[EPEL-devel] Fedora EPEL 7 updates-testing report

updates Wed, 16 Sep 2020 07:40:47 -0700

The following Fedora EPEL 7 Security updates need testing:
 Age  URL
 763  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d   
condor-8.6.11-1.el7
 503  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b   
bubblewrap-0.3.3-2.el7
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-49c5f31e92   
python-pip-epel-8.1.2-14.el7
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-864bc6779e   
chromium-85.0.4183.83-1.el7
  10  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-83bdeb2965   
ansible-2.9.13-1.el7
  10  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-0a324e529d   
drupal7-7.72-1.el7
   7  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-f9a066663b   
mbedtls-2.7.17-1.el7
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-25e525a9ca   
seamonkey-2.53.4-1.el7
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-918ad695f6   
proftpd-1.3.5e-10.el7
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-d968abb383   
golang-1.15.2-1.el7



The following builds have been pushed to Fedora EPEL 7 updates-testing

    IP2Location-8.0.9-9.20200916git6e49424.el7
    mock-2.6-1.el7
    mock-core-configs-33-1.el7
    nginx-1.16.1-2.el7
    perl-URI-cpan-1.007-3.el7
    python-ldap3-2.8.1-1.el7

Details about builds:


================================================================================
 IP2Location-8.0.9-9.20200916git6e49424.el7 (FEDORA-EPEL-2020-f4d76a2061)
 C library for mapping IP address to geolocation information
--------------------------------------------------------------------------------
Update Information:

subpackage data-sample: add suffix "SAMPLE" to included BIN files, fix file
permissions  ----  add patch to sync with upstream
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------


================================================================================
 mock-2.6-1.el7 (FEDORA-EPEL-2020-0996fb7a3c)
 Builds packages inside chroots
--------------------------------------------------------------------------------
Update Information:

mock  - because of the mock-filesystem change, we need to enforce upgrade of the
old mock-core-configs package - set the DNF user_agent in dnf.conf
([email protected]) - introduce mock-filesystem subpackage ([email protected]) -
add showrc plugin to record the output of rpm --showrc ([email protected]) -
document which packages we need in buildroot ([email protected]) - macros
without leading '%' like config_opts['macros']['macroname'] work fine again
(issue#605)  mock-core-cofnigs  - provide the Fedora ELN mock configuration -
some adjustments were done for the new mock-filesystem package
https://github.com/rpm-software-management/mock/wiki/Release-Notes-2.6  - the
--recurse option implies --continue - fix --chain --continue option - fail when
--continue/--recurse is used without --chain - fix _copy_config() for broken
symlinks in dst= (rhbz#1878924) - auto-download the source RPMs from web with
--rebuild - handle exceptions from command_parse() method - fail verbosely for
--chain & --resultdir combination - allow using -a|--addrepo with
/absolute/path/argument - add support for -a/--addrepo in normal --rebuild mode
- use systemd-nspawn --resolv-conf=off - create /etc/localtime as symlink even
with isolation=simple ([email protected]) - dump the reason for particular
package build fail in --chain - raise PkgError when the source RPM can not be
installed
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 15 2020 Pavel Raiskup <[email protected]> 2.6-1
- the --recurse option implies --continue
- fix --chain --continue option
- fail when --continue/--recurse is used without --chain
- fix _copy_config() for broken symlinks in dst= (rhbz#1878924)
- auto-download the source RPMs from web with --rebuild
- handle exceptions from command_parse() method
- fail verbosely for --chain & --resultdir combination
- allow using -a|--addrepo with /absolute/path/argument
- add support for -a/--addrepo in normal --rebuild mode
- use systemd-nspawn --resolv-conf=off
- create /etc/localtime as symlink even with isolation=simple 
([email protected])
- dump the reason for particular package build fail in --chain
- raise PkgError when the source RPM can not be installed
* Thu Sep  3 2020 Pavel Raiskup <[email protected]> 2.5-2
- because of the mock-filesystem change, we need to enforce upgrade
  of the old mock-core-configs package
* Thu Sep  3 2020 Pavel Raiskup <[email protected]> 2.5-1
- set the DNF user_agent in dnf.conf ([email protected])
- introduce mock-filesystem subpackage ([email protected])
- add showrc plugin to record the output of rpm --showrc ([email protected])
- document which packages we need in buildroot ([email protected])
- macros without leading '%' like config_opts['macros']['macroname'] work
  fine again (issue#605)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1857918 - RFE: --addrepo does not work with --rebuild && 
--resultdir should warn for --chain mode
        https://bugzilla.redhat.com/show_bug.cgi?id=1857918
  [ 2 ] Bug #1878924 - mock fails in _copy_config with FileNotFoundError for 
/etc/resolv.conf in some circumstances
        https://bugzilla.redhat.com/show_bug.cgi?id=1878924
--------------------------------------------------------------------------------


