The following Fedora EPEL 7 Security updates need testing:
Age URL
759
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
522
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f
mcollective-2.8.4-1.el7
224
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8f4ff76b3
chicken-4.11.0-3.el7
104
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d
libbsd-0.8.3-1.el7
20
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-05ac8b1dc4
php-onelogin-php-saml-2.10.5-1.el7
14
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-3d518cd4b9
libgit2-0.24.6-1.el7
14
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5794ee2486
moodle-3.1.5-1.el7
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7e4f45cad3
tcpreplay-4.2.1-1.el7
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e9e451db03
chromium-57.0.2987.133-1.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-99c7c2f382
xorgxrdp-0.2.1-1.el7 xrdp-0.9.2-3.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-1ae79d206b
ReviewBoard-2.5.10-1.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d9e3bfe77d
php-horde-Horde-Crypt-2.7.6-1.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7889b3b509
libupnp-1.6.21-1.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe
mod_cluster-1.3.3-10.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-45845d256f
python-django-1.6.11.6-1.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5f9a6163b4
tnef-1.4.14-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
bean-validation-api-1.1.0-8.el7
cacti-1.1.2-1.el7
dictd-1.12.1-14.el7
dkms-2.3-4.20170313git974d838.el7
gnuchess-6.2.4-2.el7
google-gson-2.3.1-7.el7
jboss-annotations-1.2-api-1.0.0-3.el7
jboss-ejb3-ext-api-2.2.0-3.el7
jboss-el-3.0-api-1.0.5-3.el7
jboss-jms-2.0-api-1.0.0-3.el7
jboss-jsp-2.3-api-1.0.1-3.el7
jboss-servlet-3.1-api-1.0.0-3.el7
kompose-0.5.0-0.1.el7
libmediainfo-0.7.94-1.el7
libzen-0.4.35-1.el7
lldpd-0.9.7-5.el7
mediainfo-0.7.94-1.el7
mingw-libidn2-2.0.0-1.el7
mote-0.6.1-4.el7
oneko-1.2-18.el7
pdc-updater-0.5.5-1.el7
pylint-1.6.5-4.el7
python-django-1.6.11.6-1.el7
tnef-1.4.14-1.el7
tripwire-2.4.3.5-1.el7
xonotic-0.8.2-2.el7
Details about builds:
================================================================================
bean-validation-api-1.1.0-8.el7 (FEDORA-EPEL-2017-7d25e7fd78)
Bean Validation API (JSR 349)
--------------------------------------------------------------------------------
Update Information:
Disable doclint
--------------------------------------------------------------------------------
================================================================================
cacti-1.1.2-1.el7 (FEDORA-EPEL-2017-f6a96218be)
An rrd based graphing tool
--------------------------------------------------------------------------------
Update Information:
- Update to 1.1.2 Release notes:
http://www.cacti.net/release_notes_1_1_2.php
---- - Update to 1.1.1 Release notes:
http://www.cacti.net/release_notes_1_0_5.php
http://www.cacti.net/release_notes_1_0_6.php
http://www.cacti.net/release_notes_1_1_0.php
http://www.cacti.net/release_notes_1_1_1.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1438425 - cacti-1.1.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1438425
[ 2 ] Bug #1430893 - cacti package is missing requires php-gd php-posix
https://bugzilla.redhat.com/show_bug.cgi?id=1430893
[ 3 ] Bug #1431597 - cacti-1.0.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1431597
[ 4 ] Bug #1432443 - cacti-1.0.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1432443
[ 5 ] Bug #1433932 - cacti-1.1.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1433932
[ 6 ] Bug #1436665 - cacti-1.1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1436665
--------------------------------------------------------------------------------
================================================================================
dictd-1.12.1-14.el7 (FEDORA-EPEL-2017-c043a26467)
DICT protocol (RFC 2229) server and command-line client
--------------------------------------------------------------------------------
Update Information:
Unify SPEC file to one version for all distributions.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1116553 - Make available for EPEL-6
https://bugzilla.redhat.com/show_bug.cgi?id=1116553
--------------------------------------------------------------------------------
================================================================================
dkms-2.3-4.20170313git974d838.el7 (FEDORA-EPEL-2017-70ba4182c0)
Dynamic Kernel Module Support Framework
--------------------------------------------------------------------------------
Update Information:
Do not attempt to always install the "base" kernel-devel package even if the
