The following Fedora EPEL 7 Security updates need testing:
Age URL
757
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
519
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f
mcollective-2.8.4-1.el7
221
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8f4ff76b3
chicken-4.11.0-3.el7
101
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d
libbsd-0.8.3-1.el7
18
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-05ac8b1dc4
php-onelogin-php-saml-2.10.5-1.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-3d518cd4b9
libgit2-0.24.6-1.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5794ee2486
moodle-3.1.5-1.el7
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7e4f45cad3
tcpreplay-4.2.1-1.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e9e451db03
chromium-57.0.2987.133-1.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-99c7c2f382
xorgxrdp-0.2.1-1.el7 xrdp-0.9.2-2.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
distribution-gpg-keys-1.11-1.el7
engauge-digitizer-10.0-1.el7
flrig-1.3.30-1.el7
gfal2-2.13.3-1.el7
gfal2-python-1.9.2-1.el7
jdeparser-2.0.0-3.el7
mate-icon-theme-1.16.1-1.el7
nghttp2-1.21.0-1.el7
openvpn-2.4.1-2.el7
pcre2-10.21-17.el7
php-container-interop-1.2.0-3.el7
php-horde-Horde-Form-2.0.17-1.el7
php-react-dns-0.4.7-1.el7
pylint-1.6.5-3.el7
python-jedi-0.10.0-1.el7
python-mccabe-0.6.1-2.el7
w3m-0.5.3-31.git20170102.el7
xorgxrdp-0.2.1-1.el7
xrdp-0.9.2-2.el7
Details about builds:
================================================================================
distribution-gpg-keys-1.11-1.el7 (FEDORA-EPEL-2017-386e91ccd2)
GPG keys of various Linux distributions
--------------------------------------------------------------------------------
Update Information:
Updated Copr keys and rpmfusion keys.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1438302 - distribution-gpg-keys please add rpmfusion keys for f26/f27 for
free and nonfree sections
https://bugzilla.redhat.com/show_bug.cgi?id=1438302
--------------------------------------------------------------------------------
================================================================================
engauge-digitizer-10.0-1.el7 (FEDORA-EPEL-2017-d09e34f075)
Convert graphs or map files into numbers
--------------------------------------------------------------------------------
Update Information:
- Update to 10.0
--------------------------------------------------------------------------------
================================================================================
flrig-1.3.30-1.el7 (FEDORA-EPEL-2017-0cdd61b3b8)
Transceiver control program
--------------------------------------------------------------------------------
Update Information:
Recent changes to FT817ND back end adversely effected both FT857D and FT897D
transceivers which had a class dependency to the FT817ND.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1436891 - flrig-1.3.30 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1436891
--------------------------------------------------------------------------------
================================================================================
gfal2-2.13.3-1.el7 (FEDORA-EPEL-2017-c019168ed1)
Grid file access library 2.0
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
================================================================================
gfal2-python-1.9.2-1.el7 (FEDORA-EPEL-2017-7967eacea2)
Python bindings for gfal 2
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
================================================================================
jdeparser-2.0.0-3.el7 (FEDORA-EPEL-2017-1328d5af46)
Source generator library for Java
--------------------------------------------------------------------------------
Update Information:
Diamond operator support requires -source 1.7
--------------------------------------------------------------------------------
================================================================================
mate-icon-theme-1.16.1-1.el7 (FEDORA-EPEL-2017-b95a962351)
Icon theme for MATE Desktop
--------------------------------------------------------------------------------
Update Information:
- update to 1.18.1 release - added nation iso flags
--------------------------------------------------------------------------------
================================================================================
nghttp2-1.21.0-1.el7 (FEDORA-EPEL-2017-79b07b72fa)
Experimental HTTP/2 client, server and proxy
--------------------------------------------------------------------------------
Update Information:
- update to the latest upstream release (#1438364) - package systemd unit file
(#1426929)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1426929 - nghttp2: package systemd unit file
https://bugzilla.redhat.com/show_bug.cgi?id=1426929
[ 2 ] Bug #1438364 - Please update to version 1.21.0
https://bugzilla.redhat.com/show_bug.cgi?id=1438364
--------------------------------------------------------------------------------
================================================================================
openvpn-2.4.1-2.el7 (FEDORA-EPEL-2017-5c642f8063)
A full-featured SSL VPN solution
--------------------------------------------------------------------------------
Update Information:
Updating to upstream OpenVPN v2.4.1. This update re-introduces a **DEPRECATED**
feature to, **--tls-remote** to enable v2.3 installations to upgrade. Users are
**STRONGLY** encouraged to update their configurations to use the newer option,
**--verify-x509-name**. This also adds two new unit files (openvpn-
server@.service and openvpn-client@.service) which will replace the deprecated
openvpn@.service. See the packaged **README.systemd** for more information The
deprecated openvpn@.service unit file have also been updated to make use of
OpenVPN v2.4's improved systemd integration, removing the need for PID files.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1435036 - openvpn-2.4.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1435036
[ 2 ] Bug #850257 - Introduce new systemd-rpm macros in openvpn spec file
https://bugzilla.redhat.com/show_bug.cgi?id=850257
[ 3 ] Bug #1435831 - openvpn@.service uses --daemon and --writepid
https://bugzilla.redhat.com/show_bug.cgi?id=1435831
--------------------------------------------------------------------------------
================================================================================
pcre2-10.21-17.el7 (FEDORA-EPEL-2017-2e995fb79d)
Perl-compatible regular expression library
--------------------------------------------------------------------------------
Update Information:
This release fixes DFA magch for a possessively repeated character class and a
memory allocator from the pattern if no context is supplied to pcre2_match().
