The following Fedora EPEL 7 Security updates need testing:
Age URL
258
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d
condor-8.6.11-1.el7
66
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-f8311ec8a2
tor-0.3.5.8-1.el7
34
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-d2c1368294
cinnamon-3.6.7-5.el7
26
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-50a6a1ddfd
afflib-3.7.18-2.el7
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-7fc4459823
libmediainfo-18.12-3.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-f05ef50515
php-horde-horde-5.2.21-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-add436bec5
php-horde-turba-4.2.24-1.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-d28d3135da
python36-3.6.8-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
aria2-1.34.0-5.el7
duplicity-0.7.19-1.el7
fedpkg-1.37-1.el7
gnome-shell-extension-system-monitor-applet-38-1.el7
python-gnupg-0.4.4-1.el7
rpkg-1.58-1.el7
singularity-3.1.1-1.el7
zstd-1.4.0-1.el7
Details about builds:
================================================================================
aria2-1.34.0-5.el7 (FEDORA-EPEL-2019-ee5d1024e8)
High speed download utility with resuming and segmented downloading
--------------------------------------------------------------------------------
Update Information:
Enable gnutls-system-crypto-policy only in Fedora (rhbz #1704413)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 29 2019 Athmane Madjoudj <athmane(a)fedoraproject.org> - 1.34.0-5
- Enable gnutls-system-crypto-policy only in Fedora (rhbz #1704413)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1704413 - aria2c unable to download content from HTTPS sites
https://bugzilla.redhat.com/show_bug.cgi?id=1704413
--------------------------------------------------------------------------------
================================================================================
duplicity-0.7.19-1.el7 (FEDORA-EPEL-2019-c9b579e6f3)
Encrypted bandwidth-efficient backup using rsync algorithm
--------------------------------------------------------------------------------
Update Information:
https://launchpad.net/duplicity/+announcement/15256
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 29 2019 Gwyn Ciesla <gwync(a)protonmail.com> - 0.7.19-1
- 0.7.19
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1704418 - duplicity-0.7.19 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1704418
--------------------------------------------------------------------------------
================================================================================
fedpkg-1.37-1.el7 (FEDORA-EPEL-2019-ef52f1c4c0)
Fedora utility for working with dist-git
--------------------------------------------------------------------------------
Update Information:
Release of rpkg+fedpkg contains enhancements and fixes as well. Described are
mostly more significant enhancements and fixes. rpkg ==== Improvements for
scratch module builds ------ * Allow ``module-build-watch`` to exit when a
scratch build completes. * Add scratch status to ``module-build-info`` output. *
Add scratch module build sub-commands and updates for handling custom modulemd
file and SRPMs. * Add tests for scratch module builds and adjust existing tests
for new ``scratch`` option. * Allow custom SRPMs with local module builds for
consistency with module scratch builds. Allow passing arguments to "mbs-manager
build_module_locally". ----- It is now possible to build modules offline
without any external infrastructure using the MBS. This is done by passing
``--offline`` and ``-r``/``--repository`` flags to mbs-manager and the list of
repositories for the base module. Remove the ability to parse a module's branch
----- Remove the ability to parse a module's branch automatically to determine
the base module stream override. This functionality was moved to MBS directly
instead of having rpkg do it: [PR#1176](https://pagure.io/fm-orchestrator/pull-
request/1176) Permit setting arbitrary rpm macros during build ----- Added
argument ``--define`` to pass custom macros to ``rpmbuild``. May be specified
multiple times. Applicable to commands: ``compile``, ``install``, ``local``,
``prep``, ``srpm``, ``verify-files``. Ignore files in a cloned repository -----
Git will ignore automatically generated files. Ignored patterns can be specified
in ``rhpkg``/``fedpkg`` config. Patterns are applied in ``.git/info/exclude``
file only when repository is cloned. And changes are valid only for local
repository. Pass specific arguments to "mock" ----- In ``mockbuild``: * Pass
``--enable-network`` to "mock" command. * Pass ``--disablerepo`` and
``--enablerepo`` to "mock" command. Both arguments can be used multiple times.
Added "depth" argument to "git clone" ----- Added ``--depth``
argument for
``git clone`` command. It creates a shallow clone with a history truncated to
the specified number of commits. Cloning mostly applies with single branch (with
argument ``--branch``). Watch multiple module builds ----- Code is written to
be able to watch multiple module builds just after submitting a module build.
