[EPEL-devel] Fedora EPEL 7 updates-testing report

Sat, 27 Apr 2019 16:38:35 -0700 

The following Fedora EPEL 7 Security updates need testing:
 Age  URL
 256  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d   
condor-8.6.11-1.el7
  63  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-f8311ec8a2   
tor-0.3.5.8-1.el7
  57  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-9c2c40e3df   
guacamole-server-1.0.0-1.el7
  37  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-317c9a2f81   
drupal7-7.65-1.el7
  31  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-d2c1368294   
cinnamon-3.6.7-5.el7
  29  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-f1efad2982   
aria2-1.34.0-4.el7
  24  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-50a6a1ddfd   
afflib-3.7.18-2.el7
  14  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-6ea040e59b   
hostapd-2.7-1.el7
  13  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-ae064347d8   
python3-jinja2-2.8.1-2.el7
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-7fc4459823   
libmediainfo-18.12-3.el7
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-f05ef50515   
php-horde-horde-5.2.21-1.el7
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-add436bec5   
php-horde-turba-4.2.24-1.el7


The following builds have been pushed to Fedora EPEL 7 updates-testing

    espresso-4.0.2-1.el7
    mozilla-https-everywhere-2019.1.31-2.el7
    perl-Net-BGP-0.16-2.el7
    php-extras-5.4.16-9.el7
    php-zstd-0.7.3-1.el7
    python36-3.6.8-1.el7
    yubikey-manager-2.1.0-3.el7

Details about builds:


================================================================================
 espresso-4.0.2-1.el7 (FEDORA-EPEL-2019-dd1687d8f1)
 Extensible Simulation Package for Research on Soft matter
--------------------------------------------------------------------------------
Update Information:

Version bump to 4.0.2
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr 24 2019 Christoph Junghans <[email protected]> - 4.0.2-1
- Version bump to 4.0.2
--------------------------------------------------------------------------------


================================================================================
 mozilla-https-everywhere-2019.1.31-2.el7 (FEDORA-EPEL-2019-b4a184cef0)
 HTTPS enforcement extension for Mozilla Firefox
--------------------------------------------------------------------------------
Update Information:

- Change "Block all unencrypted requests" language to "Encrypt all sites
eligible" - EASE mode patches for interstitial page and reload to trigger for
EASE mode - ES Lint clean up - Disable test for Chrome (will work in patch while
disabled) (included because chrome and firefox versions use a single codebase) -
Deprecate I.P.s in rulesets (Special case for DNS I.P.s) - Amend check_rules.py
fetch test to disable rules only if all rules are problematic, and comment rules
out if other rules are functional in the set - HSTS Prune and updates - Bundled
ruleset updates
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 26 2019 Russell Golden <[email protected]> - 2019.1.31-1
- Change "Block all unencrypted requests" language to "Encrypt all sites 
eligible"
- EASE mode patches for interstitial page and reload to trigger for EASE mode
- ES Lint clean up
- Disable test for Chrome (will work in patch while disabled)
 -- (packager note: Included because both versions use the same codebase)
- Deprecate I.P.s in rulesets (Special case for DNS I.P.s)
- Amend check_rules.py fetch test to disable rules only if all rules are 
problematic,
 -- and comment rules out if other rules are functional in the set
- HSTS Prune and updates
- Bundled ruleset updates
* Fri Feb  1 2019 Fedora Release Engineering <[email protected]> - 
2018.10.31-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 perl-Net-BGP-0.16-2.el7 (FEDORA-EPEL-2019-fa66ed2fed)
 Perl module for object-oriented API to the BGP protocol
--------------------------------------------------------------------------------
Update Information:

An implementation of the BGP-4 inter-domain routing protocol as Perl module. It
encapsulates all of the functionality needed to establish and maintain a BGP
peering session and exchange routing update information with the peer. It aims
to provide a simple API to the BGP protocol for the purposes of automation,
logging, monitoring, testing, and similar tasks using the power and flexibility
of Perl. The module does not implement the functionality of a RIB (Routing
Information Base) nor does it modify the kernel routing table of the host
system. However, such operations could be implemented using the API provided by
the module.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1701810 - Review Request: perl-Net-BGP - Perl module for 
object-oriented API to the BGP protocol
        https://bugzilla.redhat.com/show_bug.cgi?id=1701810
--------------------------------------------------------------------------------


================================================================================
 php-extras-5.4.16-9.el7 (FEDORA-EPEL-2019-6314c37d5a)
 Additional PHP modules from the standard PHP distribution
--------------------------------------------------------------------------------
Update Information:

* fix arm build and FTBFS
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 16 2019 Pablo Greco <[email protected]> - 5.4.16-9
- Use compat-libtidy-devel instead of libtidy
* Wed Mar  8 2017 Remi Collet <[email protected]> - 5.4.16-8
- drop 1 failed test on arm
--------------------------------------------------------------------------------


================================================================================
 php-zstd-0.7.3-1.el7 (FEDORA-EPEL-2019-81681ad69c)
 Zstd extension for PHP
--------------------------------------------------------------------------------
Update Information:

This extension allows Zstd compression.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1702726 - Review Request: php-zstd - Zstd Extension for PHP
        https://bugzilla.redhat.com/show_bug.cgi?id=1702726
--------------------------------------------------------------------------------


================================================================================
 python36-3.6.8-1.el7 (FEDORA-EPEL-2019-d28d3135da)
 Interpreter of the Python programming language
--------------------------------------------------------------------------------
Update Information:

- Latest upstream (rhbz#1688547, rhbz#1696472) - Fix for CVE-2019-5010
(rhbz#1666519, rhbz#1666523)
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 19 2019 Carl George <[email protected]> - 3.6.8-1
- Latest upstream (rhbz#1688547, rhbz#1696472)
- Fix for CVE-2019-5010 (rhbz#1666519, rhbz#1666523)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1696472 - Update to Python 3.6.8
        https://bugzilla.redhat.com/show_bug.cgi?id=1696472
  [ 2 ] Bug #1688547 - CVE-2019-9636 python36: python: Information Disclosure 
due to urlsplit improper NFKC normalization [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1688547
  [ 3 ] Bug #1666523 - CVE-2019-5010 python36: python: NULL pointer dereference 
using a specially crafted X509 certificate [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1666523
  [ 4 ] Bug #1664517 - CVE-2018-20406 python36: python: Integer overflow in 
Modules/_pickle.c allows for memory exhaustion if serializing gigabytes of data 
[epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1664517
  [ 5 ] Bug #1632093 - CVE-2018-14647 python36: python: Missing salt 
initialization in _elementtree.c module [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1632093
--------------------------------------------------------------------------------


================================================================================
 yubikey-manager-2.1.0-3.el7 (FEDORA-EPEL-2019-a14b025d8e)
 Python library and command line tool for configuring a YubiKey
--------------------------------------------------------------------------------
Update Information:

-   Add requires on setuptools -   Change requires from u2f-host to u2f-hidraw-
policy   ----  Command line tool for configuring a YubiKey.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1540774 - Update to 0.5.0, support EPEL
        https://bugzilla.redhat.com/show_bug.cgi?id=1540774
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/[email protected]

Reply via email to