[EPEL-devel] Fedora EPEL 6 updates-testing report

2019-01-17 Thread updates 
The following Fedora EPEL 6 Security updates need testing:
 Age  URL
  33  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-b7556983e8   
tomcat-7.0.92-1.el6
  29  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-a0ddb153b8   
game-music-emu-0.6.2-1.el6
  10  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-f49d74241e   
php-horde-Horde-Form-2.0.19-1.el6
   7  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-5fba945293   
gitolite3-3.6.11-1.el6
   7  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-13717fa751   
golang-1.11.4-1.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

R-3.5.2-2.el6
nagios-4.4.3-1.el6

Details about builds:



 R-3.5.2-2.el6 (FEDORA-EPEL-2019-4af4dd7943)
 A language for data analysis and graphics

Update Information:

Update R to 3.5.2, update rpy to 2.9.5, rebuild rkward.

ChangeLog:

* Tue Jan  8 2019 Tom Callaway  - 3.5.2-2
- handle pcre2 use/detection
* Mon Jan  7 2019 Tom Callaway  - 3.5.2-1
- update to 3.5.2
* Fri Dec  7 2018 Tom Callaway  - 3.5.1-2
- use absolute path in symlink for latex dir (bz1594102)




 nagios-4.4.3-1.el6 (FEDORA-EPEL-2019-17b388679b)
 Host/service/network monitoring program

Update Information:

Incorporate many fixes from Justin Paulsen  THANKS!!!  
Updates to nagios-4.4.2 which is a major update. Fixes CVE's CVE-2018-13441
CVE-2016-8641    Remove section which unset nagios Fix BZ#1568273

ChangeLog:

* Wed Jan 16 2019 Stephen Smoogen  - 4.4.3-1
- Incorporate many fixes from Justin Paulsen  THANKS!!!
- Update to 4.4.3 for CVE fixes
- BZ#1661479
- BZ#1661480
- BZ#1665200
- BZ#1665201
- BZ#1665206
- BZ#1665207
- BZ#1665209
- BZ#1665210
- Fix BZ#1666209 Add RuntimeDirectory too systemd
* Fri Nov 30 2018 Stephen Smoogen  - 4.4.2-3
- Remove systemd startup since built in works properly
- Incorporate fixes from patch14 into patch9
* Thu Nov 29 2018 Stephen Smoogen  - 4.4.2-2
- Fix init-type and initdir for systemd and sysv
* Wed Nov 28 2018 Justin Paulsen  4.4.2-1
- Bumped to version 4.4.2
- Updated patches 0001,0002,0003,0006,0009,0010,0011 to reflect upstream changes
- Updates to nagios.spec (this file) to cleanup un-needed elements and
  adjust/fix as required
- As a result of the cleanup I have added a patch 
nagios-0014-fix-resource.cfg-path.patch
* Tue Jul 24 2018 Stephen Smoogen  - 4.3.4-13
- Remove section which unset nagios Fix BZ#1568273
- Remove /etc/nagios/conf.d Fix BZ#1504306
- Change perms on dir Fix BZ#1579935
- Close BZ#1273154
- Hopefully Fix BZ#1201849
- Hopefully Fix BZ#1476238
- Hopefully Fix BZ#1494292
* Fri Jul 13 2018 Fedora Release Engineering  - 
4.3.4-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu Jun 28 2018 Jitka Plesnikova  - 4.3.4-11
- Perl 5.28 rebuild
* Thu Apr 26 2018 Stephen Smoogen  - 4.3.4-10
- Fix systemd failures due to old versioning.
* Tue Feb 20 2018 Stephen Smoogen  - 4.3.4-9
- Add buildrequires for gcc
* Thu Feb  8 2018 Fedora Release Engineering  - 
4.3.4-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

References:

  [ 1 ] Bug #1661479 - CVE-2018-18245 nagios: Stored XSS via Plugin Output 
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1661479
  [ 2 ] Bug #1661480 - CVE-2018-18245 nagios: Stored XSS via Plugin Output 
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1661480
  [ 3 ] Bug #1665200 - CVE-2018-13441 nagios: NULL pointer dereference in 
qh_help in base/query-handler.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1665200
  [ 4 ] Bug #1665201 - CVE-2018-13441 nagios: NULL pointer dereference in 
qh_help in base/query-handler.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1665201
  [ 5 ] Bug #1665206 - CVE-2018-13457 nagios: NULL pointer dereference in 
qh_echo in base/query-handler.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1665206
  [ 6 ] Bug #1665207 - CVE-2018-13457 nagios: NULL pointer dereference in 
qh_echo in base/query-handler.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1665207
  [ 7 ] Bug #1665209 - CVE-2018-13458 nagios: NULL pointer dereference in 
qh_core in base/query-handler.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1665209
  [ 8 ] Bug #1665210 - CVE-2018-13458 nagios: NULL pointer

