The following Fedora EPEL 7 Security updates need testing:
Age URL
710
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
473
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f
mcollective-2.8.4-1.el7
191
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-23fa04bf1c
redis-3.2.3-1.el7
175
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8f4ff76b3
chicken-4.11.0-3.el7
55
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d
libbsd-0.8.3-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-0f3297a19b
nagios-4.2.4-2.el7
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e2cea1c22d
python-cjson-1.1.0-9.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-920059d2ed
mingw-wavpack-5.1.0-1.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d1c56cd592
xrdp-0.9.1-3.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
R-littler-0.3.2-1.el7
abi-compliance-checker-2.0-1.el7
abrt-server-info-page-1.2-1.el7
activemq-cpp-3.9.3-2.el7
cereal-1.2.2-1.el7
cscppc-1.3.2-1.el7
csdiff-1.3.2-1.el7
csmock-2.0.3-1.el7
cswrap-1.3.4-1.el7
fail2ban-0.9.6-3.el7
jboss-logmanager-2.0.4-2.el7
jboss-modules-1.5.2-2.el7
module-build-service-1.2.0-1.el7
modulemd-1.1.0-1.el7
nagios-plugins-2.1.4-5.el7
php-onelogin-php-saml-2.10.3-1.el7
rubygem-ruby_engine-1.0.1-2.el7
rubygem-ruby_version-1.0.1-2.el7
tripwire-2.4.3.2-3.el7
xrdp-0.9.1-3.el7
xrootd-4.6.0-3.el7
Details about builds:
================================================================================
R-littler-0.3.2-1.el7 (FEDORA-EPEL-2017-8a95acf3f8)
littler: R at the Command-Line via 'r'
--------------------------------------------------------------------------------
Update Information:
New version - see
https://cran.r-project.org/web/packages/littler/news.html for
details.
--------------------------------------------------------------------------------
================================================================================
abi-compliance-checker-2.0-1.el7 (FEDORA-EPEL-2017-e9604d1924)
An ABI Compliance Checker
--------------------------------------------------------------------------------
Update Information:
#### Version 2.0 (January 28, 2017) **Improvements** * Code refactoringa *
Works faster on big libraries * Added a module to create ABI dump from AST tree
* Added a module to create AST dump * Added a module to parse GCC AST * Added a
module to find system files and automatically generate include paths * Added a
module to mangle C++ symbols * Added a module to read ELF binaries * Added a
module to handle type attributes * Added a module to handle XML descriptors *
Added a module to filter symbols * Added a module to handle input data * Added a
module for logging * Extended test suite * Partial support for GCC 6 * Improved
support for Solaris * Compare versioned data types **New Options** * Added
-filter option: a path to XML descriptor with skip_* rules to filter analyzed
symbols in the report * Added -keep-cxx option to check _ZS*, _ZNS* and _ZNKS*
symbols * Bug Fixes * Fixed automatic generation of include paths * Fixed report
for removed virtual symbols * Fixed XML-format ABI dumps * Fixed source-
compatibility reports * Fixed counter of checked data types * Fixed lists of
affected symbols * Fixed analysis of standard C++ libraries * Fixed analysis of
added and removed virtual methods * Fixed style of the report * Fixed analysis
of alias symbols * Uncover changed typedefs properly * Fixed
Parameter_From_Register and Parameter_To_Register rules * Fixed analysis of data
types derived from template instances * Enable -headers-only option
automatically if header file is used as input library descriptor * Fixed
analysis of template instances * Fixed analysis of static data * Fixed error
message if modules are not installed * Fixed analysis of versioned symbols *
Fixed -ext option * Fixed -use-dumps option * Fixed -debug option * Fixed
console output **Other** * Removed support for too old ABI dumps
--------------------------------------------------------------------------------
================================================================================
abrt-server-info-page-1.2-1.el7 (FEDORA-EPEL-2017-e81531b5b3)
Web page with summary of ABRT services
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1418933 - Review Request: abrt-server-info-page - Webpage for servers
containing ABRT's services
https://bugzilla.redhat.com/show_bug.cgi?id=1418933
--------------------------------------------------------------------------------
================================================================================
activemq-cpp-3.9.3-2.el7 (FEDORA-EPEL-2017-ee27d3d4e2)
C++ implementation of JMS-like messaging client
--------------------------------------------------------------------------------
Update Information:
* Upstream to 3.9.3 * Add activemqcpp-lib3.8 package to provide old version so.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1369701 - Please upgrade to upstream version
https://bugzilla.redhat.com/show_bug.cgi?id=1369701
--------------------------------------------------------------------------------
================================================================================
cereal-1.2.2-1.el7 (FEDORA-EPEL-2017-d3f0bc4013)
A header-only C++11 serialization library
--------------------------------------------------------------------------------
Update Information:
Version bump to 1.2.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1422474 - cereal-1.2.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1422474
--------------------------------------------------------------------------------
================================================================================
cscppc-1.3.2-1.el7 (FEDORA-EPEL-2017-63435b3fe8)
A compiler wrapper that runs cppcheck in background
--------------------------------------------------------------------------------
Update Information:
- update to latest upstream release - update project URL and source URL
--------------------------------------------------------------------------------
================================================================================
