The following Fedora EPEL 7 Security updates need testing:
Age URL
996
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
758
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f
mcollective-2.8.4-1.el7
340
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d
libbsd-0.8.3-1.el7
238
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe
mod_cluster-1.3.3-10.el7
235
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7ecb12e378
python-XStatic-jquery-ui-1.12.0.1-1.el7
70
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e27758bd23
libmspack-0.6-0.1.alpha.el7
67
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-52b8147c68
openvpn-auth-ldap-2.0.3-15.el7
22
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-30026fdcc1
hostapd-2.6-6.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-829397958a
mrbs-1.7.0-1.el7
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-06922f06d0
cacti-1.1.28-1.el7
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e64eeb6ece
nagios-4.3.4-5.el7
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-a88ecb7bf3
moodle-3.1.9-1.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-9f0944d17e
xrdp-0.9.4-2.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-aa566558a0
exim-4.89-3.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
R-Rcpp-0.12.14-1.el7
cinnamon-3.6.6-9.el7
clamav-0.99.2-13.el7
distgen-0.20-1.el7
exim-4.89-3.el7
lightdm-1.25.0-1.el7
nmh-1.7-2.el7
par2cmdline-0.7.4-1.el7
php-cs-fixer-2.2.12-1.el7
php-horde-Horde-Core-2.31.1-1.el7
python-pyngus-2.2.1-2.el7
qpid-cpp-1.36.0-2.el7
qpid-dispatch-1.0.0-1.el7
qpid-proton-0.18.1-1.el7
rubygem-qpid_proton-0.18.1-1.el7
youtube-dl-2017.11.15-1.el7
Details about builds:
================================================================================
R-Rcpp-0.12.14-1.el7 (FEDORA-EPEL-2017-1f7b54bd0a)
Seamless R and C++ Integration
--------------------------------------------------------------------------------
Update Information:
Changes in Rcpp version 0.12.14 (2017-11-17) * Changes in Rcpp API: * * New
const iterators functions cbegin() and cend() added to MatrixRow as well (Dan
Dillon in #750). * * The Rostream object now contains a Buffer rather than
allocating one (Kirill M��ller in #763). * * New DateVector and DatetimeVector
classes are now the default fully deprecating the old classes as announced one
year ago. * Changes in Rcpp Package: * * DESCRIPTION file now list doi
information per CRAN suggestion. * Changes in Rcpp Documentation: * * Update
CITATION file with doi information and PeerJ preprint.
--------------------------------------------------------------------------------
================================================================================
cinnamon-3.6.6-9.el7 (FEDORA-EPEL-2017-4a5340d3bb)
Window management and application launching for GNOME
--------------------------------------------------------------------------------
Update Information:
- Switch to libnm on all Fedora releases and EPEL7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1413610 - Don't use NetworkManager-glib
https://bugzilla.redhat.com/show_bug.cgi?id=1413610
--------------------------------------------------------------------------------
================================================================================
clamav-0.99.2-13.el7 (FEDORA-EPEL-2017-a8b7287f0c)
End-user tools for the Clam Antivirus scanner
--------------------------------------------------------------------------------
Update Information:
- Backported upstream patch to unbreak e2guardian vs. temp files
--------------------------------------------------------------------------------
================================================================================
distgen-0.20-1.el7 (FEDORA-EPEL-2017-fab045e3b8)
Templating system/generator for distributions
--------------------------------------------------------------------------------
Update Information:
Fully backwards compatible release of distgen that fixes couple issues and
includes final implementation of spec expansion.
