The following Fedora EPEL 7 Security updates need testing:
Age URL
365
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d
condor-8.6.11-1.el7
141
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-d2c1368294
cinnamon-3.6.7-5.el7
107
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80
python-gnupg-0.4.4-1.el7
105
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b
bubblewrap-0.3.3-2.el7
41
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-12067fc897
dosbox-0.74.3-2.el7
34
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-487a6fb279
knot-2.8.2-1.el7 knot-resolver-4.1.0-1.el7
34
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-aabd063c30
squirrelmail-1.4.23-1.el7.20190710
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-44d26d23ea
upx-3.95-4.el7
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-b6948289f0
pdns-4.1.11-1.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-ad7b11b384
igraph-0.7.1-12.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-643d621522
jhead-3.03-4.el7
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-4e6da66b9f
python-django-1.11.23-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-5f75a76f4e
kf5-kconfig-5.52.0-1.el7.1
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-aa84623a4e
libmspack-0.5-0.0.7.alpha.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-26e64681f6
hostapd-2.9-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
R-Rcpp-1.0.2-1.el7
ansible-2.8.3-1.el7
clustershell-1.8.2-1.el7
js-jsroot-5.7.1-1.el7
libmodulemd2-2.7.0-1.el7
nfdump-1.6.18-1.el7
procenv-0.51-1.el7
pyotherside-1.5.8-1.el7
python-bitstring-3.1.6-1.el7
python-regex-2019.06.08-1.el7
python-requests-gssapi-1.1.0-2.el7
python3-Cython-0.28.5-1.el7
xe-guest-utilities-7.12.0-2.el7
Details about builds:
================================================================================
R-Rcpp-1.0.2-1.el7 (FEDORA-EPEL-2019-af2baf070c)
Seamless R and C++ Integration
--------------------------------------------------------------------------------
Update Information:
Rcpp version 1.0.2
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 13 2019 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 1.0.2-1
- Update to 1.0.2
* Mon Aug 12 2019 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 1.0.1-5
- rebuilt
* Mon Aug 12 2019 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 1.0.1-4
- Remove explicit dependencies provided by automatic dependency generator
* Mon Aug 12 2019 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 1.0.1-3
- Rebuild with automatic Provides
* Wed Jul 24 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1740462 - Please update it to 1.0.2
https://bugzilla.redhat.com/show_bug.cgi?id=1740462
--------------------------------------------------------------------------------
================================================================================
ansible-2.8.3-1.el7 (FEDORA-EPEL-2019-208fd8c2d3)
SSH-based configuration management, deployment, and task execution system
--------------------------------------------------------------------------------
Update Information:
New 2.8.3 upstream bugfix release.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 25 2019 Kevin Fenzi <kevin(a)scrye.com> - 2.8.3-1
- Update to 2.8.3.
* Wed Jul 24 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.8.2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
clustershell-1.8.2-1.el7 (FEDORA-EPEL-2019-b79c4ead42)
Python framework for efficient cluster administration
--------------------------------------------------------------------------------
Update Information:
Update to upstream version 1.8.2 that contains minor fixes. More info at
https://clustershell.readthedocs.io/en/v1.8.2/release.html
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 12 2019 Stephane Thiell <sthiell(a)stanford.edu> 1.8.2-1
- update to 1.8.2
--------------------------------------------------------------------------------
================================================================================
js-jsroot-5.7.1-1.el7 (FEDORA-EPEL-2019-dc617b8e94)
JavaScript ROOT - Interactive numerical data analysis graphics
--------------------------------------------------------------------------------
Update Information:
jsroot 5.7.1.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 14 2019 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 5.7.1-1
- Update to version 5.7.1
* Thu Jul 25 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 5.7.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
libmodulemd2-2.7.0-1.el7 (FEDORA-EPEL-2019-c65d85f3f2)
Module metadata manipulation library
--------------------------------------------------------------------------------
Update Information:
Update to libmodulemd 2.7.0 Add support for the `buildroot` and `srpm-
buildroot` options to RPM Components Many doc updates
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 15 2019 Stephen Gallagher <sgallagh(a)redhat.com> - 2.7.0-1
- Update to 2.7.0
- Add support for 'buildroot' and 'srpm-buildroot' arguments to
components
--------------------------------------------------------------------------------
================================================================================
nfdump-1.6.18-1.el7 (FEDORA-EPEL-2019-6e2a2d877a)
