The following Fedora EPEL 7 Security updates need testing:
Age URL
66
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3835d39d1a
unrtf-0.21.9-8.el7
60
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-15b7dc35af
pass-1.7.2-1.el7
34
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-d2e0971e9b
uwsgi-2.0.17.1-1.el7
16
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-f9d6ff695a
bibutils-6.6-1.el7 ghc-hs-bibutils-6.6.0.0-1.el7 pandoc-citeproc-0.3.0.1-4.el7
15
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-5346e2123a
dpkg-1.18.25-1.el7
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3f5e90bb2b
libmspack-0.7-0.1.alpha.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-7b6fa936b1
knot-resolver-2.4.1-1.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-38987c542e
cgit-1.1-11.el7
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-aec074825a
thunderbird-enigmail-2.0.8-1.el7
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-0be0127779
libgit2-0.26.6-1.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-33f460bd9c
moodle-3.1.13-2.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
condor-8.6.11-1.el7
distribution-gpg-keys-1.22-1.el7
geolite2-20180807-1.el7
ghc-rpm-macros-1.0.11-1.el7
lighttpd-1.4.50-1.el7
mock-1.4.13-1.el7
mock-core-configs-29.1-1.el7
module-build-service-2.5.0-1.el7
python-bugzilla-2.2.0-1.el7.1
python-msgpack-0.5.6-3.el7
python-productmd-1.16-1.el7
recap-1.4.0-1.el7
rust-1.28.0-1.el7
sleuthkit-4.6.2-1.el7
spectre-meltdown-checker-0.39-1.el7
suricata-4.0.5-3.el7
xmount-0.7.6-3.el7
Details about builds:
================================================================================
condor-8.6.11-1.el7 (FEDORA-EPEL-2018-3c9292b62d)
HTCondor: High Throughput Computing
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream 8.6.11 Security fix for CVE-2017-16816
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 9 2018 Tim Theisen <ttheisen(a)fedoraproject.org> - 8.6.11-1
- Update to latest upstream 8.6.11
- Update to fix security issue rhbz#1598628
* Fri Feb 23 2018 Yaakov Selkowitz <yselkowi(a)redhat.com> - 8.3.8-2
- Rebuilt for aarch64
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1508887 - CVE-2017-16816 condor: DoS of condor_schedd via specially crafted
VOMS proxy
https://bugzilla.redhat.com/show_bug.cgi?id=1508887
--------------------------------------------------------------------------------
================================================================================
distribution-gpg-keys-1.22-1.el7 (FEDORA-EPEL-2018-68b5e45991)
GPG keys of various Linux distributions
--------------------------------------------------------------------------------
Update Information:
## Features: - Starting with mock-core-configs version 29.1 the gpg keys for
rawhide are checked now. - There is a new config option `print_main_output`,
which allows you to override default behavior: # By default, mock only
prints the build log to stderr if it is a tty; you can # force it on here
(for CI builds where there is no tty, for example) by # setting this to
True, or force it off by setting it to False. #
config_opts['print_main_output'] = None - Following new environment variables
are passed to mock from user environment: `http_proxy`, `ftp_proxy`,
`https_proxy`, `no_proxy`. - bash completion has been reworked and is now much
simple and hopefully better ## Bugfixes: - Mockchain will again stop after the
first failure if -c or --recurse is not used. - Commands started by mock will
be using `C.UTF-8` locale instead of `en_US.UTF-8`, which does not need to be
available. - There is new default for `nspawn_args`:
`config_opts['nspawn_args'] = ['--capability=cap_ipc_lock']`. This will
enable
cap_ipc_lock in nspawn container, which will allow to use `mlock()`
[
RHBZ#1580435](https://bugzilla.redhat.com/show_bug.cgi?id=1580435). - Do not
get spec from the command line when using scm [
GH#203](https://github.com/rpm-
software-management/mock/issues/203) - use host's resolv.conf when --enable-
network is set on cml
[
RHBZ#1593212](https://bugzilla.redhat.com/show_bug.cgi?id=1593212)
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 12 2018 Miroslav Such�� <msuchy(a)redhat.com> 1.22-1
- update copr keys
- add fedora 30
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1593212 - --enable-network got broken by commit disabling host_resolv
https://bugzilla.redhat.com/show_bug.cgi?id=1593212
[ 2 ] Bug #1580435 - rubygem-mongo: "Inappropriate ioctl for device" for only
mock new chroot
https://bugzilla.redhat.com/show_bug.cgi?id=1580435
