Fedora EPEL 6 updates-testing report
by updates@fedoraproject.org
The following Fedora EPEL 6 Security updates need testing:
Age URL
25 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-5aca1d385d remctl-3.14-1.el6
23 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-dd6e4a3f0b python34-3.4.8-1.el6
12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-e3b98be78a qpdf-5.1.1-6.el6
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-db4f42f11d drupal7-7.59-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
auter-0.11-5.el6
xrootd-4.8.3-1.el6
Details about builds:
================================================================================
auter-0.11-5.el6 (FEDORA-EPEL-2018-d35cc24556)
Prepare and apply updates
--------------------------------------------------------------------------------
Update Information:
Hotfix for the AUTOREBOOT issue
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
xrootd-4.8.3-1.el6 (FEDORA-EPEL-2018-8bf5d1f8de)
Extended ROOT file server
--------------------------------------------------------------------------------
Update Information:
## Release Notes ### Version 4.8.3 #### Major bug fixes * **[XrdCl]** Release
SIDs on PostMaster::Send() failure.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 3 2018 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 1:4.8.3-1
- Update to version 4.8.3
- Drop patch xrootd-fix-compiling-errors.patch (accepted upstream)
--------------------------------------------------------------------------------
5 years, 11 months
Fedora EPEL 7 updates-testing report
by updates@fedoraproject.org
The following Fedora EPEL 7 Security updates need testing:
Age URL
25 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-2c81054303 remctl-3.14-1.el7
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-cae67a6aed knot-resolver-2.3.0-1.el7
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-e4a3d0e9ef drupal7-7.59-1.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-996cb2153b quassel-0.12.5-1.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-5ae7f0e7c7 python-pygit2-0.26.4-1.el7 libgit2-0.26.3-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
auter-0.11-5.el7
boinc-client-7.10.2-1.el7
certbot-0.24.0-1.el7
freshmaker-0.1.0-1.el7
python-acme-0.24.0-1.el7
python-certbot-apache-0.24.0-2.el7
python-certbot-dns-cloudflare-0.24.0-1.el7
python-certbot-dns-cloudxns-0.24.0-1.el7
python-certbot-dns-digitalocean-0.24.0-1.el7
python-certbot-dns-dnsimple-0.24.0-1.el7
python-certbot-dns-dnsmadeeasy-0.24.0-1.el7
python-certbot-dns-google-0.24.0-1.el7
python-certbot-dns-luadns-0.24.0-1.el7
python-certbot-dns-nsone-0.24.0-1.el7
python-certbot-dns-rfc2136-0.24.0-1.el7
python-certbot-dns-route53-0.24.0-1.el7
python-certbot-nginx-0.24.0-1.el7
roundcubemail-1.1.12-2.el7
xrootd-4.8.3-1.el7
znc-1.7.0-1.el7
Details about builds:
================================================================================
auter-0.11-5.el7 (FEDORA-EPEL-2018-f291298b3e)
Prepare and apply updates
--------------------------------------------------------------------------------
Update Information:
Hotfix for the AUTOREBOOT issue
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
boinc-client-7.10.2-1.el7 (FEDORA-EPEL-2018-6dea3098fa)
The BOINC client
--------------------------------------------------------------------------------
Update Information:
New upstream version.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 2 2018 Laurence Field <laurence.field(a)cern.ch> - 7.10.2-1
- New BONC client version 7.10.2
* Wed Apr 25 2018 Laurence Field <laurence.field(a)cern.ch> - 7.10.1-1
- New BONC client version 7.10.1
* Fri Mar 9 2018 Laurence Field <laurence.field(a)cern.ch> - 7.9.3-1
- New BONC client version 7.9.3
* Fri Feb 23 2018 Germano Massullo <germano.massullo(a)gmail.com> - 7.9.2-3
- added macros to use mariadb-connector-c instead of mysql-* only for Fedora > 26
* Mon Feb 19 2018 Germano Massullo <germano.massullo(a)gmail.com> - 7.9.2-2
- Use mariadb-connector-c instead of mysql-libs or mariadb-libs. See bugreport #1494241
* Mon Feb 19 2018 Laurence Field <laurence.field(a)cern.ch> - 7.9.2-1
- New BONC client version 7.9.2
* Wed Feb 7 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 7.8.4-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Fri Feb 2 2018 Germano Massullo <germano.massullo(a)gmail.com> - 7.8.4-4
- systemd unit file: changed from Type=forking to Type=simple and removed --daemon --start_delay 1 from ExecStart
* Mon Jan 15 2018 Germano Massullo <germano.massullo(a)gmail.com> - 7.8.4-3
- Removed obsolete %defattr(-,root,root)
* Sun Jan 7 2018 Igor Gnatenko <ignatenkobrain(a)fedoraproject.org> - 7.8.4-2
- Remove obsolete scriptlets
--------------------------------------------------------------------------------
================================================================================
certbot-0.24.0-1.el7 (FEDORA-EPEL-2018-035c58a78e)
A free, automated certificate authority client
--------------------------------------------------------------------------------
Update Information:
Update to 0.24.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 2 2018 Eli Young <elyscape(a)gmail.com> - 0.24.0-1
- Update to 0.24.0 (#1574140)
- Remove unnecessary patches
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1574140 - certbot-0.24.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1574140
--------------------------------------------------------------------------------
================================================================================
freshmaker-0.1.0-1.el7 (FEDORA-EPEL-2018-f412f44514)
Freshmaker is a service scheduling rebuilds of artifacts as new content becomes available.