Command ``module-build-watch`` also accepts command line arguments (multiple
``build_id``) to watch specified builds. Show module build links in output from
command module-build ----- If not watch module build, show build links in order
to be easy to link to module build in Web browser. Add the ability to configure
multiple regex expressions ----- Add the ability to configure multiple regex
expressions for ``base_module_stream_regex_from_branch``. Add "retire" command
supporting both packages and modules ----- There was previously a ``retire``
command in ``fedpkg`` supporting only packages. This brings the ``retire``
command into ``rpkg`` with added support for a module-specific ``dead.module``
marker file. Import srpm without uploading sources ----- Add new argument
``--offline`` for command ``import``. Files won't be uploaded to lookaside
cache. Ignore any specified profile when finding the Flatpak build target -----
The source module for a Flatpak build can be specified as something like
``flatpak-runtime:28/sdk`` to indicate that the Flatpak is built from the "sdk"
profile of the flatpak-runtime module. This should be ignored when looking up
module builds to find the platform stream and build target. Added update-docs
script ----- Script (``doc/update-docs.sh``) that updates html documentation
git repository on ``Pagure``. And unify it with ``fedpkg`` version of the
script. fedpkg ===== This release requires ``rpkg >= 1.58``. Ignore files in
a cloned repository ----- Git will ignore automatically generated files.
Ignored patterns can be specified in config. Initial patterns were added.
Patterns are applied in ``.git/info/exclude`` file only when repository is
cloned. And changes are valid only for local repository. Enable shell
completion for module scratch builds ----- * Add custom SRPM shell completion
with local module builds. * Add missing shell completion options for local
module builds. * Require SRPMs to be specified individually using multiple
``--srpm SRPM`` options. * Enable completion of modulemd file path by yaml
extension. Show hint when Pagure token expires ----- When Pagure token is
expired, hint is added in commands ``fedpkg request-repo`` and ``fedpkg request-
branch`` to keep user informed how to renew the token. Include possible
distprefix in "--define dist" for Forge-based packages ----- In forge based
packages, and most notably all Golang packages, dist tag are computed by a lua
script in order to generate a snapshot date and shortcommit. This patch passes
the computed ``%{?distprefix}`` in ``dist`` to take into account the specificity
of Forge based packages. Other small fixes ----- * Make ``fedpkg update``
output a report after success. * Fix fedpkg update --bugs detection. * The
``retire`` command is now included in rpkg, supporting both packages and
modules.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 29 2019 Ondrej Nosek <onosek(a)redhat.com> - 1.37-1
- Ignore files in a cloned repository - patterns (onosek)
- Create env without --system-site-packages enabled to run flake8 (cqi)
- Include possible distprefix in --define dist for Forge-based packages
(zebob.m)
- Revise shell completion for module scratch builds to require SRPMs to be
specified individually using multiple '--srpm SRPM' options, and enable
completion of modulemd file path by yaml extension. (mmathesi)
- Enable shell completion for module scratch builds. Add custom SRPM shell
completion with local module builds. Add missing shell completion options for
local module builds. (mmathesi)
- Make fedpkg update output a report after success - #315 (zebob.m)
- Retire 'retire' command from 'fedpkg' (mmathesi)
- More specific expression for bug search (onosek)
- Fix fedpkg update --bugs detection (zebob.m)
- README: add links and format change (onosek)
- Show hint when Pagure token expires - #285 (onosek)
--------------------------------------------------------------------------------
================================================================================
gnome-shell-extension-system-monitor-applet-38-1.el7 (FEDORA-EPEL-2019-8a2c70c4c9)
A Gnome shell system monitor extension
--------------------------------------------------------------------------------
Update Information:
New upstream release (Fedora patches applied - RHBZ#1703693) ---- Updated to
last upstream commits
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 29 2019 Nicolas Vi��ville <nicolas.vieville(a)uphf.fr> - 1:38-1
- New upstream release (Fedora patches applied - RHBZ#1703693)
- Dropped previous Fedora patches
* Sat Apr 27 2019 Nicolas Vi��ville <nicolas.vieville(a)uphf.fr> -
1:36-5.20190427gitc08bfd7
- Updated to last upstream commits
- Reworked Makefile
- Support for gnome-shell 3.32 added
- Added patches to support Fedora RPM package build
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1703693 - gnome-shell-extension-system-monitor-applet doesn't work with
gnome 3.32 but it is in the Fedora 30 repo
https://bugzilla.redhat.com/show_bug.cgi?id=1703693
--------------------------------------------------------------------------------