--------------------------------------------------------------------------------
================================================================================
geolite2-20180807-1.el7 (FEDORA-EPEL-2018-ada5dcdf2b)
Free IP geolocation databases
--------------------------------------------------------------------------------
Update Information:
- Latest upstream
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 13 2018 Carl George <carl(a)george.computer> - 20180807-1
- Latest upstream
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> -
20180605-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
ghc-rpm-macros-1.0.11-1.el7 (FEDORA-EPEL-2018-22bb904daa)
RPM macros for building Haskell packages for GHC
--------------------------------------------------------------------------------
Update Information:
- install licenses (Cabal docdir) in licenses dir - add macros.ghc-os and cabal-
tweak-drop-dep
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jul 28 2018 Jens Petersen <petersen(a)redhat.com> - 1.0.11-1
- update url
- add macros.ghc-os and cabal-tweak-drop-dep
- install licenses (Cabal docdir) in licenses dir
--------------------------------------------------------------------------------
================================================================================
lighttpd-1.4.50-1.el7 (FEDORA-EPEL-2018-dce803ff0d)
Lightning fast webserver with light system requirements
--------------------------------------------------------------------------------
Update Information:
1.4.50.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 13 2018 Gwyn Ciesla <limburgher(a)gmail.com> - 1.4.50-1
- 1.4.50.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1615360 - lighttpd-1.4.50 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1615360
--------------------------------------------------------------------------------
================================================================================
mock-1.4.13-1.el7 (FEDORA-EPEL-2018-68b5e45991)
Builds packages inside chroots
--------------------------------------------------------------------------------
Update Information:
## Features: - Starting with mock-core-configs version 29.1 the gpg keys for
rawhide are checked now. - There is a new config option `print_main_output`,
which allows you to override default behavior: # By default, mock only
prints the build log to stderr if it is a tty; you can # force it on here
(for CI builds where there is no tty, for example) by # setting this to
True, or force it off by setting it to False. #
config_opts['print_main_output'] = None - Following new environment variables
are passed to mock from user environment: `http_proxy`, `ftp_proxy`,
`https_proxy`, `no_proxy`. - bash completion has been reworked and is now much
simple and hopefully better ## Bugfixes: - Mockchain will again stop after the
first failure if -c or --recurse is not used. - Commands started by mock will
be using `C.UTF-8` locale instead of `en_US.UTF-8`, which does not need to be
available. - There is new default for `nspawn_args`:
`config_opts['nspawn_args'] = ['--capability=cap_ipc_lock']`. This will
enable
cap_ipc_lock in nspawn container, which will allow to use `mlock()`
[
RHBZ#1580435](https://bugzilla.redhat.com/show_bug.cgi?id=1580435). - Do not
get spec from the command line when using scm [
GH#203](https://github.com/rpm-
software-management/mock/issues/203) - use host's resolv.conf when --enable-
network is set on cml
[
RHBZ#1593212](https://bugzilla.redhat.com/show_bug.cgi?id=1593212)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 13 2018 Miroslav Such�� <msuchy(a)redhat.com> 1.4.13-1
- fix python_sitelib macro
* Mon Aug 13 2018 Miroslav Such�� <msuchy(a)redhat.com> 1.4.12-1
- Don't try to use a spec we've already cleaned up (otaylor(a)fishsoup.net)
- only set print_main_output when not set in configs
(chuck.wilson+github(a)gmail.com)
- Try to get the proxy from environment (brunovern.a(a)gmail.com)
- stop after first failure if -c or --recurse is not used
- fallback to C.UTF-8 locale (tomek(a)pipebreaker.pl)
- completion: improve --copy(in|out), --cwd, --macro-file, --rootdir, and
--sources (tmz(a)pobox.com)
- do not get spec from command line when using scm [GH#203]
- enable cap_ipc_lock in nspawn container [RHBZ#1580435]
- use host's resolv.conf when --enable-network is set on cml [RHBZ#1593212]
(jskarvad(a)redhat.com)
- add --forcearch to bash_completion
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1593212 - --enable-network got broken by commit disabling host_resolv
