The following Fedora EPEL 7 Security updates need testing:
Age URL
585 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d condor-8.6.11-1.el7
326 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80 python-gnupg-0.4.4-1.el7
324 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b bubblewrap-0.3.3-2.el7
34 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-fa8a2e97c6 python-waitress-1.4.3-1.el7
12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-b8f44a854a weechat-2.7.1-1.el7
12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-b467e9784b php-horde-Horde-Form-2.0.20-1.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-7e106e25f9 timeshift-20.03-1.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-42d19f5f91 chromium-80.0.3987.149-1.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-33500a2742 tor-0.3.5.10-1.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-7c64d8ca18 ckeditor-4.14.0-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
R-highlight-0.5.0-1.el7
R-qtl-1.46.2-1.el7
libmodsecurity-3.0.2-6.el7
numix-icon-theme-0.1.0-24.20200320.gitea068b4.el7
python-dialog-3.3.0-17.el7
seamonkey-2.53.1-3.el7
Details about builds:
================================================================================
R-highlight-0.5.0-1.el7 (FEDORA-EPEL-2020-0334b468c0)
R Syntax Highlighter
--------------------------------------------------------------------------------
Update Information:
R-highlifgt 0.5.0 First build for EPEL 8.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 20 2020 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 0.5.0-1
- Update to 0.5.0
* Tue Jan 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.4.7.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Mon Aug 12 2019 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 0.4.7.2-6
- Remove explicit dependencies provided by automatic dependency generator
* Mon Aug 12 2019 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 0.4.7.2-5
- Rebuild with automatic Provides
* Wed Jul 24 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.4.7.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.4.7.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.4.7.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
R-qtl-1.46.2-1.el7 (FEDORA-EPEL-2020-ed43a28ba5)
Tools for analyzing QTL experiments
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 21 2020 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 1.46.2-1
- Update to 1.46-2
* Tue Feb 18 2020 Tom Callaway <spot(a)fedoraproject.org> - 1.44.9-7
- rebuild against R without libRlapack.so
* Tue Jan 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.44.9-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Sep 19 2019 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 1.44.9-5
- Unify specfile
* Mon Aug 12 2019 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 1.44.9-4
- Remove explicit dependencies provided by automatic dependency generator
* Wed Jul 24 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.44.9-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.44.9-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
libmodsecurity-3.0.2-6.el7 (FEDORA-EPEL-2020-61faf4c2ff)
A library that loads/interprets rules written in the ModSecurity SecRules
--------------------------------------------------------------------------------
Update Information:
Fix DoS vulnerability (CVE-2019-19886, RHBZ #1801720 / #1801719)
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 21 2020 Othman Madjoudj <athmane(a)fedoraproject.org> - 3.0.2-6
- Fix DoS vulnerability (CVE-2019-19886, RHBZ #1801720 / #1801719)
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1801720 - CVE-2019-19886 libmodsecurity: denial of service in Transaction::addRequestHeader in transaction.cc [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1801720
[ 2 ] Bug #1801719 - CVE-2019-19886 libmodsecurity: denial of service in Transaction::addRequestHeader in transaction.cc [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1801719
--------------------------------------------------------------------------------
================================================================================
numix-icon-theme-0.1.0-24.20200320.gitea068b4.el7 (FEDORA-EPEL-2020-e564e17f42)
Numix Project icon theme
--------------------------------------------------------------------------------
Update Information:
Update to release 20.03.20: * mimetype symlinks * mesonbuild symlinks *
More geolocation stuff
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 21 2020 Brendan Early <mymindstorm(a)evermiss.net> - 0.1.0-24.20200320.gitea068b4
- Update to release 20.03.20
* Wed Jan 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.1.0-23.20190920.gitcfef86f
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1815699 - numix-icon-theme-20.03.20 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1815699
--------------------------------------------------------------------------------
================================================================================
python-dialog-3.3.0-17.el7 (FEDORA-EPEL-2020-31e8cf4959)
Python interface to the Unix dialog utility
--------------------------------------------------------------------------------
Update Information:
support for python3, rhbz#1800888 Do we still need support for python2?
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.3.0-17
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Oct 10 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 3.3.0-16
- Python2 binary package has been removed
See https://fedoraproject.org/wiki/Changes/Mass_Python_2_Package_Removal
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.3.0-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 3.3.0-14
- Rebuilt for Python 3.7
* Fri Feb 9 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.3.0-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Thu Jul 27 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.3.0-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Sat Feb 11 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.3.0-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Mon Dec 19 2016 Miro Hron��ok <mhroncok(a)redhat.com> - 3.3.0-10
- Rebuild for Python 3.6
* Tue Jul 19 2016 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 3.3.0-9
- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Pa…
* Thu Feb 4 2016 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.3.0-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1800888 - Please build for epel7 & epel8 (dependency for python-pvc)
https://bugzilla.redhat.com/show_bug.cgi?id=1800888
--------------------------------------------------------------------------------
================================================================================
seamonkey-2.53.1-3.el7 (FEDORA-EPEL-2020-c513b3c1ca)
Web browser, e-mail, news, IRC client, HTML editor
--------------------------------------------------------------------------------
Update Information:
Upgrade to 2.53.1 SeaMonkey-2.53.1, being initially based on the Firefox-56 and
Thunderbird-56 code, incorporates now a lot of backported features and security
fixes from the newer Firefox/Thunderbird versions up to 75. That way it tries to
be a modern browser, preserving the same time the familiar user interface and
the ability to use traditional extensions and addons. This version makes
changes to your profile that can't be reverted in case you want to go back to a
previous version of SeaMonkey. You MUST absolutely do a full backup of your
profile (~/.mozilla/seamonkey/ dir) BEFORE trying to run new version. SeaMonkey
now uses GTK3 library for GUI interface. If you experienced some size issues, go
to "about:config" and try to set "layout.css.devPixelsPerPx" preference to "1"
(or any other preferred value). You can also use gtk3's environment variables
GDK_SCALE and/or GDK_DPI_SCALE (useful for HiDPI displays). Since Classic theme
uses system desktop theme, it might behaves incorrectly when the underlying
theme (still) does not support gtk3. Full theme add-ons may need changes
because of user interface and internal changes. If you find any problem with
themes, contact the theme author. Before reporting a problem with the user
interface, please make sure to recreate it with either the Classic or Modern
theme. This version now includes "Lightning" calendar. It becomes a standard
part of Thunderbird/SeaMonkey, being just technically organized as an extension.