--------------------------------------------------------------------------------
Update Information:
update to new version 0.1.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 2 2018 Jan Kaluza <jkaluza(a)redhat.com> - 0.1.0-1
- new version 0.1.0
--------------------------------------------------------------------------------
================================================================================
python-acme-0.24.0-1.el7 (FEDORA-EPEL-2018-a2a9241c02)
Python library for the ACME protocol
--------------------------------------------------------------------------------
Update Information:
Update to 0.24.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 2 2018 Eli Young <elyscape(a)gmail.com> - 0.24.0-1
- Update to 0.24.0 (#1574138)
- Remove unnecessary build dependencies and patches
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1574138 - python-acme-0.24.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1574138
--------------------------------------------------------------------------------
================================================================================
python-certbot-apache-0.24.0-2.el7 (FEDORA-EPEL-2018-d8245c3e72)
The apache plugin for certbot
--------------------------------------------------------------------------------
Update Information:
Update to 0.24.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 2 2018 Eli Young <elyscape(a)gmail.com> - 0.24.0-2
- Remove unnecessary patch
* Wed May 2 2018 Eli Young <elyscape(a)gmail.com> - 0.24.0-1
- Update to 0.24.0 (#1574151)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1574151 - python-certbot-apache-0.24.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1574151
--------------------------------------------------------------------------------
================================================================================
python-certbot-dns-cloudflare-0.24.0-1.el7 (FEDORA-EPEL-2018-fed5fc6e86)
Cloudflare DNS Authenticator plugin for Certbot
--------------------------------------------------------------------------------
Update Information:
Update to 0.24.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 2 2018 Eli Young <elyscape(a)gmail.com> - 0.24.0-1
- Update to 0.24.0 (#1574139)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1574139 - python-certbot-dns-cloudflare-0.24.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1574139
--------------------------------------------------------------------------------
================================================================================
python-certbot-dns-cloudxns-0.24.0-1.el7 (FEDORA-EPEL-2018-266946fa47)
CloudXNS DNS Authenticator plugin for Certbot
--------------------------------------------------------------------------------
Update Information:
Update to 0.24.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 2 2018 Eli Young <elyscape(a)gmail.com> - 0.24.0-1
- Update to 0.24.0 (#1574142)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1574142 - python-certbot-dns-cloudxns-0.24.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1574142
--------------------------------------------------------------------------------
================================================================================
python-certbot-dns-digitalocean-0.24.0-1.el7 (FEDORA-EPEL-2018-4ba2368492)
DigitalOcean DNS Authenticator plugin for Certbot
--------------------------------------------------------------------------------
Update Information:
Update to 0.24.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 2 2018 Eli Young <elyscape(a)gmail.com> - 0.24.0-1
- Update to 0.24.0 (#1574141)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1574141 - python-certbot-dns-digitalocean-0.24.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1574141
--------------------------------------------------------------------------------
================================================================================
python-certbot-dns-dnsimple-0.24.0-1.el7 (FEDORA-EPEL-2018-384a4c08a0)
DNSimple DNS Authenticator plugin for Certbot
--------------------------------------------------------------------------------
Update Information:
Update to 0.24.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 2 2018 Eli Young <elyscape(a)gmail.com> - 0.24.0-1
- Update to 0.24.0 (#1574145)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1574145 - python-certbot-dns-dnsimple-0.24.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1574145
--------------------------------------------------------------------------------
================================================================================
python-certbot-dns-dnsmadeeasy-0.24.0-1.el7 (FEDORA-EPEL-2018-ce065518a9)
DNS Made Easy DNS Authenticator plugin for Certbot
--------------------------------------------------------------------------------
Update Information:
Update to 0.24.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 2 2018 Eli Young <elyscape(a)gmail.com> - 0.24.0-1
- Update to 0.24.0 (#1574144)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1574144 - python-certbot-dns-dnsmadeeasy-0.24.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1574144
--------------------------------------------------------------------------------