---- This release closes serialization file in pcre2test after any error and it
fixes a potential NULL dereference in pcre2_callout_enumerate() if called with a
NULL pattern pointer when Unicode support is available. ---- This release
fixes a pcre2test bug for global match with zero terminated subject.
--------------------------------------------------------------------------------
================================================================================
php-container-interop-1.2.0-3.el7 (FEDORA-EPEL-2017-6ebeae329c)
Promoting the interoperability of container objects (DIC, SL, etc.)
--------------------------------------------------------------------------------
Update Information:
## 1.2.0 This release deprecates container-interop in favor of PSR-11 which
becomes the official container-interop successor. Container-interop interfaces
now extend the PSR-11 interfaces, in order to smooth transition to PSR-11.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1422487 - php-container-interop-1.2.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1422487
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Form-2.0.17-1.el7 (FEDORA-EPEL-2017-fe3be23340)
Horde Form API
--------------------------------------------------------------------------------
Update Information:
**Horde_Form 2.0.17** * [jan] Fix regression when submitting multiple forms
(Bug #14604). ---- **Horde_Form 2.0.16** * [jan] Keep submitted checkboxes
unchecked if they default to be checked.
--------------------------------------------------------------------------------
================================================================================
php-react-dns-0.4.7-1.el7 (FEDORA-EPEL-2017-80fd124fe7)
Async DNS resolver
--------------------------------------------------------------------------------
Update Information:
## 0.4.7 (2017-03-31) * Feature: Forward compatibility with upcoming Socket
v0.6 and v0.7 component (#57 by @clue) ## 0.4.6 (2017-03-11) * Fix: Fix DNS
timeout issues for Windows users and add forward compatibility with Stream
v0.5 and upcoming v0.6 (#53 by @clue) * Improve test suite by adding PHPUnit
to `require-dev` (#54 by @clue) ## 0.4.5 (2017-03-02) * Fix: Ensure we
ignore the case of the answer (#51 by @WyriHaximus) * Feature: Add
`TimeoutExecutor` and simplify internal APIs to allow internal code re-use for
upcoming versions. (#48 and #49 by @clue) ## 0.4.4 (2017-02-13) * Fix: Fix
handling connection and stream errors (#45 by @clue) * Feature: Add examples
and forward compatibility with upcoming Socket v0.5 component (#46 and #47 by
@clue)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1421888 - php-react-dns-0.4.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1421888
--------------------------------------------------------------------------------
================================================================================
pylint-1.6.5-3.el7 (FEDORA-EPEL-2017-dfff212a81)
Analyzes Python code looking for bugs and signs of poor quality
--------------------------------------------------------------------------------
Update Information:
pylint: - Split python2 modules into sub-packages - Make python3 the default
for scripts on Fedora 26+ - Enable python3 build for EPEL - Include python3
-pylint-gui pycache files in gui package (bug #1422609) python-mccabe: -
update to 0.6.1 - ship python2- and python34-mccabe
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1431835 - packaging issues
https://bugzilla.redhat.com/show_bug.cgi?id=1431835
[ 2 ] Bug #1422609 - python3-pylint-gui doesn't contain __pycache__ files
https://bugzilla.redhat.com/show_bug.cgi?id=1422609
[ 3 ] Bug #1433145 - Update to 0.6.1 from master
https://bugzilla.redhat.com/show_bug.cgi?id=1433145
--------------------------------------------------------------------------------
================================================================================
python-jedi-0.10.0-1.el7 (FEDORA-EPEL-2017-f47e5f3e2a)
An auto completion tool for Python that can be used for text editors
--------------------------------------------------------------------------------
Update Information:
initial package for EL6/EL7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1433799 - [python-jedi] build for EPEL 6 and 7
https://bugzilla.redhat.com/show_bug.cgi?id=1433799
--------------------------------------------------------------------------------
================================================================================
python-mccabe-0.6.1-2.el7 (FEDORA-EPEL-2017-dfff212a81)
McCabe complexity checker
--------------------------------------------------------------------------------
Update Information:
pylint: - Split python2 modules into sub-packages - Make python3 the default