================================================================================
 mock-core-configs-33-1.el7 (FEDORA-EPEL-2020-0996fb7a3c)
 Mock core config files basic chroots
--------------------------------------------------------------------------------
Update Information:

mock  - because of the mock-filesystem change, we need to enforce upgrade of the
old mock-core-configs package - set the DNF user_agent in dnf.conf
([email protected]) - introduce mock-filesystem subpackage ([email protected]) -
add showrc plugin to record the output of rpm --showrc ([email protected]) -
document which packages we need in buildroot ([email protected]) - macros
without leading '%' like config_opts['macros']['macroname'] work fine again
(issue#605)  mock-core-cofnigs  - provide the Fedora ELN mock configuration -
some adjustments were done for the new mock-filesystem package
https://github.com/rpm-software-management/mock/wiki/Release-Notes-2.6  - the
--recurse option implies --continue - fix --chain --continue option - fail when
--continue/--recurse is used without --chain - fix _copy_config() for broken
symlinks in dst= (rhbz#1878924) - auto-download the source RPMs from web with
--rebuild - handle exceptions from command_parse() method - fail verbosely for
--chain & --resultdir combination - allow using -a|--addrepo with
/absolute/path/argument - add support for -a/--addrepo in normal --rebuild mode
- use systemd-nspawn --resolv-conf=off - create /etc/localtime as symlink even
with isolation=simple ([email protected]) - dump the reason for particular
package build fail in --chain - raise PkgError when the source RPM can not be
installed
--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep  3 2020 Pavel Raiskup <[email protected]> 33-1
- bump version to 33, as we already ship F33 configs
- because of the mock-filesystem change, depend on mock 2.5
* Thu Sep  3 2020 Pavel Raiskup <[email protected]> 32.8-1
- set the DNF user_agent in dnf.conf ([email protected])
- add Fedora ELN configs
- introduce mock-filesystem subpackage ([email protected])
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1857918 - RFE: --addrepo does not work with --rebuild && 
--resultdir should warn for --chain mode
        https://bugzilla.redhat.com/show_bug.cgi?id=1857918
  [ 2 ] Bug #1878924 - mock fails in _copy_config with FileNotFoundError for 
/etc/resolv.conf in some circumstances
        https://bugzilla.redhat.com/show_bug.cgi?id=1878924
--------------------------------------------------------------------------------


================================================================================
 nginx-1.16.1-2.el7 (FEDORA-EPEL-2020-0f3f88c479)
 A high performance web server and reverse proxy server
--------------------------------------------------------------------------------
Update Information:

fix 404.html location and indenting (rhbz#1409685) include patch for
CVE-2019-20372 (rhbz#1790280)
--------------------------------------------------------------------------------
ChangeLog:

* Sun Jun  7 2020 Felix Kaechele <[email protected]> - 1:1.16.1-2
- fix 404.html location and indenting (rhbz#1409685)
- include patch for CVE-2019-20372 (rhbz#1790280)
- rework patches to work with %autosetup
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1409685 - a typo for 404 handler in the default server section
        https://bugzilla.redhat.com/show_bug.cgi?id=1409685
  [ 2 ] Bug #1790280 - CVE-2019-20372 nginx: HTTP request smuggling via error 
pages in http/ngx_http_special_response.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1790280
  [ 3 ] Bug #1867261 - EPEL7 nginx package contains CVEs and it's two major 
versions behind.
        https://bugzilla.redhat.com/show_bug.cgi?id=1867261
--------------------------------------------------------------------------------


================================================================================
 perl-URI-cpan-1.007-3.el7 (FEDORA-EPEL-2020-3cdcbc56e0)
 URLs that refer to things on the CPAN
--------------------------------------------------------------------------------
Update Information:

This is the first build of perl-URI-cpan.
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1876259 - Review Request: perl-URI-cpan - URLs that refer to 
things on the CPAN
        https://bugzilla.redhat.com/show_bug.cgi?id=1876259
--------------------------------------------------------------------------------


================================================================================
 python-ldap3-2.8.1-1.el7 (FEDORA-EPEL-2020-703be62e91)
 Strictly RFC 4511 conforming LDAP V3 pure Python client
--------------------------------------------------------------------------------
Update Information:

Update to 2.8.1
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 15 2020 Avram Lubkin <[email protected]> - 2.8.1-1
- Update to 2.8.1
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/[email protected]

[EPEL-devel] Fedora EPEL 7 updates-testing report

Reply via email to