The following Fedora EPEL 7 Security updates need testing:
Age URL
81
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3835d39d1a
unrtf-0.21.9-8.el7
75
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-15b7dc35af
pass-1.7.2-1.el7
49
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-d2e0971e9b
uwsgi-2.0.17.1-1.el7
32
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-f9d6ff695a
bibutils-6.6-1.el7 ghc-hs-bibutils-6.6.0.0-1.el7 pandoc-citeproc-0.3.0.1-4.el7
31
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-5346e2123a
dpkg-1.18.25-1.el7
22
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-0be0127779
libgit2-0.26.6-1.el7
15
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d
condor-8.6.11-1.el7
15
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-69993b3f45
sleuthkit-4.6.2-1.el7
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-8e10f21fa8
yubico-piv-tool-1.6.1-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3a3c72c5e5
chromium-68.0.3440.106-3.el7
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-cde256f1e4
discount-2.2.4-1.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-215cdde88c
yara-3.8.1-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
capstone-3.0.5-1.el7
cinch-1.1.0-1.el7
egl-wayland-1.1.0-0.1.20180916git1676d1d.el7
eglexternalplatform-1.1-0.1.20180916git7c8f8e2.el7
godot-3.0.6-1.el7
inxi-3.0.21-1.el7
libsvm-3.23-3.el7
lynis-2.6.8-1.el7
mod_perl-2.0.10-3.el7
mysqltuner-1.7.2-1.git.21860fe.el7
perl-Crypt-PasswdMD5-1.3-0.17.el7
php-bartlett-php-compatinfo-db-1.35.0-2.el7
python-gnupg-0.4.3-1.el7
python-yara-3.8.1-2.el7
regindexer-0.3-1.el7
Details about builds:
================================================================================
capstone-3.0.5-1.el7 (FEDORA-EPEL-2018-4143561941)
A lightweight multi-platform, multi-architecture disassembly framework
--------------------------------------------------------------------------------
Update Information:
update to upstream 3.0.5 to fix CVE-2017-6952
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 27 2018 Michal Ambroz <rebus _AT seznam.cz> - 3.0.5-1
- bump to 3.0.5
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0.4-18
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Mon Jul 2 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 3.0.4-17
- Rebuilt for Python 3.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1603616 - capstone: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1603616
[ 2 ] Bug #1433251 - CVE-2017-6952 capstone: Integer overflow in the cs_winkernel_malloc
function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1433251
--------------------------------------------------------------------------------
================================================================================
cinch-1.1.0-1.el7 (FEDORA-EPEL-2018-bfecdea694)
A tool for provisioning Jenkins components for CI
--------------------------------------------------------------------------------
Update Information:
New upstream 1.1.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 29 2018 Greg Hellings <greg.hellings(a)gmail.com> - 1.1.0-1
- New upstream 1.1.0
--------------------------------------------------------------------------------
================================================================================
egl-wayland-1.1.0-0.1.20180916git1676d1d.el7 (FEDORA-EPEL-2018-b34b74a2ec)
Wayland EGL External Platform library
--------------------------------------------------------------------------------
Update Information:
- Build for epel7
--------------------------------------------------------------------------------
================================================================================
eglexternalplatform-1.1-0.1.20180916git7c8f8e2.el7 (FEDORA-EPEL-2018-b34b74a2ec)
EGL External Platform Interface headers
--------------------------------------------------------------------------------
Update Information:
- Build for epel7
--------------------------------------------------------------------------------
================================================================================
godot-3.0.6-1.el7 (FEDORA-EPEL-2018-05eb32dad2)
Multi-platform 2D and 3D game engine with a feature-rich editor
--------------------------------------------------------------------------------
Update Information:
**Security update: Godot 3.0.6** This update brings the latest upstream release
of Godot Engine, with several bug fixes and improvements applied on top of Godot
3.0.4. This release is compatible with previous Godot 3.0.x versions and should
load existing projects without issue. Version 3.0.6 also fixes the following
security vulnerabilities: Fabio Alessandrelli found and fixed several security
vulnerabilities in the marshalling code of Godot Engine, which could be used by
a remote Godot client to cause a Denial of Service for a Godot server
(CVE-2018-1000224). *References:* - Release announcement:
https://godotengine.org/article/maintenance-release-godot-3-0-6 - Changelog: htt
ps://downloads.tuxfamily.org/godotengine/3.0.6/Godot_v3.0.6-stable_change...