correct variant is already installed.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1421106 - Switch from Requires kernel-devel to kernel-devel-uname-r
https://bugzilla.redhat.com/show_bug.cgi?id=1421106
[ 2 ] Bug #1436840 - on i386, dkms specifically requires kernel-devel and not
kernel-PAE-devel
https://bugzilla.redhat.com/show_bug.cgi?id=1436840
--------------------------------------------------------------------------------
================================================================================
gnuchess-6.2.4-2.el7 (FEDORA-EPEL-2017-3cc309d8e8)
The GNU chess program
--------------------------------------------------------------------------------
Update Information:
New branch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1439719 - Please add EPEL7 branch
https://bugzilla.redhat.com/show_bug.cgi?id=1439719
--------------------------------------------------------------------------------
================================================================================
google-gson-2.3.1-7.el7 (FEDORA-EPEL-2017-11a0f1df4d)
Java lib for conversion of Java objects into JSON representation
--------------------------------------------------------------------------------
Update Information:
Disable doclint
--------------------------------------------------------------------------------
================================================================================
jboss-annotations-1.2-api-1.0.0-3.el7 (FEDORA-EPEL-2017-5d6485031e)
Common Annotations 1.2 API
--------------------------------------------------------------------------------
Update Information:
Disable doclint
--------------------------------------------------------------------------------
================================================================================
jboss-ejb3-ext-api-2.2.0-3.el7 (FEDORA-EPEL-2017-310455d38f)
JBoss EJB 3 Extension API
--------------------------------------------------------------------------------
Update Information:
Disable doclint
--------------------------------------------------------------------------------
================================================================================
jboss-el-3.0-api-1.0.5-3.el7 (FEDORA-EPEL-2017-cd8f0c1d53)
JSR-341 Expression Language 3.0 API
--------------------------------------------------------------------------------
Update Information:
Source 1.7 for diamond support operator
--------------------------------------------------------------------------------
================================================================================
jboss-jms-2.0-api-1.0.0-3.el7 (FEDORA-EPEL-2017-0486d949cc)
JBoss JMS API 2.0 Spec
--------------------------------------------------------------------------------
Update Information:
Disable doclint
--------------------------------------------------------------------------------
================================================================================
jboss-jsp-2.3-api-1.0.1-3.el7 (FEDORA-EPEL-2017-61044d7f10)
JavaServer Pages 2.3 API (JSP)
--------------------------------------------------------------------------------
Update Information:
Disable doclint
--------------------------------------------------------------------------------
================================================================================
jboss-servlet-3.1-api-1.0.0-3.el7 (FEDORA-EPEL-2017-cafee6b49c)
Java Servlet 3.1 API
--------------------------------------------------------------------------------
Update Information:
Disable doclint
--------------------------------------------------------------------------------
================================================================================
kompose-0.5.0-0.1.el7 (FEDORA-EPEL-2017-e402bf9b5a)
Tool to move from 'docker-compose' to Kubernetes
--------------------------------------------------------------------------------
Update Information:
Update to kompose version 0.5.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1435032 - kompose-v0.5.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1435032
--------------------------------------------------------------------------------
================================================================================
libmediainfo-0.7.94-1.el7 (FEDORA-EPEL-2017-4b93792bfa)
Library for supplies technical and tag information about a video or audio file
--------------------------------------------------------------------------------
Update Information:
Updae to last MediaInfo release.
--------------------------------------------------------------------------------
================================================================================
libzen-0.4.35-1.el7 (FEDORA-EPEL-2017-4b93792bfa)
Shared library for libmediainfo and medianfo*
--------------------------------------------------------------------------------
Update Information:
Updae to last MediaInfo release.
