[EPEL-devel] Fedora EPEL 7 updates-testing report

[updates]

The following Fedora EPEL 7 Security updates need testing:
 Age  URL
 492  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d   
condor-8.6.11-1.el7
 233  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80   
python-gnupg-0.4.4-1.el7
 231  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b   
bubblewrap-0.3.3-2.el7
   7  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-de07c8591e   
cacti-1.2.8-1.el7 cacti-spine-1.2.8-1.el7
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-39eb4afe6e   
libuv-1.34.0-1.el7
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-936f369393   
wordpress-5.1.4-1.el7
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-b3b252ad49   
drupal7-l10n_update-2.3-1.el7
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c44b218d4a   
drupal7-webform-4.21-1.el7
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-575f933e1c   
drupal7-7.69-1.el7
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-3221ff1dea   
htmldoc-1.8.28-6.el7


The following builds have been pushed to Fedora EPEL 7 updates-testing

    chromium-79.0.3945.88-1.el7
    git-tools-2019.11-1.el7
    libwebsockets-3.2.1-1.el7
    openhantek-3.0.1-1.el7

Details about builds:


================================================================================
 chromium-79.0.3945.88-1.el7 (FEDORA-EPEL-2019-70830cf7ad)
 A WebKit (Blink) powered web browser
--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2019-13767  ----  Update to Chromium 79. Fixes the usual
giant pile of bugs and security issues. This time, the list is:  CVE-2019-13725
CVE-2019-13726 CVE-2019-13727 CVE-2019-13728 CVE-2019-13729 CVE-2019-13730
CVE-2019-13732 CVE-2019-13734 CVE-2019-13735 CVE-2019-13736 CVE-2019-13737
CVE-2019-13738 CVE-2019-13739 CVE-2019-13740 CVE-2019-13741 CVE-2019-13742
CVE-2019-13743 CVE-2019-13744 CVE-2019-13745 CVE-2019-13746 CVE-2019-13747
CVE-2019-13748 CVE-2019-13749 CVE-2019-13750 CVE-2019-13751 CVE-2019-13752
CVE-2019-13753 CVE-2019-13754 CVE-2019-13755 CVE-2019-13756 CVE-2019-13757
CVE-2019-13758 CVE-2019-13759 CVE-2019-13761 CVE-2019-13762 CVE-2019-13763
CVE-2019-13764
--------------------------------------------------------------------------------
ChangeLog:

