The following Fedora EPEL 7 Security updates need testing:
Age URL
469
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d
condor-8.6.11-1.el7
210
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80
python-gnupg-0.4.4-1.el7
208
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b
bubblewrap-0.3.3-2.el7
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-5fecd4c331
libmodbus-3.0.8-1.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-d8f3c6a443
chromium-78.0.3904.97-1.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-58be818bb4
thunderbird-enigmail-2.1.3-1.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-8a7207a341
libidn2-2.3.0-1.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-aff200699c
mingw-libidn2-2.3.0-1.el7
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-b1761c2898
imapfilter-2.6.15-1.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-1a5ac407f8
jhead-3.04-1.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-d6b0a398c2
clamav-0.101.5-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
audacity-2.3.3-1.el7
beaker-26.6-1.git.66.g03e169493.el7
fotoxx-19.20-1.el7
hitch-1.5.0-4.el7
js-jsroot-5.7.2-1.el7
php-theseer-autoload-1.25.8-1.el7
python-apprise-0.8.2-1.el7
python-packaging-16.8-6.el7
python-plumbum-1.6.8-1.el7
tnef-1.4.18-1.el7
Details about builds:
================================================================================
audacity-2.3.3-1.el7 (FEDORA-EPEL-2019-af4df6836b)
Multitrack audio editor
--------------------------------------------------------------------------------
Update Information:
[Audacity 2.3.3
Released](https://www.audacityteam.org/audacity-2-3-3-released/)
==================== Visible Improvements: ==================== Equalization
effect now split into two effects, Filter Curve and Graphic EQ. ----------------
--------------------------------------------------------------------------------
--- * Presets (using manage button) now active/working. * Can now have two
points at same frequency for steep steps. ���What you hear is what you get��� for
exports. ---------------------------------------------------------- * Formerly
the solo button preferences could lead to differences in which tracks were
exported. * Leading silence (blank space) not skipped over in exports. * Quality
setting on AAC/M4A exports. Some confusing functionality removed (better
achieved in other ways) --------------------------------------------------------
---------------------------------------- * Removed Nyquist Workbench (use built-
in nyquist features) * Removed Vocal Remover (use Vocal Reduction) * Removed On-
Demand aliased files (copy files instead) * Removed ���Normalize on Load���
(Normalize as needed on export, instead) Behind the scenes ================ *
150+ bugs resolved * Code restructuring
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 23 2019 David Timms <iinet.net.au@dtimms> - 2.3.3-1
- Update to Audacity 2.3.3.
- Modify wxWidgets build require to wxGTK3 (gtk3 version).
- Modify libdir patch for 2.3.3.
- Fix -manual file archive dropping the leading help/ in path.
- Disable twolame for EPEL-8 as the -devel package isn't available.
* Wed Jul 24 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.3.2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Tue Jun 4 2019 David Timms <iinet.net.au@dtimms> - 2.3.2-1
- Update to Audacity 2.3.2 release.
- Rebase audacity-2.3.2-libdir.patch.
- Fix -manual placing files in extra help/manual path.
* Fri Apr 19 2019 David Timms <iinet.net.au@dtimms> - 2.3.1-1
- Update to Audacity 2.3.1 release.
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.3.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Mon Oct 1 2018 David Timms <iinet.net.au@dtimms> - 2.3.0-1
- Update to Audacity 2.3.0 release.
* Thu Sep 20 2018 David Timms <iinet.net.au@dtimms> - 2.2.2-3
- retry below change as my git foo didn't manage to delete the empty lines.
* Fri Sep 7 2018 David Timms <iinet.net.au@dtimms> - 2.2.2-2
- fix empty lines within configure command causing non x86 build fails.
* Thu Sep 6 2018 David Timms <iinet.net.au@dtimms> - 2.2.2-1
- Update to 2.2.2
- further improvements from S��rgio Basto <sergio(a)serjux.com>
- Add conditionals to enable or disable ffmpeg
- Also add conditionals to be possible build with local ffmpeg (not in use)
- Use autoconf before ./configure
- Re-add libmp3lame-default.patch and libdir.patch
- Add to configure --disable-dynamic-loading
- General review of spec
- Re-add desktop.in.patch
- Add to configure --with-lv2 --with-midi --with-portmidi with some commentaries
- Temporary fix to portaudio became permanent (--with-portaudio=local)
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.1.3-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Feb 7 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.1.3-9
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Sat Jan 6 2018 Igor Gnatenko <ignatenkobrain(a)fedoraproject.org> - 2.1.3-8
- Remove obsolete scriptlets
* Wed Oct 4 2017 Scott Talbert <swt(a)techie.net> - 2.1.3-7
- Update to build against merged compat-wxGTK3-gtk2-devel package
* Sat Sep 30 2017 Jerry James <loganjerry(a)gmail.com> - 2.1.3-6
- Rebuild for soundtouch 2.0.0
* Wed Aug 2 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.1.3-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.1.3-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Mon May 15 2017 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.1.3-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_26_27_Mass_Rebuild
* Sat Mar 25 2017 David Timms <iinet.net.au@dtimms> - 2.1.3-2
- include mp3 import support via libmad, which is now available in Fedora.
