The following Fedora EPEL 7 Security updates need testing: Age URL 226 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d condor-8.6.11-1.el7 97 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-b43fdd19c3 vcftools-0.1.16-1.el7 34 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-f8311ec8a2 tor-0.3.5.8-1.el7 28 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-9c2c40e3df guacamole-server-1.0.0-1.el7 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-7e4233c554 mxml-3.0-1.el7 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c43166839f pdns-4.1.7-1.el7 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-a578ca80ae putty-0.71-1.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-317c9a2f81 drupal7-7.65-1.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-15679bf3f9 wordpress-5.1.1-4.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-e15d1bbc7e chromium-73.0.3683.75-2.el7 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-114610bd18 golang-googlecode-go-crypto-0-0.15.20190324gitb7391e9.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-d2c1368294 cinnamon-3.6.7-5.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
aria2-1.34.0-4.el7 bifcl-1.1-1.el7 clamav-0.101.2-1.el7 cmocka-1.1.5-1.el7 hub-2.10.1-1.el7 libcue-2.2.1-1.el7 mbedtls-2.7.10-1.el7 quilt-0.66-1.el7 resultsdb-2.2.0-1.el7 socket_wrapper-1.2.3-1.el7 suricata-4.1.3-1.el7
Details about builds:
================================================================================ aria2-1.34.0-4.el7 (FEDORA-EPEL-2019-f1efad2982) High speed download utility with resuming and segmented downloading -------------------------------------------------------------------------------- Update Information:
Fix Password leak for HTTP based authentication CVE-2019-3500 (rhbz #1663991 #1663992 #1663993) -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 27 2019 Athmane Madjoudj athmane@fedoraproject.org - 1.34.0-4 - Fix Password leak for HTTP based authentication CVE-2019-3500 (rhbz #1663991 #1663992 #1663993) * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 1.34.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Thu Jul 12 2018 Fedora Release Engineering releng@fedoraproject.org - 1.34.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Mon May 21 2018 Athmane Madjoudj athmane@fedoraproject.org - 1.34.0-1 - Update to 1.34.0 (rhbz #1580169) * Sun Feb 18 2018 Athmane Madjoudj athmane@fedoraproject.org - 1.33.1-3 - Refactor BRs * Wed Feb 7 2018 Fedora Release Engineering releng@fedoraproject.org - 1.33.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Sat Nov 18 2017 Athmane Madjoudj athmane@fedoraproject.org - 1.33.1-1 - Update to 1.33.1 (rhbz #1514761) * Wed Nov 8 2017 Athmane Madjoudj athmane@fedoraproject.org - 1.33.0-1 - Update to 1.33.0 (rhbz #1510674) * Wed Aug 2 2017 Fedora Release Engineering releng@fedoraproject.org - 1.32.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Wed Jul 26 2017 Fedora Release Engineering releng@fedoraproject.org - 1.32.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Fri May 19 2017 Athmane Madjoudj athmane@fedoraproject.org - 1.32.0-1 - Update to 1.32.0 * Mon May 15 2017 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.31.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_27_Mass_Rebuild * Fri Feb 10 2017 Fedora Release Engineering releng@fedoraproject.org - 1.31.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild * Sun Jan 22 2017 Athmane Madjoudj athmane@fedoraproject.org - 1.31.0-1 - Update to 1.31.0 * Fri Dec 16 2016 Athmane Madjoudj athmane@fedoraproject.org - 1.30.0-1 - Update o 1.30.0 * Sat Dec 3 2016 Athmane Madjoudj athmane@fedoraproject.org - 1.29.0-1 - Update to 1.29.0 * Sat Oct 29 2016 Athmane Madjoudj athmane@fedoraproject.org - 1.28.0-1 - Update to 1.28.0 * Mon Oct 3 2016 Athmane Madjoudj athmane@fedoraproject.org - 1.27.1-1 - Updat to 1.27.1 * Fri Sep 2 2016 Athmane Madjoudj athmane@fedoraproject.org - 1.26.1-1 - Update to 1.26.1 * Sat Aug 27 2016 Athmane Madjoudj athmane@fedoraproject.org - 1.26.0-1 - Update to 1.26.0 * Thu Jul 21 2016 Athmane Madjoudj athmane@fedoraproject.org - 1.25.0-1 - Update to 1.25.0 - Enable