https://bugzilla.redhat.com/show_bug.cgi?id=1593212
[ 2 ] Bug #1580435 - rubygem-mongo: "Inappropriate ioctl for device" for only
mock new chroot
https://bugzilla.redhat.com/show_bug.cgi?id=1580435
--------------------------------------------------------------------------------
================================================================================
mock-core-configs-29.1-1.el7 (FEDORA-EPEL-2018-68b5e45991)
Mock core config files basic chroots
--------------------------------------------------------------------------------
Update Information:
## Features: - Starting with mock-core-configs version 29.1 the gpg keys for
rawhide are checked now. - There is a new config option `print_main_output`,
which allows you to override default behavior: # By default, mock only
prints the build log to stderr if it is a tty; you can # force it on here
(for CI builds where there is no tty, for example) by # setting this to
True, or force it off by setting it to False. #
config_opts['print_main_output'] = None - Following new environment variables
are passed to mock from user environment: `http_proxy`, `ftp_proxy`,
`https_proxy`, `no_proxy`. - bash completion has been reworked and is now much
simple and hopefully better ## Bugfixes: - Mockchain will again stop after the
first failure if -c or --recurse is not used. - Commands started by mock will
be using `C.UTF-8` locale instead of `en_US.UTF-8`, which does not need to be
available. - There is new default for `nspawn_args`:
`config_opts['nspawn_args'] = ['--capability=cap_ipc_lock']`. This will
enable
cap_ipc_lock in nspawn container, which will allow to use `mlock()`
[
RHBZ#1580435](https://bugzilla.redhat.com/show_bug.cgi?id=1580435). - Do not
get spec from the command line when using scm [
GH#203](https://github.com/rpm-
software-management/mock/issues/203) - use host's resolv.conf when --enable-
network is set on cml
[
RHBZ#1593212](https://bugzilla.redhat.com/show_bug.cgi?id=1593212)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 13 2018 Miroslav Such�� <msuchy(a)redhat.com> 29.1-1
- add fedora 29 configs and change rawhide to F30
- defattr is not needed since rpm 4.2
- Replace armv5tl with aarch64 for Mageia Cauldron (ngompa13(a)gmail.com)
- check gpg keys for rawhide
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1593212 - --enable-network got broken by commit disabling host_resolv
https://bugzilla.redhat.com/show_bug.cgi?id=1593212
[ 2 ] Bug #1580435 - rubygem-mongo: "Inappropriate ioctl for device" for only
mock new chroot
https://bugzilla.redhat.com/show_bug.cgi?id=1580435
--------------------------------------------------------------------------------
================================================================================
module-build-service-2.5.0-1.el7 (FEDORA-EPEL-2018-65f6fcca9d)
The Module Build Service for Modularity
--------------------------------------------------------------------------------
Update Information:
Latest upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 14 2018 Ralph Bean <rbean(a)redhat.com> - 2.5.0-1
- new version
* Tue Aug 7 2018 mprahl <mprahl(a)redhat.com> - 2.4.2-1
- new version
* Tue Aug 7 2018 mprahl <mprahl(a)redhat.com> - 2.4.1-1
- new version
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.4.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Jul 11 2018 mprahl <mprahl(a)redhat.com> - 2.4.0-2
- Remove copr.conf from the expected files
* Wed Jul 11 2018 mprahl <mprahl(a)redhat.com> - 2.4.0-1
- new version
* Mon Jul 2 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 2.3.2-2
- Rebuilt for Python 3.7
* Wed Jun 27 2018 Ralph Bean <rbean(a)redhat.com> - 2.3.2-1
- new version
* Wed Jun 27 2018 Ralph Bean <rbean(a)redhat.com> - 2.3.1-1
- new version
* Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 2.3.0-2
- Rebuilt for Python 3.7
* Mon Jun 18 2018 mprahl <mprahl(a)redhat.com> - 2.3.0-1
- new version
* Fri Jun 1 2018 mprahl <mprahl(a)redhat.com> - 2.2.4-1
- new version
* Thu May 31 2018 mprahl <mprahl(a)redhat.com> - 2.2.3-1
- new version
* Wed May 30 2018 mprahl <mprahl(a)redhat.com> - 2.2.2-1
- new version
* Tue May 29 2018 mprahl <mprahl(a)redhat.com> - 2.2.1-1
- new version
* Thu May 10 2018 mprahl <mprahl(a)redhat.com> - 2.2.0-1
- new version
* Tue May 8 2018 Merlin Mathesius <mmathesi(a)redhat.com> - 2.1.1-2
- Correct fedmsg deps.
* Tue May 8 2018 Ralph Bean <rbean(a)redhat.com> - 2.1.1-1
- new version
* Tue May 8 2018 Ralph Bean <rbean(a)redhat.com> - 2.1.0-3
- Add missing deps and scrub unneeded py3 egg requirements.
