The following Fedora EPEL 7 Security updates need testing:
Age URL
981
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
743
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f
mcollective-2.8.4-1.el7
325
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d
libbsd-0.8.3-1.el7
223
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe
mod_cluster-1.3.3-10.el7
220
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7ecb12e378
python-XStatic-jquery-ui-1.12.0.1-1.el7
55
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e27758bd23
libmspack-0.6-0.1.alpha.el7
53
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-52b8147c68
openvpn-auth-ldap-2.0.3-15.el7
26
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-1e541e27e9
nginx-1.12.2-1.el7
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-95bf973a7d
wordpress-4.8.3-1.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-020fe6e5ac
rubygem-ox-2.4.11-3.el7
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-30026fdcc1
hostapd-2.6-6.el7
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-01fce22094
php-PHPMailer-5.2.26-1.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5e4edb1320
fedpkg-1.30-4.el7 rpkg-1.51-2.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-227eb8f562
roundcubemail-1.1.10-1.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-f412a32589
python-copr-1.84-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
borgbackup-1.1.2-1.el7
golang-github-asaskevich-govalidator-8-1.el7
gsi-openssh-7.4p1-1.el7
nodejs-6.12.0-1.el7
perl-Finance-Quote-1.47-1.el7
perl-Plack-1.0033-1.el7
prelude-lml-rules-4.0.0-1.el7
psblas3-3.5.0-15.el7
python-msrest-0.4.18-1.el7
python-msrestazure-0.4.16-1.el7
python-openidc-client-0.4.0-1.20171113git54dee6e.el7
python-tinydb-3.7.0-1.el7
Details about builds:
================================================================================
borgbackup-1.1.2-1.el7 (FEDORA-EPEL-2017-ce31d16da8)
A deduplicating backup program with compression and authenticated encryption
--------------------------------------------------------------------------------
Update Information:
upstream version 1.1.2 ---- upstream version 1.1.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1473973 - Add zsh autocompletion
https://bugzilla.redhat.com/show_bug.cgi?id=1473973
[ 2 ] Bug #1509851 - borgbackup 1.1.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1509851
[ 3 ] Bug #1508593 - BorgBackup v1.1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1508593
--------------------------------------------------------------------------------
================================================================================
golang-github-asaskevich-govalidator-8-1.el7 (FEDORA-EPEL-2017-21654fa7bb)
Validators and sanitizers for strings, numerics, slices and structs
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1512279 - golang-github-asaskevich-govalidator-8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1512279
--------------------------------------------------------------------------------
================================================================================
gsi-openssh-7.4p1-1.el7 (FEDORA-EPEL-2017-232408ad8b)
An implementation of the SSH protocol with GSI authentication
--------------------------------------------------------------------------------
Update Information:
Sync with openssh package.
--------------------------------------------------------------------------------
================================================================================
nodejs-6.12.0-1.el7 (FEDORA-EPEL-2017-a4b3ae88b2)
JavaScript runtime
--------------------------------------------------------------------------------
Update Information:
Update ---- # 2017-10-24, Version 6.11.5 'Boron' (LTS), @MylesBorins This is
a security release. All Node.js users should consult the security release
summary at
https://nodejs.org/en/blog/vulnerability/oct-2017-dos/ for details on
patched vulnerabilities. ## Notable Changes * zlib: * CVE-2017-14919 - In
zlib v1.2.9, a change was made that causes an error to be raised when a raw
deflate stream is initialized with windowBits set to 8. On some versions this
crashes Node and you cannot recover from it, while on some versions it throws an
exception. Node.js will now gracefully set windowBits to 9 replicating the
legacy behavior to avoid a DOS vector. nodejs-private/node-private#95 ----
Update to Node.js 6.11.4
--------------------------------------------------------------------------------
================================================================================
perl-Finance-Quote-1.47-1.el7 (FEDORA-EPEL-2017-967e14970f)
A Perl module that retrieves stock and mutual fund quotes
--------------------------------------------------------------------------------
Update Information:
Current upstream maintenance release. Various sources fixed, new source
AlphaVantage added.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1509722 - perl-Finance-Quote-1.40 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1509722
[ 2 ] Bug #1510220 - perl-Finance-Quote-1.42 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1510220
[ 3 ] Bug #1510678 - perl-Finance-Quote-1.44 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1510678
[ 4 ] Bug #1511240 - perl-Finance-Quote-1.45 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1511240
[ 5 ] Bug #1512341 - perl-Finance-Quote-1.47 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1512341
--------------------------------------------------------------------------------
================================================================================
perl-Plack-1.0033-1.el7 (FEDORA-EPEL-2017-dbdb41f602)
Perl Superglue for Web frameworks and Web Servers (PSGI toolkit)
--------------------------------------------------------------------------------
Update Information:
This update upgrades the perl Plack module to 1.0033. There are several
improvements, new features and security fixes which can be found in the module's
changelog :
http://cpansearch.perl.org/src/MIYAGAWA/Plack-1.0033/Changes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1469031 - Please update perl-Plack version
https://bugzilla.redhat.com/show_bug.cgi?id=1469031
--------------------------------------------------------------------------------
================================================================================
prelude-lml-rules-4.0.0-1.el7 (FEDORA-EPEL-2017-83f4de81ad)
Prelude LML community ruleset
--------------------------------------------------------------------------------
Update Information:
Bump to 4.0.0
--------------------------------------------------------------------------------
================================================================================
psblas3-3.5.0-15.el7 (FEDORA-EPEL-2017-478c329655)
Parallel Sparse Basic Linear Algebra Subroutines
--------------------------------------------------------------------------------
Update Information:
- Update to post-release 3.5.0-1 ---- - New package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1506949 - Review Request: psblas3 - Parallel Sparse Basic Linear Algebra
Subroutines
https://bugzilla.redhat.com/show_bug.cgi?id=1506949
--------------------------------------------------------------------------------
================================================================================
python-msrest-0.4.18-1.el7 (FEDORA-EPEL-2017-8de7436e28)
AutoRest swagger generator Python client runtime
--------------------------------------------------------------------------------
Update Information:
#python-msrest 0.4.18 ##Features * Add ApiKeyCredentials class. This can be
used to support OpenAPI ApiKey feature. * Add CognitiveServicesAuthentication
class. Pre-declared ApiKeyCredentials class for Cognitive Services.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1508202 - python-msrest-v0.4.18 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1508202
--------------------------------------------------------------------------------
================================================================================
python-msrestazure-0.4.16-1.el7 (FEDORA-EPEL-2017-410b0b03eb)
AutoRest swagger generator Python client runtime (Azure-specific module)
--------------------------------------------------------------------------------
Update Information:
# python-msrestazure 0.4.16 ##Bugfixes * Fix AttributeError if input JSON is
not a dict ([#54](https://github.com/Azure/msrestazure-for-python/issues/54))
--------------------------------------------------------------------------------
================================================================================
python-openidc-client-0.4.0-1.20171113git54dee6e.el7 (FEDORA-EPEL-2017-fb0c5e91bc)
Python OpenID Connect client with token caching and management
--------------------------------------------------------------------------------
Update Information:
python-openidc-client-v0.4.0 is available Add Requests AuthBase wrapper Allow
specifying to not get new tokens in auther
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1455728 - python-openidc-client-v0.4.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1455728
--------------------------------------------------------------------------------
================================================================================
python-tinydb-3.7.0-1.el7 (FEDORA-EPEL-2017-a226ef6d6e)
TinyDB is a tiny, document oriented database
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1512243 - python-tinydb-3.7.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1512243
--------------------------------------------------------------------------------