The following Fedora EPEL 7 Security updates need testing:
Age URL
166
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-f9d6ff695a
bibutils-6.6-1.el7 ghc-hs-bibutils-6.6.0.0-1.el7 pandoc-citeproc-0.3.0.1-4.el7
149
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d
condor-8.6.11-1.el7
41
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-0346a55d0f
nagios-4.4.2-3.el7
23
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-b6fa6cebc3
game-music-emu-0.6.2-1.el7
20
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-b43fdd19c3
vcftools-0.1.16-1.el7
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-25ef4c914f
tcpreplay-4.3.1-1.el7
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-b96164478d
php-horde-Horde-Image-2.5.4-1.el7
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-6c3fb8b090
chromium-71.0.3578.98-2.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-8e5fe375cf
php-horde-Horde-Form-2.0.19-1.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-01cf520c0b
python-django-1.11.18-1.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-4d365dad3c
gitolite3-3.6.11-1.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-7c5121f71d
golang-1.11.4-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
ShellCheck-0.3.8-1.el7
clamav-0.101.1-1.el7
fernflower-183.5153.8-1.el7
gramps-5.0.1-1.el7
hw-probe-1.4-12.el7
nodejs-6.16.0-1.el7
ocserv-0.12.2-1.el7
php-horde-imp-6.2.23-2.el7
python-bigsuds-1.0.6-6.el7
python-lark-parser-0.6.4-4.el7
python-moksha-hub-1.5.15-2.el7
radare2-3.2.0-1.el7
rpkg-1.57-2.el7
strongswan-5.7.2-1.el7
Details about builds:
================================================================================
ShellCheck-0.3.8-1.el7 (FEDORA-EPEL-2019-996deb4806)
Tool for checking common errors in POSIX shell scripts
--------------------------------------------------------------------------------
Update Information:
Update to 0.3.8 -
https://github.com/koalaman/shellcheck/blob/master/CHANGELOG.md#v038---
2015-06-20
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 9 2019 Jens Petersen <petersen(a)redhat.com> - 0.3.8-1
- update to 0.3.8
--------------------------------------------------------------------------------
================================================================================
clamav-0.101.1-1.el7 (FEDORA-EPEL-2019-95a6047bc6)
End-user tools for the Clam Antivirus scanner
--------------------------------------------------------------------------------
Update Information:
ClamAV 0.101.1 Patch has been released ClamAV 0.101.1 is an urgent patch
release to address an issue in 0.101.0 specifically for developers that depend
on libclamav. The issue in 0.101.0 is that clamav.h required supporting headers
that were not provided on make install. To address this issue, the internal
cltypes.h header has been replaced by a clamav-types.h that is generated on
./configure and will be installed alongside clamav.h. Other changes Increased
the default CommandReadTimeout to reduce the chance of mail loss if using
clamav-milter with the TCP socket. Contribution by Scott Kitterman. Fixes for
--with-libjson and --with-libcurl to correctly accept library install path
arguments. Acknowledgements The ClamAV team thanks the following individuals
for their code submissions: Scott Kitterman Known Issues Some users have
observed crashes the first time running freshclam after upgrading from 0.100 to
0.101. We haven't yet tracked down the source of the issue, but have found that
the issue resolves itself and that subsequent calls to freshclam work as
expected. ---- Fix libclamav headers
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 10 2019 S��rgio Basto <sergio(a)serjux.com> - 0.101.1-1
- Update to 0.101.1
* Thu Jan 3 2019 Orion Poplawski <orion(a)nwra.com> - 0.101.0-3
- Actually apply patch
* Thu Jan 3 2019 Orion Poplawski <orion(a)nwra.com> - 0.101.0-2
- Explicitly list sonames to catch soname bumps
- Backport header fix (bug #1663011)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1663011 - clamav-devel-0.101 unusable due to missing cltypes.h
https://bugzilla.redhat.com/show_bug.cgi?id=1663011
--------------------------------------------------------------------------------
================================================================================
fernflower-183.5153.8-1.el7 (FEDORA-EPEL-2019-6f118372b8)
JIdea's java decompiler
--------------------------------------------------------------------------------
Update Information:
New package - jidea's fernflower decompiler
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1662974 - Review Request: fernflower - jidea's java decompiler
https://bugzilla.redhat.com/show_bug.cgi?id=1662974
--------------------------------------------------------------------------------
================================================================================
gramps-5.0.1-1.el7 (FEDORA-EPEL-2019-7b029e9ee8)
Genealogical Research and Analysis Management Programming System
--------------------------------------------------------------------------------
Update Information:
Gramps (Genealogical Research and Analysis Management Programming System) is a
GNOME based genealogy program supporting a Python based plugin system.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1435120 - Gramps in Epel 7 testing can't be installed because it misses
