The following Fedora EPEL 7 Security updates need testing:
Age URL
314
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
77
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f
mcollective-2.8.4-1.el7
40
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-f82c6fc04a
p7zip-15.09-4.el7
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-864da6c179
nghttp2-1.6.0-1.el7
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e21e03e52f
mono-2.10.8-9.el7
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-3e181e41ca
openvpn-2.3.10-1.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e04c714f9d
gajim-0.16.5-1.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-ec85678f0c
nodejs-ws-1.0.1-1.el7
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-dd35749dd3
wordpress-4.4.1-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-43613cf75a
keepassx-0.4.4-1.el7
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e34ffdd692
prosody-0.9.9-2.el7
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-273a82f7db
owncloud-8.0.10-1.el7
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8da165e1bb
mbedtls-2.2.1-1.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6f526f521d
python-rsa-3.3-2.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-043f77342d
cgit-0.12-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
cgit-0.12-1.el7
libscrypt-1.21-1.el7
wildmagic5-5.14-1.el7
Details about builds:
================================================================================
cgit-0.12-1.el7 (FEDORA-EPEL-2016-043f77342d)
A fast web interface for git
--------------------------------------------------------------------------------
Update Information:
Update to 0.12. Fixes bug #1298912
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1298851 - CVE-2016-1899 cgit: Reflected XSS and header injection in mimetype
query string
https://bugzilla.redhat.com/show_bug.cgi?id=1298851
[ 2 ] Bug #1298854 - CVE-2016-1900 cgit: Stored Cross Site Scripting & Header
Injection in Filename Parameter
https://bugzilla.redhat.com/show_bug.cgi?id=1298854
[ 3 ] Bug #1298860 - CVE-2016-1901 cgit: Integer Overflow resulting in Buffer Overflow
https://bugzilla.redhat.com/show_bug.cgi?id=1298860
--------------------------------------------------------------------------------
================================================================================
libscrypt-1.21-1.el7 (FEDORA-EPEL-2016-54a5e7e12f)
Library that implements the secure password hashing function "scrypt"
--------------------------------------------------------------------------------
Update Information:
Update to 1.21 release, package provided also in epel.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1292303 - libscrypt: epel compat, modernize and bump version
https://bugzilla.redhat.com/show_bug.cgi?id=1292303
--------------------------------------------------------------------------------
================================================================================
wildmagic5-5.14-1.el7 (FEDORA-EPEL-2016-97f2e482b8)
Wild Magic libraries
--------------------------------------------------------------------------------
Update Information:
- Update to 5.14
--------------------------------------------------------------------------------