* Tue May 8 2018 Ralph Bean <rbean(a)redhat.com> - 2.1.0-2
- Try to fix 'm2ext' and moksha.hub dep issues.
https://pagure.io/fm-orchestrator/issue/931
* Fri May 4 2018 mprahl <mprahl(a)redhat.com> - 2.1.0-1
- new version
* Fri Apr 20 2018 Jan Kaluza <jkaluza(a)redhat.com> - 2.0.2-5
- Allow block the packages in a module build before they are built as
part of a module
* Tue Apr 17 2018 Jan Kaluza <jkaluza(a)redhat.com> - 2.0.2-4
- use python3 by default
* Thu Apr 5 2018 Jan Kaluza <jkaluza(a)redhat.com> - 2.0.2-3
- fix wrong component reuse caused by missing change for buildrequires.
* Thu Apr 5 2018 Jan Kaluza <jkaluza(a)redhat.com> - 2.0.2-2
- fix issue with expanded requires section in case empty list is used as input.
* Thu Apr 5 2018 mprahl <mprahl(a)redhat.com> - 2.0.2-1
- New version
- Clean up dependencies
* Thu Apr 5 2018 mprahl <mprahl(a)redhat.com> - 2.0.1-1
- new version
* Thu Apr 5 2018 Jan Kaluza <jkaluza(a)redhat.com> - 2.0.0-1
- new version
--------------------------------------------------------------------------------
================================================================================
python-bugzilla-2.2.0-1.el7.1 (FEDORA-EPEL-2018-6a2c292304)
Python library for interacting with Bugzilla
--------------------------------------------------------------------------------
Update Information:
Fix python-magic dep ---- * Rebased to version 2.2.0 * Port tests to pytest *
cli: --cert Client side certificate support (Tobias Wolter) * cli: add ability
to post comment while sending attachment (Jeff Mahoney) * cli: Add --comment-tag
option * cli: Add info --active-components * Add a raw Product.get wrapper API *
Don't traceback on missing cli command (bz #1513819) * Fix bug.get with
sub_components (bz #1503491) * Fix uploading binary attachments (bz #1496821)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 13 2018 Cole Robinson <crobinso(a)redhat.com> - 2.2.0-1.el7.1
- Fix python-magic dep
* Sat Aug 11 2018 Cole Robinson <crobinso(a)redhat.com> - 2.2.0-1
- Rebased to version 2.2.0
- Port tests to pytest
- cli: --cert Client side certificate support (Tobias Wolter)
- cli: add ability to post comment while sending attachment (Jeff Mahoney)
- cli: Add --comment-tag option
- cli: Add info --active-components
- Add a raw Product.get wrapper API
- Don't traceback on missing cli command (bz #1513819)
- Fix bug.get with sub_components (bz #1503491)
- Fix uploading binary attachments (bz #1496821)
--------------------------------------------------------------------------------
================================================================================
python-msgpack-0.5.6-3.el7 (FEDORA-EPEL-2018-7f65484fe4)
A Python MessagePack (de)serializer
--------------------------------------------------------------------------------
Update Information:
restore Python 3 version for EPEL (rhbz#1599068)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 10 2018 Felix Schwarz <fschwarz(a)fedoraproject.org> - 0.5.6-3
- restore Python 3 version for EPEL (rhbz#1599068)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1599068 - python34-msgpack removed from EPEL 7, breaks borgbackup
https://bugzilla.redhat.com/show_bug.cgi?id=1599068
--------------------------------------------------------------------------------
================================================================================
python-productmd-1.16-1.el7 (FEDORA-EPEL-2018-b79372abf4)
Library providing parsers for metadata related to OS installation
--------------------------------------------------------------------------------
Update Information:
Allow modules with no RPMs in the metadata.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 14 2018 Lubom��r Sedl���� <lsedlar(a)redhat.com> - 1.16-1
- Allow module metadata with empty modules
* Fri Jul 20 2018 Lubom��r Sedl���� <lsedlar(a)redhat.com> - 1.15-4
- Use python2_sitelib instead of python_sitelib
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.15-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Jun 22 2018 Lubom��r Sedl���� <lsedlar(a)redhat.com> - 1.15-2
- Rebuilt for Python 3.7
--------------------------------------------------------------------------------
================================================================================
recap-1.4.0-1.el7 (FEDORA-EPEL-2018-02e491537a)
Generates reports of various system information
--------------------------------------------------------------------------------
Update Information:
Latest upstream rhbz#1602980
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 20 2018 Tony Garcia <tony.garcia(a)rackspace.com> - 1.4.0-1
- Latest upstream rhbz#1602980
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Feb 9 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1602980 - recap-1.4.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1602980
--------------------------------------------------------------------------------
================================================================================
rust-1.28.0-1.el7 (FEDORA-EPEL-2018-9367e03672)
The Rust Programming Language
--------------------------------------------------------------------------------
Update Information:
New versions of Rust and related tools -- see the release notes for
[
1.28](https://blog.rust-lang.org/2018/08/02/Rust-1.28.html).