csdiff-1.3.2-1.el7 (FEDORA-EPEL-2017-63435b3fe8)
Non-interactive tools for processing code scan results in plain-text
--------------------------------------------------------------------------------
Update Information:
- update to latest upstream release - update project URL and source URL
--------------------------------------------------------------------------------
================================================================================
csmock-2.0.3-1.el7 (FEDORA-EPEL-2017-63435b3fe8)
A mock wrapper for Static Analysis tools
--------------------------------------------------------------------------------
Update Information:
- update to latest upstream release - update project URL and source URL
--------------------------------------------------------------------------------
================================================================================
cswrap-1.3.4-1.el7 (FEDORA-EPEL-2017-63435b3fe8)
Generic compiler wrapper
--------------------------------------------------------------------------------
Update Information:
- update to latest upstream release - update project URL and source URL
--------------------------------------------------------------------------------
================================================================================
fail2ban-0.9.6-3.el7 (FEDORA-EPEL-2017-79373a2a0e)
Daemon to ban hosts that cause multiple authentication errors
--------------------------------------------------------------------------------
Update Information:
Properly handle /run/fail2ban (bug #1422500)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1422500 - directory /var/run/fail2ban/ is missing at startup
https://bugzilla.redhat.com/show_bug.cgi?id=1422500
--------------------------------------------------------------------------------
================================================================================
jboss-logmanager-2.0.4-2.el7 (FEDORA-EPEL-2017-3eb90f92f2)
JBoss Log Manager
--------------------------------------------------------------------------------
Update Information:
Package jboss-logmanager for EPEL7
--------------------------------------------------------------------------------
================================================================================
jboss-modules-1.5.2-2.el7 (FEDORA-EPEL-2017-aba6f69afc)
A Modular Classloading System
--------------------------------------------------------------------------------
Update Information:
Package jboss-modules for EPEL7
--------------------------------------------------------------------------------
================================================================================
module-build-service-1.2.0-1.el7 (FEDORA-EPEL-2017-e2257cd141)
The Module Build Service for Modularity
--------------------------------------------------------------------------------
Update Information:
Latest upstream. ---- Latest upstream. ---- Latest upstream. ---- Include
fedmsg.d/mbs-scheduler.py by default. ---- Branch for EPEL7.
--------------------------------------------------------------------------------
================================================================================
modulemd-1.1.0-1.el7 (FEDORA-EPEL-2017-536e3ce0c5)
Module metadata manipulation library
--------------------------------------------------------------------------------
Update Information:
A new version of modulemd is available. This release installs its test suite
under modulemd.tests and changes the default behavior of the xmd field.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1418794 - __init__.pyc from install of python2-modulemd-1.0.2-1.fc25.noarch
conflicts with file from package python-custodia-0.1.0-4.fc25.noarch
https://bugzilla.redhat.com/show_bug.cgi?id=1418794
--------------------------------------------------------------------------------
================================================================================
nagios-plugins-2.1.4-5.el7 (FEDORA-EPEL-2017-0430ba2927)
Host/service/network monitoring program plugins for Nagios
--------------------------------------------------------------------------------
Update Information:
Grab other fixes from git maintenance branch to fix other check_ problems ----
Put in patch to fix check_file_age
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1159891 - When trying to install nagios-plugins-all (with OSP5 enabled) it
fails due to dependency issue
https://bugzilla.redhat.com/show_bug.cgi?id=1159891
[ 2 ] Bug #1298766 - check_dhcp segfaults while parsing arguments
https://bugzilla.redhat.com/show_bug.cgi?id=1298766
[ 3 ] Bug #1409932 - nagios-plugins-dns-2.1.4-2.el7.x86_64 broke reverse lookup (PTR)
checks
https://bugzilla.redhat.com/show_bug.cgi?id=1409932
[ 4 ] Bug #1410324 - nagios-plugins 2.1.4: check_dns lost MX priority on output
https://bugzilla.redhat.com/show_bug.cgi?id=1410324
[ 5 ] Bug #1417259 - nagios-plugins-2.1.4-stable check_snmp rate calculation expects
strange path
https://bugzilla.redhat.com/show_bug.cgi?id=1417259
[ 6 ] Bug #1410039 - check_file_age is broken in recent update
https://bugzilla.redhat.com/show_bug.cgi?id=1410039
--------------------------------------------------------------------------------
================================================================================
php-onelogin-php-saml-2.10.3-1.el7 (FEDORA-EPEL-2017-bbf0468719)
SAML support for PHP
--------------------------------------------------------------------------------
Update Information:
Update to 2.10.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1385654 - php-onelogin-php-saml-v2.10.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1385654
--------------------------------------------------------------------------------
================================================================================
rubygem-ruby_engine-1.0.1-2.el7 (FEDORA-EPEL-2017-a198efe32c)
Adds the RubyEngine pseudo-constant
--------------------------------------------------------------------------------
Update Information:
Gives you an RubyEngine class that simplifies checking for your Ruby
implementation (used by rubygem-rspec-pending_for).