* Tue Mar 21 2017 David Timms <iinet.net.au@dtimms> - 2.1.3-1
- 2.1.3 release.
- modify -manual extract path to match earlier builds.
* Fri Feb 10 2017 Fedora Release Engineering <releng(a)fedoraproject.org> -
2.1.3-0.8.20161109git53a5c93
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Wed Nov 9 2016 David Timms <iinet.net.au@dtimms> - 2.1.3-0.7.20161109git53a5c93
- 2.1.3 Alpha git snapshot 2016-11-09.
* Tue Nov 8 2016 David Timms <iinet.net.au@dtimms> - 2.1.3-0.6.20161025gitff9763f
- add requires wxGTK3-gtk2 tookit version.
- trick configure into detecting and using wxWidgets gtk2.
* Tue Oct 25 2016 David Timms <iinet.net.au@dtimms> - 2.1.3-0.5.20161025gitff9763f
- 2.1.3 Alpha git snapshot 2016-10-25.
* Sun Sep 4 2016 David Timms <iinet.net.au@dtimms> - 2.1.3-0.4.20160904git2fb18e8
- 2.1.3 Alpha git snapshot 2016-09-04.
* Wed Aug 24 2016 David Timms <iinet.net.au@dtimms> - 2.1.3-0.3.20160824git781de82
- 2.1.3 Alpha git snapshot for testing.
* Sun Aug 7 2016 David Timms <iinet.net.au@dtimms> - 2.1.3-0.2.20160807git8392a57
- 2.1.3 Alpha git snapshot for testing.
* Sun Jun 5 2016 David Timms <iinet.net.au@dtimms> - 2.1.3-0.1.20160605gitd41f865
- 2.1.3 Alpha git snapshot for testing.
- remove already applied gcc6 patch.
* Tue Mar 29 2016 Orion Poplawski <orion(a)cora.nwra.com> - 2.1.2-4
- Add patch to fix gcc6 build issues (bug #1307335)
* Thu Mar 3 2016 David Timms <iinet.net.au@dtimms> - 2.1.2-3
- Rebuild for new soundtouch required to fix symbol lookup error.
* Wed Feb 3 2016 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.1.2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Sat Jan 23 2016 David Timms <iinet.net.au@dtimms> - 2.1.2-1
- 2.1.2 final release.
* Fri Jan 1 2016 David Timms <iinet.net.au@dtimms> - 2.1.2-0.8.rc2
- 2.1.2 Release Candidate 2 for testing.
* Sun Nov 15 2015 David Timms <iinet.net.au@dtimms> - 2.1.2-0.7.rc1
- 2.1.2 Release Candidate 1 for testing.
* Thu Nov 12 2015 David Timms <iinet.net.au@dtimms> - 2.1.2-0.6.20151112gitecdb1d8
- 2.1.2 Alpha git snapshot.
- Test build of git master which requires wxGTK3.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1775690 - audacity-2.3.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1775690
[ 2 ] Bug #1497693 - [RFE] mp3 support for audacity
https://bugzilla.redhat.com/show_bug.cgi?id=1497693
[ 3 ] Bug #1729789 - [abrt] audacity: OnExit(): audacity killed by SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=1729789
--------------------------------------------------------------------------------
================================================================================
beaker-26.6-1.git.66.g03e169493.el7 (FEDORA-EPEL-2019-570af4367d)
Full-stack software and hardware integration testing system
--------------------------------------------------------------------------------
Update Information:
New upstream 26.6
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
fotoxx-19.20-1.el7 (FEDORA-EPEL-2019-4601515a98)
Photo editor
--------------------------------------------------------------------------------
Update Information:
19.20 ---- 19.19
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 25 2019 Gwyn Ciesla <gwync(a)protonmail.com> - 19.20-1
- 19.20
* Mon Nov 11 2019 Gwyn Ciesla <gwync(a)protonmail.com> - 19.19-1
- 19.19
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1775948 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1775948
--------------------------------------------------------------------------------
================================================================================
hitch-1.5.0-4.el7 (FEDORA-EPEL-2019-c3f292fb76)
Network proxy that terminates TLS/SSL connections
--------------------------------------------------------------------------------
Update Information:
* Added a systemd limit.conf with defaults LimitCORE=infinity, LimitNOFILE=10240
* Hitch now supports a directory of certificate pem files; added pem-dir =
"/etc/pki/tls/private" to the example config. * Changed systemd Type=forking
matching the example config * This version is also packed for epel8
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 12 2019 Ingvar Hagelund <ingvar(a)redpill-linpro.com> - 1.5.0-4
- Added support for epel8
- Added a systemd limit.conf with defaults LimitCORE=infinity, LimitNOFILE=10240
- Added pem-dir = "/etc/pki/tls/private" to the example config
- Changed systemd Type=forking matching the example config, fixes bz #1731420
- Simplified handling of the _docdir macro
* Thu Jul 25 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.5.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.5.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1731420 - Hitch service file not configured to detect error during
initialization (Type=simple)
https://bugzilla.redhat.com/show_bug.cgi?id=1731420
--------------------------------------------------------------------------------
================================================================================
js-jsroot-5.7.2-1.el7 (FEDORA-EPEL-2019-f693aaf26f)