* Tue Dec 17 2019 Tom Callaway <s...@fedoraproject.org> - 79.0.3945.88-1
- update to 79.0.3945.88
* Tue Dec 10 2019 Tom Callaway <s...@fedoraproject.org> - 79.0.3945.79-1
- update to 79.0.3945.79
* Wed Dec  4 2019 Tom Callaway <s...@fedoraproject.org> - 79.0.3945.56-2
- fix lib provides filtering
* Tue Dec  3 2019 Tom Callaway <s...@fedoraproject.org> - 79.0.3945.56-1
- update to current beta (rawhide only)
- switch to upstream patch for clock_nanosleep fix
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1784989 - CVE-2019-13767 chromium-browser: Use after free in media 
picker
        https://bugzilla.redhat.com/show_bug.cgi?id=1784989
  [ 2 ] Bug #1782007 - CVE-2019-13762 chromium-browser: Insufficient policy 
enforcement in downloads
        https://bugzilla.redhat.com/show_bug.cgi?id=1782007
  [ 3 ] Bug #1782006 - CVE-2019-13761 chromium-browser: Incorrect security UI 
in Omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1782006
  [ 4 ] Bug #1782005 - CVE-2019-13759 chromium-browser: Incorrect security UI 
in interstitials
        https://bugzilla.redhat.com/show_bug.cgi?id=1782005
  [ 5 ] Bug #1782003 - CVE-2019-13756 chromium-browser: Incorrect security UI 
in printing
        https://bugzilla.redhat.com/show_bug.cgi?id=1782003
  [ 6 ] Bug #1781999 - CVE-2019-13752 sqlite: fts3: improve shadow table 
corruption detection
        https://bugzilla.redhat.com/show_bug.cgi?id=1781999
  [ 7 ] Bug #1782002 - CVE-2019-13755 chromium-browser: Insufficient policy 
enforcement in extensions
        https://bugzilla.redhat.com/show_bug.cgi?id=1782002
  [ 8 ] Bug #1782000 - CVE-2019-13753 sqlite: fts3: incorrectly removed 
corruption check
        https://bugzilla.redhat.com/show_bug.cgi?id=1782000
  [ 9 ] Bug #1782001 - CVE-2019-13754 chromium-browser: Insufficient policy 
enforcement in extensions
        https://bugzilla.redhat.com/show_bug.cgi?id=1782001
  [ 10 ] Bug #1781998 - CVE-2019-13751 sqlite: fts3: improve detection of 
corrupted records
        https://bugzilla.redhat.com/show_bug.cgi?id=1781998
  [ 11 ] Bug #1781997 - CVE-2019-13750 sqlite: dropping of shadow tables not 
restricted in defensive mode
        https://bugzilla.redhat.com/show_bug.cgi?id=1781997
  [ 12 ] Bug #1781992 - CVE-2019-13746 chromium-browser: Insufficient policy 
enforcement in Omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1781992
  [ 13 ] Bug #1781995 - CVE-2019-13749 chromium-browser: Incorrect security UI 
in Omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1781995
  [ 14 ] Bug #1781991 - CVE-2019-13745 chromium-browser: Insufficient policy 
enforcement in audio
        https://bugzilla.redhat.com/show_bug.cgi?id=1781991
  [ 15 ] Bug #1781994 - CVE-2019-13748 chromium-browser: Insufficient policy 
enforcement in developer tools
        https://bugzilla.redhat.com/show_bug.cgi?id=1781994
  [ 16 ] Bug #1781993 - CVE-2019-13747 chromium-browser: Uninitialized Use in 
rendering
        https://bugzilla.redhat.com/show_bug.cgi?id=1781993
  [ 17 ] Bug #1781989 - CVE-2019-13742 chromium-browser: Incorrect security UI 
in Omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1781989
  [ 18 ] Bug #1781987 - CVE-2019-13740 chromium-browser: Incorrect security UI 
in sharing
        https://bugzilla.redhat.com/show_bug.cgi?id=1781987
  [ 19 ] Bug #1781990 - CVE-2019-13743 chromium-browser: Incorrect security UI 
in external protocol handling
        https://bugzilla.redhat.com/show_bug.cgi?id=1781990
  [ 20 ] Bug #1781985 - CVE-2019-13738 chromium-browser: Insufficient policy 
enforcement in navigation
        https://bugzilla.redhat.com/show_bug.cgi?id=1781985
  [ 21 ] Bug #1781988 - CVE-2019-13741 chromium-browser: Insufficient 
validation of untrusted input in Blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1781988
  [ 22 ] Bug #1781986 - CVE-2019-13739 chromium-browser: Incorrect security UI 
in Omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1781986
  [ 23 ] Bug #1781984 - CVE-2019-13737 chromium-browser: Insufficient policy 
enforcement in autocomplete
        https://bugzilla.redhat.com/show_bug.cgi?id=1781984
  [ 24 ] Bug #1781983 - CVE-2019-13736 chromium-browser: Integer overflow in 
PDFium
        https://bugzilla.redhat.com/show_bug.cgi?id=1781983
  [ 25 ] Bug #1781982 - CVE-2019-13764 chromium-browser: Type Confusion in V8
        https://bugzilla.redhat.com/show_bug.cgi?id=1781982
  [ 26 ] Bug #1781981 - CVE-2019-13735 chromium-browser: Out of bounds write in 
V8
        https://bugzilla.redhat.com/show_bug.cgi?id=1781981
  [ 27 ] Bug #1781980 - CVE-2019-13734 sqlite: fts3: improve shadow table 
corruption detection
        https://bugzilla.redhat.com/show_bug.cgi?id=1781980
  [ 28 ] Bug #1781979 - CVE-2019-13732 chromium-browser: Use after free in 
WebAudio
        https://bugzilla.redhat.com/show_bug.cgi?id=1781979
  [ 29 ] Bug #1781978 - CVE-2019-13730 chromium-browser: Type Confusion in V8
        https://bugzilla.redhat.com/show_bug.cgi?id=1781978
  [ 30 ] Bug #1781975 - CVE-2019-13727 chromium-browser: Insufficient policy 
enforcement in WebSockets
        https://bugzilla.redhat.com/show_bug.cgi?id=1781975
  [ 31 ] Bug #1781977 - CVE-2019-13729 chromium-browser: Use after free in 
WebSockets
        https://bugzilla.redhat.com/show_bug.cgi?id=1781977
  [ 32 ] Bug #1781976 - CVE-2019-13728 chromium-browser: Out of bounds write in 
V8
        https://bugzilla.redhat.com/show_bug.cgi?id=1781976
  [ 33 ] Bug #1781974 - CVE-2019-13726 chromium-browser: Heap buffer overflow 
in password manager
        https://bugzilla.redhat.com/show_bug.cgi?id=1781974
  [ 34 ] Bug #1782021 - CVE-2019-13744 chromium-browser: Insufficient policy 
enforcement in cookies
        https://bugzilla.redhat.com/show_bug.cgi?id=1782021
  [ 35 ] Bug #1782017 - CVE-2019-13758 chromium-browser: Insufficient policy 
enforcement in navigation
        https://bugzilla.redhat.com/show_bug.cgi?id=1782017
  [ 36 ] Bug #1781973 - CVE-2019-13725 chromium-browser: Use after free in 
Bluetooth
        https://bugzilla.redhat.com/show_bug.cgi?id=1781973
  [ 37 ] Bug #1782008 - CVE-2019-13763 chromium-browser: Insufficient policy 
enforcement in payments
        https://bugzilla.redhat.com/show_bug.cgi?id=1782008
  [ 38 ] Bug #1782004 - CVE-2019-13757 chromium-browser: Incorrect security UI 
in Omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1782004
--------------------------------------------------------------------------------


