The following Fedora EPEL 7 Security updates need testing:
Age URL
867
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
629
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f
mcollective-2.8.4-1.el7
211
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d
libbsd-0.8.3-1.el7
109
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe
mod_cluster-1.3.3-10.el7
107
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5f9a6163b4
tnef-1.4.14-1.el7
106
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7ecb12e378
python-XStatic-jquery-ui-1.12.0.1-1.el7
41
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4aae1e22f1
lxc-1.0.10-2.el7
21
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-ffb0e00f3b
mosquitto-1.4.13-1.el7
15
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-52b6bc17c1
globus-ftp-client-8.36-1.el7 globus-gass-cache-program-6.7-1.el7
globus-gass-copy-9.27-1.el7 globus-gram-client-13.18-1.el7
globus-gram-job-manager-14.36-1.el7 globus-gram-job-manager-condor-2.6-5.el7
globus-gridftp-server-12.2-1.el7 globus-gssapi-gsi-12.17-1.el7 globus-io-11.9-1.el7
globus-net-manager-0.17-1.el7 globus-xio-5.16-1.el7 globus-xio-gsi-driver-3.11-1.el7
globus-xio-pipe-driver-3.10-1.el7 globus-xio-udt-driver-1.28-1.el7 myproxy-6.1.28-1.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-47be021843
heimdal-7.4.0-1.el7
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-a8886eb42e
cross-binutils-2.27-9.el7.1 cross-gcc-4.8.5-16.el7.1
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-93f422baa0
nodejs-6.11.1-1.el7
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-491dd51db6
phpldapadmin-1.2.3-10.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-64c36b5282
rubygem-rack-cors-0.4.1-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-0e0fd785bc
yara-3.6.3-1.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-c39b9065fa
GraphicsMagick-1.3.26-3.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-c4e53cc90d
chicken-4.12.0-3.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-1024674dfb
moodle-3.1.7-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
GraphicsMagick-1.3.26-3.el7
NetworkManager-l2tp-1.2.8-1.el7
cacti-1.1.13-1.el7
cargo-0.20.0-1.el7
chicken-4.12.0-3.el7
cscppc-1.3.3-1.el7
csmock-2.0.4-1.el7
cswrap-1.3.4-2.el7
execstack-0.5.0-11.el7
gdb-exploitable-1.32-1.20170717git35b742d.el7
gsmartcontrol-1.0.2-1.el7
hdf-4.2.13-1.el7
mediaconch-17.06-3.el7
moodle-3.1.7-1.el7
nagios-4.3.2-6.el7
nagios-plugins-2.2.1-4git.el7
qotd-0.11.3-2.el7
rust-1.19.0-1.el7
vulkan-1.0.54.0-2.el7
Details about builds:
================================================================================
GraphicsMagick-1.3.26-3.el7 (FEDORA-EPEL-2017-c39b9065fa)
An ImageMagick fork, offering faster image generation and better quality
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2017-11403
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1472214 - CVE-2017-11403 GraphicsMagick: Use-after-free in CloseBlob
https://bugzilla.redhat.com/show_bug.cgi?id=1472214
--------------------------------------------------------------------------------
================================================================================
NetworkManager-l2tp-1.2.8-1.el7 (FEDORA-EPEL-2017-9d75c976e1)
NetworkManager VPN plugin for L2TP and L2TP/IPsec
--------------------------------------------------------------------------------
Update Information:
Updated to 1.2.8 release
--------------------------------------------------------------------------------
================================================================================
cacti-1.1.13-1.el7 (FEDORA-EPEL-2017-7eb3e93901)
An rrd based graphing tool
--------------------------------------------------------------------------------
Update Information:
- Update to 1.1.13 Release notes:
https://www.cacti.net/release_notes.php?version=1.1.13
--------------------------------------------------------------------------------
================================================================================
cargo-0.20.0-1.el7 (FEDORA-EPEL-2017-5027ee3180)
Rust's package manager and build tool
--------------------------------------------------------------------------------
Update Information:
New versions of Rust and Cargo -- see the release notes for [1.19](https://blog
.rust-lang.org/2017/07/20/Rust-1.19.html).
--------------------------------------------------------------------------------
================================================================================
chicken-4.12.0-3.el7 (FEDORA-EPEL-2017-c4e53cc90d)
A practical and portable Scheme system
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2017-11343
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1471816 - CVE-2017-11343 chicken: Predictable symbol table due to using
default libc seed in PRNG
https://bugzilla.redhat.com/show_bug.cgi?id=1471816
--------------------------------------------------------------------------------
================================================================================
cscppc-1.3.3-1.el7 (FEDORA-EPEL-2017-01d4d2abef)
A compiler wrapper that runs cppcheck in background
--------------------------------------------------------------------------------
Update Information:
- update to latest upstream bugfix release
--------------------------------------------------------------------------------
================================================================================
csmock-2.0.4-1.el7 (FEDORA-EPEL-2017-01d4d2abef)
A mock wrapper for Static Analysis tools
--------------------------------------------------------------------------------
Update Information:
- update to latest upstream bugfix release
--------------------------------------------------------------------------------
================================================================================
cswrap-1.3.4-2.el7 (FEDORA-EPEL-2017-01d4d2abef)
Generic compiler wrapper
--------------------------------------------------------------------------------
Update Information:
- update to latest upstream bugfix release
--------------------------------------------------------------------------------
================================================================================
execstack-0.5.0-11.el7 (FEDORA-EPEL-2017-cb6ae5d6d4)
Utility to set/clear/query executable stack bit
--------------------------------------------------------------------------------
Update Information:
Initial import from fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1472817 - execstack not available on EPEL7 for aarch64 and ppc64le
https://bugzilla.redhat.com/show_bug.cgi?id=1472817
--------------------------------------------------------------------------------
================================================================================
gdb-exploitable-1.32-1.20170717git35b742d.el7 (FEDORA-EPEL-2017-c3c6c321cd)
GDB extension for exploitability
--------------------------------------------------------------------------------
Update Information:
This is the initial packaging release for gdb-explotable.
