Fedora EPEL 7 updates-testing report - epel-devel - Fedora mailing-lists

3 Mar 2018


      The following Fedora EPEL 7 Security updates need testing:
 Age  URL
 1090  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087   dokuwiki-0-0.24.20140929c.el7
 853  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f   mcollective-2.8.4-1.el7
 435  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d   libbsd-0.8.3-1.el7
 332  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe   mod_cluster-1.3.3-10.el7
 164  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e27758bd23   libmspack-0.6-0.1.alpha.el7
 101  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e64eeb6ece   nagios-4.3.4-5.el7
  51  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-73ee944e65   rootsh-1.5.3-17.el7
  25  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-7134fc92a1   jhead-3.00-7.el7
  13  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-276ec6ee2b   exim-4.90.1-2.el7
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-e50c94a832   seamonkey-2.49.2-2.el7
  11  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-525417d3d4   mbedtls-2.7.0-1.el7
  11  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-cee77fc9b3   knot-resolver-2.1.0-1.el7
  10  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-b7a74678b1   openjpeg2-2.3.0-6.el7
  10  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-50566f0a39   uwsgi-2.0.16-1.el7
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-0296296d7c   mingw-wavpack-5.1.0-4.el7
   8  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-9111777f91   freexl-1.0.5-1.el7
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3e70a38ad4   drupal7-7.57-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
ProDy-1.9.4-0.1.el7
    clamav-0.99.4-1.el7
    tor-0.2.9.15-1.el7
Details about builds:
================================================================================
 ProDy-1.9.4-0.1.el7 (FEDORA-EPEL-2018-aa1ae8a715)
 Application for protein structure, dynamics and sequence analysis
--------------------------------------------------------------------------------
Update Information:
- Pre-release 1.9.4
--------------------------------------------------------------------------------
================================================================================
 clamav-0.99.4-1.el7 (FEDORA-EPEL-2018-aacf1b47d6)
 End-user tools for the Clam Antivirus scanner
--------------------------------------------------------------------------------
Update Information:
Update to 0.99.4  0.99.4 addresses a few outstanding vulnerability bugs.  It
includes fixes for:  -    CVE-2012-6706 -    CVE-2017-6419 -    CVE-2017-11423
-    CVE-2018-1000085    There are also a few bug fixes that were not assigned
CVE���s, but were important enough to address while we had the chance.  One of
these was the notorious file descriptor exhaustion bug that caused outages late
last January.  In addition to the above, 0.99.4 fixes:  -    CVE-2018-0202: Two
newly reported vulnerabilities in the PDF parsing code.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1549071 - CVE-2018-1000085 clamav: Out-of-bounds heap read in XAR parser [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1549071
  [ 2 ] Bug #1550747 - clamav-0.99.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1550747
--------------------------------------------------------------------------------
================================================================================
 tor-0.2.9.15-1.el7 (FEDORA-EPEL-2018-815e0064e9)
 Anonymizing overlay network for TCP
--------------------------------------------------------------------------------
Update Information:
Update to latest version. Security-Fixes TROVE-2018-001, TROVE-2018-002,
--------------------------------------------------------------------------------