The following Fedora EPEL 7 Security updates need testing:
Age URL
712 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
475 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f
mcollective-2.8.4-1.el7
193 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-23fa04bf1c
redis-3.2.3-1.el7
177 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8f4ff76b3
chicken-4.11.0-3.el7
57 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d
libbsd-0.8.3-1.el7
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-0f3297a19b
nagios-4.2.4-2.el7
7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e2cea1c22d
python-cjson-1.1.0-9.el7
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-920059d2ed
mingw-wavpack-5.1.0-1.el7
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d1c56cd592
xrdp-0.9.1-3.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8e1a030633
suricata-3.2.1-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
dillo-3.0.5-1.el7
fedfind-3.5.0-1.el7
lua-sec-0.6-1.el7
lynis-2.4.2-1.el7
memkind-1.4.0-1.el7
mozilla-https-everywhere-5.2.11-1.el7
python-cached_property-1.3.0-7.el7
python-freezegun-0.1.19-1.el7
python-productmd-1.4-2.el7
qca-2.1.3-3.el7
Details about builds:
================================================================================
dillo-3.0.5-1.el7 (FEDORA-EPEL-2017-28aada4d17)
Very small and fast GUI web browser
--------------------------------------------------------------------------------
Update Information:
Initial build for 3.0.5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1238891 - dillo-3.0.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1238891
--------------------------------------------------------------------------------
================================================================================
fedfind-3.5.0-1.el7 (FEDORA-EPEL-2017-3d9caeaaae)
Fedora compose and image finder
--------------------------------------------------------------------------------
Update Information:
This update provides a new version of fedfind. The main changes are: * The
synthesized metadata for non-Pungi 4 composes has been enhanced to include a
`composeinfo` dict, and `disc_number` items in the image dicts. These changes
are necessary for `resultsdb_conventions` to work with the synthesized metadata.
* The new Cloud nightly composes are now supported. This is necessary to prevent
some of the things that react to 'compose complete' messages doing wacky stuff
when they encounter such a compose. Another change is that
`fedfind.release.get_release(url='someurl')` will no longer return generic
`Pungi4Compose` instances for URLs in unknown domains, as Patrick van Uiterwijk
suggested it may constitute a potential security problem in some use cases. If
this change causes you trouble, please report an issue or contact me and it may
be possible to restore the old behaviour as an option. On EPEL 7, there is now
a Python 3 build of the fedfind library (currently `python34-fedfind`), and the
`fedfind` CLI tool now uses the Python 3 library. The other updated packages
also gain Python 3 builds of their libraries (they are all in fedfind's
dependency chains). `freezegun` is updated to the last release in the 0.1
series, 0.1.19, which should be compatible with the previously-packaged version
(0.1.12).
--------------------------------------------------------------------------------
================================================================================
lua-sec-0.6-1.el7 (FEDORA-EPEL-2017-68b8dd001a)
Lua binding for OpenSSL library
--------------------------------------------------------------------------------
Update Information:
LuaSec 0.6 ========== * Lua 5.2 and 5.3 compatibility * Context module: -
Add ctx:checkkey() * SSL module: - Add conn:sni() and conn:getsniname() *
Context options: - Add "any" protocol ("sslv23" is deprecated) * HTTPS
module: - Using "any" protocol without SSLv2/SSLv3, by default * X509
module: - Human readable IP address - Add cert:issued() - Add
cert:pubkey() * Some bug fixes
--------------------------------------------------------------------------------
================================================================================
lynis-2.4.2-1.el7 (FEDORA-EPEL-2017-4f919b021f)
Security and system auditing tool
--------------------------------------------------------------------------------
Update Information:
Update to 2.4.2 ---- Update to 2.4.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1422705 - lynis-2.4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1422705
[ 2 ] Bug #1421133 - lynis-2.4.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1421133
--------------------------------------------------------------------------------
================================================================================
memkind-1.4.0-1.el7 (FEDORA-EPEL-2017-7fbfa72534)
User Extensible Heap Manager
--------------------------------------------------------------------------------
Update Information:
Update memkind source file to 1.4.0 upstream
--------------------------------------------------------------------------------
================================================================================
mozilla-https-everywhere-5.2.11-1.el7 (FEDORA-EPEL-2017-e56795d6b0)
HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey
--------------------------------------------------------------------------------
Update Information:
Apparently not all moving companies know that if you want the seat for your
recliner, you probably want the back of the chair, too.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1400517 - mozilla-https-everywhere-5.2.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1400517
--------------------------------------------------------------------------------
================================================================================
python-cached_property-1.3.0-7.el7 (FEDORA-EPEL-2017-3d9caeaaae)
A cached-property for decorating methods in Python classes
--------------------------------------------------------------------------------
Update Information:
This update provides a new version of fedfind. The main changes are: * The
synthesized metadata for non-Pungi 4 composes has been enhanced to include a
`composeinfo` dict, and `disc_number` items in the image dicts. These changes
are necessary for `resultsdb_conventions` to work with the synthesized metadata.