- Details about CVE-2018-1000224:
https://github.com/godotengine/godot/issues/20558
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 23 2018 R��mi Verschelde <akien(a)fedoraproject.org> - 3.0.6-1
- Version 3.0.6-stable (fixes CVE-2018-1000224)
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0.4-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1599287 - godot-3.0.6-stable is available (fixes CVE-2018-1000224)
https://bugzilla.redhat.com/show_bug.cgi?id=1599287
--------------------------------------------------------------------------------
================================================================================
inxi-3.0.21-1.el7 (FEDORA-EPEL-2018-cd498fef9c)
A full featured system information script
--------------------------------------------------------------------------------
Update Information:
Update to 3.0.21.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 28 2018 Vasiliy N. Glazov <vascom2(a)gmail.com> 3.0.21-1
- Update to 3.0.21
--------------------------------------------------------------------------------
================================================================================
libsvm-3.23-3.el7 (FEDORA-EPEL-2018-fb0cef0028)
A Library for Support Vector Machines
--------------------------------------------------------------------------------
Update Information:
The Provides/Obsoletes for python subpackages were adjusted to fix an issue with
upgrades.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 28 2018 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 3.23-3
- Fix Provides/Obsoletes for old python subpackage
--------------------------------------------------------------------------------
================================================================================
lynis-2.6.8-1.el7 (FEDORA-EPEL-2018-1cb50c264f)
Security and system auditing tool
--------------------------------------------------------------------------------
Update Information:
https://cisofy.com/changelog/lynis/#267 https://cisofy.com/changelog/lynis/#268
---- Update to 2.6.6 (rhbz #1598940)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 29 2018 Gwyn Ciesla <limburgher(a)gmail.com> - 2.6.8-1
- 2.6.8
* Thu Jul 19 2018 Athmane Madjoudj <athmane(a)fedoraproject.org> - 2.6.6-1
- Update to 2.6.6 (rhbz #1598940)
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.6.5-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1614579 - lynis-2.6.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1614579
[ 2 ] Bug #1598940 - lynis-2.6.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1598940
--------------------------------------------------------------------------------
================================================================================
mod_perl-2.0.10-3.el7 (FEDORA-EPEL-2018-ce5572f6e0)
An embedded Perl interpreter for the Apache HTTP Server
--------------------------------------------------------------------------------
Update Information:
This release fixes CVE-2011-2767 vulnerability (an arbitrary Perl code execution
in the context of the httpd server) by disabling <Perl> sections in non-server-
level configuration.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 29 2018 Petr Pisar <ppisar(a)redhat.com> - 2.0.10-3
- Fix CVE-2011-2767 (arbitrary Perl code execution in the context of the user
account via a user-owned .htaccess) (bug #1623268)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1623265 - CVE-2011-2767 mod_perl: arbitrary Perl code execution in the
context of the user account via a user-owned .htaccess
https://bugzilla.redhat.com/show_bug.cgi?id=1623265
--------------------------------------------------------------------------------
================================================================================
mysqltuner-1.7.2-1.git.21860fe.el7 (FEDORA-EPEL-2018-87d7ac5827)
MySQL configuration assistant
--------------------------------------------------------------------------------
Update Information:
bump version major update from 1.6.0 to 1.7.2
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 20 2018 josef radinger <cheese(a)nosuchhost.net> - 1.7.2-1.git.21860fe
- bump version
--------------------------------------------------------------------------------
================================================================================
perl-Crypt-PasswdMD5-1.3-0.17.el7 (FEDORA-EPEL-2018-ad31ca5010)
Provides interoperable MD5-based crypt() functions
--------------------------------------------------------------------------------
Update Information:
This is just a rebuild to stay in sync with the RHEL version (which is not
available on ppc64).
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
php-bartlett-php-compatinfo-db-1.35.0-2.el7 (FEDORA-EPEL-2018-844f9d9320)
Reference Database to be used with php-compatinfo library
--------------------------------------------------------------------------------
Update Information:
**Version 1.35.0** - 2018-08-28 * **Added** - Support to PHP 7.1.21 *
**Changed** - Xdebug reference updated to version 2.6.1 (stable) ----
**Version 1.34.0** - 2018-07-20 * **Added** - Support to PHP 7.1.20 -
Support to PHP 7.0.31 - Support to PHP 5.6.37
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 29 2018 Remi Collet <remi(a)remirepo.net> - 1.35.0-2
- update to 1.35.0
--------------------------------------------------------------------------------
================================================================================
python-gnupg-0.4.3-1.el7 (FEDORA-EPEL-2018-7ea34b38b8)
A wrapper for the Gnu Privacy Guard (GPG or GnuPG)
--------------------------------------------------------------------------------
Update Information:
Updated to 0.4.3, updated URL and Source fields
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 28 2018 Paul Wouters <pwouters(a)redhat.com> - 0.4.3-1
- Updated to 0.4.3, updated URL and Source fields
- Resolves: rhbz#1547638 New version is available
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.3.8-11
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 0.3.8-10
- Rebuilt for Python 3.7
* Mon Feb 12 2018 Iryna Shcherbina <ishcherb(a)redhat.com> - 0.3.8-9
- Update Python 2 dependency declarations to new packaging standards
(See
https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
* Fri Feb 9 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.3.8-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Thu Jul 27 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.3.8-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Sat Feb 11 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.3.8-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Mon Dec 19 2016 Miro Hron��ok <mhroncok(a)redhat.com> - 0.3.8-5
- Rebuild for Python 3.6
* Tue Jul 19 2016 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.3.8-4
-
https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_...
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1547638 - New version is available
https://bugzilla.redhat.com/show_bug.cgi?id=1547638
--------------------------------------------------------------------------------
================================================================================
python-yara-3.8.1-2.el7 (FEDORA-EPEL-2018-5cfe68c7ae)
Python binding for the YARA pattern matching tool
--------------------------------------------------------------------------------
Update Information:
Update to yara 3.8.1
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 27 2018 Michal Ambroz <rebus at, seznam.cz> - 3.8.1-2
- rebuild with yara 3.8.1 override
* Mon Aug 27 2018 Michal Ambroz <rebus at, seznam.cz> - 3.8.1-1
- bump to 3.8.1
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.7.0-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 3.7.0-6
- Rebuilt for Python 3.7
--------------------------------------------------------------------------------
================================================================================
regindexer-0.3-1.el7 (FEDORA-EPEL-2018-330482815f)
Tool for creating an index of a container registry
--------------------------------------------------------------------------------
Update Information:
new package: Tool for creating an index of a container registry
--------------------------------------------------------------------------------