JavaScript ROOT - Interactive numerical data analysis graphics
--------------------------------------------------------------------------------
Update Information:
jsroot 5.7.2
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 23 2019 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 5.7.2-1
- Update to version 5.7.2
- Bundle jquery and its dependants in EPEL 8 - not available
--------------------------------------------------------------------------------
================================================================================
php-theseer-autoload-1.25.8-1.el7 (FEDORA-EPEL-2019-505a408676)
A tool and library to generate autoload code
--------------------------------------------------------------------------------
Update Information:
**Release 1.25.8** * Fix Regression
[#92](https://github.com/theseer/Autoload/issues/92): PHPAB 1.25.7 generates
broken PHAR for PHPUnit ---- **Release 1.25.7** * Fix: Static require or
compile lists now properly process pathes relative to and above the base
directory
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 25 2019 Remi Collet <remi(a)remirepo.net> - 1.25.8-1
- update to 1.25.8
* Fri Nov 15 2019 Remi Collet <remi(a)remirepo.net> - 1.25.7-1
- update to 1.25.7
--------------------------------------------------------------------------------
================================================================================
python-apprise-0.8.2-1.el7 (FEDORA-EPEL-2019-a315650bd7)
A simple wrapper to many popular notification services used today
--------------------------------------------------------------------------------
Update Information:
Updated to v0.8.2
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 25 2019 Chris Caron <lead2gold(a)gmail.com> - 0.8.2-1
- Updated to v0.8.2
--------------------------------------------------------------------------------
================================================================================
python-packaging-16.8-6.el7 (FEDORA-EPEL-2019-8e4f2b6a73)
Core utilities for Python packages
--------------------------------------------------------------------------------
Update Information:
epel7 specific spec file
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 29 2019 J��r��my Bertozzi <jeremy.bertozzi(a)gmail.com> - 16.8-6
- epel7 specific spec file
- python3 package for epel7
--------------------------------------------------------------------------------
================================================================================
python-plumbum-1.6.8-1.el7 (FEDORA-EPEL-2019-a2d0f8d6d7)
Shell combinators library
--------------------------------------------------------------------------------
Update Information:
New version 1.6.8
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 24 2019 Greg Hellings <greg.hellings(a)gmail.com> - 1.6.8-1
- New version 1.6.8
* Thu Oct 3 2019 Miro Hron��ok <mhroncok(a)redhat.com> - 1.6.7-4
- Rebuilt for Python 3.8.0rc1 (#1748018)
* Mon Aug 19 2019 Miro Hron��ok <mhroncok(a)redhat.com> - 1.6.7-3
- Rebuilt for Python 3.8
* Fri Jul 26 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.6.7-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1767191 - python-plumbum-1.6.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1767191
--------------------------------------------------------------------------------
================================================================================
tnef-1.4.18-1.el7 (FEDORA-EPEL-2019-06a2efa1e8)
Extract files from email attachments like WINMAIL.DAT
--------------------------------------------------------------------------------
Update Information:
tnef release 1.4.18. Security release to resolve
[
CVE-2019-18849](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1...
in which it may be possible to attack via a crafted email message extracted via
tnef.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 26 2019 David Timms <iinet.net.au@dtimms> - 1.4.18-1
- Update to release 1.4.18. Fixes CVE-2019-18849 - bug #1771891
- Add global builddolphin to enable -dolphin subpackage when available.
* Sat Jul 27 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.4.17-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Thu Feb 7 2019 David Timms <iinet.net.au@dtimms> - 1.4.17-1
- Update to release 1.4.17.
* Sun Feb 3 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.4.15-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.4.15-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Feb 9 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.4.15-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1771892 - CVE-2019-18849 tnef: security bypass in .ssh/authorized_keys file
via an e-mail message [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1771892
[ 2 ] Bug #1771893 - CVE-2019-18849 tnef: security bypass in .ssh/authorized_keys file
via an e-mail message [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1771893
--------------------------------------------------------------------------------