================================================================================
python-certbot-dns-google-0.24.0-1.el7 (FEDORA-EPEL-2018-ec7720f479)
Google Cloud DNS Authenticator plugin for Certbot
--------------------------------------------------------------------------------
Update Information:
Update to 0.24.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 2 2018 Eli Young <elyscape(a)gmail.com> - 0.24.0-1
- Update to 0.24.0 (#1574143)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1574143 - python-certbot-dns-google-0.24.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1574143
--------------------------------------------------------------------------------
================================================================================
python-certbot-dns-luadns-0.24.0-1.el7 (FEDORA-EPEL-2018-4be20800c3)
LuaDNS Authenticator plugin for Certbot
--------------------------------------------------------------------------------
Update Information:
Update to 0.24.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 2 2018 Eli Young <elyscape(a)gmail.com> - 0.24.0-1
- Update to 0.24.0 (#1574148)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1574148 - python-certbot-dns-luadns-0.24.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1574148
--------------------------------------------------------------------------------
================================================================================
python-certbot-dns-nsone-0.24.0-1.el7 (FEDORA-EPEL-2018-726d3ed745)
NS1 DNS Authenticator plugin for Certbot
--------------------------------------------------------------------------------
Update Information:
Update to 0.24.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 2 2018 Eli Young <elyscape(a)gmail.com> - 0.24.0-1
- Update to 0.24.0 (#1574147)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1574147 - python-certbot-dns-nsone-0.24.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1574147
--------------------------------------------------------------------------------
================================================================================
python-certbot-dns-rfc2136-0.24.0-1.el7 (FEDORA-EPEL-2018-abfc3e464a)
RFC 2136 DNS Authenticator plugin for Certbot
--------------------------------------------------------------------------------
Update Information:
Update to 0.24.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 2 2018 Eli Young <elyscape(a)gmail.com> - 0.24.0-1
- Update to 0.24.0 (#1574146)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1574146 - python-certbot-dns-rfc2136-0.24.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1574146
--------------------------------------------------------------------------------
================================================================================
python-certbot-dns-route53-0.24.0-1.el7 (FEDORA-EPEL-2018-20c35824fc)
Route53 DNS Authenticator plugin for Certbot
--------------------------------------------------------------------------------
Update Information:
Update to 0.24.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 2 2018 Eli Young <elyscape(a)gmail.com> - 0.24.0-1
- Update to 0.24.0 (#1574149)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1574149 - python-certbot-dns-route53-0.24.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1574149
--------------------------------------------------------------------------------
================================================================================
python-certbot-nginx-0.24.0-1.el7 (FEDORA-EPEL-2018-e75bb9df21)
The nginx plugin for certbot
--------------------------------------------------------------------------------
Update Information:
Update to 0.24.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 2 2018 Eli Young <elyscape(a)gmail.com> - 0.24.0-1
- Update to 0.24.0 (#1574150)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1574150 - python-certbot-nginx-0.24.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1574150
--------------------------------------------------------------------------------
================================================================================
roundcubemail-1.1.12-2.el7 (FEDORA-EPEL-2018-ce811a54c9)
Round Cube Webmail is a browser-based multilingual IMAP client
--------------------------------------------------------------------------------
Update Information:
**Version 1.1.12** This is a follow-up to the recent security update for the
stable version 1.1. It fixes a regression that sneaked in with the IMAP command
injection protection which unintentionally disabled actions that operate on all
selected messages (e.g. mark all as junk). We recommend to update all
productive installations of Roundcube 1.1.11. Please do backup your data before
updating! CHANGELOG * Fix regression where IMAP commands with '*' uidset
argument wasn't working ---- **Version 1.1.11** This is a security update to
the stable version 1.1. It fixes a recently reported vulnerability allowing IMAP
command injection via a GET parameters. More details about this are published
under CVE-2018-9846. The second fix is about a missed remote content blocking
on HTML messages with specially crafted image and style tags. We strongly
