The following Fedora EPEL 7 Security updates need testing:
Age URL
51
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-2c81054303
remctl-3.14-1.el7
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-8b8dc96235
nodejs-deep-extend-0.5.1-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-860176245e
gifsicle-1.91-1.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-48b823c3dc
strongswan-5.6.2-6.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-297fb7f6c0
chromium-66.0.3359.181-2.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-90002f509e
pdns-recursor-4.1.3-2.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-74ee3ae47e
phpMyAdmin-4.4.15.10-3.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-65614e9fc9
thunderbird-enigmail-2.0.6-1.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-bbdc0ecf38
cobbler-2.8.3-2.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
clamav-0.100.0-1.el7
fedfind-4.1.3-1.el7
phototonic-1.7.20-3.el7
php-scssphp-0.7.6-1.el7
Details about builds:
================================================================================
clamav-0.100.0-1.el7 (FEDORA-EPEL-2018-4b08b15845)
End-user tools for the Clam Antivirus scanner
--------------------------------------------------------------------------------
Update Information:
ClamAV 0.100.0 ============== ClamAV 0.100.0 is a feature release which
includes many code submissions from the ClamAV community. Some of the more
prominent submissions include: * Interfaces to the Prelude SIEM open source
package for collecting ClamAV virus events. * Support for Visual Studio 2015
for Windows builds. Please note that we have deprecated support for Windows XP,
and while Vista may still work, we no longer test ClamAV on Windows XP or Vista.
* Support libmspack internal code or as a shared object library. The internal
library is the default and includes modifications to enable parsing of CAB files
that do not entirely adhere to the CAB file format. * Linking with OpenSSL
1.1.0. * Deprecation of the AllowSupplementaryGroups parameter statement in
clamd, clamav-milter, and freshclam. Use of supplementary is now in effect by
default. * Numerous bug fixes, typo corrections, and compiler warning fixes.
Additionally, upstream introduced important changes and new features in ClamAV
0.100, including but not limited to: * Deprecating internal LLVM code
support. The configure script has changed to search the system for an installed
instance of the LLVM development libraries, and to otherwise use the bytecode
interpreter for ClamAV bytecode signatures. To use the LLVM Just-In-Time
compiler for executing bytecode signatures, please ensure that the LLVM
development package at version 3.6 or lower is installed. Using the deprecated
LLVM code is possible with the command: `./configure --with-system-llvm=no`, but
it no longer compiles on all platforms. * Compute and check PE import table
hash (a.k.a. "imphash") signatures. * Support file property collection and
analysis for MHTML files. * Raw scanning of PostScript files. * Fix
clamsubmit to use the new virus and false positive submission web interface. *
Optionally, flag files with the virus "Heuristic.Limits.Exceeded" when size
limitations are exceeded. * Improved decoders for PDF files. * Reduced
number of compile time warnings. * Improved support for C++11. * Improved
detection of system installed libraries. * Fixes to ClamAV's Container system
and the introduction of Intermediates for more descriptive signatures. *
Improvements to clamd's On-Access scanning capabilities for Linux.
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 28 2018 Robert Scheck <robert(a)fedoraproject.org> - 0.100.0-1
- Upgrade to 0.100.0 (#1565381)
* Wed Mar 21 2018 S��rgio Basto <sergio(a)serjux.com> - 0.99.4-3
- Fix data-empty sub-package (ghost the correct files)
- Add Obsoletes systemd sub-packages
* Mon Mar 12 2018 S��rgio Basto <sergio(a)serjux.com> - 0.99.4-2
- Revert fix for llvm, build using -std=gnu++98 (#1307378)
- Revert CFLAG assignment in commmit a4a6d252 (made in 2006)
- BR systemd-devel to fix detection in configure.
- Disable llvm in ppc64 (#1534071)
- "Disable llvm will use the internal bytecode interpreter rather than the llvm
jit", so drop bytecode build condition and use condional on enable or disable
llvm.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1526628 - please backport OnAccessExcludeRootUID from clamav-master
https://bugzilla.redhat.com/show_bug.cgi?id=1526628
[ 2 ] Bug #1565381 - clamav-0.100.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1565381
[ 3 ] Bug #1579829 - clamav-0.100.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1579829
[ 4 ] Bug #1540113 - Database format inconsistency cvd vs cld
https://bugzilla.redhat.com/show_bug.cgi?id=1540113
--------------------------------------------------------------------------------
================================================================================
fedfind-4.1.3-1.el7 (FEDORA-EPEL-2018-4cdfc69de4)
Fedora compose and image finder
--------------------------------------------------------------------------------
Update Information:
This update fixes a couple of issues in handling of the [semi-official live
respin](https://dl.fedoraproject.org/pub/alt/live-respins/) releases, which
prevented openQA from testing them. It also updates fedfind for an unexpected
move of the Docker and Cloud nightly composes by release engineering.
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 28 2018 Adam Williamson <awilliam(a)redhat.com> - 4.1.3-1
- New release 4.1.3: handle unexpected nightly compose move
* Mon May 21 2018 Adam Williamson <awilliam(a)redhat.com> - 4.1.2-1
- New release 4.1.2: fixes for live-respins releases
--------------------------------------------------------------------------------
================================================================================
phototonic-1.7.20-3.el7 (FEDORA-EPEL-2018-29e33813de)
Image viewer and organizer
--------------------------------------------------------------------------------
Update Information:
Rebuilt for libexiv2 soname bump
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 29 2018 Michael Cullen <michael(a)cullen-online.com> - 1.7.20-3
- Rebuilt for #1578519
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1578519 - Needs rebuild for RHEL 7.5
https://bugzilla.redhat.com/show_bug.cgi?id=1578519
--------------------------------------------------------------------------------
================================================================================
php-scssphp-0.7.6-1.el7 (FEDORA-EPEL-2018-b9cb412ebd)
A compiler for SCSS written in PHP
--------------------------------------------------------------------------------
Update Information:
## v0.7.6 ### Bug Fixes: * mix() alpha fix * transparentize() alpha sensitive
to locale * notices when compiling UIKit ### Enhancements * faster parsing for
base64 data: url()s
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 28 2018 Shawn Iwinski <shawn.iwinski(a)gmail.com> - 0.7.6-1
- Update to 0.7.6 (RHBZ #1582167)
- Add composer.json to repo
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1582167 - php-scssphp-0.7.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1582167
--------------------------------------------------------------------------------