--------------------------------------------------------------------------------
================================================================================
gsmartcontrol-1.0.2-1.el7 (FEDORA-EPEL-2017-6b5ca33647)
Graphical user interface for smartctl
--------------------------------------------------------------------------------
Update Information:
Update to 1.0.2.
--------------------------------------------------------------------------------
================================================================================
hdf-4.2.13-1.el7 (FEDORA-EPEL-2017-5fecf1db92)
A general purpose library and file format for storing scientific data
--------------------------------------------------------------------------------
Update Information:
Update to 4.2.13
--------------------------------------------------------------------------------
================================================================================
mediaconch-17.06-3.el7 (FEDORA-EPEL-2017-4ccde3210e)
Most relevant technical and tag data for video and audio files (CLI)
--------------------------------------------------------------------------------
Update Information:
Fist release of mediaconch in Fedora repo.
--------------------------------------------------------------------------------
================================================================================
moodle-3.1.7-1.el7 (FEDORA-EPEL-2017-1024674dfb)
A Course Management System
--------------------------------------------------------------------------------
Update Information:
Fix for multiple CVEs
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1472243 - CVE-2017-2642 CVE-2017-7532 moodle: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1472243
--------------------------------------------------------------------------------
================================================================================
nagios-4.3.2-6.el7 (FEDORA-EPEL-2017-6a923c6fbd)
Host/service/network monitoring program
--------------------------------------------------------------------------------
Update Information:
Fix nagios selinux entries
--------------------------------------------------------------------------------
================================================================================
nagios-plugins-2.2.1-4git.el7 (FEDORA-EPEL-2017-87ebfdc686)
Host/service/network monitoring program plugins for Nagios
--------------------------------------------------------------------------------
Update Information:
Add explicit file require. Fix BZ# 1470823 ---- Updated patches to fix
check_http problems ---- Update to git for 20170703
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1052740 - SELinux is preventing check_log via NRPE from read and open
var_log_t files
https://bugzilla.redhat.com/show_bug.cgi?id=1052740
[ 2 ] Bug #1204683 - check_ide_smart cannot be started by nrpe
https://bugzilla.redhat.com/show_bug.cgi?id=1204683
[ 3 ] Bug #1210380 - SELinux prevents check_mailq from executing postfix when run via
NRPE
https://bugzilla.redhat.com/show_bug.cgi?id=1210380
[ 4 ] Bug #1256848 - nagios-plugins-log has incorrect paths to egrep/tail (EL6)
https://bugzilla.redhat.com/show_bug.cgi?id=1256848
[ 5 ] Bug #1423008 - nagios-plugins-2.2.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1423008
[ 6 ] Bug #1427925 - check_http 2.2.0-4 fails if Transfer-Encoding ends the header
https://bugzilla.redhat.com/show_bug.cgi?id=1427925
[ 7 ] Bug #1463674 - check_http segfaults once Location header terminates with
additional 0x0a and is last header line
https://bugzilla.redhat.com/show_bug.cgi?id=1463674
[ 8 ] Bug #1465784 - nagios http plugin is old and buggy
https://bugzilla.redhat.com/show_bug.cgi?id=1465784
--------------------------------------------------------------------------------
================================================================================
qotd-0.11.3-2.el7 (FEDORA-EPEL-2017-4084c13468)
A simple and lightweight Quote of the Day daemon
--------------------------------------------------------------------------------
Update Information:
Add missing systemd scriplets, this was missed in review. ---- A simple and
lightweight Quote of the Day daemon
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1462472 - Review Request: qotd - A simple and lightweight Quote of the Day
daemon
https://bugzilla.redhat.com/show_bug.cgi?id=1462472
--------------------------------------------------------------------------------
================================================================================
rust-1.19.0-1.el7 (FEDORA-EPEL-2017-5027ee3180)
The Rust Programming Language
--------------------------------------------------------------------------------
Update Information:
New versions of Rust and Cargo -- see the release notes for [1.19](https://blog
.rust-lang.org/2017/07/20/Rust-1.19.html).
--------------------------------------------------------------------------------
================================================================================
vulkan-1.0.54.0-2.el7 (FEDORA-EPEL-2017-901ea5ebd1)
Vulkan loader and validation layers
--------------------------------------------------------------------------------
Update Information:
- Update to 1.0.54.0 release - Use build requires cmake3 for epel build - Build
layers for epel - Cleanup cmake commands
--------------------------------------------------------------------------------