recommend to update all productive installations of Roundcube 1.1.x. Please do
backup your data before updating! CHANGELOG * Don't ignore (global)
userlogins/sendmail logs in per_user_logging mode * Fix security issue in
remote content blocking on HTML image and style tags (#6178) * Fix
check_request() bypass in places using get_uids() [CVE-2018-9846] (#6238) *
Fix possible IMAP command injection vulnerability [CVE-2018-9846] (#6229)
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 3 2018 Remi Collet <remi(a)remirepo.net> - 1.1.12.2
- rename README.rpm -> README-rpm.txt, fix #1449517
* Wed May 2 2018 Remi Collet <remi(a)remirepo.net> - 1.1.12.1
- update to 1.1.12
* Thu Apr 19 2018 Remi Collet <remi(a)remirepo.net> - 1.1.11.1
- update to 1.1.11
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1566744 - CVE-2018-9846 roundcubemail: MX injection in archive.php [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1566744
[ 2 ] Bug #1449517 - README.rpm is bad name for readme file
https://bugzilla.redhat.com/show_bug.cgi?id=1449517
--------------------------------------------------------------------------------
================================================================================
xrootd-4.8.3-1.el7 (FEDORA-EPEL-2018-484cbdbb17)
Extended ROOT file server
--------------------------------------------------------------------------------
Update Information:
## Release Notes ### Version 4.8.3 #### Major bug fixes * **[XrdCl]** Release
SIDs on PostMaster::Send() failure.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 3 2018 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 1:4.8.3-1
- Update to version 4.8.3
- Drop patch xrootd-fix-compiling-errors.patch (accepted upstream)
--------------------------------------------------------------------------------
================================================================================
znc-1.7.0-1.el7 (FEDORA-EPEL-2018-954bacc71d)
An advanced IRC bouncer
--------------------------------------------------------------------------------
Update Information:
Update to 1.7.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 2 2018 Nick Bebout <nb(a)usi.edu> - 1.7.0-1
- Update to 1.7.0
* Mon Apr 30 2018 Pete Walter <pwalter(a)fedoraproject.org> - 1.6.6-2
- Rebuild for ICU 61.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1574119 - znc-1.7.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1574119
--------------------------------------------------------------------------------
5 years, 11 months
Fedora EPEL 7 updates-testing report
by updates@fedoraproject.org
The following Fedora EPEL 7 Security updates need testing:
Age URL
24 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-2c81054303 remctl-3.14-1.el7
13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-4d3c4577da gsoap-2.8.16-10.el7
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-cae67a6aed knot-resolver-2.3.0-1.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-e4a3d0e9ef drupal7-7.59-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
libgit2-0.26.3-1.el7
mock-core-configs-28.4-1.el7
python-neomodel-3.2.8-1.el7
python-pygit2-0.26.4-1.el7
quassel-0.12.5-1.el7
roundcubemail-1.1.12-1.el7
Details about builds:
================================================================================
libgit2-0.26.3-1.el7 (FEDORA-EPEL-2018-5ae7f0e7c7)
C implementation of the Git core methods as a library with a solid API
--------------------------------------------------------------------------------
Update Information:
Update to libgit2 0.26.3, fixing CVE-2018-8099 CVE-2018-8098. Update to python-
pygit2 0.26.4.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 30 2018 Pete Walter <pwalter(a)fedoraproject.org> - 0.26.3-1
- Update to 0.26.3
- Include previous ABI version for temporary binary compatibility
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1469187 - 0013533: pygit2/libgit2 incorrect results while diff'ing 2 commits
https://bugzilla.redhat.com/show_bug.cgi?id=1469187
[ 2 ] Bug #1554367 - CVE-2018-8099 CVE-2018-8098 libgit2: denial of service (DoS) via crafted repository index files [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1554367
--------------------------------------------------------------------------------
================================================================================
mock-core-configs-28.4-1.el7 (FEDORA-EPEL-2018-949d4b69db)
Mock core config files basic chroots
--------------------------------------------------------------------------------
Update Information:
- Add initial openSUSE distribution targets - provide fedora-29 configs as
symlinks to fedora-rawhide - use correct url for local repos for s390x for F27+
[RHBZ#1553678] - add CentOS SCL repositories to EPEL 7 (aarch64 & ppc64le)
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 2 2018 Miroslav Such�� <msuchy(a)redhat.com> 28.4-1
- requires distribution-gpg-keys with opensuse keys
- Add initial openSUSE distribution targets (ngompa13(a)gmail.com)
- provide fedora-29 configs as symlinks to fedora-rawhide
- use cp instead of install to preserve symlinks
- use correct url for local repos for s390x for F27+ [RHBZ#1553678]
- add CentOS SCL repositories to EPEL 7 (aarch64 & ppc64le)