testsuite exec * Sat Jun 25 2016 Athmane Madjoudj athmane@fedoraproject.org - 1.24.0-1 - Update to 1.24.0 * Fri Jun 10 2016 Athmane Madjoudj athmane@fedoraproject.org - 1.23.0-1 - Update to 1.23.0 * Fri Apr 29 2016 Athmane Madjoudj athmane@fedoraproject.org - 1.22.0-1 - Update to 1.22.0 * Thu Mar 17 2016 Athmane Madjoudj athmane@fedoraproject.org 1.21.0-1 - Update to 1.21.0 - Remove upstreamed patch * Tue Feb 16 2016 Athmane Madjoudj athmane@fedoraproject.org 1.20.0-1 - Update to 1.20.0 - Rebase Use system wide crypto policies patch - Fix configure options * Sun Feb 14 2016 Athmane Madjoudj athmane@fedoraproject.org 1.19.3-4 - Use current ISO C++ name * Sat Feb 13 2016 Athmane Madjoudj athmane@fedoraproject.org 1.19.3-3 - Fix build issue with GCC 6.0 (RHBZ #1307327) * Wed Feb 3 2016 Fedora Release Engineering releng@fedoraproject.org - 1.19.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild * Fri Jan 22 2016 Athmane Madjoudj athmane@fedoraproject.org 1.19.3-1 - Update to 1.19.3 - Fix Source and URL since upsteam moved to Github - Rebase Use system wide crypto policies patch * Wed Jun 17 2015 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.19.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1663991 - CVE-2019-3500 aria2: Password leak for HTTP based authentication https://bugzilla.redhat.com/show_bug.cgi?id=1663991 --------------------------------------------------------------------------------
================================================================================ bifcl-1.1-1.el7 (FEDORA-EPEL-2019-523be93e51) A built-in-function (BIF) compiler/generator -------------------------------------------------------------------------------- Update Information:
Initial package -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1690634 - Review Request: bifcl - A built-in-function (BIF) compiler/generator https://bugzilla.redhat.com/show_bug.cgi?id=1690634 --------------------------------------------------------------------------------
================================================================================ clamav-0.101.2-1.el7 (FEDORA-EPEL-2019-75efbdf54f) End-user tools for the Clam Antivirus scanner -------------------------------------------------------------------------------- Update Information:
We just published two patch versions, 0.101.2 and 0.100.3. These versions address a handful of potentially high severity security issues. Please package these for your respective communities as soon as you���re able. For details, check out our blog entry: https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html -------------------------------------------------------------------------------- ChangeLog:
* Thu Mar 28 2019 S��rgio Basto sergio@serjux.com - 0.101.2-1 - Update to 0.101.2 * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 0.101.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1693011 - clamav-0.101.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1693011 --------------------------------------------------------------------------------
================================================================================ cmocka-1.1.5-1.el7 (FEDORA-EPEL-2019-02b3ac67da) An elegant unit testing framework for C with support for mock objects -------------------------------------------------------------------------------- Update Information:
Update to version 1.1.5 -------------------------------------------------------------------------------- ChangeLog:
* Thu Mar 28 2019 Andreas Schneider asn@redhat.com - 1.1.5-1 - Update to version 1.1.5 --------------------------------------------------------------------------------
================================================================================ hub-2.10.1-1.el7 (FEDORA-EPEL-2019-be1883503f) A command-line wrapper for git with github shortcuts -------------------------------------------------------------------------------- Update Information:
Update to hub 2.10.1 * Fix writing over existing cache files in hub api * Allow repository names that start with a - character * List api among custom hub commands in help -------------------------------------------------------------------------------- ChangeLog:
* Thu Mar 28 2019 Stephen Gallagher sgallagh@redhat.com - 2.10.1-1 - Update to 2.10.1 - Fix writing over existing cache files in hub api - Allow repository names that start with a - character - List api among custom hub commands in help --------------------------------------------------------------------------------
================================================================================ libcue-2.2.1-1.el7 (FEDORA-EPEL-2019-b1933c8221) Cue sheet parser library -------------------------------------------------------------------------------- Update Information:
libcue 2.2.1 ============ * cmake: Check for `__attribute__ format` * cmake: Don't check for C++ presence as libcue is C-only * cmake: Don't force SHARED when building the library libcue 2.2.0 ============ * cmake: Use GNUInstallDirs and don't hard-code install paths (PR #12) * cmake: Set RUNTIME to CMAKE_INSTALL_BINDIR (issue #13) * Fix memory corruption in cue_scanner.l (PR #15) * Use MAXINDEX instead of MAXTRACK when indexing INDEX entries * Allow for 100 INDEX entries * Replace fprintf(3) to stdout with printf(3) * pkgconfig: Use dynamic directories from GNUInstallDirs * Port 99 track fix from cuetools and add a test case -------------------------------------------------------------------------------- ChangeLog:
* Thu Mar 28 2019 Peter Lemenkov lemenkov@gmail.com - 2.2.1-1 - Ver. 2.2.1 * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 2.1.0-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Fri Jul 13 2018 Fedora Release Engineering releng@fedoraproject.org - 2.1.0-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Wed Feb 7 2018 Fedora Release Engineering releng@fedoraproject.org - 2.1.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Sat Feb 3 2018 Igor Gnatenko ignatenkobrain@fedoraproject.org - 2.1.0-5 - Switch to %ldconfig_scriptlets * Thu Aug 3 2017 Fedora Release Engineering releng@fedoraproject.org - 2.1.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Wed Jul 26 2017 Fedora Release Engineering releng@fedoraproject.org - 2.1.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1510897 - libcue-2.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1510897 --------------------------------------------------------------------------------
================================================================================ mbedtls-2.7.10-1.el7 (FEDORA-EPEL-2019-a1e54abbdd) Light-weight cryptographic and SSL/TLS library -------------------------------------------------------------------------------- Update Information:
- Update to 2.7.10 Release notes: https://tls.mbed.org/tech- updates/releases/mbedtls-2.16.1-and-2.7.10-released -------------------------------------------------------------------------------- ChangeLog:
* Thu Mar 28 2019 Morten Stevens mstevens@fedoraproject.org - 2.7.10-1 - Update to 2.7.10 --------------------------------------------------------------------------------
================================================================================ quilt-0.66-1.el7 (FEDORA-EPEL-2019-36bc7718f6) Scripts for working with series of patches -------------------------------------------------------------------------------- Update Information:
- Update to 0.66 release - Add Requires: p7zip - Add some additional BuildRequires - Modernize spec file - Remove obsolete Group tag - Remove needless use of %defattr -------------------------------------------------------------------------------- ChangeLog:
* Thu Mar 28 2019 Bj��rn Esser besser82@fedoraproject.org - 0.66-1 - Update to 0.66 release (rhbz 1693765) - Modernize spec file - Add some additional BuildRequires - Add Requires: p7zip * Sat Feb 2 2019 Fedora Release Engineering releng@fedoraproject.org - 0.65-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Sat Jul 14 2018 Fedora Release Engineering releng@fedoraproject.org - 0.65-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Fri Feb 9 2018 Fedora Release Engineering releng@fedoraproject.org - 0.65-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Thu Jul 27 2017 Fedora Release Engineering releng@fedoraproject.org - 0.65-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Sat