The following Fedora EPEL 7 Security updates need testing:
Age URL
237
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d
condor-8.6.11-1.el7
45
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-f8311ec8a2
tor-0.3.5.8-1.el7
39
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-9c2c40e3df
guacamole-server-1.0.0-1.el7
18
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-317c9a2f81
drupal7-7.65-1.el7
14
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-114610bd18
golang-googlecode-go-crypto-0-0.15.20190324gitb7391e9.el7
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-d2c1368294
cinnamon-3.6.7-5.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-f1efad2982
aria2-1.34.0-4.el7
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-7bae341677
chromium-73.0.3683.86-2.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c9cd2d9a6c
ntfs-3g-2017.3.23-11.el7
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-50a6a1ddfd
afflib-3.7.18-2.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c739f0a89d
openjpeg2-2.3.1-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
BackupPC-XS-0.59-1.el7
java-latest-openjdk-12.0.0.33-3.rolling.el7
mate-themes-3.22.19-2.el7
mpris-scrobbler-0.3.2-1.el7
openfortivpn-1.9.0-3.el7
python34-3.4.10-1.el7
radare2-3.4.1-1.el7.1
rsync-bpc-3.1.2.0-2.el7
texlive-extension-2012-56.el7
transmission-2.94-6.el7
xapps-1.0.4-15.el7
Details about builds:
================================================================================
BackupPC-XS-0.59-1.el7 (FEDORA-EPEL-2019-75fb21b7e6)
Implementation of various BackupPC functions in a perl-callable module
--------------------------------------------------------------------------------
Update Information:
BackupPC-XS 0.59 = Fix to use correct int format when reading v3 attrib files,
reported and fixed by Jeff Kosowsky.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 8 2019 Richard Shaw <hobbes1069(a)gmail.com> - 0.59-1
- Update to 0.59.
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.58-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Mon Nov 26 2018 Richard Shaw <hobbes1069(a)gmail.com> - 0.58-1
- Update to BackupPC-XS 0.58.
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.57-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu Jun 28 2018 Jitka Plesnikova <jplesnik(a)redhat.com> - 0.57-3
- Perl 5.28 rebuild
* Wed Feb 7 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.57-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Mon Dec 4 2017 Richard Shaw <hobbes1069(a)gmail.com> - 0.57-1
- Update to latest upstream release.
* Wed Aug 2 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.56-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.56-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Mon Jun 19 2017 Richard Shaw <hobbes1069(a)gmail.com> - 0.56-1
- Update to latest upstream release.
* Wed Jun 7 2017 Jitka Plesnikova <jplesnik(a)redhat.com> - 0.55-2
- Perl 5.26 re-rebuild of bootstrapped packages
* Mon Jun 5 2017 Richard Shaw <hobbes1069(a)gmail.com> - 0.55-1
- Update to latest upstream release.
* Sun Jun 4 2017 Jitka Plesnikova <jplesnik(a)redhat.com> - 0.54-2
- Perl 5.26 rebuild
* Sun May 28 2017 Richard Shaw <hobbes1069(a)gmail.com> - 0.54-1
- Update to latest upstream release.
--------------------------------------------------------------------------------
================================================================================
java-latest-openjdk-12.0.0.33-3.rolling.el7 (FEDORA-EPEL-2019-fd1b62ba04)
OpenJDK Runtime Environment 12
--------------------------------------------------------------------------------
Update Information:
New package for short term support release OpenJDK is available for EPEL 7. This
package is designated as a rolling package, containing always current STS
release of OpenJDK (now it is 12). It can be installed in parallel with any
other OpenJDK package, however, it will always have lowest priority, and can be
switched via alternatives.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1693987 - Review Request: java-latest-openjdk - rolling release for short
term support OpenJDK
https://bugzilla.redhat.com/show_bug.cgi?id=1693987
--------------------------------------------------------------------------------
================================================================================
mate-themes-3.22.19-2.el7 (FEDORA-EPEL-2019-d3e9ae48de)
MATE Desktop themes
--------------------------------------------------------------------------------
Update Information:
- add some upstream patches - improvements for using metacity-theme-3 with Menta
themes - highcontrast icon-theme improvement
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 8 2019 Wolfgang Ulbrich <fedora(a)raveit.de> - 3.22.19-2
- add some upstream patches
- improvements for using metacity-theme-3 with Menta themes
- highcontrast icon-theme improvement
--------------------------------------------------------------------------------
================================================================================
mpris-scrobbler-0.3.2-1.el7 (FEDORA-EPEL-2019-1207160494)
User daemon to submit currently playing song to LastFM, LibreFM, ListenBrainz
--------------------------------------------------------------------------------
Update Information:
Update package to latest upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 8 2019 Justin W. Flory <jflory7(a)fedoraproject.org> - 0.3.2-1
- Update package to latest upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1697112 - mpris-scrobbler-0.3.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1697112
--------------------------------------------------------------------------------
================================================================================
openfortivpn-1.9.0-3.el7 (FEDORA-EPEL-2019-985644a4aa)
Client for PPP+SSL VPN tunnel services
--------------------------------------------------------------------------------
Update Information:
Update to a later version.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 20 2019 Lubomir Rintel <lkundrak(a)v3.sk> - 1.9.0-3
- Add pinentry support
* Wed Mar 20 2019 Lubomir Rintel <lkundrak(a)v3.sk> - 1.9.0-2
- Fix operations with the NetworkManager plugin
* Wed Mar 20 2019 Lubomir Rintel <lkundrak(a)v3.sk> - 1.9.0-1
- Update to latest upstream version
