Fedora EPEL 7 updates-testing report
by updates@fedoraproject.org
The following Fedora EPEL 7 Security updates need testing:
Age URL
1113 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7
875 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7
458 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7
355 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe mod_cluster-1.3.3-10.el7
187 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e27758bd23 libmspack-0.6-0.1.alpha.el7
124 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e64eeb6ece nagios-4.3.4-5.el7
29 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3e70a38ad4 drupal7-7.57-1.el7
14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-635348eab4 php-simplesamlphp-saml2_1-1.10.6-1.el7
14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-7150fa5dce php-simplesamlphp-saml2-2.3.8-1.el7
11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-673b3314a1 exim-4.90.1-3.el7
11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3f41541339 monitorix-3.10.1-1.el7
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-ae3a1eae7e glpi-0.90.5-2.el7
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-add4fc19d8 mosquitto-1.4.15-1.el7
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-1fbdf7f103 chromium-65.0.3325.181-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
adapta-gtk-theme-3.93.0.200-1.el7
akmods-0.5.6-15.el7
cacti-1.1.37-1.el7
php-scssphp-0.7.5-2.el7
python-paramiko-2.1.1-0.4.el7
python3-websocket-client-0.47.0-1.el7
Details about builds:
================================================================================
adapta-gtk-theme-3.93.0.200-1.el7 (FEDORA-EPEL-2018-7502bb26cc)
An adaptive Gtk+ theme based on Material Design Guidelines
--------------------------------------------------------------------------------
Update Information:
- New upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1554424 - adapta-gtk-theme conflicts with itself
https://bugzilla.redhat.com/show_bug.cgi?id=1554424
[ 2 ] Bug #1554156 - adapta-gtk-theme-3.93.0.200 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1554156
--------------------------------------------------------------------------------
================================================================================
akmods-0.5.6-15.el7 (FEDORA-EPEL-2018-7ca7c4028e)
Automatic kmods build and install tool
--------------------------------------------------------------------------------
Update Information:
- Add inihibitor for akmods@.service - Use restart on akmodsposttrans - Switch
to always retry by default - Drop akmods preset by f28 - Don't enable service on
ah - Test a rw directory
--------------------------------------------------------------------------------
================================================================================
cacti-1.1.37-1.el7 (FEDORA-EPEL-2018-d797b60200)
An rrd based graphing tool
--------------------------------------------------------------------------------
Update Information:
- Update to 1.1.37 Release notes:
https://www.cacti.net/release_notes.php?version=1.1.37
--------------------------------------------------------------------------------
================================================================================
php-scssphp-0.7.5-2.el7 (FEDORA-EPEL-2018-97bcf66281)
A compiler for SCSS written in PHP
--------------------------------------------------------------------------------
Update Information:
## v0.7.5 ### Fixes - Fix `for` loop with units (@of2607) - Fix side-effects
in `abs()`, `ceil()`, `floor()`, and `round()` (@jugyhead) ### New - Add
option for custom `SourceMapGenerator` (@dleffler) ## v0.7.4 ### Bug fixes -
Fat fingered cleanup; broke file-based source maps (@dleffler) ## v0.7.3 ###
Enhancements - Add inline sourcemaps (@NicolaF, @oyejorge) - Add file-based
sourcemaps (@dleffler) ## v0.7.2 ### Compatibility - increase default
precision to 10 (was 5) to match ruby scss 3.5.0 ### Bug fixes - replace
`locale()` with `number_format()` (@Arlisaha) ## v0.7.1 ### Compat Buster -
Server class moved to `/example` folder - Server::serveFrom() removed; use `(new
Server)->serve()` instead - Removed `.phar` build ### Bug fixes - `each()`
deprecated in PHP 7.2 (@marinaglancy) ## v0.7.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1504394 - php-scssphp-0.7.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1504394
--------------------------------------------------------------------------------
================================================================================
python-paramiko-2.1.1-0.4.el7 (FEDORA-EPEL-2018-86171fce03)
SSH2 protocol library for python
--------------------------------------------------------------------------------
Update Information:
A flaw was found in the implementation of `transport.py` in Paramiko, which did
not properly check whether authentication was completed before processing other
requests. A customized SSH client could simply skip the authentication step.
This flaw is a user authentication bypass in the SSH Server functionality of
Paramiko. Where Paramiko is used only for its client-side functionality (e.g.
`paramiko.SSHClient`), the vulnerability is not exposed and thus cannot be
exploited.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1557130 - CVE-2018-7750 python-paramiko: Authentication bypass in transport.py
https://bugzilla.redhat.com/show_bug.cgi?id=1557130
--------------------------------------------------------------------------------
================================================================================
python3-websocket-client-0.47.0-1.el7 (FEDORA-EPEL-2018-2ed7c3b54e)
WebSocket client for python
--------------------------------------------------------------------------------
Update Information:
- Latest upstream (rhbz# 1548228) - Fixes python3-websocket-client requires both
Python 2 and 3 (rhbz# 1531541)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1531541 - python-websocket-client: python3-websocket-client requires both Python 2 and Python 3
https://bugzilla.redhat.com/show_bug.cgi?id=1531541
[ 2 ] Bug #1548228 - python-websocket-client-0.47.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1548228
--------------------------------------------------------------------------------