This version returns providing of Chatzilla and DOM inspector extensions, just
as it always was before. It is likely you need to update your third party
extensions to newer versions. Poorly designed or incompatible extensions can
cause unpredictable problems. If you encounter some strange issues, try
"seamonkey -safe-mode" from command line. Unfortunately, it is now impossible
to continue support of npapi plugins. Thus, java applets no more work :( . All
modern browsers have dropped such support years ago, and even plugin owners
recommend to not use it anymore. Search "browsers with java support" if you
still need it. Sorry for that. Flash is still supported, at least until its EOL
at the end of 2020. Since 2.53.1, 32-bit version (i686 arch) does not provided,
because no more supported. The old format of keys and certificates storage in
the user profiles still preserved in Fedora. DO NOT TOUCH key3.db and cert8.db
files (as it might be recommended in the upstream release notes) -- they still
works as expected. Please, read upstream release notes for more info
https://www.seamonkey-project.org/releases/seamonkey2.53.1/
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 21 2020 Dmitry Butskoy <Dmitry(a)Butskoy.name> 2.53.1-3
- fix localization for bundled calendar and chatzilla (#1815109)
- clear obsolete stuff from desktop-file-install
* Wed Mar 4 2020 Dmitry Butskoy <Dmitry(a)Butskoy.name> 2.53.1-2
- add patch for classic theme (#1808197)
- build with clang
* Fri Feb 28 2020 Dmitry Butskoy <Dmitry(a)Butskoy.name> 2.53.1-1
- Upgrade to 2.53.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1808197 - seamonkey-2.53.1.source is available
https://bugzilla.redhat.com/show_bug.cgi?id=1808197
--------------------------------------------------------------------------------
The following Fedora EPEL 6 Security updates need testing:
Age URL
11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-658581cb5f php-horde-Horde-Form-2.0.20-1.el6
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-81c37f8ff5 tomcat-7.0.100-2.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
ckeditor-4.14.0-1.el6
php-theseer-autoload-1.25.9-1.el6
Details about builds:
================================================================================
ckeditor-4.14.0-1.el6 (FEDORA-EPEL-2020-9190462510)
WYSIWYG text editor to be used inside web pages
--------------------------------------------------------------------------------
Update Information:
## CKEditor 4.14 **Security Updates:** *
[CVE-2020-9281](https://nvd.nist.gov/vuln/detail/CVE-2020-9281) Fixed XSS
vulnerability in the HTML data processor reported by [Micha��
Bentkowski](https://twitter.com/securitymb) of Securitum. Issue
summary: It was possible to execute XSS inside CKEditor after persuading the
victim to: (i) switch CKEditor to source mode, then (ii) paste a specially
crafted HTML code, prepared by the attacker, into the opened CKEditor source
area, and (iii) switch back to WYSIWYG mode or (i) copy the specially crafted
HTML code, prepared by the attacker and (ii) paste it into CKEditor in WYSIWYG
mode. * [CVE-2020-9440](https://nvd.nist.gov/vuln/detail/CVE-2020-9440) Fixed
XSS vulnerability in the WebSpellChecker Dialog plugin reported by [Pham Van
Khanh](https://twitter.com/rskvp93) from Viettel Cyber Security. Issue
summary: It was possible to execute XSS using CKEditor after persuading the
victim to: (i) switch CKEditor to source mode, then (ii) paste a specially
crafted HTML code, prepared by the attacker, into the opened CKEditor source
area, then (iii) switch back to WYSIWYG mode, and (iv) preview CKEditor content
outside CKEditor editable area. **An upgrade is highly recommended!** New
features: * [#2374](https://github.com/ckeditor/ckeditor4/issues/2374): Added
support for pasting rich content from LibreOffice Writer with the [Paste from
LibreOffice](https://ckeditor.com/cke4/addon/pastefromlibreoffice) plugin. *
[#2583](https://github.com/ckeditor/ckeditor4/issues/2583): Changed
[emoji](https://ckeditor.com/cke4/addon/emoji) suggestion box to show the
matched emoji name instead of an ID. *
[#3748](https://github.com/ckeditor/ckeditor4/issues/3748): Improved the [color
button](https://ckeditor.com/cke4/addon/colorbutton) state to reflect the
selected editor content colors. *
[#3661](https://github.com/ckeditor/ckeditor4/issues/3661): Improved the
[Print](https://ckeditor.com/cke4/addon/print) plugin to respect styling
rendered by the [Preview](https://ckeditor.com/cke4/addon/preview) plugin. *
[#3547](https://github.com/ckeditor/ckeditor4/issues/3547): Active
[dialog](https://ckeditor.com/cke4/addon/dialog) tab now has the `aria-
selected="true"` attribute. *
[#3441](https://github.com/ckeditor/ckeditor4/issues/3441): Improved [`widget.ge
tClipboardHtml()`](https://ckeditor.com/docs/ckeditor4/latest/api/CKEDITOR_…
ns_widget.html#method-getClipboardHtml) support for dragging and dropping
multiple [widgets](https://ckeditor.com/cke4/addon/widget). Fixed Issues: *
[#3587](https://github.com/ckeditor/ckeditor4/issues/3587): [Edge, IE] Fixed:
[Widget](https://ckeditor.com/cke4/addon/widget) with form input elements loses
focus during typing. *
[#3705](https://github.com/ckeditor/ckeditor4/issues/3705): [Safari] Fixed:
Safari incorrectly removes blocks with the [`editor.extractSelectedHtml()`](http
s://ckeditor.com/docs/ckeditor4/latest/api/CKEDITOR_editor.html#method-
extractSelectedHtml) method after selecting all content. *
[#1306](https://github.com/ckeditor/ckeditor4/issues/1306): Fixed: The
[Font](https://ckeditor.com/cke4/addon/font) plugin creates nested HTML `<span>`
tags when reapplying the same font multiple times. *
[#3498](https://github.com/ckeditor/ckeditor4/issues/3498): Fixed: The editor
throws an error during the copy operation when a
[widget](https://ckeditor.com/cke4/addon/widget) is partially selected. *
[#2517](https://github.com/ckeditor/ckeditor4/issues/2517): [Chrome, Firefox,
Safari] Fixed: Inserting a new image when the selection partially covers an
existing [enhanced image](https://ckeditor.com/cke4/addon/image2) widget throws
an error. * [#3007](https://github.com/ckeditor/ckeditor4/issues/3007): [Chrome,
Firefox, Safari] Fixed: Cannot modify the editor content once the selection is
released over a [widget](https://ckeditor.com/cke4/addon/widget). *
[#3698](https://github.com/ckeditor/ckeditor4/issues/3698): Fixed: Cutting the
selected text when a [widget](https://ckeditor.com/cke4/addon/widget) is
partially selected merges paragraphs. API Changes: *
[#3387](https://github.com/ckeditor/ckeditor4/issues/3387): Added the [CKEDITOR.
ui.richCombo.select()](https://ckeditor.com/docs/ckeditor4/latest/api/CKEDI…
i_richCombo.html#method-select) method. *
[#3727](https://github.com/ckeditor/ckeditor4/issues/3727): Added new
`textColor` and `bgColor` commands that apply the selected color chosen by the
[Color Button](https://ckeditor.com/cke4/addon/colorbutton) plugin. *
[#3728](https://github.com/ckeditor/ckeditor4/issues/3728): Added new `font` and
`fontSize` commands that apply the selected font style chosen by the
[Font](https://ckeditor.com/cke4/addon/colorbutton) plugin. *
[#3842](https://github.com/ckeditor/ckeditor4/issues/3842): Added the [`editor.g
etSelectedRanges()`](https://ckeditor.com/docs/ckeditor4/latest/api/CKEDITO…
tor.html#method-getSelectedRanges) alias. *
[#3775](https://github.com/ckeditor/ckeditor4/issues/3775): Widget [mask](https:
//ckeditor.com/docs/ckeditor4/latest/api/CKEDITOR_plugins_widget.html#property-
mask) and [parts](https://ckeditor.com/docs/ckeditor4/latest/api/CKEDITOR_plugin
s_widget.html#property-parts) can now be refreshed dynamically via API calls.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 20 2020 Shawn Iwinski <shawn(a)iwin.ski> - 4.14.0-1
- Update to 4.14.0 (RHBZ #1810020)
- CVE-2020-9281 (RHBZ #1814825,1814826,1814827)
- CVE-2020-9440
* Tue Jan 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.13.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1814826 - CVE-2020-9281 ckeditor: XSS in the HTML Data Processor allows remote attackers to inject arbitrary web script through a crafted "protected" comment [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1814826
[ 2 ] Bug #1814827 - CVE-2020-9281 ckeditor: XSS in the HTML Data Processor allows remote attackers to inject arbitrary web script through a crafted "protected" comment [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1814827
[ 3 ] Bug #1810020 - ckeditor-4.14.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1810020
--------------------------------------------------------------------------------
================================================================================
php-theseer-autoload-1.25.9-1.el6 (FEDORA-EPEL-2020-fc3f668790)
A tool and library to generate autoload code
--------------------------------------------------------------------------------
Update Information:
**Release 1.25.9** * Merge PR
[#89](https://github.com/theseer/Autoload/pull/89): Throw an exception if the
template file cannot be read * Update ConsoleTools, Fixes
[#91](https://github.com/theseer/Autoload/issues/91) - Zeta Components
ConsoleTools uses PHP syntax deprecated in PHP 7.4
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 20 2020 Remi Collet <remi(a)remirepo.net> - 1.25.9-1
- update to 1.25.9
--------------------------------------------------------------------------------
The following Fedora EPEL 7 Security updates need testing:
Age URL
584 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d condor-8.6.11-1.el7
325 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80 python-gnupg-0.4.4-1.el7
323 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b bubblewrap-0.3.3-2.el7
33 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-fa8a2e97c6 python-waitress-1.4.3-1.el7
16 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-4fdca9429c seamonkey-2.53.1-2.el7
11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-b8f44a854a weechat-2.7.1-1.el7
11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-b467e9784b php-horde-Horde-Form-2.0.20-1.el7