two dependencies
https://bugzilla.redhat.com/show_bug.cgi?id=1435120
--------------------------------------------------------------------------------
================================================================================
hw-probe-1.4-12.el7 (FEDORA-EPEL-2019-02742a951e)
A tool to check operability of computer hardware
--------------------------------------------------------------------------------
Update Information:
Do not require mesa-demos and redhat-lsb-core.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 9 2019 Andrey Ponomarenko <andrewponomarenko(a)yandex.ru> - 1.4-12
- Do not require mesa-demos and redhat-lsb-core.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1655421 - Review Request: hw-probe - A tool to check operability of computer
hardware
https://bugzilla.redhat.com/show_bug.cgi?id=1655421
--------------------------------------------------------------------------------
================================================================================
nodejs-6.16.0-1.el7 (FEDORA-EPEL-2019-a6100f3df6)
JavaScript runtime
--------------------------------------------------------------------------------
Update Information:
Update to Node.js 6.16.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 10 2019 Stephen Gallagher <sgallagh(a)redhat.com> - 1:6.16.0-2
- Bundle http-parser since it uses backported features not available in RHEL
* Thu Jan 10 2019 Stephen Gallagher <sgallagh(a)redhat.com> - 1:6.16.0-1
- Update to 6.16.0 security release
-
https://nodejs.org/en/blog/release/v6.16.0/
-
https://nodejs.org/en/blog/release/v6.15.1/
-
https://nodejs.org/en/blog/release/v6.15.0/
-
https://nodejs.org/en/blog/release/v6.14.4/
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1661014
https://bugzilla.redhat.com/show_bug.cgi?id=1661014
[ 2 ] Bug #1661018 - CVE-2018-12120 nodejs: Debugger port 5858 listens on any interface
by default [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1661018
--------------------------------------------------------------------------------
================================================================================
ocserv-0.12.2-1.el7 (FEDORA-EPEL-2019-1ba5ea99c5)
OpenConnect SSL VPN server
--------------------------------------------------------------------------------
Update Information:
Update to upstream 0.12.2 release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 10 2019 Nikos Mavrogiannopoulos <nmav(a)gnutls.org> - 0.12.2-1
- Update to upstream 0.12.2 release
--------------------------------------------------------------------------------
================================================================================
php-horde-imp-6.2.23-2.el7 (FEDORA-EPEL-2019-afdb744710)
A web based webmail system
--------------------------------------------------------------------------------
Update Information:
**imp 6.2.23** * [mjr] Fix attachment handling in minimal mode (PR #3, Thorsten
Kahler). * [mjr] Fix regular expression error with PHP 7.3. * [mjr] Fix fatal
error when requested attachment not found in minimal mode.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 10 2019 Remi Collet <remi(a)remirepo.net> - 6.2.23-2
- fix Undefined class constant 'ALPHACHANNEL_REMOVE' #1657972
patch from
https://github.com/horde/imp/pull/4
* Mon Jan 7 2019 Remi Collet <remi(a)remirepo.net> - 6.2.23-1
- update to 6.2.23
- use range dependencies
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1657972 - Mails with pdf attachments are no longer displayed
https://bugzilla.redhat.com/show_bug.cgi?id=1657972
--------------------------------------------------------------------------------
================================================================================
python-bigsuds-1.0.6-6.el7 (FEDORA-EPEL-2019-47e79dc6c3)
Library for F5 Networks iControl API
--------------------------------------------------------------------------------
Update Information:
Enable python3 build on EL7 ---- Fix Requires: on EL. ---- Initial build.
--------------------------------------------------------------------------------
================================================================================
python-lark-parser-0.6.4-4.el7 (FEDORA-EPEL-2019-cae2a7eb04)
Lark is a modern general-purpose parsing library for Python
--------------------------------------------------------------------------------
Update Information:
Fixing packages names
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 11 2019 Thomas Andrejak <thomas.andrejak(a)gmail.com> - 0.6.4-4
- Re-fix the packages names
--------------------------------------------------------------------------------
================================================================================
python-moksha-hub-1.5.15-2.el7 (FEDORA-EPEL-2019-f6497a1c46)
Hub components for Moksha
--------------------------------------------------------------------------------
Update Information:
Remove unnecessary patch. ---- Cleaner shutdown on STOMP errors:
https://github.com/mokshaproject/moksha/pull/68 ---- Temporarily include
https://github.com/mokshaproject/moksha/pull/65 Odds are, we shouldn't end up
pushing this to epel7-stable.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 10 2019 Ralph Bean <rbean(a)redhat.com> - 1.5.15-2
- Remove patch for
https://github.com/mokshaproject/moksha/pull/65
which didn't prove helpful.