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.8.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python34-3.4.10-1.el7 (FEDORA-EPEL-2019-77190f3ef7)
Version 3 of the Python programming language aka Python 3000
--------------------------------------------------------------------------------
Update Information:
- Update to 3.4.10 - Use system expat on EL6
--------------------------------------------------------------------------------
ChangeLog:
* Sun Apr 7 2019 Carl George <carl(a)george.computer> - 3.4.10-1
- Latest upstream
- Use system expat on EL6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1666519 - CVE-2019-5010 python: NULL pointer dereference using a specially
crafted X509 certificate
https://bugzilla.redhat.com/show_bug.cgi?id=1666519
[ 2 ] Bug #1664509 - CVE-2018-20406 python: Integer overflow in Modules/_pickle.c allows
for memory exhaustion if serializing gigabytes of data
https://bugzilla.redhat.com/show_bug.cgi?id=1664509
[ 3 ] Bug #1631822 - CVE-2018-14647 python: Missing salt initialization in
_elementtree.c module
https://bugzilla.redhat.com/show_bug.cgi?id=1631822
--------------------------------------------------------------------------------
================================================================================
radare2-3.4.1-1.el7.1 (FEDORA-EPEL-2019-1753cc6207)
The reverse engineering framework
--------------------------------------------------------------------------------
Update Information:
rebase to upstream version 3.4.1 ---- rebase to upstream version 3.3.0
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 8 2019 Riccardo Schirone <rschirone91(a)gmail.com> - 3.4.1-1
- rebase to upstream version 3.4.1
* Tue Feb 19 2019 Riccardo Schirone <rschirone91(a)gmail.com> - 3.3.0-2
- rebase to upstream version 3.3.0
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.2.0-2.1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Thu Jan 10 2019 Riccardo Schirone <rschirone91(a)gmail.com> 3.2.0-2
- fix version reported by radare2 -V
--------------------------------------------------------------------------------
================================================================================
rsync-bpc-3.1.2.0-2.el7 (FEDORA-EPEL-2019-75fb21b7e6)
A customized version of rsync that is used as part of BackupPC
--------------------------------------------------------------------------------
Update Information:
BackupPC-XS 0.59 = Fix to use correct int format when reading v3 attrib files,
reported and fixed by Jeff Kosowsky.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.1.2.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Sun Dec 2 2018 Richard Shaw <hobbes1069(a)gmail.com> - 3.1.2.0-1
- Update to 3.1.2.0.
* Tue Nov 27 2018 Richard Shaw <hobbes1069(a)gmail.com> - 3.0.9.13-1
- Update to 3.0.9.13.
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> -
3.0.9.12-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Feb 9 2018 Fedora Release Engineering <releng(a)fedoraproject.org> -
3.0.9.12-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Sun Jan 28 2018 Richard Shaw <hobbes1069(a)gmail.com> - 3.0.9.12-1
- Update to 3.0.9.12.
* Sun Dec 17 2017 Richard Shaw <hobbes1069(a)gmail.com> - 3.0.9.11-1
- Update to latest upstream release, 3.0.9.11.
* Mon Dec 4 2017 Richard Shaw <hobbes1069(a)gmail.com> - 3.0.9.9-1
- Update to latest upstream release.
* Thu Aug 3 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0.9.8-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Thu Jul 27 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0.9.8-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Mon Jun 19 2017 Richard Shaw <hobbes1069(a)gmail.com> - 3.0.9.8-1
- Update to latest upstream release.
* Sun May 28 2017 Richard Shaw <hobbes1069(a)gmail.com> - 3.0.9.7-1
- Update to latest upstream release.
--------------------------------------------------------------------------------
================================================================================
texlive-extension-2012-56.el7 (FEDORA-EPEL-2019-7b88d5789a)
TeX formatting system
--------------------------------------------------------------------------------
Update Information:
added makecell.sty
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 8 2019 Than Ngo <than(a)redhat.com> - 2012-56
- added makecell.sty
--------------------------------------------------------------------------------
================================================================================
transmission-2.94-6.el7 (FEDORA-EPEL-2019-f8395a0247)
A lightweight GTK+ BitTorrent client
--------------------------------------------------------------------------------
Update Information:
2.94
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 26 2019 Kalev Lember <klember(a)redhat.com> - 2.94-6
- Add a patch to fix the DBus name to match the app name for flatpak builds
* Thu Feb 21 2019 Gwyn Ciesla <gwync(a)protonmail.com> - 2.94-5
- Add appindicator support, BZ 1679345.
* Sun Feb 3 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.94-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.94-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue May 1 2018 Gwyn Ciesla <limburgher(a)gmail.com> - 2.94-1
* Thu Feb 15 2018 Bj��rn Esser <besser82(a)fedoraproject.org> - 2.93-2
- Rebuilt for libevent-2.1.so.6
* Fri Feb 9 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.92-13
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1534061 - CVE-2018-5702 transmission: Remote code execution (RCE) in rpc
session-id via dns rebinding attack
https://bugzilla.redhat.com/show_bug.cgi?id=1534061
--------------------------------------------------------------------------------
================================================================================
xapps-1.0.4-15.el7 (FEDORA-EPEL-2019-f4f9e450f2)
Common files for XApp desktop apps
--------------------------------------------------------------------------------
Update Information:
Correctly obsolete python34-xapps-overrides as it is no longer valid due to
python migration.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 8 2019 Pat Riehecky <riehecky(a)fnal.gov> - 1.0.4-15
- Obsolete python34-xapps-overrides as it isn't shipped anymore
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1696661 - Dependency problem with python34-xapps-overrides
https://bugzilla.redhat.com/show_bug.cgi?id=1696661
--------------------------------------------------------------------------------