--------------------------------------------------------------------------------
================================================================================
exim-4.89-3.el7 (FEDORA-EPEL-2017-aa566558a0)
The exim mail transfer agent
--------------------------------------------------------------------------------
Update Information:
This is an update fixing use-after-free (CVE-2017-16943).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1517566 - Exim: remote code execution if chunking is enabled
(CVE-2017-16943)
https://bugzilla.redhat.com/show_bug.cgi?id=1517566
--------------------------------------------------------------------------------
================================================================================
lightdm-1.25.0-1.el7 (FEDORA-EPEL-2017-600dc551e3)
A cross-desktop Display Manager
--------------------------------------------------------------------------------
Update Information:
## lightdm-1.25.0 - Enable smooth transition from plymouth to the greeter -
Enable coredumps from Xserver - Change source url to github - Explicitly require
a greeter - Enable explicit internal Requires
--------------------------------------------------------------------------------
================================================================================
nmh-1.7-2.el7 (FEDORA-EPEL-2017-5583e57fe0)
A capable MIME-email-handling system with a command-line interface
--------------------------------------------------------------------------------
Update Information:
Removed configure --sysconfdir to fix /etc/nmh/ install dir. ---- Update nmh
to 1.7
--------------------------------------------------------------------------------
================================================================================
par2cmdline-0.7.4-1.el7 (FEDORA-EPEL-2017-53938300a9)
PAR 2.0 compatible file verification and repair tool
--------------------------------------------------------------------------------
Update Information:
Most notable changes are: - Multithreading support has been merged upstream
(previously, it was only a patch in the package). One can use the `-t` argument
to set the number of threads. - Added `-B` argument which allows one to set the
base path to use for data files. For more details, see:
https://github.com/Parchive/par2cmdline/blob/v0.7.4/ChangeLog.
--------------------------------------------------------------------------------
================================================================================
php-cs-fixer-2.2.12-1.el7 (FEDORA-EPEL-2017-d4bb2034e7)
A tool to automatically fix PHP code style
--------------------------------------------------------------------------------
Update Information:
**Changelog for v2.2.12** * bug #3173 SimplifiedNullReturnFixer - handle
nullable return types (Slamdunk) * bug #3272 PhpdocTrimFixer - unicode support
(SpacePossum) ---- **Changelog for v2.2.11** * bug #3225 PhpdocTrimFixer -
Fix handling of lines without leading asterisk (julienfalque) * bug #3262
ToolInfo - support installation by branch as well (keradus) * bug #3266
PhpUnitConstructFixer - multiple asserts bug (kubawerlos) * minor #3239 Improve
contributing guide and issue template (julienfalque) * minor #3246 Make ToolInfo
methods non-static (julienfalque) * minor #3250 Travis: fail early, spare
resources, save the Earth (Slamdunk, keradus) * minor #3251 Create Title for
config file docs section (IanEdington) * minor #3254
AutoReview/FixerFactoryTest::testFixersPriority: verbose assertion message
(Slamdunk) ---- **Changelog for v2.2.10** * bug #3199 TokensAnalyzer -
getClassyElements (SpacePossum) * bug #3208 BracesFixer - Fix for instantiation
in control structures (julienfalque, SpacePossum) * bug #3215
BinaryOperatorSpacesFixer - Fix spaces around multiple exception catching (|)
(ntzm) * bug #3216 AbstractLinesBeforeNamespaceFixer - add min. and max. option,
not only single target count (SpacePossum) * bug #3217 TokenizerLinter - fix
lack of linting when code is cached (SpacePossum, keradus) * minor #3200 Skip
slow test when Xdebug is loaded (julienfalque) * minor #3219 Normalise
references to GitHub in docs (ntzm) * minor #3226 Remove unused imports (ntzm) *
minor #3231 Fix typos (ntzm) * minor #3234 Simplify Cache\Signature::equals
(ntzm) * minor #3237 UnconfigurableFixer - use only LF (keradus) * minor #3238
AbstractFixerTest - fix @cover annotation (keradus) ---- **Changelog for
v2.2.9** * bug #3062 BraceClassInstantiationTransformer - Fix instantiation
inside method call braces case (julienfalque, keradus) * bug #3083
SingleBlankLineBeforeNamespaceFixer - Fix handling namespace right after opening
tag (mlocati) * bug #3109 SwitchCaseSemicolonToColonFixer - Fix bug with nested