[EPEL-devel] Fedora EPEL 7 updates-testing report

2019-01-17 Thread updates 
The following Fedora EPEL 7 Security updates need testing:
 Age  URL
 172  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-f9d6ff695a   
bibutils-6.6-1.el7 ghc-hs-bibutils-6.6.0.0-1.el7 pandoc-citeproc-0.3.0.1-4.el7
 156  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d   
condor-8.6.11-1.el7
  30  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-b6fa6cebc3   
game-music-emu-0.6.2-1.el7
  27  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-b43fdd19c3   
vcftools-0.1.16-1.el7
  14  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-6c3fb8b090   
chromium-71.0.3578.98-2.el7
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-8e5fe375cf   
php-horde-Horde-Form-2.0.19-1.el7
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-01cf520c0b   
python-django-1.11.18-1.el7
   7  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-4d365dad3c   
gitolite3-3.6.11-1.el7
   7  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-7c5121f71d   
golang-1.11.4-1.el7
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-a6100f3df6   
nodejs-6.16.0-1.el7


The following builds have been pushed to Fedora EPEL 7 updates-testing

R-3.5.2-2.el7
cacti-1.2.0-1.el7
cacti-spine-1.2.0-2.el7
htop-2.2.0-3.el7
java-openjdk-11.0.1.13-11.rolling.el7
nagios-4.4.3-1.el7
python-kubernetes-8.0.0-6.el7

Details about builds:



 R-3.5.2-2.el7 (FEDORA-EPEL-2019-5d7bdd9b62)
 A language for data analysis and graphics

Update Information:

Update R to 3.5.2, update rpy to 2.9.5, rebuild rkward.

ChangeLog:

* Tue Jan  8 2019 Tom Callaway  - 3.5.2-2
- handle pcre2 use/detection
* Mon Jan  7 2019 Tom Callaway  - 3.5.2-1
- update to 3.5.2
* Fri Dec  7 2018 Tom Callaway  - 3.5.1-2
- use absolute path in symlink for latex dir (bz1594102)




 cacti-1.2.0-1.el7 (FEDORA-EPEL-2019-17b3c81533)
 An rrd based graphing tool

Update Information:

- Rebase to 1.2.0  Release notes:
https://www.cacti.net/release_notes.php?version=1.2.0

ChangeLog:

* Thu Jan 17 2019 Morten Stevens  - 1.2.0-1
- Rebase to 1.2.0
- Multiple cross-site scripting vulnerabilities fixed in 1.2.0
- CVE-2018-20723, CVE-2018-20724, CVE-2018-20725, CVE-2018-20726 (#1667024)

References:

  [ 1 ] Bug #1667024 - CVE-2018-20723 CVE-2018-20724 CVE-2018-20725 
CVE-2018-20726 cacti: Multiple cross-site scripting vulnerabilities fixed in 
1.2.0 version [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667024




 cacti-spine-1.2.0-2.el7 (FEDORA-EPEL-2019-17b3c81533)
 Threaded poller for Cacti written in C

Update Information:

- Rebase to 1.2.0  Release notes:
https://www.cacti.net/release_notes.php?version=1.2.0

ChangeLog:

* Sun Jan  6 2019 Morten Stevens  - 1.2.0-2
- Use spine.conf as default
* Thu Jan  3 2019 Morten Stevens  - 1.2.0-1
- Update to 1.2.0

References:

  [ 1 ] Bug #1667024 - CVE-2018-20723 CVE-2018-20724 CVE-2018-20725 
CVE-2018-20726 cacti: Multiple cross-site scripting vulnerabilities fixed in 
1.2.0 version [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667024




 htop-2.2.0-3.el7 (FEDORA-EPEL-2019-daaed9cb91)
 Interactive process viewer

Update Information:

fix crash when launched with '-s' flag

ChangeLog:

* Wed Jan 16 2019 Mukundan Ragavan  - 2.2.0-3
- Fix crash when launched with "-s" flag (bug# 1666551)
* Fri Jul 13 2018 Fedora Release Engineering  - 
2.2.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

References:

  [ 1 ] Bug #1666551 - htop -s is causing segmentation fault