* The new Cloud nightly composes are now supported. This is necessary to prevent
some of the things that react to 'compose complete' messages doing wacky stuff
when they encounter such a compose. Another change is that
`fedfind.release.get_release(url='someurl')` will no longer return generic
`Pungi4Compose` instances for URLs in unknown domains, as Patrick van Uiterwijk
suggested it may constitute a potential security problem in some use cases. If
this change causes you trouble, please report an issue or contact me and it may
be possible to restore the old behaviour as an option. On EPEL 7, there is now
a Python 3 build of the fedfind library (currently `python34-fedfind`), and the
`fedfind` CLI tool now uses the Python 3 library. The other updated packages
also gain Python 3 builds of their libraries (they are all in fedfind's
dependency chains). `freezegun` is updated to the last release in the 0.1
series, 0.1.19, which should be compatible with the previously-packaged version
(0.1.12).
--------------------------------------------------------------------------------
================================================================================
python-freezegun-0.1.19-1.el7 (FEDORA-EPEL-2017-3d9caeaaae)
Let your Python tests travel through time
--------------------------------------------------------------------------------
Update Information:
This update provides a new version of fedfind. The main changes are: * The
synthesized metadata for non-Pungi 4 composes has been enhanced to include a
`composeinfo` dict, and `disc_number` items in the image dicts. These changes
are necessary for `resultsdb_conventions` to work with the synthesized metadata.
* The new Cloud nightly composes are now supported. This is necessary to prevent
some of the things that react to 'compose complete' messages doing wacky stuff
when they encounter such a compose. Another change is that
`fedfind.release.get_release(url='someurl')` will no longer return generic
`Pungi4Compose` instances for URLs in unknown domains, as Patrick van Uiterwijk
suggested it may constitute a potential security problem in some use cases. If
this change causes you trouble, please report an issue or contact me and it may
be possible to restore the old behaviour as an option. On EPEL 7, there is now
a Python 3 build of the fedfind library (currently `python34-fedfind`), and the
`fedfind` CLI tool now uses the Python 3 library. The other updated packages
also gain Python 3 builds of their libraries (they are all in fedfind's
dependency chains). `freezegun` is updated to the last release in the 0.1
series, 0.1.19, which should be compatible with the previously-packaged version
(0.1.12).
--------------------------------------------------------------------------------
================================================================================
python-productmd-1.4-2.el7 (FEDORA-EPEL-2017-3d9caeaaae)
Library providing parsers for metadata related to OS installation
--------------------------------------------------------------------------------
Update Information:
This update provides a new version of fedfind. The main changes are: * The
synthesized metadata for non-Pungi 4 composes has been enhanced to include a
`composeinfo` dict, and `disc_number` items in the image dicts. These changes
are necessary for `resultsdb_conventions` to work with the synthesized metadata.
* The new Cloud nightly composes are now supported. This is necessary to prevent
some of the things that react to 'compose complete' messages doing wacky stuff
when they encounter such a compose. Another change is that
`fedfind.release.get_release(url='someurl')` will no longer return generic
`Pungi4Compose` instances for URLs in unknown domains, as Patrick van Uiterwijk
suggested it may constitute a potential security problem in some use cases. If
this change causes you trouble, please report an issue or contact me and it may
be possible to restore the old behaviour as an option. On EPEL 7, there is now
a Python 3 build of the fedfind library (currently `python34-fedfind`), and the
`fedfind` CLI tool now uses the Python 3 library. The other updated packages
also gain Python 3 builds of their libraries (they are all in fedfind's
dependency chains). `freezegun` is updated to the last release in the 0.1
series, 0.1.19, which should be compatible with the previously-packaged version
(0.1.12).
--------------------------------------------------------------------------------
================================================================================
qca-2.1.3-3.el7 (FEDORA-EPEL-2017-48055c07a6)
Qt Cryptographic Architecture
--------------------------------------------------------------------------------
Update Information:
Introduce qca-qt5 to epel
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1419662 - Update to 2.1.3
https://bugzilla.redhat.com/show_bug.cgi?id=1419662
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