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-7e106e25f9 timeshift-20.03-1.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-42d19f5f91 chromium-80.0.3987.149-1.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-33500a2742 tor-0.3.5.10-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
ckeditor-4.14.0-1.el7
java-latest-openjdk-14.0.0.36-1.rolling.el7
msgpack-3.1.0-4.el7
ocserv-1.0.0-1.el7
php-behat-mink-1.8.1-1.el7
php-behat-mink-browserkit-driver-1.3.4-2.el7
php-theseer-autoload-1.25.9-1.el7
python-colander-1.7.0-2.el7
Details about builds:
================================================================================
ckeditor-4.14.0-1.el7 (FEDORA-EPEL-2020-7c64d8ca18)
WYSIWYG text editor to be used inside web pages
--------------------------------------------------------------------------------
Update Information:
## CKEditor 4.14 **Security Updates:** *
[CVE-2020-9281](https://nvd.nist.gov/vuln/detail/CVE-2020-9281) Fixed XSS
vulnerability in the HTML data processor reported by [Micha��
Bentkowski](https://twitter.com/securitymb) of Securitum. Issue
summary: It was possible to execute XSS inside CKEditor after persuading the
victim to: (i) switch CKEditor to source mode, then (ii) paste a specially
crafted HTML code, prepared by the attacker, into the opened CKEditor source
area, and (iii) switch back to WYSIWYG mode or (i) copy the specially crafted
HTML code, prepared by the attacker and (ii) paste it into CKEditor in WYSIWYG
mode. * [CVE-2020-9440](https://nvd.nist.gov/vuln/detail/CVE-2020-9440) Fixed
XSS vulnerability in the WebSpellChecker Dialog plugin reported by [Pham Van
Khanh](https://twitter.com/rskvp93) from Viettel Cyber Security. Issue
summary: It was possible to execute XSS using CKEditor after persuading the
victim to: (i) switch CKEditor to source mode, then (ii) paste a specially
crafted HTML code, prepared by the attacker, into the opened CKEditor source
area, then (iii) switch back to WYSIWYG mode, and (iv) preview CKEditor content
outside CKEditor editable area. **An upgrade is highly recommended!** New
features: * [#2374](https://github.com/ckeditor/ckeditor4/issues/2374): Added
support for pasting rich content from LibreOffice Writer with the [Paste from
LibreOffice](https://ckeditor.com/cke4/addon/pastefromlibreoffice) plugin. *
[#2583](https://github.com/ckeditor/ckeditor4/issues/2583): Changed
[emoji](https://ckeditor.com/cke4/addon/emoji) suggestion box to show the
matched emoji name instead of an ID. *
[#3748](https://github.com/ckeditor/ckeditor4/issues/3748): Improved the [color
button](https://ckeditor.com/cke4/addon/colorbutton) state to reflect the
selected editor content colors. *
[#3661](https://github.com/ckeditor/ckeditor4/issues/3661): Improved the
[Print](https://ckeditor.com/cke4/addon/print) plugin to respect styling
rendered by the [Preview](https://ckeditor.com/cke4/addon/preview) plugin. *
[#3547](https://github.com/ckeditor/ckeditor4/issues/3547): Active
[dialog](https://ckeditor.com/cke4/addon/dialog) tab now has the `aria-
selected="true"` attribute. *
[#3441](https://github.com/ckeditor/ckeditor4/issues/3441): Improved [`widget.ge
tClipboardHtml()`](https://ckeditor.com/docs/ckeditor4/latest/api/CKEDITOR_…
ns_widget.html#method-getClipboardHtml) support for dragging and dropping
multiple [widgets](https://ckeditor.com/cke4/addon/widget). Fixed Issues: *
[#3587](https://github.com/ckeditor/ckeditor4/issues/3587): [Edge, IE] Fixed:
[Widget](https://ckeditor.com/cke4/addon/widget) with form input elements loses
focus during typing. *
[#3705](https://github.com/ckeditor/ckeditor4/issues/3705): [Safari] Fixed:
Safari incorrectly removes blocks with the [`editor.extractSelectedHtml()`](http
s://ckeditor.com/docs/ckeditor4/latest/api/CKEDITOR_editor.html#method-
extractSelectedHtml) method after selecting all content. *
[#1306](https://github.com/ckeditor/ckeditor4/issues/1306): Fixed: The
[Font](https://ckeditor.com/cke4/addon/font) plugin creates nested HTML `<span>`
tags when reapplying the same font multiple times. *
[#3498](https://github.com/ckeditor/ckeditor4/issues/3498): Fixed: The editor
throws an error during the copy operation when a
[widget](https://ckeditor.com/cke4/addon/widget) is partially selected. *
[#2517](https://github.com/ckeditor/ckeditor4/issues/2517): [Chrome, Firefox,
Safari] Fixed: Inserting a new image when the selection partially covers an
existing [enhanced image](https://ckeditor.com/cke4/addon/image2) widget throws
an error. * [#3007](https://github.com/ckeditor/ckeditor4/issues/3007): [Chrome,
Firefox, Safari] Fixed: Cannot modify the editor content once the selection is
released over a [widget](https://ckeditor.com/cke4/addon/widget). *
[#3698](https://github.com/ckeditor/ckeditor4/issues/3698): Fixed: Cutting the
selected text when a [widget](https://ckeditor.com/cke4/addon/widget) is
partially selected merges paragraphs. API Changes: *
[#3387](https://github.com/ckeditor/ckeditor4/issues/3387): Added the [CKEDITOR.
