Fedora EPEL 7 updates-testing report - epel-devel - Fedora mailing-lists

15 May 2019


      The following Fedora EPEL 7 Security updates need testing:
 Age  URL
 274  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d   condor-8.6.11-1.el7
  82  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-f8311ec8a2   tor-0.3.5.8-1.el7
  50  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-d2c1368294   cinnamon-3.6.7-5.el7
  42  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-50a6a1ddfd   afflib-3.7.18-2.el7
  16  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80   python-gnupg-0.4.4-1.el7
  13  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b   bubblewrap-0.3.3-2.el7
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-04c7455f6a   singularity-3.1.1-1.1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
cjdns-20.3-3.el7
    ckeditor-4.11.4-1.el7
    gnome-shell-extension-system-monitor-applet-38-2.20190515gitfc83a73.el7
    inxi-3.0.34-1.el7
    libmediainfo-19.04-1.el7
    mediaconch-18.03.2-7.el7
    mediainfo-19.04-1.el7
    php-natxet-cssmin-3.0.6-1.el7
    php-stecman-symfony-console-completion-0.10.1-2.el7
    python3-pillow-6.0.0-2.el7
    sems-1.6.0-18.el7
    spectre-meltdown-checker-0.41-1.el7
Details about builds:
================================================================================
 cjdns-20.3-3.el7 (FEDORA-EPEL-2019-81be0c720b)
 The privacy-friendly network without borders
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream version.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May  9 2019 Stuart Gathman stuart@gathman.org - 20.3-3
- Move running test suite to check
* Wed May  8 2019 Stuart Gathman stuart@gathman.org - 20.3-2
- Increase timeout for fuzz tests to allow slower arches to succeed
* Wed May  8 2019 Stuart Gathman stuart@gathman.org - 20.3-1
- New upstream version 20.3
* Fri May  3 2019 Stuart Gathman stuart@gathman.org - 20.2-7
- Option to use system libuv
- Fix scope of Pipe_PATH String_CONST in config.
* Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 20.2-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1705914 - cjdns-20.3 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1705914
--------------------------------------------------------------------------------
================================================================================
 ckeditor-4.11.4-1.el7 (FEDORA-EPEL-2019-12a6beac1e)
 WYSIWYG text editor to be used inside web pages
--------------------------------------------------------------------------------
Update Information:
## CKEditor 4.11.4  Fixed Issues:  *
[#589](https://github.com/ckeditor/ckeditor-dev/issues/589): Fixed: The editor
causes memory leaks in create and destroy cycles. *
[#1397](https://github.com/ckeditor/ckeditor-dev/issues/1397): Fixed: Using the
dialog to remove headers from a [table](https://ckeditor.com/cke4/addon/table)
with one header row only throws an error. *
[#1479](https://github.com/ckeditor/ckeditor-dev/issues/1479): Fixed:
[Justification](https://ckeditor.com/cke4/addon/justify) for styled content in
BR mode is disabled. * [#2816](https://github.com/ckeditor/ckeditor-
dev/issues/2816): Fixed: [Enhanced
Image](https://ckeditor.com/cke4/addon/image2) resize handler is visible in
[read-only
mode](https://ckeditor.com/docs/ckeditor4/latest/guide/dev_readonly.html). *
[#2874](https://github.com/ckeditor/ckeditor-dev/issues/2874): Fixed: [Enhanced
Image](https://ckeditor.com/cke4/addon/image2) resize handler is not created
when the editor is initialized in [read-only
mode](https://ckeditor.com/docs/ckeditor4/latest/guide/dev_readonly.html). *
[#2775](https://github.com/ckeditor/ckeditor-dev/issues/2775): Fixed:
[Clipboard](https://ckeditor.com/cke4/addon/clipboard) paste buttons have wrong
state when [read-
only](https://ckeditor.com/docs/ckeditor4/latest/guide/dev_readonly.html) mode
is set by the mouse event listener with the [Div Editing
Area](https://ckeditor.com/cke4/addon/divarea) plugin. *
[#1901](https://github.com/ckeditor/ckeditor-dev/issues/1901): Fixed: Cannot
open the context menu over a [Widget](https://ckeditor.com/cke4/addon/widget)
with the <kbd>Shift</kbd>+<kbd>F10</kbd> keyboard shortcut.  Other Changes:  *
Updated [WebSpellChecker](https://ckeditor.com/cke4/addon/wsc) (WSC) and
[SpellCheckAsYouType](https://ckeditor.com/cke4/addon/scayt) (SCAYT) plugins:
* Language dictionary update: German language was extended with over 600k new
words.         * Language dictionary update: Swedish language was extended with
over 300k new words.         * Grammar support added for Australian and New
Zealand English, Polish, Slovak, Slovenian and Austrian languages.         *
Changed wavy red and green lines that underline spelling and grammar errors to
straight ones.         * [#55](https://github.com/WebSpellChecker/ckeditor-
plugin-wsc/issues/55): Fixed: WSC does not use [`CKEDITOR.getUrl()`](https://cke
ditor.com/docs/ckeditor4/latest/api/CKEDITOR.html#method-getUrl) when
referencing style sheets.         *
[#166](https://github.com/WebSpellChecker/ckeditor-plugin-scayt/issues/166):
Fixed: SCAYT does not use [`CKEDITOR.getUrl()`](https://ckeditor.com/docs/ckedit
or4/latest/api/CKEDITOR.html#method-getUrl) when referencing style sheets.
