The following Fedora EPEL 7 Security updates need testing:
Age URL
882 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
645 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f
mcollective-2.8.4-1.el7
227 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d
libbsd-0.8.3-1.el7
125 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe
mod_cluster-1.3.3-10.el7
123 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5f9a6163b4
tnef-1.4.14-1.el7
122 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7ecb12e378
python-XStatic-jquery-ui-1.12.0.1-1.el7
25 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-47be021843
heimdal-7.4.0-1.el7
24 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-a8886eb42e
cross-binutils-2.27-9.el7.1 cross-gcc-4.8.5-16.el7.1
15 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-c39b9065fa
GraphicsMagick-1.3.26-3.el7
15 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-c4e53cc90d
chicken-4.12.0-3.el7
13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-b39314b704
mingw-c-ares-1.13.0-1.el7
13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-2c3a1062a0
seamonkey-2.48-1.el7
11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-b50572c103
sscep-0.6.1-5.20160525git2052ee1.el7
10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4908d32c3c
python-dbusmock-0.11.1-6.el7
7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-017fbc40e8
supervisor-3.1.4-1.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-52b6bc17c1
globus-ftp-client-8.36-1.el7 globus-ftp-control-7.8-1.el7
globus-gass-cache-program-6.7-1.el7 globus-gass-copy-9.27-1.el7
globus-gram-client-13.19-1.el7 globus-gram-job-manager-14.36-1.el7
globus-gram-job-manager-condor-2.6-5.el7 globus-gridftp-server-12.2-1.el7
globus-gridftp-server-control-5.1-1.el7 globus-gssapi-gsi-12.17-3.el7
globus-io-11.9-1.el7 globus-net-manager-0.17-1.el7 globus-xio-5.16-1.el7
globus-xio-gsi-driver-3.11-1.el7 globus-xio-pipe-driver-3.10-1.el7
globus-xio-udt-driver-1.28-1.el7 myproxy-6.1.28-1.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-37e736147d
knot-2.5.3-2.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-94c168d702
php-horde-Horde-Core-2.30.0-1.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7d6b89ab36
php-horde-Horde-Form-2.0.18-1.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-359039e1f1
php-horde-Horde-Url-2.2.6-1.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-aebd466ffa
php-horde-horde-5.2.16-1.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-531b8ee43e
php-horde-kronolith-4.2.22-1.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-055fdcdee7
php-horde-nag-4.2.15-1.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-bad0726ae5
php-horde-turba-4.2.20-1.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-886e003d48
gsoap-2.8.16-9.el7
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-816da4b59a
ReviewBoard-2.5.14-2.el7 python-djblets-0.9.9-1.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8683c5e591
potrace-1.15-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
composer-1.4.3-1.el7
fusioninventory-agent-2.3.21-1.el7
gnome-shell-extension-freon-25-1.el7
mate-themes-3.22.13-1.el7
mock-1.4.3-1.el7
openblas-0.2.20-2.el7
php-bartlett-PHP-CompatInfo-5.0.8-1.el7
php-bartlett-php-compatinfo-db-1.23.0-1.el7
potrace-1.15-1.el7
sysusage-5.5-3.el7
Details about builds:
================================================================================
composer-1.4.3-1.el7 (FEDORA-EPEL-2017-36063cb93a)
Dependency Manager for PHP
--------------------------------------------------------------------------------
Update Information:
**Version 1.4.3** - 2017-08-06 * Fixed GitLab URLs * Fixed root package
version detection using latest git versions * Fixed inconsistencies in date
format in composer.lock when installing from source * Fixed Mercurial support
regression * Fixed exclude-from-classmap not being applied when autoloading
files for Composer plugins * Fixed exclude-from-classmap being ignored when
cwd has the wrong case on case insensitive filesystems * Fixed several other
minor issues
--------------------------------------------------------------------------------
================================================================================
fusioninventory-agent-2.3.21-1.el7 (FEDORA-EPEL-2017-fdccca0b40)
FusionInventory agent
--------------------------------------------------------------------------------
Update Information:
Last upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1477175 - fusioninventory-agent-2.3.21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1477175
--------------------------------------------------------------------------------
================================================================================
gnome-shell-extension-freon-25-1.el7 (FEDORA-EPEL-2017-0ccf6c15f4)
GNOME Shell extension to display system temperature, voltage, and fan speed
--------------------------------------------------------------------------------
Update Information:
Bump to upstream version 25, which adds German localization.