--------------------------------------------------------------------------------
================================================================================
rubygem-ruby_version-1.0.1-2.el7 (FEDORA-EPEL-2017-30c68bb124)
Adds the RubyVersion pseudo-constant
--------------------------------------------------------------------------------
Update Information:
Provides a RubyVersion class to simplify checking for the right Ruby version in
your programs (used by rubygem-rspec-pending_for).
--------------------------------------------------------------------------------
================================================================================
tripwire-2.4.3.2-3.el7 (FEDORA-EPEL-2017-d22c0336d8)
IDS (Intrusion Detection System)
--------------------------------------------------------------------------------
Update Information:
Fix #1421468 by removing defattr macro in files section ---- update to 2.4.3.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1421468 - overly restrictive permissions on /usr/share/doc/tripwire
https://bugzilla.redhat.com/show_bug.cgi?id=1421468
[ 2 ] Bug #830999 - tripwire cron should send mail to configured recipients
https://bugzilla.redhat.com/show_bug.cgi?id=830999
--------------------------------------------------------------------------------
================================================================================
xrdp-0.9.1-3.el7 (FEDORA-EPEL-2017-d1c56cd592)
Open source remote desktop protocol (RDP) server
--------------------------------------------------------------------------------
Update Information:
WARNING: Please note that this update comes with a slightly different syntax of
sesman.ini file, so if you edited this file by hand, you may need to look at the
.rpmnew file and merge any required changes by hand. This release also creates
three files in /etc/xrdp directory if they don't already exist or are empty: -
rsakeys.ini - cert.pem - key.pem Also note that in Fedora, the only backend
that will really work is still Xvnc for now. New features - New xorgxrdp
backend using existing Xorg with additional modules - Improvements to X11rdp
backend - Support for IPv6 (disabled by default) - Initial support for RemoteFX
Codec (disabled by default) - Support for TLS security layer (preferred over RDP
layer if supported by the client) - Support for disabling deprecated SSLv3
protocol and for selecting custom cipher suites in xrdp.ini - Support for
bidirectional fastpath (enabled in both directions by default) - Support clients
that don't support drawing orders, such as MS RDP client for Android, ChromeRDP
(disabled by default) - More configurable login screen - Support for new virtual
channels: - - rdpdr: device redirection - - rdpsnd: audio output - - cliprdr:
clipboard - - xrdpvr: xrdp video redirection channel (can be used along with
NeutrinoRDP client) - Support for disabling virtual channels globally or by
session type - Allow to specify the path for backends (Xorg, X11rdp, Xvnc) -
Added files for systemd support - Multi-monitor support - xrdp-chansrv stroes
logs in ${XDG_DATA_HOME}/xrdp now Security fixes - User's password could be
recovered from the Xvnc password file - X11 authentication was not used
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1404972 - CVE-2013-1430 xrdp: Cleartext password shown in file after logging
into xrdp session [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1404972
[ 2 ] Bug #1404971 - CVE-2013-1430 xrdp: Cleartext password shown in file after logging
into xrdp session [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1404971
--------------------------------------------------------------------------------
================================================================================
xrootd-4.6.0-3.el7 (FEDORA-EPEL-2017-9b2cd39ee3)
Extended ROOT file server
--------------------------------------------------------------------------------
Update Information:
New version 4.6.0, release notes are here:
https://github.com/xrootd/xrootd/blob/v4.6.0/docs/ReleaseNotes.txt
--------------------------------------------------------------------------------