NetFlow collecting and processing tools
--------------------------------------------------------------------------------
Update Information:
2019-08-14 - Fix compile issues - Fix output buffer size for
lzo1x_decompress_safe() 2019-08-07 - Fix VerifyExtensionMap #179 2019-08-06
- Fix compile errors 2019-08-05 - Fix nfdump.1 man page. #175 - Fix off by 1
array. #173 - Fix use after free in ModifyCompressFile - Add bound checks in
AddExporterStat #174 - Add bound checks in AddSamplerInfo #176 - Add bound
checks in AddExporterInfo - Fix checks in InsertExtensionMap #177 - Remove
COMPAT15 code - should no longer be needed. - Move version to v1.6.18 - Merge
pull request #167 - Cleanup old code - Replace depricated pcap_lookupdev call in
nfpcapd 2019-07-31 - Add early record size sanity check also for nfprofile,
nfanon and nfreplay 2019-07-26 - nfpcapd cleanup, add some more monitoring -
Fix hbo_exporter.c:249_1 segfault - Fix hbo_nffile_inline.c:85_1 segfault - Fix
hbo_nfx.c:216_3 segfault - Update minilzo to v2.10 - Change to safe lzo
decompress function 2019-07-25 - Rework nfpcapd and add it officially to the
nfdump collection. - Add nfpcapd man page - Fix potential unsigned integer
underflow #171 2019-07-16 - Add latency extension if dumping flowcache
2019-07-15 - Fix typos - Fix exporter struct inconsistancies. Coredump on ARM
otherwise. 2019-07-02 - Add ipfix element #150, #151 unix time start/end - Fix
display bug raw record 2019-06-01 - Add ipfix dyn element handling. - Add
empty m4 directory - keep autoconf happy 2019-06-01 - Fix issue #162 - ipfix
mpls sequece. - Fix issue #156 - print flowtable index error 2019-03-17 - Fix
spec file - Remove non thread safe logging in nfpcapd 2018-11-24 - Fix
protocol tag for protocol 87 - TCF - #130 - Add TCP flags ECN,CVR - #132 - Fix
some error messages to be printed to the correct stream #135 - Add missing -M
command line help to nfcapd - Remove padding byte warning in log #141 - Fix bug
to accept -y compression flag in nfcapd. - #145 2018-06-24 - Fix bookkeeper
type - use key_t - Add multiple packet repeaters to nfcapd/sfcapd. Up to 8
repeaters (-R) can be defined. - Ignore OSX .DS_Store files in -R file list -
Add CISCO ASA elements initiatorPackets (298) responderPackets (299) - Merge
#120 pull request for -z parameter to nfreplay - Update man page nfreplay
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 14 2019 Denis Fateyev <denis(a)fateyev.com> - 1.6.18-1
- Update to version 1.6.18
* Thu Jul 25 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.6.17-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.6.17-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.6.17-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1735649 - CVE-2019-14459 nfdump: integer overflow in function
Process_ipfix_template_withdraw in ipfix.c leads to denial of service [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1735649
[ 2 ] Bug #1735555 - CVE-2019-1010057 nfdump: buffer overflow in nfx.c, nffile_inline.c
and minilzo.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1735555
[ 3 ] Bug #1735648 - CVE-2019-14459 nfdump: integer overflow in function
Process_ipfix_template_withdraw in ipfix.c leads to denial of service [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1735648
[ 4 ] Bug #1735554 - CVE-2019-1010057 nfdump: buffer overflow in nfx.c, nffile_inline.c
and minilzo.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1735554
--------------------------------------------------------------------------------
================================================================================
procenv-0.51-1.el7 (FEDORA-EPEL-2019-c5bd2bea68)
Utility to show process environment
--------------------------------------------------------------------------------
Update Information:
New version
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 14 2019 Dave love <loveshack(a)fedoraproject.org> - 0.51-1
- New version; drop patch
* Fri Jul 26 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.50-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.50-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Mon Jan 21 2019 Dave Love <loveshack(a)fedoraproject.org> - 0.50-4
- Patch to fix failure with gcc 9
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.50-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Feb 9 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.50-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Oct 25 2017 Dave Love <loveshack(a)fedoraproject.org> - 0.50-1
- New version
- Remove el5-isms
* Thu Aug 3 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.49-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Thu Jul 27 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.49-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Wed Feb 22 2017 Dave Love <loveshack(a)fedoraproject.org> - 0.49-2
- Bump to rebuild after failed mass rebuild
* Mon Feb 13 2017 Dave Love <loveshack(a)fedoraproject.org> - 0.49-1
- New version
* Sat Feb 11 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.46-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Wed Jun 1 2016 Dave Love <loveshack(a)fedoraproject.org> - 0.46-1
- New version
- Remove fedora guard in %check
- Don't distribute ChangeLog