ui.richCombo.select()](https://ckeditor.com/docs/ckeditor4/latest/api/CKEDI…
i_richCombo.html#method-select) method. *
[#3727](https://github.com/ckeditor/ckeditor4/issues/3727): Added new
`textColor` and `bgColor` commands that apply the selected color chosen by the
[Color Button](https://ckeditor.com/cke4/addon/colorbutton) plugin. *
[#3728](https://github.com/ckeditor/ckeditor4/issues/3728): Added new `font` and
`fontSize` commands that apply the selected font style chosen by the
[Font](https://ckeditor.com/cke4/addon/colorbutton) plugin. *
[#3842](https://github.com/ckeditor/ckeditor4/issues/3842): Added the [`editor.g
etSelectedRanges()`](https://ckeditor.com/docs/ckeditor4/latest/api/CKEDITO…
tor.html#method-getSelectedRanges) alias. *
[#3775](https://github.com/ckeditor/ckeditor4/issues/3775): Widget [mask](https:
//ckeditor.com/docs/ckeditor4/latest/api/CKEDITOR_plugins_widget.html#property-
mask) and [parts](https://ckeditor.com/docs/ckeditor4/latest/api/CKEDITOR_plugin
s_widget.html#property-parts) can now be refreshed dynamically via API calls.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 20 2020 Shawn Iwinski <shawn(a)iwin.ski> - 4.14.0-1
- Update to 4.14.0 (RHBZ #1810020)
- CVE-2020-9281 (RHBZ #1814825,1814826,1814827)
- CVE-2020-9440
* Tue Jan 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.13.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1814826 - CVE-2020-9281 ckeditor: XSS in the HTML Data Processor allows remote attackers to inject arbitrary web script through a crafted "protected" comment [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1814826
[ 2 ] Bug #1814827 - CVE-2020-9281 ckeditor: XSS in the HTML Data Processor allows remote attackers to inject arbitrary web script through a crafted "protected" comment [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1814827
[ 3 ] Bug #1810020 - ckeditor-4.14.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1810020
--------------------------------------------------------------------------------
================================================================================
java-latest-openjdk-14.0.0.36-1.rolling.el7 (FEDORA-EPEL-2020-71b5b7bd55)
OpenJDK Runtime Environment 14
--------------------------------------------------------------------------------
Update Information:
Update to OpenJDK 14, which was released 17.03.2020. The list of features can be
found at https://jdk.java.net/14/.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 13 2020 Petra Alice Mikova <pmikova(a)redhat.com> - 1:14.0.0.36-1.rolling
- update to jdk 14+36 ga build
- removed pack200 and unpack200 binaries, slaves, manpages and libunpack.so library
- added listings for jpackage binary, manpages and added slave records to alternatives
--------------------------------------------------------------------------------
================================================================================
msgpack-3.1.0-4.el7 (FEDORA-EPEL-2020-0cb190ad4a)
Binary-based efficient object serialization library
--------------------------------------------------------------------------------
Update Information:
New release for EPEL7
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.1.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Jul 25 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.1.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Aug 22 2018 Daiki Ueno <dueno(a)redhat.com> - 3.1.0-1
- new upstream release
- cmake configuration files no longer rely on nonexistent static libraries
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu Jun 7 2018 Daiki Ueno <dueno(a)redhat.com> - 3.0.1-1
- new upstream release
* Thu Feb 8 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.4.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Sat Feb 3 2018 Igor Gnatenko <ignatenkobrain(a)fedoraproject.org> - 1.4.2-4
- Switch to %ldconfig_scriptlets
* Thu Aug 3 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.4.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.4.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Tue Feb 21 2017 Daiki Ueno <dueno(a)redhat.com> - 1.4.2-1
- new upstream release
- avoid FTBFS with GCC7
* Fri Feb 10 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.4.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1793715 - Update to a recent release
https://bugzilla.redhat.com/show_bug.cgi?id=1793715
--------------------------------------------------------------------------------
================================================================================
ocserv-1.0.0-1.el7 (FEDORA-EPEL-2020-08a306f9dd)
OpenConnect SSL VPN server
--------------------------------------------------------------------------------
Update Information:
- Update to upstream 1.0.0 release
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 20 2020 Nikos Mavrogiannopoulos <n.mavrogiannopoulos(a)gmail.com> - 1.0.0-1
- Update to upstream 1.0.0 release
--------------------------------------------------------------------------------
================================================================================
php-behat-mink-1.8.1-1.el7 (FEDORA-EPEL-2020-ce525d7280)
Browser controller/emulator abstraction for PHP
--------------------------------------------------------------------------------
Update Information:
1.8.1 / 2020-03-11 ================== Bug fixes: * Fixed the phpdoc of
`NodeElement::getValue`. This method actually returns `null` in some cases
(unchecked checkbox for instance) 1.8.0 / 2020-03-11 ================== New
features: * Auto-start the session on first call to `visit`.