--------------------------------------------------------------------------------
================================================================================
mate-themes-3.22.13-1.el7 (FEDORA-EPEL-2017-a0cddc52c9)
MATE Desktop themes
--------------------------------------------------------------------------------
Update Information:
- update to 3.22.13 for gtk+-3.22 for rhel7.4
--------------------------------------------------------------------------------
================================================================================
mock-1.4.3-1.el7 (FEDORA-EPEL-2017-53f9c9cb51)
Builds packages inside chroots
--------------------------------------------------------------------------------
Update Information:
* --nocheck macro was not properly escaped
[[RHBZ#1473359](https://bugzilla.redhat.com/show_bug.cgi?id=1473359)]. * Use
python3 and dnf module on Fedoras to guess architecture in %post scriptlet
[[RHBZ#1462310](https://bugzilla.redhat.com/show_bug.cgi?id=1462310)]. *
enhanced detection of RHEL
[[RHBZ#1470189](https://bugzilla.redhat.com/show_bug.cgi?id=1470189)]. * scm:
define `_sourcedir` to checkout directory [[PR#98](https://github.com/rpm-
software-management/mock/pull/98)]. * Mageia Cauldron releasever is now 7
[[PR#95](https://github.com/rpm-software-management/mock/pull/95)] * Create /dev
nodes even when using nspawn
[[RHBZ#1467299](https://bugzilla.redhat.com/show_bug.cgi?id=1467299)]. *
selinux: do not try to import yum when PM is dnf
[[RHBZ#1474513](https://bugzilla.redhat.com/show_bug.cgi?id=1474513)]. * When
you have hundreds of volumes in LVM you can tell mock to wait longer using
`config_opts['plugin_conf']['lvm_root_opts']['sleep_time'] = 1`.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1473359 - mock --nocheck -r fedora-26-x86_64 <whatever>.src.rpm
consistently fails
https://bugzilla.redhat.com/show_bug.cgi?id=1473359
[ 2 ] Bug #1470189 - Mock crashes because there is no dnf
https://bugzilla.redhat.com/show_bug.cgi?id=1470189
[ 3 ] Bug #1462310 - missing default cfg on rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1462310
[ 4 ] Bug #1467299 - /dev/null dissapper for rpm scriptlet during mock build
https://bugzilla.redhat.com/show_bug.cgi?id=1467299
[ 5 ] Bug #1474513 - Using --old-chroot, selinux plugin crashes if yum is not
installed
https://bugzilla.redhat.com/show_bug.cgi?id=1474513
--------------------------------------------------------------------------------
================================================================================
openblas-0.2.20-2.el7 (FEDORA-EPEL-2017-4e3642d37a)
An optimized BLAS library based on GotoBLAS2
--------------------------------------------------------------------------------
Update Information:
Update to the newest release, including fixes to several race and locking bugs,
a newer version of LAPACK, as well as support for several more processors on the
x86_64 architecture.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1474554 - openblas-0.2.20 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1474554
--------------------------------------------------------------------------------
================================================================================
php-bartlett-PHP-CompatInfo-5.0.8-1.el7 (FEDORA-EPEL-2017-c08075c316)
Find out version and the extensions required for a piece of code to run
--------------------------------------------------------------------------------
Update Information:
**Version 5.0.8** * Fix #232 Support class constants
--------------------------------------------------------------------------------
================================================================================
php-bartlett-php-compatinfo-db-1.23.0-1.el7 (FEDORA-EPEL-2017-f3c1ab3a43)
Reference Database to be used with php-compatinfo library
--------------------------------------------------------------------------------
Update Information:
**Version 1.23.0** - 2017-07-17 * **Added** - Support to PHP 7.0.21 -
Support to PHP 5.6.31 - New `db:build:ext` command to generate a draft (json
format) of each components in one extension. - New `db:list` command to see
what are extensions supported by the database. - New
`ExtensionFactory::getExtensions()` method to retrieve all extensions
informations (status/versions) - New `db:show` command to see details of
extensions supported by the database. * **Changed** - Amqp reference
updated to version 1.9.1 (stable) - Lzf reference updated to version 1.6.6
(stable) - Redis reference updated to version 3.1.2 (stable) - Ssh2
reference updated to version 1.1 (alpha) - Stomp reference updated to
version 2.0.1 (stable) - Zip reference updated to version 1.15.1 (stable)
- DataBase `compatinfo.sqlite` is copied in same directory (<user>\.bartlett)
for both phar and non phar versions. - Console `db:backup` command did not
used anymore the system temporary folder to save DB backup files (save in same
folder as DB)
--------------------------------------------------------------------------------
================================================================================
potrace-1.15-1.el7 (FEDORA-EPEL-2017-8683c5e591)
Transform bitmaps into vector graphics
--------------------------------------------------------------------------------
Update Information:
This release consists of bugfixes and minor portability improvements. Some
potential buffer overflows and arithmetic overflows were fixed, including
CVE-2017-12067. A bug triggered by very large bitmaps has been fixed.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1477104 - CVE-2017-12067 potrace: heap-based buffer over-read in
the interpolate_cubic function [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477104
[ 2 ] Bug #1385513 - CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695
CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700
CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple
security issues [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385513
[ 3 ] Bug #1477105 - CVE-2017-12067 potrace: heap-based buffer over-read in
the interpolate_cubic function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477105
[ 4 ] Bug #1385512 - CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695
CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700
CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple
security issues [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385512
--------------------------------------------------------------------------------
================================================================================
sysusage-5.5-3.el7 (FEDORA-EPEL-2017-158cea28af)
System monitoring based on Perl, rrdtool, and sysstat
--------------------------------------------------------------------------------
Update Information:
Unretire package and upgrade to new upstream version
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
