the PDC-based implementation of
`get_package_nvras()` as a separate method, `get_package_nevras_pdc()`, only for
`Pungi4Release` classes.
--------------------------------------------------------------------------------
================================================================================
fts-monitoring-3.7.8-1.el6 (FEDORA-EPEL-2018-ad555cbf93)
FTS3 Web Application for monitoring
--------------------------------------------------------------------------------
Update Information:
* new upstream release
--------------------------------------------------------------------------------
================================================================================
opensc-0.17.0-6.el6 (FEDORA-EPEL-2018-9529e04c00)
Smart card library and applications
--------------------------------------------------------------------------------
Update Information:
New upstream release including support for Coolkey, CAC cards, CAC Alt tokens,
Estonia IDs and serveral fixes.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1519751 - Estonia ID card patch (OpenSC <= 0.17 only)
https://bugzilla.redhat.com/show_bug.cgi?id=1519751
--------------------------------------------------------------------------------
================================================================================
uwsgi-2.0.16-1.el6 (FEDORA-EPEL-2018-3f91ecfb84)
Fast, self-healing, application container server
--------------------------------------------------------------------------------
Update Information:
Updated to latest stable from upstream
--------------------------------------------------------------------------------
The following Fedora EPEL 7 Security updates need testing:
Age URL
1080 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7
843 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7
425 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7
322 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe mod_cluster-1.3.3-10.el7
154 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e27758bd23 libmspack-0.6-0.1.alpha.el7
91 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e64eeb6ece nagios-4.3.4-5.el7
41 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-73ee944e65 rootsh-1.5.3-17.el7
15 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-7134fc92a1 jhead-3.00-7.el7
14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-069884a87f p7zip-16.02-10.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-72e5d3ef89 suricata-4.0.4-1.el7
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-276ec6ee2b exim-4.90.1-2.el7
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-e50c94a832 seamonkey-2.49.2-2.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-525417d3d4 mbedtls-2.7.0-1.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-cee77fc9b3 knot-resolver-2.1.0-1.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-b7a74678b1 openjpeg2-2.3.0-6.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
cabal-rpm-0.12.1-4.el7
distribution-gpg-keys-1.19-1.el7
dmlite-1.10.0-2.el7
fedfind-4.1.0-1.el7
fts-monitoring-3.7.8-1.el7
llvm5.0-5.0.1-5.el7
perl-Mojolicious-7.67-1.el7
python-certbot-dns-dnsimple-0.21.1-1.el7
python-certbot-dns-dnsmadeeasy-0.21.1-1.el7
python-certbot-dns-nsone-0.21.1-1.el7
python-wikitcms-2.3.0-1.el7
rust-1.24.0-2.el7
uwsgi-2.0.16-1.el7
yamllint-1.11.0-1.el7
Details about builds:
================================================================================
cabal-rpm-0.12.1-4.el7 (FEDORA-EPEL-2018-465de20298)
RPM packaging tool for Haskell Cabal-based packages
--------------------------------------------------------------------------------
Update Information:
- new option --missing: comments out missing dependencies - put license files in
lib subpackage - no longer append %_isa to C BuildRequires - no longer leave
leftover tmpdirs
--------------------------------------------------------------------------------
================================================================================
distribution-gpg-keys-1.19-1.el7 (FEDORA-EPEL-2018-bef1936800)
GPG keys of various Linux distributions
--------------------------------------------------------------------------------
Update Information:
- updated copr keys
--------------------------------------------------------------------------------
================================================================================
dmlite-1.10.0-2.el7 (FEDORA-EPEL-2018-7ffd4164ed)
Lcgdm grid data management and storage framework
--------------------------------------------------------------------------------
Update Information:
* new upstream release
--------------------------------------------------------------------------------
================================================================================
fedfind-4.1.0-1.el7 (FEDORA-EPEL-2018-319692af2d)
Fedora compose and image finder
--------------------------------------------------------------------------------
Update Information:
This update provides a new (fully backwards compatible) release of fedfind. The
major change is to reintroduce the PDC-based implementation of
`get_package_nvras()` as a separate method, `get_package_nevras_pdc()`, only for
`Pungi4Release` classes.