`Mink::getSession()` will no longer start the session automatically. * Added
support for `symfony/css-selector` 4 and 5 Bug fixes: * Fixed the message when
reporting the deprecation of `ExpectationException::getSession()` * Fixed
support for XPath selectors using `|` inside strings or conditions rather than
as a top-level union * Fixed compatibility with PHP 7.2 not allowing to use
`count` on strings Testsuite: * Added PHP 7.1, 7.2, 7.3 and 7.4 in the CI *
Removed HHVM from CI as they stopped supporting PHP compatibility Driver
testsuite: * The driver testsuite is no longer part of this package. Use
`mink/driver-testsuite` to run driver tests instead. Misc: * Changed phpdoc
types from `Boolean` to `boolean` to be compatible with psalm type checking
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 17 2020 Shawn Iwinski <shawn(a)iwin.ski> - 1.8.1-1
- Update to 1.8.1 (RHBZ #1812690)
- Obsolete test suite sub-package
- Testsuite as source to ensure proper version/commit
- Conditionally use range dependencies
- Conditionally drop Symfony 2 interoperability
- Conditionally use PHPUnit 7
* Thu Jan 30 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.7.1-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Fri Jul 26 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.7.1-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.7.1-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.7.1-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Feb 9 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.7.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Fri Sep 22 2017 Shawn Iwinski <shawn(a)iwin.ski> - 1.7.1-5
- Fix autoloader for Symfony 3
* Thu Jul 27 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.7.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1812690 - php-behat-mink-1.8.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1812690
--------------------------------------------------------------------------------
================================================================================
php-behat-mink-browserkit-driver-1.3.4-2.el7 (FEDORA-EPEL-2020-237351e3ea)
Symfony BrowserKit driver for Mink framework
--------------------------------------------------------------------------------
Update Information:
1.3.4 / 2020-03-11 ================== BC Break: * Changed the return value for
`getValue` on a select without any options to an empty string rather than `null`
to respect the common contract between Mink drivers Bug fixes: * Changed
phpdoc types from `Boolean` to `boolean` to be compatible with psalm type
checking * Improved compatibility with the HTML5 parsing of the symfony/dom-
crawler component in 4.4+ * Removed usages of APIs deprecated in symfony/dom-
crawler 4.4 * Send the configured headers when submitting forms Testsuite: *
Removed HHVM from CI as they dropped support for PHP compatibility * Added CI on
PHP 7.2, 7.3 and 7.4 1.3.3 / 2018-05-02 ================== * Added Symfony 4.0
compatibility.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 17 2020 Shawn Iwinski <shawn(a)iwin.ski> - 1.3.4-2
- Conditional Symfony 2 or not
- Fix autoloader for PHP < 5.4
- Add test suite BuildRequires
* Tue Mar 17 2020 Shawn Iwinski <shawn(a)iwin.ski> - 1.3.4-1
- Update to 1.3.4 (RHBZ #1574132)
- Testsuite as source to ensure proper version/commit
- Conditionally use range dependencies
- Drop Symfony 2 interoperability
* Thu Jan 30 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.2-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Fri Jul 26 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.2-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.2-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Feb 9 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Thu Jul 27 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1574132 - php-behat-mink-browserkit-driver-1.3.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1574132
--------------------------------------------------------------------------------
================================================================================
php-theseer-autoload-1.25.9-1.el7 (FEDORA-EPEL-2020-b6dc3c583d)
A tool and library to generate autoload code
--------------------------------------------------------------------------------
Update Information:
**Release 1.25.9** * Merge PR
[#89](https://github.com/theseer/Autoload/pull/89): Throw an exception if the
template file cannot be read * Update ConsoleTools, Fixes
[#91](https://github.com/theseer/Autoload/issues/91) - Zeta Components
ConsoleTools uses PHP syntax deprecated in PHP 7.4
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 20 2020 Remi Collet <remi(a)remirepo.net> - 1.25.9-1
- update to 1.25.9
--------------------------------------------------------------------------------
================================================================================
python-colander-1.7.0-2.el7 (FEDORA-EPEL-2020-a105194954)
A simple schema-based serialization and deserialization library
--------------------------------------------------------------------------------
Update Information:
Add Requires for python2-iso8601. Fixes bug #1811130
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 19 2020 Kevin Fenzi <kevin(a)scrye.com> - 1.7.0-2
- Add Requires for python2-iso8601. Fixes bug #1811130
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1811130 - Colander needs to require python-iso8601
https://bugzilla.redhat.com/show_bug.cgi?id=1811130
--------------------------------------------------------------------------------
The following Fedora EPEL 7 Security updates need testing:
Age URL
583 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d condor-8.6.11-1.el7
325 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80 python-gnupg-0.4.4-1.el7
322 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b bubblewrap-0.3.3-2.el7
32 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-fa8a2e97c6 python-waitress-1.4.3-1.el7
15 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-4fdca9429c seamonkey-2.53.1-2.el7
11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-b8f44a854a weechat-2.7.1-1.el7
10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-b467e9784b php-horde-Horde-Form-2.0.20-1.el7
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-7e106e25f9 timeshift-20.03-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
chromium-80.0.3987.149-1.el7
clamav-0.102.2-4.el7
nss-mdns-0.14.1-7.el7
php-behat-gherkin-4.6.2-1.el7
tor-0.3.5.10-1.el7
Details about builds:
================================================================================
chromium-80.0.3987.149-1.el7 (FEDORA-EPEL-2020-42d19f5f91)
A WebKit (Blink) powered web browser
--------------------------------------------------------------------------------
Update Information:
Update to 80.0.3987.149. Upstream says it fixes "13" security issues, but only
lists these CVEs: * CVE-2020-6422: Use after free in WebGL * CVE-2020-6424: Use
after free in media * CVE-2020-6425: Insufficient policy enforcement in