* Tue Mar 22 2016 Dave Love <loveshack(a)fedoraproject.org> - 0.45-1
- New version
--------------------------------------------------------------------------------
================================================================================
pyotherside-1.5.8-1.el7 (FEDORA-EPEL-2019-f0ae0397cc)
Asynchronous Python 3 Bindings for Qt 5
--------------------------------------------------------------------------------
Update Information:
- Update to 1.5.8 - Rebuild with qt 5.9.7 from RHEL 7.7
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 14 2019 Orion Poplawski <orion(a)nwra.com> - 1.5.8-1
- Update to 1.5.8
- Rebuild with qt 5.9.7 from RHEL 7.7
--------------------------------------------------------------------------------
================================================================================
python-bitstring-3.1.6-1.el7 (FEDORA-EPEL-2019-a9ff59af14)
Simple construction, analysis and modification of binary data
--------------------------------------------------------------------------------
Update Information:
Update to 3.1.6. This is described as a "maintenance release" upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 9 2019 Scott K Logan <logans(a)cottsay.net> - 3.1.6-1
- Update to 3.1.6
- Introduce Python 3 subpackage in EPEL
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.1.5-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Oct 17 2018 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 3.1.5-7
- Subpackage python2-bitstring has been removed
See
https://fedoraproject.org/wiki/Changes/Mass_Python_2_Package_Removal
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.1.5-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 3.1.5-5
- Rebuilt for Python 3.7
* Sun Feb 11 2018 Iryna Shcherbina <ishcherb(a)redhat.com> - 3.1.5-4
- Update Python 2 dependency declarations to new packaging standards
(See
https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
* Fri Feb 9 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.1.5-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Thu Jul 27 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.1.5-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1728037 - python-bitstring-3.1.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1728037
--------------------------------------------------------------------------------
================================================================================
python-regex-2019.06.08-1.el7 (FEDORA-EPEL-2019-a58aca7bc8)
Alternative regular expression module, to replace re
--------------------------------------------------------------------------------
Update Information:
Update to the latest released version.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 14 2019 Thomas Moschny <thomas.moschny(a)gmx.de> - 2019.06.08-1
- Update to 2019.06.08.
--------------------------------------------------------------------------------
================================================================================
python-requests-gssapi-1.1.0-2.el7 (FEDORA-EPEL-2019-cc803f7522)
A GSSAPI/SPNEGO authentication handler for python-requests
--------------------------------------------------------------------------------
Update Information:
- python3 version (woo) - Update to 1.1.0
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 12 2019 Robbie Harwood <rharwood(a)redhat.com> - 1.1.0-2
- Actually enable python3 (bcond is hard...)
* Tue May 21 2019 Robbie Harwood <rharwood(a)redhat.com> - 1.1.0-1
- New upstream release (1.1.0)
- Enable (both) python3 for EPEL-7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1739285 - RFE: requests-gssapi for EPEL7's python3
https://bugzilla.redhat.com/show_bug.cgi?id=1739285
--------------------------------------------------------------------------------
================================================================================
python3-Cython-0.28.5-1.el7 (FEDORA-EPEL-2019-dbc3ee7837)
A language for writing Python 3 extension modules
--------------------------------------------------------------------------------
Update Information:
- Update to 0.28.5 - Build python36-Cython
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 11 2019 Orion Poplawski <orion(a)nwra.com> - 0.28.5-1
- Update to 0.28.5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1597644 - Please build python36-Cython
https://bugzilla.redhat.com/show_bug.cgi?id=1597644
--------------------------------------------------------------------------------
================================================================================
xe-guest-utilities-7.12.0-2.el7 (FEDORA-EPEL-2019-1840b60501)
XAPI Virtual Machine Monitoring Scripts
--------------------------------------------------------------------------------
Update Information:
- Re-enable the service if it was enabled in sysv mode - Follow upstream to
enable net.ipv4.conf.all.arp_notify
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 14 2019 Robin Lee <cheeselee(a)fedoraproject.org> - 7.12.0-2
- Re-enable the service if it was enabled in sysv mode
- Follow upstream to enable net.ipv4.conf.all.arp_notify
* Sat Jul 27 2019 Fedora Release Engineering <releng(a)fedoraproject.org> -
7.12.0-1.1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
--------------------------------------------------------------------------------