(tmz(a)pobox.com)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1553678 - mock: Incorrect local repository for fedora-rawhide-s390x
https://bugzilla.redhat.com/show_bug.cgi?id=1553678
--------------------------------------------------------------------------------
================================================================================
python-neomodel-3.2.8-1.el7 (FEDORA-EPEL-2018-67638c285f)
A Python OGM for Neo4j
--------------------------------------------------------------------------------
Update Information:
Update to v3.2.8 ---- Updated to 3.2.7
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
python-pygit2-0.26.4-1.el7 (FEDORA-EPEL-2018-5ae7f0e7c7)
Python bindings for libgit2
--------------------------------------------------------------------------------
Update Information:
Update to libgit2 0.26.3, fixing CVE-2018-8099 CVE-2018-8098. Update to python-
pygit2 0.26.4.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 26 2018 Pete Walter <pwalter(a)fedoraproject.org> - 0.26.4-1
- Update to 0.26.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1469187 - 0013533: pygit2/libgit2 incorrect results while diff'ing 2 commits
https://bugzilla.redhat.com/show_bug.cgi?id=1469187
[ 2 ] Bug #1554367 - CVE-2018-8099 CVE-2018-8098 libgit2: denial of service (DoS) via crafted repository index files [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1554367
--------------------------------------------------------------------------------
================================================================================
quassel-0.12.5-1.el7 (FEDORA-EPEL-2018-996cb2153b)
A modern distributed IRC system
--------------------------------------------------------------------------------
Update Information:
Security update to 0.12.5
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 1 2018 Christian Dersch <lupinix(a)mailbox.org> - 0.12.5-1
- new version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1573320 - quassel: multiple vulnerabilities fixed in 0.12.5 [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1573320
--------------------------------------------------------------------------------
================================================================================
roundcubemail-1.1.12-1.el7 (FEDORA-EPEL-2018-ce811a54c9)
Round Cube Webmail is a browser-based multilingual IMAP client
--------------------------------------------------------------------------------
Update Information:
**Version 1.1.12** This is a follow-up to the recent security update for the
stable version 1.1. It fixes a regression that sneaked in with the IMAP command
injection protection which unintentionally disabled actions that operate on all
selected messages (e.g. mark all as junk). We recommend to update all
productive installations of Roundcube 1.1.11. Please do backup your data before
updating! CHANGELOG * Fix regression where IMAP commands with '*' uidset
argument wasn't working ---- **Version 1.1.11** This is a security update to
the stable version 1.1. It fixes a recently reported vulnerability allowing IMAP
command injection via a GET parameters. More details about this are published
under CVE-2018-9846. The second fix is about a missed remote content blocking
on HTML messages with specially crafted image and style tags. We strongly
recommend to update all productive installations of Roundcube 1.1.x. Please do
backup your data before updating! CHANGELOG * Don't ignore (global)
userlogins/sendmail logs in per_user_logging mode * Fix security issue in
remote content blocking on HTML image and style tags (#6178) * Fix
check_request() bypass in places using get_uids() [CVE-2018-9846] (#6238) *
Fix possible IMAP command injection vulnerability [CVE-2018-9846] (#6229)
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 2 2018 Remi Collet <remi(a)remirepo.net> - 1.1.12.1
- update to 1.1.12
* Thu Apr 19 2018 Remi Collet <remi(a)remirepo.net> - 1.1.11.1
- update to 1.1.11
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1566744 - CVE-2018-9846 roundcubemail: MX injection in archive.php [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1566744
--------------------------------------------------------------------------------
5 years, 12 months
updating condor
by Mátyás Selmeci
Hi folks,
The versions of condor in EPEL 6 (8.4.3) and 7 (8.3.8) are out of date
and no longer supported by upstream. The current release is 8.6.10.
Most configurations should work fine without changes between the two
versions. However, there are some admin-visible changes, most notably
enabling use of cgroups by default, and listening on a single port
instead of a port range. There are also some changes to the default
output of the command-line tools.
Are these changes considered too disruptive for EPEL stable?
Thanks,
-Mat
--
Mátyás (Mat) Selmeci
Open Science Grid Software Team / Center for High-Throughput Computing
University of Wisconsin-Madison Department of Computer Sciences
5 years, 12 months
Ansible execution errors
by Tom diehl
Hi,
I upgraded my ansible control machine to to the latest centos-7-cr and
ansible-2.5.2-1.el7.noarch from epel. The latest yum update installed
python-urllib3-1.10.2-5.el7.noarch.