extensions. * CVE-2020-6426: Inappropriate implementation in V8 *
CVE-2020-6427: Use after free in audio * CVE-2020-6428: Use after free in audio
* CVE-2020-6429: Use after free in audio. * CVE-2019-20503: Out of bounds read
in usersctplib. * CVE-2020-6449: Use after free in audio
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 18 2020 Tom Callaway <spot(a)fedoraproject.org> - 80.0.3987.149-1
- update to 80.0.3987.149
* Thu Feb 27 2020 Tom Callaway <spot(a)fedoraproject.org> - 80.0.3987.132-1
- update to 80.0.3987.132
- disable C++17 changes (this means f32+ will no longer build, but it segfaulted immediately)
* Thu Feb 27 2020 Tom Callaway <spot(a)fedoraproject.org> - 80.0.3987.122-1
- update to 80.0.3987.122
* Mon Feb 17 2020 Tom Callaway <spot(a)fedoraproject.org> - 80.0.3987.106-1
- update to 80.0.3987.106
* Wed Feb 5 2020 Tom Callaway <spot(a)fedoraproject.org> - 80.0.3987.87-1
- update to 80.0.3987.87
* Tue Jan 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 79.0.3945.130-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
clamav-0.102.2-4.el7 (FEDORA-EPEL-2020-c9de701438)
End-user tools for the Clam Antivirus scanner
--------------------------------------------------------------------------------
Update Information:
Quiet freshclam-sleep
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 16 2020 Orion Poplawski <orion(a)cora.nwra.com> - 0.102.2-4
- Quiet freshclam-sleep when used with proxy
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1814698 - freshclam --quiet returns proxy on stdout
https://bugzilla.redhat.com/show_bug.cgi?id=1814698
--------------------------------------------------------------------------------
================================================================================
nss-mdns-0.14.1-7.el7 (FEDORA-EPEL-2020-b03097f59d)
glibc plugin for .local name resolution
--------------------------------------------------------------------------------
Update Information:
Do not remove mdns from nsswitch.conf during upgrade
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 17 2020 Pavel B��ezina <pbrezina(a)redhat.com> - 0.14.1-7
- Do not remove mdns from nsswitch.conf during upgrade
* Wed Jan 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.14.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1811935 - mdns breaks on F31->F32 upgrade
https://bugzilla.redhat.com/show_bug.cgi?id=1811935
--------------------------------------------------------------------------------
================================================================================
php-behat-gherkin-4.6.2-1.el7 (FEDORA-EPEL-2020-1c44b92cef)
Gherkin DSL parser for PHP
--------------------------------------------------------------------------------
Update Information:
## 4.6.2 / 2020-03-17 * Fixed issues due to incorrect cache key ## 4.6.1 /
2020-02-27 * Fix AZ translations * Correctly filter features, now that the base
path is correctly set ## 4.6.0 / 2019-01-16 * Updated translations (including
'Example' as synonym for 'Scenario' in `en`) ## 4.5.1 / 2017-08-30 * Fix
regression in `PathsFilter` ## 4.5.0 / 2017-08-30 * Sync i18n with Cucumber
Gherkin * Drop support for HHVM tests on Travis * Add `TableNode::fromList()`
method (thanks @TravisCarden) * Add `ExampleNode::getOutlineTitle()` method
(thanks @duxet) * Use realpath, so the feature receives the cwd prefixed (thanks
@glennunipro) * Explicitly handle non-two-dimensional arrays in TableNode
(thanks @TravisCarden) * Fix to line/linefilter scenario runs which take
relative paths to files (thanks @generalconsensus)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 18 2020 Shawn Iwinski <shawn(a)iwin.ski> - 4.6.2-1
- Update to 4.6.2 (RHBZ #1808131)
* Tue Mar 17 2020 Shawn Iwinski <shawn(a)iwin.ski> - 4.6.1-2
- Conditional Symfony 2 or not
* Tue Mar 17 2020 Shawn Iwinski <shawn(a)iwin.ski> - 4.6.1-1
- Update to 4.6.1 (RHBZ #1808131)
- Conditionally use range dependencies
- Drop Symfony 2 interoperability
* Thu Jan 30 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.4.5-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Fri Jul 26 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.4.5-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.4.5-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.4.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Feb 9 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.4.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1808131 - php-behat-gherkin-4.6.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1808131
--------------------------------------------------------------------------------
================================================================================
tor-0.3.5.10-1.el7 (FEDORA-EPEL-2020-33500a2742)
Anonymizing overlay network for TCP
--------------------------------------------------------------------------------
Update Information:
update to latest upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 19 2019 Marcel H��rry <mh+fedora(a)scrit.ch> - 0.3.5.10-1
- update to latest upstream release
--------------------------------------------------------------------------------
Dear all,
You are kindly invited to the meeting:
EPEL Steering Committee on 2020-03-20 from 21:00:00 to 22:00:00 UTC
At freenode@fedora-meeting
The meeting will be about:
This is the weekly EPEL Steering Committee Meeting.
A general agenda is the following:
#meetingname EPEL
#topic Intros
#topic Old Business
#topic EPEL-6
#topic EPEL-7
#topic EPEL-8
#topic Openfloor
#endmeeting
Source: https://apps.fedoraproject.org/calendar/meeting/9722/
The following Fedora EPEL 7 Security updates need testing:
Age URL
582 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d condor-8.6.11-1.el7
324 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80 python-gnupg-0.4.4-1.el7
322 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b bubblewrap-0.3.3-2.el7
31 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-fa8a2e97c6 python-waitress-1.4.3-1.el7
14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-4fdca9429c seamonkey-2.53.1-2.el7
10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-b8f44a854a weechat-2.7.1-1.el7
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-b467e9784b php-horde-Horde-Form-2.0.20-1.el7
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-7e106e25f9 timeshift-20.03-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
copr-cli-1.86-1.el7
mate-themes-3.22.21-2.el7
netdata-1.20.0-1.el7
openhantek-3.0.3-1.el7
python-remoto-1.0.0-1.el7
s3fs-fuse-1.86-2.el7
Details about builds:
================================================================================
copr-cli-1.86-1.el7 (FEDORA-EPEL-2020-a26162c32d)
Command line interface for COPR
--------------------------------------------------------------------------------
Update Information:
- add script to list package build order in copr or koji - fix `copr mock-
config` to use `dnf.conf/yum.conf` automatically
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 18 2020 Pavel Raiskup <praiskup(a)redhat.com> 1.86-1