for scripts on Fedora 26+ - Enable python3 build for EPEL - Include python3
-pylint-gui pycache files in gui package (bug #1422609) python-mccabe: -
update to 0.6.1 - ship python2- and python34-mccabe
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1431835 - packaging issues
https://bugzilla.redhat.com/show_bug.cgi?id=1431835
[ 2 ] Bug #1422609 - python3-pylint-gui doesn't contain __pycache__ files
https://bugzilla.redhat.com/show_bug.cgi?id=1422609
[ 3 ] Bug #1433145 - Update to 0.6.1 from master
https://bugzilla.redhat.com/show_bug.cgi?id=1433145
--------------------------------------------------------------------------------
================================================================================
w3m-0.5.3-31.git20170102.el7 (FEDORA-EPEL-2017-6e5d8ca61b)
A pager with Web browsing abilities
--------------------------------------------------------------------------------
Update Information:
Add conditional for epel build (Resolves:rh#1437730 - can't access https sites)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1437730 - w3m 0.5.3-30.git20170102.el7 can't access https sites
https://bugzilla.redhat.com/show_bug.cgi?id=1437730
--------------------------------------------------------------------------------
================================================================================
xorgxrdp-0.2.1-1.el7 (FEDORA-EPEL-2017-99c7c2f382)
Implementation of xrdp backend as Xorg modules
--------------------------------------------------------------------------------
Update Information:
New upstream version of xorgxrdp and xrdp: New features in xrdp: - RemoteFX
codec support is now enabled by default. - Bitmap updates support is now enabled
by default. - TLS ciphers suites and version is now logged. - Connected computer
name is now logged. - Switched to Xorg (xorgxrdp) as the default backend now. -
Miscellaneous RemoteFX codec mode improvements. - Socket directory is
configurable at the compile time. Bugfixes in xrdp: - Parallels client for
MacOS / iOS can now connect (audio redirection must be disabled on client or
xrdp server though). - MS RDP client for iOS can now connect using TLS security
layer. - MS RDP client for Android can now connect to xrdp. - Large resolutions
(4K) can be used with RemoteFX graphics. - Multiple RemoteApps can be opened
throguh NeutrinoRDP proxy. - tls_ciphers in xrdp.ini is not limited to 63 chars
anymore, it's variable-length. - Fixed an issue where tls_ciphers were ignored
and rdp security layer could be used instead. - Kill disconnected sessions
feature is working with Xorg (xorgxrdp) backend. - Miscellaneous code cleanup
and memory issues fixes. Rebuild of xrdp requiring both xorgxrdp and tigervnc-
minimal. VNC is still the default.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1433958 - CVE-2017-6967 xrdp: Incorrect placement of auth_start_session()
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1433958
--------------------------------------------------------------------------------
================================================================================
xrdp-0.9.2-2.el7 (FEDORA-EPEL-2017-99c7c2f382)
Open source remote desktop protocol (RDP) server
--------------------------------------------------------------------------------
Update Information:
New upstream version of xorgxrdp and xrdp: New features in xrdp: - RemoteFX
codec support is now enabled by default. - Bitmap updates support is now enabled
by default. - TLS ciphers suites and version is now logged. - Connected computer
name is now logged. - Switched to Xorg (xorgxrdp) as the default backend now. -
Miscellaneous RemoteFX codec mode improvements. - Socket directory is
configurable at the compile time. Bugfixes in xrdp: - Parallels client for
MacOS / iOS can now connect (audio redirection must be disabled on client or
xrdp server though). - MS RDP client for iOS can now connect using TLS security
layer. - MS RDP client for Android can now connect to xrdp. - Large resolutions
(4K) can be used with RemoteFX graphics. - Multiple RemoteApps can be opened
throguh NeutrinoRDP proxy. - tls_ciphers in xrdp.ini is not limited to 63 chars
anymore, it's variable-length. - Fixed an issue where tls_ciphers were ignored
and rdp security layer could be used instead. - Kill disconnected sessions
feature is working with Xorg (xorgxrdp) backend. - Miscellaneous code cleanup
and memory issues fixes. Rebuild of xrdp requiring both xorgxrdp and tigervnc-
minimal. VNC is still the default.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1433958 - CVE-2017-6967 xrdp: Incorrect placement of auth_start_session()
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1433958
--------------------------------------------------------------------------------