When I run ansible I am getting the following errors:
/usr/lib/python2.7/site-packages/requests/__init__.py:80: RequestsDependencyWarning: urllib3 (1.10.2) or chardet (3.0.4) doesn't match a supported version!
RequestsDependencyWarning)
/usr/lib/python2.7/site-packages/requests/__init__.py:80: RequestsDependencyWarning: urllib3 (1.10.2) or chardet (3.0.4) doesn't match a supported version!
RequestsDependencyWarning)
/usr/lib/python2.7/site-packages/requests/__init__.py:80: RequestsDependencyWarning: urllib3 (1.10.2) or chardet (3.0.4) doesn't match a supported version!
RequestsDependencyWarning)
Is this likely caused by Ansible needing to be rebuilt when Centos7.5
is actually released or does it look like this is something else?
FWIW, Ansible seems to be doing the right thing. It just complains at the start
of every run.
Regards,
--
Tom me(a)tdiehl.org
5 years, 12 months
Fedora EPEL 7 updates-testing report
by updates@fedoraproject.org
The following Fedora EPEL 7 Security updates need testing:
Age URL
23 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-2c81054303 remctl-3.14-1.el7
13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-f51587d6d2 composer-1.6.4-1.el7
12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-4d3c4577da gsoap-2.8.16-10.el7
11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-26155198e1 roundcubemail-1.1.11-1.el7
7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-cae67a6aed knot-resolver-2.3.0-1.el7
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-e4a3d0e9ef drupal7-7.59-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
grip-3.7.1-1.el7
paho-c-1.2.1-0.el7
python-moksha-hub-1.5.6-1.el7
scapy-2.4.0-2.el7
Details about builds:
================================================================================
grip-3.7.1-1.el7 (FEDORA-EPEL-2018-ef39af46e5)
Front-end for CD rippers and Ogg Vorbis encoders
--------------------------------------------------------------------------------
Update Information:
Updated to 3.7.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 26 2018 Adrian Reber <adrian(a)lisas.de> - 1:3.7.1-1
- Updated to 3.7.1
* Wed Feb 7 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1:3.6.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Jan 31 2018 Adrian Reber <adrian(a)lisas.de> - 1:3.6.3-1
- Updated to 3.6.3
- Remove icon scriptlets
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1558285 - grip-3.7.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1558285
--------------------------------------------------------------------------------
================================================================================
paho-c-1.2.1-0.el7 (FEDORA-EPEL-2018-a924a3397c)
MQTT C Client
--------------------------------------------------------------------------------
Update Information:
Updates paho-c package to the latest upstream version 1.2.1
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 28 2018 Otavio R. Piske <opiske(a)redhat.com> - 1.2.1-0
- Updates paho-c package to the latest upstream version 1.2.1
- Adjust the location of the documentation within the documentation dir
* Thu Feb 8 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.2.0-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-moksha-hub-1.5.6-1.el7 (FEDORA-EPEL-2018-26960d4fb5)
Hub components for Moksha
--------------------------------------------------------------------------------
Update Information:
STOMP: wait at most 60 seconds between reconnect attempts, c/o @mikeb
https://github.com/mokshaproject/moksha/pull/56
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 30 2018 Ralph Bean <rbean(a)redhat.com> - 1.5.6-1
- new version
--------------------------------------------------------------------------------
================================================================================
scapy-2.4.0-2.el7 (FEDORA-EPEL-2018-464dc8924c)
Interactive packet manipulation tool and network scanner
--------------------------------------------------------------------------------
Update Information:
Update to bugfix reease.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 30 2018 Michal Ambroz <rebus _AT seznam.cz> - 2.4.0-2
- disable the test for now - there is too many failing (network) tests
* Mon Apr 30 2018 Michal Ambroz <rebus _AT seznam.cz> - 2.4.0-1
- bump to 2.4.0 release
* Fri Mar 9 2018 Michal Ambroz <rebus _AT seznam.cz> - 2.4.0-0.rc5.1
- bump to upstream 2.4.0 release candidate 5
- enable separate python3 and python2 build
* Fri Feb 9 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.3.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Jan 31 2018 Iryna Shcherbina <ishcherb(a)redhat.com> - 2.3.3-3
- Update Python 2 dependency declarations to new packaging standards
(See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
* Thu Jul 27 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.3.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
--------------------------------------------------------------------------------
5 years, 12 months