* Thu Jan 10 2019 Ralph Bean <rbean(a)redhat.com> - 1.5.15-1
- new version
* Mon Jan 7 2019 Ralph Bean <rbean(a)redhat.com> - 1.5.14-1
- new version
* Mon Sep 24 2018 Ralph Bean <rbean(a)redhat.com> - 1.5.13-2.0.1cb025525
- Apply experimental upstream patch for stomp heartbeat handling
https://github.com/mokshaproject/moksha/pull/65
--------------------------------------------------------------------------------
================================================================================
radare2-3.2.0-1.el7 (FEDORA-EPEL-2019-d8514cbb38)
The reverse engineering framework
--------------------------------------------------------------------------------
Update Information:
Introduce radare2 3.2.0 in EPEL 7
--------------------------------------------------------------------------------
================================================================================
rpkg-1.57-2.el7 (FEDORA-EPEL-2019-d92cd1ba9b)
Python library for interacting with rpm+git
--------------------------------------------------------------------------------
Update Information:
This is mostly a bugfix update with improvements for building modules and
flatpaks - Set configuration in case of "clone --branches" as well - Send
source mtime to dist-git - Specify package manager for mock-config - Add
contributing guide - Validate the module build optional argument when parsing
the argument - Add config options to parse the base module (e.g. platform)
stream from the dist-git branch and apply a buildrequire override - Add the
ability to pass in buildrequire and require overrides on a module build - Raise
an error if the module build command receives optional arguments that conflict
- Add flatpak-build subcommand
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 3 2019 Ond��ej Nosek <onosek(a)redhat.com> - 1.57-2
- Merge changes of the .spec files for Fedora and RHEL
* Thu Dec 13 2018 Ond��ej Nosek <onosek(a)redhat.com> - 1.57-1
- Use idna 2.7 for Python 2.6 (lsedlar)
- Imports are sorted (onosek)
- libmodulemd is missing on el7 - #402 (onosek)
- Initialize bash autocompletion (onosek)
- Set configuration in case of "clone --branches" as well (tim)
- Fix fake spec file for clog tests (cqi)
- Move argparse fix from fedpkg - #398 (onosek)
- Send source mtime to dist-git - 220 (lsedlar)
- Fix tests for mock package manager (lsedlar)
- Specify package manager for mock-config (lsedlar)
- Add contributing guide (onosek)
- Validate the module build optional argument when parsing the argument
(mprahl)
- Add config options to parse the base module (e.g. platform) stream from the
dist-git branch and apply a buildrequire override (mprahl)
- Add the ability to pass in buildrequire and require overrides on a module
build (mprahl)
- Raise an error if the module build command receives optional arguments that
conflict (mprahl)
- Silence Python3 SafeConfigParser warnings (mmathesi)
- Allow to pass posargs to tox from make (cqi)
- Specify dependent packages in one place (cqi)
- Don't registry flatpak-build command on Python-2.6 (otaylor)
- Add flatpak-build subcommand (otaylor)
- Don't pass the MBS API URL around as a parameter (otaylor)
- TestContainerBuildWithKoji: tear down the mock appropriately (otaylor)
- Refine test runner for py26 (cqi)
* Fri Sep 7 2018 Owen Taylor <otaylor(a)redhat.com> - 1.56-2
- Add patch from upstream pull-request to add a flatpak-build subcommand
- Add PyYAML dependencies so that the spec file at least builds on epel6/epel7
--------------------------------------------------------------------------------
================================================================================
strongswan-5.7.2-1.el7 (FEDORA-EPEL-2019-f7fb9d4ea0)
An OpenSource IPsec-based VPN and TNC solution
--------------------------------------------------------------------------------
Update Information:
Updated to 5.7.2
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 9 2019 Paul Wouters <pwouters(a)redhat.com> - 5.7.2-1
- Updated to 5.7.2
--------------------------------------------------------------------------------