The following Fedora EPEL 7 Security updates need testing:
Age URL
58
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3835d39d1a
unrtf-0.21.9-8.el7
52
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-15b7dc35af
pass-1.7.2-1.el7
26
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-d2e0971e9b
uwsgi-2.0.17.1-1.el7
14
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-f19460105c
pam_yubico-2.26-1.el7
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-5b5c4b0050
rust-1.27.2-3.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-f9d6ff695a
bibutils-6.6-1.el7 ghc-hs-bibutils-6.6.0.0-1.el7 pandoc-citeproc-0.3.0.1-4.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-e9a8615099
mbedtls-2.7.5-1.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-52b5b56d0a
seamonkey-2.49.4-2.el7
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-5346e2123a
dpkg-1.18.25-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-4f0963b857
moodle-3.1.13-1.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3f5e90bb2b
libmspack-0.7-0.1.alpha.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-7b6fa936b1
knot-resolver-2.4.1-1.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-38987c542e
cgit-1.1-11.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-aec074825a
thunderbird-enigmail-2.0.8-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
burp-2.1.32-1.el7
golang-github-mattn-shellwords-1.0.3-1.el7
libgit2-0.26.6-1.el7
stlink-1.5.1-0.1.20180802gitae717b9.el7
Details about builds:
================================================================================
burp-2.1.32-1.el7 (FEDORA-EPEL-2018-ee1f68a086)
A network-based backup and restore program
--------------------------------------------------------------------------------
Update Information:
bumped to 2.2.8
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 6 2018 Andrew Niemantsverdriet <andrewniemants(a)gmail.com> - 2.2.8-1
- bumped to 2.2.8
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.4.40-9
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Feb 7 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.4.40-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Sat Jan 20 2018 Bj��rn Esser <besser82(a)fedoraproject.org> - 1.4.40-7
- Rebuilt for switch to libxcrypt
* Wed Aug 2 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.4.40-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.4.40-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Feb 10 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.4.40-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Fri Feb 19 2016 Ralf Cors��pius <corsepiu(a)fedoraproject.org> - 1.4.40-3
- Add burp-1.4.40-narrowing.patch (F24FTBFS, RHBZ#1307363).
* Wed Feb 3 2016 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.4.40-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
golang-github-mattn-shellwords-1.0.3-1.el7 (FEDORA-EPEL-2018-fad0f1185d)
Parse line as shell words
--------------------------------------------------------------------------------
Update Information:
Initial epel7 release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1561369 - fzf would be nice to have in EPEL
https://bugzilla.redhat.com/show_bug.cgi?id=1561369
--------------------------------------------------------------------------------
================================================================================
libgit2-0.26.6-1.el7 (FEDORA-EPEL-2018-0be0127779)
C implementation of the Git core methods as a library with a solid API
--------------------------------------------------------------------------------
Update Information:
This is a security release fixing out-of-bounds reads when processing smart-
protocol "ng" packets. When parsing an "ng" packet, we keep track of
both the
current position as well as the remaining length of the packet itself. But
instead of taking care not to exceed the length, we pass the current pointer's
position to strchr, which will search for a certain character until hitting NUL.
It is thus possible to create a crafted packet which doesn't contain a NUL byte
to trigger an out-of-bounds read. The issue was discovered by the oss-fuzz
project, issue 9406.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 7 2018 Pete Walter <pwalter(a)fedoraproject.org> - 0.26.6-1
- Update to 0.26.6
--------------------------------------------------------------------------------
================================================================================
stlink-1.5.1-0.1.20180802gitae717b9.el7 (FEDORA-EPEL-2018-587a768df5)
STM32 discovery line Linux programmer
--------------------------------------------------------------------------------
Update Information:
Update to latest git version.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 7 2018 Vasiliy N. Glazov <vascom2(a)gmail.com> -
1.5.1-0.1.20180802gitae717b9
- Update to latest git
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.5.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------