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 8 2018 Josh Stone <jistone(a)redhat.com> - 1.28.0-1
- Update to 1.28.0.
--------------------------------------------------------------------------------
================================================================================
sleuthkit-4.6.2-1.el7 (FEDORA-EPEL-2018-69993b3f45)
The Sleuth Kit (TSK)
--------------------------------------------------------------------------------
Update Information:
Fix security issues
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 13 2018 Nicolas Chauvet <kwizart(a)gmail.com> - 4.6.2-1
- Update to 4.6.2
* Tue Jul 17 2018 Nicolas Chauvet <kwizart(a)gmail.com> - 4.6.1-1
- Update to 4.6.1
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.5.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Feb 9 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.5.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Mon Jan 8 2018 Nicolas Chauvet <kwizart(a)gmail.com> - 4.5.0-1
- Update to 4.5.0
* Thu Aug 3 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.3.0-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Thu Jul 27 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.3.0-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Mon May 15 2017 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
4.3.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_26_27_Mass_Rebuild
* Sat Feb 11 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.3.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Mon Sep 26 2016 Nicolas Chauvet <kwizart(a)gmail.com> - 4.3.0-1
- Update to 4.3.0
- Add sqlite-devel requires from devel sub-package rhbz#1346202
- Spec file clean-up
* Fri Feb 5 2016 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.2.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Thu Oct 1 2015 Nicolas Chauvet <kwizart(a)gmail.com> - 4.2.0-1
- Update to 4.2.0
- Add license tag
* Fri Jun 19 2015 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
4.1.3-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Sat May 2 2015 Kalev Lember <kalevlember(a)gmail.com> - 4.1.3-6
- Rebuilt for GCC 5 C++11 ABI change
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1589098 - CVE-2018-11737 CVE-2018-11738 CVE-2018-11739 CVE-2018-11740
sleuthkit: various flaws [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1589098
[ 2 ] Bug #1486585 - CVE-2017-13755 CVE-2017-13756 CVE-2017-13760 sleuthkit: Multiple
vulnerabilities [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1486585
--------------------------------------------------------------------------------
================================================================================
spectre-meltdown-checker-0.39-1.el7 (FEDORA-EPEL-2018-9ee65825d4)
Spectre & Meltdown vulnerability/mitigation checker for Linux
--------------------------------------------------------------------------------
Update Information:
* Feature: two new methods for reading MSR without a recent-enough `dd` binary:
using `perl` or the `msr-tools` when these are present * Feature: add detection
of RSBA feature bit (set by some hypervisors) indicating possible RSB underflow
host CPU vulnerability, and require kernel support for RSB stuffing even on non-
Skylake CPUs when this is the case * Feature: support for /boot partition on a
btrfs subvolume * Feature: add standard location of Arch armv5/armv7 kernel
image * Fix: the ARCH_CAPABILITIES MSR wasn't read correctly, preventing proper
SSB_NO and RDCL_NO feature bits detection
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 13 2018 Reto Gantenbein <reto.gantenbein(a)linuxmonk.ch> - 0.39-1
- Update to 0.39
--------------------------------------------------------------------------------
================================================================================
suricata-4.0.5-3.el7 (FEDORA-EPEL-2018-fbc9409354)
Intrusion Detection System
--------------------------------------------------------------------------------
Update Information:
This update fixes a file permission problem preventing use of the suricata
command socket.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 13 2018 Steve Grubb <sgrubb(a)redhat.com> - 4.0.5-3
- Consolidate branches so that everything is in sync (#1614935)
* Fri Aug 10 2018 Jason Taylor <jtfas90(a)gmail.com> 4.0.5-2
- fixes bz#1614935
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1614935 - Permission denied opening suricata-command.socket
https://bugzilla.redhat.com/show_bug.cgi?id=1614935
--------------------------------------------------------------------------------
================================================================================
xmount-0.7.6-3.el7 (FEDORA-EPEL-2018-058c3af3fa)
A on-the-fly convert for multiple hard disk image types
--------------------------------------------------------------------------------
Update Information:
Update to 0.7.6 Fix build
--------------------------------------------------------------------------------