================================================================================
python-gnupg-0.4.4-1.el7 (FEDORA-EPEL-2019-c499781e80)
A wrapper for the Gnu Privacy Guard (GPG or GnuPG)
--------------------------------------------------------------------------------
Update Information:
Resolves rhbz#1670364 Fixes CVE-2019-6690
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 26 2019 Paul Wouters <pwouters(a)redhat.com> - 0.4.4-1
- Resolves rhbz#1670364 Fixes CVE-2019-6690
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.4.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1670364 - CVE-2019-6690 python-gnupg: improper input validation in
gnupg.GPG.encrypt() and gnupg.GPG.decrypt()
https://bugzilla.redhat.com/show_bug.cgi?id=1670364
--------------------------------------------------------------------------------
================================================================================
rpkg-1.58-1.el7 (FEDORA-EPEL-2019-ef52f1c4c0)
Python library for interacting with rpm+git
--------------------------------------------------------------------------------
Update Information:
Release of rpkg+fedpkg contains enhancements and fixes as well. Described are
mostly more significant enhancements and fixes. rpkg ==== Improvements for
scratch module builds ------ * Allow ``module-build-watch`` to exit when a
scratch build completes. * Add scratch status to ``module-build-info`` output. *
Add scratch module build sub-commands and updates for handling custom modulemd
file and SRPMs. * Add tests for scratch module builds and adjust existing tests
for new ``scratch`` option. * Allow custom SRPMs with local module builds for
consistency with module scratch builds. Allow passing arguments to "mbs-manager
build_module_locally". ----- It is now possible to build modules offline
without any external infrastructure using the MBS. This is done by passing
``--offline`` and ``-r``/``--repository`` flags to mbs-manager and the list of
repositories for the base module. Remove the ability to parse a module's branch
----- Remove the ability to parse a module's branch automatically to determine
the base module stream override. This functionality was moved to MBS directly
instead of having rpkg do it: [PR#1176](https://pagure.io/fm-orchestrator/pull-
request/1176) Permit setting arbitrary rpm macros during build ----- Added
argument ``--define`` to pass custom macros to ``rpmbuild``. May be specified
multiple times. Applicable to commands: ``compile``, ``install``, ``local``,
``prep``, ``srpm``, ``verify-files``. Ignore files in a cloned repository -----
Git will ignore automatically generated files. Ignored patterns can be specified
in ``rhpkg``/``fedpkg`` config. Patterns are applied in ``.git/info/exclude``
file only when repository is cloned. And changes are valid only for local
repository. Pass specific arguments to "mock" ----- In ``mockbuild``: * Pass
``--enable-network`` to "mock" command. * Pass ``--disablerepo`` and
``--enablerepo`` to "mock" command. Both arguments can be used multiple times.
Added "depth" argument to "git clone" ----- Added ``--depth``
argument for
``git clone`` command. It creates a shallow clone with a history truncated to
the specified number of commits. Cloning mostly applies with single branch (with
argument ``--branch``). Watch multiple module builds ----- Code is written to
be able to watch multiple module builds just after submitting a module build.
Command ``module-build-watch`` also accepts command line arguments (multiple
``build_id``) to watch specified builds. Show module build links in output from
command module-build ----- If not watch module build, show build links in order
to be easy to link to module build in Web browser. Add the ability to configure
multiple regex expressions ----- Add the ability to configure multiple regex
expressions for ``base_module_stream_regex_from_branch``. Add "retire" command
supporting both packages and modules ----- There was previously a ``retire``
command in ``fedpkg`` supporting only packages. This brings the ``retire``
command into ``rpkg`` with added support for a module-specific ``dead.module``
marker file. Import srpm without uploading sources ----- Add new argument
``--offline`` for command ``import``. Files won't be uploaded to lookaside
cache. Ignore any specified profile when finding the Flatpak build target -----
The source module for a Flatpak build can be specified as something like
``flatpak-runtime:28/sdk`` to indicate that the Flatpak is built from the "sdk"
profile of the flatpak-runtime module. This should be ignored when looking up
module builds to find the platform stream and build target. Added update-docs
script ----- Script (``doc/update-docs.sh``) that updates html documentation
git repository on ``Pagure``. And unify it with ``fedpkg`` version of the
script. fedpkg ===== This release requires ``rpkg >= 1.58``. Ignore files in
a cloned repository ----- Git will ignore automatically generated files.
Ignored patterns can be specified in config. Initial patterns were added.