- add script to list package build order in copr or koji
- fix `copr mock-config` to use `dnf.conf/yum.conf` automatically
--------------------------------------------------------------------------------
================================================================================
mate-themes-3.22.21-2.el7 (FEDORA-EPEL-2020-5235fb73c0)
MATE Desktop themes
--------------------------------------------------------------------------------
Update Information:
- drop HIDPI commit for MATE (gtk2) in rhel7 - https://github.com/mate-
desktop/mate-themes/commit/8f56d6b - fix rhbz (#1814546)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 18 2020 Wolfgang Ulbrich <fedora(a)raveit.de> - 3.22.21-2
- fix rhbz (#1814546)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1814546 - BlueMenta window decoration broken
https://bugzilla.redhat.com/show_bug.cgi?id=1814546
--------------------------------------------------------------------------------
================================================================================
netdata-1.20.0-1.el7 (FEDORA-EPEL-2020-234f41728c)
Real-time performance monitoring
--------------------------------------------------------------------------------
Update Information:
Update from upstream
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 1 2020 Didier Fabert <didier.fabert(a)gmail.com> 1.20.0-1
- Update from upstream
* Wed Jan 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.18.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1777603 - netdata-1.20.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1777603
[ 2 ] Bug #1799682 - netdata: FTBFS in Fedora rawhide/f32
https://bugzilla.redhat.com/show_bug.cgi?id=1799682
[ 3 ] Bug #1763395 - netdata-1.18.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1763395
--------------------------------------------------------------------------------
================================================================================
openhantek-3.0.3-1.el7 (FEDORA-EPEL-2020-23babce95d)
Hantek and compatible USB digital signal oscilloscope
--------------------------------------------------------------------------------
Update Information:
Update to 3.0.3.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 18 2020 Vasiliy N. Glazov <vascom2(a)gmail.com> - 3.0.3-1
- Update to 3.0.3
--------------------------------------------------------------------------------
================================================================================
python-remoto-1.0.0-1.el7 (FEDORA-EPEL-2020-8bd7044ce4)
Execute remote commands or processes
--------------------------------------------------------------------------------
Update Information:
For unknown reasons, the EPEL7 version of python-remoto had not been built in
years, even as its specfile was updated. This update is simply a build of the
latest specfile in the epel7 branch.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 21 2019 Ken Dreyer <kdreyer(a)redhat.com> - 1.0.0-1
- Update to 1.0.0
* Wed Jan 30 2019 Ken Dreyer <kdreyer(a)redhat.com> - 0.0.35-1
- Update to 0.0.35
- Fix EPEL 7 compatibility with BR: python-execnet
* Wed Jul 18 2018 Ken Dreyer <ktdreyer(a)ktdreyer.com> 0.0.33-1
- Update to 0.0.33 (rhbz#1601652)
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.0.31-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Jul 11 2018 Ken Dreyer <ktdreyer(a)ktdreyer.com> 0.0.31-1
- Update to 0.0.31 (rhbz#1599934)
- Change obsolete python_version macro to python2_version
* Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 0.0.30-6
- Rebuilt for Python 3.7
* Wed Feb 28 2018 Iryna Shcherbina <ishcherb(a)redhat.com> - 0.0.30-5
- Update Python 2 dependency declarations to new packaging standards
(See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
* Fri Feb 9 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.0.30-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Sat Aug 19 2017 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 0.0.30-3
- Python 2 binary package renamed to python2-remoto
See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3
* Thu Jul 27 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.0.30-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Thu Jul 6 2017 Ken Dreyer <ktdreyer(a)ktdreyer.com> 0.0.30-1
- Update to 0.0.30 (rhbz#1468070)
- Vendored library is gone upstream, no need for REMOTO_NO_VENDOR
- rm Group tag
* Sat Feb 11 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.0.29-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Mon Dec 19 2016 Miro Hron��ok <mhroncok(a)redhat.com> - 0.0.29-3
- Rebuild for Python 3.6
* Tue Jul 19 2016 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.0.29-2
- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Pa…
* Tue Jun 28 2016 Ken Dreyer <ktdreyer(a)ktdreyer.com> - 0.0.29-1
- Update to remoto 0.0.29 (rhbz#1347889)
* Mon May 16 2016 Ken Dreyer <ktdreyer(a)ktdreyer.com> - 0.0.28-1
- Update to remoto 0.0.28 (rhbz#1335338)
- Update Source0 URL for pypi breakage (see
https://bitbucket.org/pypa/pypi/issues/438/backwards-compatible-un-hashed-p…)
* Thu Feb 4 2016 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.0.27-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Fri Jan 8 2016 Ken Dreyer <ktdreyer(a)ktdreyer.com> - 0.0.27-1
- Update to remoto 0.0.27 (rhbz#1296748)
- Use %license macro
- Drop unneeded %python_sitelib definition
* Tue Nov 10 2015 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.0.25-3
- Rebuilt for https://fedoraproject.org/wiki/Changes/python3.5
* Thu Jun 18 2015 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.0.25-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
s3fs-fuse-1.86-2.el7 (FEDORA-EPEL-2020-e6bada7ce3)
FUSE-based file system backed by Amazon S3
--------------------------------------------------------------------------------
Update Information:
Up to 1.84-2 mailcap was a `BuildRequire` dependency, and it was removed at that
version as the build didn't fail without it. It was not mentioned at the
instructions for [Fedora/CentOS/RHEL](https://github.com/s3fs-fuse/s3fs-
fuse/wiki/Installation-Notes#fedora--centos--rhel) and in fact it's the only
runtime dependencies together with Fuse, but unlike fuse it is not specified at
the [generic compilation instructions](https://github.com/s3fs-fuse/s3fs-
fuse/blob/master/COMPILATION.md) or the [install guide](https://github.com/s3fs-
fuse/s3fs-fuse/blob/master/INSTALL) If mailcap is not available then all files
are uploaded as as mime type "application/octet-stream" which breaks things as
using the S3 bucks to serve content using HTTP. See https://github.com/s3fs-
fuse/s3fs-fuse/issues/1217 This update fixes this problem.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 18 2020 Julio Gonzalez Gil <packages(a)juliogonzalez.es> - 1.86-2
- Add mailcap dependency removed at 1.84-2. as it is in fact a runtime
dependency to take care of mime-types on upload
https://github.com/s3fs-fuse/s3fs-fuse/issues/1217
--------------------------------------------------------------------------------