* [#56](https://github.com/WebSpellChecker/ckeditor-plugin-wsc/issues/56):
[Chrome] Fixed: SCAYT/WSC throws errors when running inside a  Chrome extension.
* Fixed: After removing a dictionary, the words are not underlined and
considered as incorrect.         * Fixed: The Slovenian (`sl_SL`) language does
not work.         * Fixed: Quotes with code `U+2019` (Right single quotation
mark) are considered separators.         * Fixed: Wrong error message formatting
when the service ID is invalid.         * Fixed: Absent languages in the
Languages tab when using SCAYT with the [Shared
Spaces](https://ckeditor.com/cke4/addon/sharedspace) plugin.  ## CKEditor 4.11.3
Fixed Issues:  * [#2721](https://github.com/ckeditor/ckeditor-dev/issues/2721),
[#487](https://github.com/ckeditor/ckeditor-dev/issues/487): Fixed: The order of
sublist items is reversed when a higher level list item is removed. *
[#2527](https://github.com/ckeditor/ckeditor-dev/issues/2527): Fixed:
[Emoji](https://ckeditor.com/cke4/addon/emoji) autocomplete order does not
prioritize emojis with the name starting from the used string. *
[#2572](https://github.com/ckeditor/ckeditor-dev/issues/2572): Fixed: Icons in
the [Emoji](https://ckeditor.com/cke4/addon/emoji) dropdown navigation groups
are not centered. * [#1191](https://github.com/ckeditor/ckeditor-
dev/issues/1191): Fixed: Items in the [elements
path](https://ckeditor.com/cke4/addon/elementspath) are draggable. *
[#2292](https://github.com/ckeditor/ckeditor-dev/issues/2292): Fixed: Dropping a
list with a link on the editor's margin causes a console error and removes the
dragged text from editor. * [#2756](https://github.com/ckeditor/ckeditor-
dev/issues/2756): Fixed: The [Auto
Link](https://ckeditor.com/cke4/addon/autolink) plugin causes an error when
typing in the [source editing
mode](https://ckeditor.com/docs/ckeditor4/latest/guide/dev_sourcearea.html). *
[#1986](https://github.com/ckeditor/ckeditor-dev/issues/1986): Fixed: The Cell
Properties dialog from the [Table
Tools](https://ckeditor.com/cke4/addon/tabletools) plugin shows styles that are
not allowed through [`config.allowedContent`](https://ckeditor.com/docs/ckeditor
4/latest/api/CKEDITOR_config.html#cfg-allowedContent). *
[#2565](https://github.com/ckeditor/ckeditor-dev/issues/2565): [IE, Edge] Fixed:
Buttons in the [editor toolbar](https://ckeditor.com/cke4/addon/toolbar) are
activated by clicking them with the right mouse button. *
[#2792](https://github.com/ckeditor/ckeditor-dev/pull/2792): Fixed: A bug in the
[Copy Formatting](https://ckeditor.com/cke4/addon/copyformatting) plugin that
caused the following issues:     * [#2780](https://github.com/ckeditor/ckeditor-
dev/issues/2780): Fixed: Undo steps disappear after multiple changes of
selection.     * [#2470](https://github.com/ckeditor/ckeditor-dev/issues/2470):
[Firefox] Fixed: Widget's nested editable gets blurred upon focus.     *
[#2655](https://github.com/ckeditor/ckeditor-dev/issues/2655): [Chrome, Safari]
Fixed: Widget's nested editable cannot be focused under certain circumstances.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 14 2019 Shawn Iwinski shawn@iwin.ski - 4.11.4-1
- Update to 4.11.4 (RHBZ #1683205)
- Fix rpmlint "W: invalid-license MPLv1.1+" by changing "MPLv1.1+" to "MPLv1.1"
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1683205 - ckeditor-4.11.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1683205
--------------------------------------------------------------------------------
================================================================================
 gnome-shell-extension-system-monitor-applet-38-2.20190515gitfc83a73.el7 (FEDORA-EPEL-2019-6562a21760)
 A Gnome shell system monitor extension
--------------------------------------------------------------------------------
Update Information:
Updated to last upstream commits
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 15 2019 Nicolas Vi��ville nicolas.vieville@uphf.fr - 1:38-2.20190515gitfc83a73
- Updated to last upstream commits
- Fix #504  (array.to string() warnings)
- Remove obsolete compatibility code
- Scale width of elements if compact display is on
- Updated translation files
- Reverted ByteArray usage breaking display of thermal and fan speed
- Fixed frequency display showing blank due to ByteArray.tostring
--------------------------------------------------------------------------------
================================================================================
 inxi-3.0.34-1.el7 (FEDORA-EPEL-2019-fa566dcaaf)
 A full featured system information script
--------------------------------------------------------------------------------
Update Information:
Update t0 3.0.34.