Feb 11 2017 Fedora Release Engineering releng@fedoraproject.org - 0.65-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild * Thu Nov 17 2016 Josh Boyer jwboyer@fedoraproject.org - 0.65-1 - Update to the 0.65 release (rhbz 1393636) * Thu Feb 4 2016 Fedora Release Engineering releng@fedoraproject.org - 0.64-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild * Thu Jun 18 2015 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.64-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Tue Feb 24 2015 Josh Boyer jwboyer@fedoraproject.org - 0.64-1 - Update to the 0.64 release (rbhz 1190801) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1585864 - emails are not threaded with quilt 0.65 https://bugzilla.redhat.com/show_bug.cgi?id=1585864 [ 2 ] Bug #1693765 - quilt-0.66 is available https://bugzilla.redhat.com/show_bug.cgi?id=1693765 [ 3 ] Bug #1117429 - quilt is not in epel7 https://bugzilla.redhat.com/show_bug.cgi?id=1117429 --------------------------------------------------------------------------------
================================================================================ resultsdb-2.2.0-1.el7 (FEDORA-EPEL-2019-677ff5069b) Results store for automated tasks -------------------------------------------------------------------------------- Update Information:
- Latest endpoint: group by additional fields - specfile: Drop python 2 support - Drop support for fedmsg and replace by fedora-messaging - settings.py: use lists instead of tuples - Backport support for running resultsdb without fedora messaging -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 27 2019 Frantisek Zatloukal fzatlouk@redhat.com - 2.2.0-1 - Latest endpoint: group by additional fields - specfile: Drop python 2 support - Drop support for fedmsg and replace by fedora-messaging - settings.py: use lists instead of tuples - Backport support for running resultsdb without fedora messaging * Sat Feb 2 2019 Fedora Release Engineering releng@fedoraproject.org - 2.1.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ socket_wrapper-1.2.3-1.el7 (FEDORA-EPEL-2019-4e4b5ed088) A library passing all socket communications through Unix sockets -------------------------------------------------------------------------------- Update Information:
Update to version 1.2.3 -------------------------------------------------------------------------------- ChangeLog:
* Thu Mar 28 2019 Andreas Schneider asn@redhat.com - 1.2.3-1 - Update to version 1.2.3 --------------------------------------------------------------------------------
================================================================================ suricata-4.1.3-1.el7 (FEDORA-EPEL-2019-ca9de9479e) Intrusion Detection System -------------------------------------------------------------------------------- Update Information:
This release fixes a number of issues found in the 4.1 series. -------------------------------------------------------------------------------- ChangeLog:
* Thu Mar 7 2019 Steve Grubb sgrubb@redhat.com 4.1.3-1 - Upstream bugfix release * Sun Feb 3 2019 Fedora Release Engineering releng@fedoraproject.org - 4.1.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Fri Dec 21 2018 Jason Taylor jtfas90@gmail.com 4.1.2-1 - Upstream bugfix release - Updated source to use official download site * Thu Dec 20 2018 Steve Grubb sgrubb@redhat.com 4.1.1-4 - Adjust permissions on /run/suricata and /var/lib/suricata to group writable * Mon Dec 17 2018 Steve Grubb sgrubb@redhat.com 4.1.1-2 - Remove ragel requirement * Mon Dec 17 2018 Steve Grubb sgrubb@redhat.com 4.1.1-1 - Make log directory group readable - Allow users of the suricata group to run suricata-update - Add lz4-devel BuildRequires to support pcap compression - Update service file for systemd security protections - Upstream bugfix update * Tue Nov 20 2018 Steve Grubb sgrubb@redhat.com 4.1.0-3 - Use the upstream service and logrote files (#1330331) - Make the log directory readable by members of the suricata group (#1651394) * Wed Nov 7 2018 Steve Grubb sgrubb@redhat.com 4.1.0-2 - Add cargo BuildRequires --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org