================================================================================
 git-tools-2019.11-1.el7 (FEDORA-EPEL-2019-6c9bd69e8c)
 Assorted git-related scripts and tools
--------------------------------------------------------------------------------
Update Information:

New upstream release 2019.11 (#1777999)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec 19 2019 Greg Bailey <gbai...@lxpro.com> - 2019.11-1
- New upstream release 2019.11 (#1777999)
- several performance improvements
- use ISO datetime format
- refactor git calls into a convenience class
- improve documentation
- add several TODO and FIXME notes as a roadmap draft
- remove outdated benchmarks
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1777999 - git-tools-2019.11 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1777999
--------------------------------------------------------------------------------


================================================================================
 libwebsockets-3.2.1-1.el7 (FEDORA-EPEL-2019-d39091e23b)
 A lightweight C library for Websockets
--------------------------------------------------------------------------------
Update Information:

Update to 3.2.1
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec 19 2019 Peter Robinson <pbrobin...@fedoraproject.org> 3.2.1-1
- Update to 3.2.1
* Mon Sep  2 2019 Peter Robinson <pbrobin...@fedoraproject.org> 3.2.0-1
- Update to 3.2.0
* Thu Jul 25 2019 Fedora Release Engineering <rel...@fedoraproject.org> - 
3.1.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sat Feb  9 2019 Peter Robinson <pbrobin...@fedoraproject.org> 3.1.0-2
- devel requires libev-devel
* Sat Feb  9 2019 Peter Robinson <pbrobin...@fedoraproject.org> 3.1.0-1
- Update to 3.1.0
- Enable new features/functionality
* Fri Feb  1 2019 Fedora Release Engineering <rel...@fedoraproject.org> - 
3.0.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 openhantek-3.0.1-1.el7 (FEDORA-EPEL-2019-d08cc0cf56)
 Hantek and compatible USB digital signal oscilloscope
--------------------------------------------------------------------------------
Update Information:

Update to 3.0.1.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec 19 2019 Vasiliy N. Glazov <vasc...@gmail.com> - 3.0.1-1
- Update to 3.0.1
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org