--------------------------------------------------------------------------------
ChangeLog:
* Mon May  6 2019 Vasiliy N. Glazov vascom2@gmail.com - 3.0.34-1
- Update to 3.0.34
--------------------------------------------------------------------------------
================================================================================
 libmediainfo-19.04-1.el7 (FEDORA-EPEL-2019-0d44655ca3)
 Library for supplies technical and tag information about a video or audio file
--------------------------------------------------------------------------------
Update Information:
Update to 19.04.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 24 2019 Vasiliy N. Glazov vascom2@gmail.com - 19.04-1
- Update to 19.04
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1701845 - CVE-2019-11372 CVE-2019-11373 mediainfo: various flaws [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1701845
--------------------------------------------------------------------------------
================================================================================
 mediaconch-18.03.2-7.el7 (FEDORA-EPEL-2019-0d44655ca3)
 Most relevant technical and tag data for video and audio files (CLI)
--------------------------------------------------------------------------------
Update Information:
Update to 19.04.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 24 2019 Vasiliy N. Glazov vascom2@gmail.com - 18.03.2-7
- Rebuild with new mediainfo 19.04
* Fri Feb  1 2019 Fedora Release Engineering releng@fedoraproject.org - 18.03.2-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1701845 - CVE-2019-11372 CVE-2019-11373 mediainfo: various flaws [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1701845
--------------------------------------------------------------------------------
================================================================================
 mediainfo-19.04-1.el7 (FEDORA-EPEL-2019-0d44655ca3)
 Supplies technical and tag information about a video or audio file (CLI)
--------------------------------------------------------------------------------
Update Information:
Update to 19.04.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 24 2019 Vasiliy N. Glazov vascom2@gmail.com - 19.04-1
- Update to 19.04
* Fri Feb  1 2019 Fedora Release Engineering releng@fedoraproject.org - 18.12-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1701845 - CVE-2019-11372 CVE-2019-11373 mediainfo: various flaws [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1701845
--------------------------------------------------------------------------------
================================================================================
 php-natxet-cssmin-3.0.6-1.el7 (FEDORA-EPEL-2019-82c8034a90)
 Configurable CSS parser and minifier
--------------------------------------------------------------------------------
Update Information:
### v3.0.6 Fix bracket for count() argument  Merge pull request #26 from
umulmrum/master  Fix bracket for count() argument  ### v3.0.5 Adapt to PHP 7.2
Merge pull request #24 from jtojnar/php72  Fix compatibility with PHP 7.2
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 26 2019 Remi Collet remi@remirepo.net - 3.0.6-1
- update to 3.0.6
- add minimal test for our autoloader
* Sat Feb  2 2019 Fedora Release Engineering releng@fedoraproject.org - 3.0.4-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Jul 13 2018 Fedora Release Engineering releng@fedoraproject.org - 3.0.4-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Feb  9 2018 Fedora Release Engineering releng@fedoraproject.org - 3.0.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Thu Jul 27 2017 Fedora Release Engineering releng@fedoraproject.org - 3.0.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Sat Feb 11 2017 Fedora Release Engineering releng@fedoraproject.org - 3.0.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1504423 - php-natxet-cssmin-3.0.6 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1504423
--------------------------------------------------------------------------------
================================================================================
 php-stecman-symfony-console-completion-0.10.1-2.el7 (FEDORA-EPEL-2019-3330e693d4)
 Automatic BASH completion for Symfony Console based applications
--------------------------------------------------------------------------------
Update Information:
### 0.10.1: Options before command name fixed  Fixes options appearing before
the command name (eg. `program -v cmdname`) breaking the detection of the
command that should be completed for ([#83](https://github.com/stecman/symfony-
console-completion/issues/83))  ### 0.10.0: Multi-word / whitespace support in
completions  Adds support for quoted and escaped multi-word completions. No
changes are required to upgrade from 0.9.0.  BASH users will need to
regenerate/reload their shell hook for multi-word completions to work.  ###
0.9.0: Isolation of CompletionCommand from user-defined global options  To avoid
conflicts with application-level options defined by the library user,
`CompletionCommand` now ignores custom application options. Options from
Symfony's base `Application` class are retained.  No action is needed to upgrade
to this version unless your subclass of `CompletionCommand` has been modified to
use global options defined by your application. In this case you will need to
override `CompletionCommand::filterApplicationOptions` to whitelist your
options.  ### 0.8.0: Symfony 4 support  Adds Symfony Console 4.x to the versions
supported. No changes are required to update to this version from `0.7.0`.