--------------------------------------------------------------------------------
================================================================================
lldpd-0.9.7-5.el7 (FEDORA-EPEL-2017-fe76c20831)
ISC-licensed implementation of LLDP
--------------------------------------------------------------------------------
Update Information:
New package for the LLDP daemon
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1438853 - Review Request: lldpd - an ISC-licensed implementation of LLDP
https://bugzilla.redhat.com/show_bug.cgi?id=1438853
--------------------------------------------------------------------------------
================================================================================
mediainfo-0.7.94-1.el7 (FEDORA-EPEL-2017-4b93792bfa)
Supplies technical and tag information about a video or audio file (CLI)
--------------------------------------------------------------------------------
Update Information:
Updae to last MediaInfo release.
--------------------------------------------------------------------------------
================================================================================
mingw-libidn2-2.0.0-1.el7 (FEDORA-EPEL-2017-7426f27045)
MinGW Windows Internationalized Domain Name 2008 support library
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
================================================================================
mote-0.6.1-4.el7 (FEDORA-EPEL-2017-47926d2699)
A MeetBot log wrangler, providing a user-friendly interface for Fedora's logs
--------------------------------------------------------------------------------
Update Information:
Fixes exception logging, adds deep links, adds more descriptive icons.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #94 - script 'rc' glob is too general
https://bugzilla.redhat.com/show_bug.cgi?id=94
--------------------------------------------------------------------------------
================================================================================
oneko-1.2-18.el7 (FEDORA-EPEL-2017-d62503c52f)
Cat chases the cursor
--------------------------------------------------------------------------------
Update Information:
Introduction of the package into EPEL-7
--------------------------------------------------------------------------------
================================================================================
pdc-updater-0.5.5-1.el7 (FEDORA-EPEL-2017-af6176ad55)
Update the product definition center in response to fedmsg
--------------------------------------------------------------------------------
Update Information:
Latest upstream.
--------------------------------------------------------------------------------
================================================================================
pylint-1.6.5-4.el7 (FEDORA-EPEL-2017-a40f89d2de)
Analyzes Python code looking for bugs and signs of poor quality
--------------------------------------------------------------------------------
Update Information:
Provide python major version links (bug #1439070)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1439070 - New name for pylint binaries makes it unusable for automatic
testing
https://bugzilla.redhat.com/show_bug.cgi?id=1439070
--------------------------------------------------------------------------------
================================================================================
python-django-1.6.11.6-1.el7 (FEDORA-EPEL-2017-45845d256f)
A high-level Python Web framework
--------------------------------------------------------------------------------
Update Information:
Update to the latest Django 1.6.11.6 security release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1390687 - CVE-2016-9013 CVE-2016-9014 python-django: various flaws [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1390687
[ 2 ] Bug #1379489 - CVE-2016-7401 python-django: CSRF protection bypass on a site with
Google Analytics [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1379489
--------------------------------------------------------------------------------
================================================================================
tnef-1.4.14-1.el7 (FEDORA-EPEL-2017-5f9a6163b4)
Extract files from email attachments like WINMAIL.DAT
--------------------------------------------------------------------------------
Update Information:
Release 1.4.14 includes security bug fixes introduced in 1.4.13 and a further
bug fix.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1427435 - CVE-2017-6307 CVE-2017-6308 CVE-2017-6309 CVE-2017-6310 tnef:
Multiple vulnerabilities fixed in 1.4.13 [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1427435
--------------------------------------------------------------------------------
================================================================================
tripwire-2.4.3.5-1.el7 (FEDORA-EPEL-2017-aa5ed15389)
IDS (Intrusion Detection System)
--------------------------------------------------------------------------------
Update Information:
update to 2.4.3.5
--------------------------------------------------------------------------------
================================================================================
xonotic-0.8.2-2.el7 (FEDORA-EPEL-2017-e1707361ba)
Multiplayer, deathmatch oriented first person shooter
--------------------------------------------------------------------------------
Update Information:
Build dedicated server.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1203793 - xonotic-dedicated fails to build
https://bugzilla.redhat.com/show_bug.cgi?id=1203793
--------------------------------------------------------------------------------