--------------------------------------------------------------------------------
================================================================================
fts-monitoring-3.7.8-1.el7 (FEDORA-EPEL-2018-3e2d99a40e)
FTS3 Web Application for monitoring
--------------------------------------------------------------------------------
Update Information:
* new upstream release
--------------------------------------------------------------------------------
================================================================================
llvm5.0-5.0.1-5.el7 (FEDORA-EPEL-2018-592dd11f3d)
The Low Level Virtual Machine
--------------------------------------------------------------------------------
Update Information:
New version of Rust -- see the release notes for [1.24](https://blog.rust-
lang.org/2018/02/15/Rust-1.24.html).
--------------------------------------------------------------------------------
================================================================================
perl-Mojolicious-7.67-1.el7 (FEDORA-EPEL-2018-4a3b2cd2dd)
A next generation web framework for Perl
--------------------------------------------------------------------------------
Update Information:
This update brings the perl web framework Mojolicious in EPEL.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1525990 - [RFE] please provide in EPEL
https://bugzilla.redhat.com/show_bug.cgi?id=1525990
--------------------------------------------------------------------------------
================================================================================
python-certbot-dns-dnsimple-0.21.1-1.el7 (FEDORA-EPEL-2018-4641c70a87)
DNSimple DNS Authenticator plugin for Certbot
--------------------------------------------------------------------------------
Update Information:
Initial build
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1547122 - Review Request: python-certbot-dns-dnsimple - DNSimple DNS Authenticator plugin for Certbot
https://bugzilla.redhat.com/show_bug.cgi?id=1547122
--------------------------------------------------------------------------------
================================================================================
python-certbot-dns-dnsmadeeasy-0.21.1-1.el7 (FEDORA-EPEL-2018-7b84eb877e)
DNS Made Easy DNS Authenticator plugin for Certbot
--------------------------------------------------------------------------------
Update Information:
Initial build
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1546851 - Review Request: python-certbot-dns-dnsmadeeasy - DNS Made Easy DNS Authenticator plugin for Certbot
https://bugzilla.redhat.com/show_bug.cgi?id=1546851
--------------------------------------------------------------------------------
================================================================================
python-certbot-dns-nsone-0.21.1-1.el7 (FEDORA-EPEL-2018-91cb61f0db)
NS1 DNS Authenticator plugin for Certbot
--------------------------------------------------------------------------------
Update Information:
Initial build
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1547135 - Review Request: python-certbot-dns-nsone - NS1 DNS Authenticator plugin for Certbot
https://bugzilla.redhat.com/show_bug.cgi?id=1547135
--------------------------------------------------------------------------------
================================================================================
python-wikitcms-2.3.0-1.el7 (FEDORA-EPEL-2018-f36bf71582)
Fedora QA wiki test management Python library
--------------------------------------------------------------------------------
Update Information:
This update provides a new release of python-wikitcms. The main changes in this
release relate to improving handling of the tricky corner cases around event
creation for new candidate composes.
--------------------------------------------------------------------------------
================================================================================
rust-1.24.0-2.el7 (FEDORA-EPEL-2018-592dd11f3d)
The Rust Programming Language
--------------------------------------------------------------------------------
Update Information:
New version of Rust -- see the release notes for [1.24](https://blog.rust-
lang.org/2018/02/15/Rust-1.24.html).
--------------------------------------------------------------------------------
================================================================================
uwsgi-2.0.16-1.el7 (FEDORA-EPEL-2018-50566f0a39)
Fast, self-healing, application container server
--------------------------------------------------------------------------------
Update Information:
Updated to 2.0.16 which includes fix for CVE-2018-6758
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1542819 - CVE-2018-6758 uwsgi: Stack-based buffer overflow in core/utils.c:uwsgi_expand_path() can lead to crash and potential code execution [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1542819
--------------------------------------------------------------------------------
================================================================================
yamllint-1.11.0-1.el7 (FEDORA-EPEL-2018-922fadab6c)
A linter for YAML files
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream version
--------------------------------------------------------------------------------