constructs (SpacePossum) * bug #3123 Cache - File permissions (SpacePossum) *
bug #3172 IndentationTypeFixer - do not touch whitespace that is not indentation
(SpacePossum) * bug #3176 NoMultilineWhitespaceBeforeSemicolonsFixer -
SpaceAfterSemicolonFixer - priority fix (SpacePossum) * bug #3193
TokensAnalyzer::getClassyElements - sort result before returning (SpacePossum) *
bug #3196 SelfUpdateCommand - fix exit status when can't determine newest
version (julienfalque) * minor #3107 ConfigurationResolver - improve error
message when rule is not found (SpacePossum) * minor #3113 Add WordMatcher
(keradus) * minor #3133 Unify Reporter tests (keradus) * minor #3134 Allow
Symfony 4 (keradus, garak) * minor #3136 PHPUnit - call hooks from parent class
as well (keradus) * minor #3145 misc - Typo (localheinz) * minor #3150 Fix
CircleCI (julienfalque) * minor #3151 Update gitattributes to ignore next file
(keradus) * minor #3156 Update php-coveralls (keradus) * minor #3166 README -
add link to new gitter channel. (SpacePossum) * minor #3174 Update UPGRADE.md
(vitek-rostislav) * minor #3180 Fix usage of static variables (kubawerlos) *
minor #3184 Code grooming - sort content of arrays (keradus) * minor #3191
Travis - add nightly build to allow_failures due to Travis issues (keradus) *
minor #3197 DX groom CS (keradus)
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Core-2.31.1-1.el7 (FEDORA-EPEL-2017-6d4ca1ae25)
Horde Core Framework libraries
--------------------------------------------------------------------------------
Update Information:
**Horde_Core 2.31.1** * [mjr] Fix setting and semantic meaning of the
"oofstate" property when returning Out of Office data to EAS clients. * [mjr]
Detect if the failure was due to trying to delete a special mailbox (Bug
#14732).
--------------------------------------------------------------------------------
================================================================================
python-pyngus-2.2.1-2.el7 (FEDORA-EPEL-2017-11f622b333)
Callback API implemented over Proton
--------------------------------------------------------------------------------
Update Information:
Rebuilt against qpid-proton 0.18.1.
--------------------------------------------------------------------------------
================================================================================
qpid-cpp-1.36.0-2.el7 (FEDORA-EPEL-2017-db05806b64)
Libraries for Qpid C++ client applications
--------------------------------------------------------------------------------
Update Information:
Rebuilt against qpid-proton 0.18.1.
--------------------------------------------------------------------------------
================================================================================
qpid-dispatch-1.0.0-1.el7 (FEDORA-EPEL-2017-e5383bcdd8)
Dispatch router for Qpid
--------------------------------------------------------------------------------
Update Information:
Rebased to 1.0.0.
--------------------------------------------------------------------------------
================================================================================
qpid-proton-0.18.1-1.el7 (FEDORA-EPEL-2017-2f3343f663)
A high performance, lightweight messaging library
--------------------------------------------------------------------------------
Update Information:
Rebased to 0.18.1.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1504158 - qpid-proton-c is missing fd leak plug patch causing goferd to
eventually fail
https://bugzilla.redhat.com/show_bug.cgi?id=1504158
--------------------------------------------------------------------------------
================================================================================
rubygem-qpid_proton-0.18.1-1.el7 (FEDORA-EPEL-2017-e582cac02c)
Ruby language bindings for the Qpid Proton messaging framework
--------------------------------------------------------------------------------
Update Information:
Rebased to 0.18.1.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1508236 - rubygem-qpid_proton-0.18.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1508236
--------------------------------------------------------------------------------
================================================================================
youtube-dl-2017.11.15-1.el7 (FEDORA-EPEL-2017-25735a8704)
A small command-line program to download online videos
--------------------------------------------------------------------------------
Update Information:
Update to the latest upstream release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1513218 - youtube-dl-2017.11.15 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1513218
--------------------------------------------------------------------------------