Other changes:  - Commands marked as hidden (`symfony-console` >= 3.2) are
excluded from completion results
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 14 2019 Shawn Iwinski shawn@iwin.ski - 0.10.1-2
- Fix EPEL6 build
* Tue May 14 2019 Shawn Iwinski shawn@iwin.ski - 0.10.1-1
- Update to 0.10.1 (RHBZ #1562562)
- Add range version dependencies for Fedora >= 27 || RHEL >= 8
* Sat Feb  2 2019 Fedora Release Engineering releng@fedoraproject.org - 0.7.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Jul 13 2018 Fedora Release Engineering releng@fedoraproject.org - 0.7.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Feb  9 2018 Fedora Release Engineering releng@fedoraproject.org - 0.7.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1562562 - php-stecman-symfony-console-completion-0.10.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1562562
--------------------------------------------------------------------------------
================================================================================
 python3-pillow-6.0.0-2.el7 (FEDORA-EPEL-2019-2819a72a78)
 Python image processing library
--------------------------------------------------------------------------------
Update Information:
Python image processing library, fork of the Python Imaging Library (PIL)  This
library provides extensive file format support, an efficient internal
representation, and powerful image processing capabilities.  There are four
subpackages: tk (tk interface), qt (PIL image wrapper for Qt), devel
(development) and doc (documentation).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1701767 - Please add a python36-pillow and python36-pillow-devel package
        https://bugzilla.redhat.com/show_bug.cgi?id=1701767
--------------------------------------------------------------------------------
================================================================================
 sems-1.6.0-18.el7 (FEDORA-EPEL-2019-60b110ba92)
 SIP Express Media Server, an extensible SIP media server
--------------------------------------------------------------------------------
Update Information:
* Enable mp3 support  ----  * Enabled several SBC  plugins
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 15 2019 Peter Lemenkov lemenkov@gmail.com - 1.6.0-18
- Enable mp3 support
* Fri May  3 2019 Peter Lemenkov lemenkov@gmail.com - 1.6.0-17
- Added Redis support
- Added call_control modules
--------------------------------------------------------------------------------
================================================================================
 spectre-meltdown-checker-0.41-1.el7 (FEDORA-EPEL-2019-8e8d35f270)
 Spectre & Meltdown vulnerability/mitigation checker for Linux
--------------------------------------------------------------------------------
Update Information:
Update to 0.41  * Feature: add support for the 4 MDS CVEs (CVE-2018-12126,
CVE-2018-12130, CVE-2018-12127, CVE-2019-11091 / Fallout, RIDL, ZombieLoad) *
Feature: add Spectre and Meltdown mitigation detection for Hygon CPU
([#271](https://github.com/speed47/spectre-meltdown-checker/pull/271)) *
Feature: for SSBD, report whether the mitigation is active (in live mode)
([#210](https://github.com/speed47/spectre-meltdown-checker/issues/210)) *
Enhancement: better Xen and hypervisors detection
([#259](https://github.com/speed47/spectre-meltdown-checker/pull/259))
([#270](https://github.com/speed47/spectre-meltdown-checker/pull/270)) *
Enhancement: in paranoid mode, assume we're running a hypervisor (for L1TF)
unless stated otherwise * Enhancement: better detect Arch kernel image location
([#268](https://github.com/speed47/spectre-meltdown-checker/pull/268)) * Fix:
error when no process used prctl to set SSB mitigation * Fix: invalid names in
json batch mode ([#279](https://github.com/speed47/spectre-meltdown-
checker/issues/279)) * Fix: IBRS kernel reported active even if sysfs had
"IBRS_FW" only ([#275](https://github.com/speed47/spectre-meltdown-
checker/issues/275)) ([#276](https://github.com/speed47/spectre-meltdown-
checker/issues/276)) * Fix: load vmm under BSD if not already loaded
([#274](https://github.com/speed47/spectre-meltdown-checker/issues/274)) * Fix:
misdetection of files under Clear Linux
([#264](https://github.com/speed47/spectre-meltdown-checker/issues/264)) * Misc:
update MCEdb to v110 * Misc: dozens of other fixes and enhancements
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 15 2019 Reto Gantenbein reto.gantenbein@linuxmonk.ch - 0.41-1
- Update to 0.41
* Sun Feb  3 2019 Fedora Release Engineering releng@fedoraproject.org - 0.40-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------