Patterns are applied in ``.git/info/exclude`` file only when repository is
cloned. And changes are valid only for local repository. Enable shell
completion for module scratch builds ----- * Add custom SRPM shell completion
with local module builds. * Add missing shell completion options for local
module builds. * Require SRPMs to be specified individually using multiple
``--srpm SRPM`` options. * Enable completion of modulemd file path by yaml
extension. Show hint when Pagure token expires ----- When Pagure token is
expired, hint is added in commands ``fedpkg request-repo`` and ``fedpkg request-
branch`` to keep user informed how to renew the token. Include possible
distprefix in "--define dist" for Forge-based packages ----- In forge based
packages, and most notably all Golang packages, dist tag are computed by a lua
script in order to generate a snapshot date and shortcommit. This patch passes
the computed ``%{?distprefix}`` in ``dist`` to take into account the specificity
of Forge based packages. Other small fixes ----- * Make ``fedpkg update``
output a report after success. * Fix fedpkg update --bugs detection. * The
``retire`` command is now included in rpkg, supporting both packages and
modules.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 29 2019 Ond��ej Nosek <onosek(a)redhat.com> - 1.58-1
- Ignore files in a cloned repository - #355 (onosek)
- Handle data from python RPM binding as UTF-8 string (zebob.m)
- srpm_import: be compatible with rhbz#1693751 (praiskup)
- Pass --enable-network to mock - 314 (onosek)
- Enhance 'module-overview' sub-command to show scratch status of modules.
(mmathesi)
- Remove the ability to parse a module's branch automatically to determine the
base module stream override (mprahl)
- Improvements for scratch module builds (mmathesi)
- Updates to support scratch module builds (mmathesi)
- Refactor fake Koji credential handling from TestBuildPackage class into new
FakeKojiCreds class so it can be shared with TestModulesCli class. (mmathesi)
- Make Koji upload methods more generic so they can be reused. (mmathesi)
- Allow passing --offline and -r to mbs-manager build_module_locally. (jkaluza)
- Depth param for clone - tuning (onosek)
- Depth param for clone - #363 (onosek)
- Pass --disablerepo and --enablerepo to mock - 313 (onosek)
- Import srpm without uploading sources - rhbz#1175262 (onosek)
- Ignore any specified profile when finding the Flatpak build target (otaylor)
- Show module build links in output from command module-build (cqi)
- Add 'retire' command supporting both packages and modules (mmathesi)
- Fix "push --force" (tim)
- Container-build returns its status to command-line - #415 (onosek)
- Upload .crate files to lookaside cache - 312 (onosek)
- Restrict version of PyYAML on Python 2.6 (lsedlar)
- Simplify srpm method (onosek)
- Permit setting arbitrary rpm macros during build (riehecky)
- Add the ability to configure multiple regex expressions for
base_module_stream_regex_from_branch (mprahl)
- Do not require PyGObject in setup.py - rhbz#1679365 (onosek)
- Fixing failing Jenkins tests (onosek)
- Unify update-docs script with fedpkg version (onosek)
- README: add links (onosek)
- Watch multiple module builds (cqi)
- Added update-docs script (onosek)
* Thu Apr 25 2019 Ond��ej Nosek <onosek(a)redhat.com> - 1.57-9
- yet another compat fix with RPM after rhbz#1693751
* Fri Apr 19 2019 Pavel Raiskup <praiskup(a)redhat.com> - 1.57-8
- compat fix with RPM after rhbz#1693751
* Wed Mar 20 2019 Igor Gnatenko <ignatenkobrain(a)fedoraproject.org> - 1.57-7
- Backport patch for uploading *.crate into lookaside
--------------------------------------------------------------------------------
================================================================================
singularity-3.1.1-1.el7 (FEDORA-EPEL-2019-bde858e58d)
Application and environment virtualization
--------------------------------------------------------------------------------
Update Information:
Update to upstream 3.1.1-1
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 2 2019 Dave Dykstra <dwd(a)fedoraproject.org> - 3.1.1-1
- Update to upstream 3.1.1-1
* Mon Feb 25 2019 Dave Dykstra <dwd(a)fedoraproject.org> - 3.1.0-1
- Update to upstream 3.1.0-1
* Tue Jan 22 2019 Dave Dykstra <dwd(a)fedoraproject.org> - 3.0.3-1
- Update to upstream 3.0.3-1 release.
* Fri Jan 18 2019 Dave Dykstra <dwd(a)fedoraproject.org> - 3.0.3-rc2
- Update to upstream 3.0.3-rc2
* Wed Jan 16 2019 Dave Dykstra <dwd(a)fedoraproject.org> - 3.0.3-rc1
- Update to upstream 3.0.3-rc1
* Wed Jan 9 2019 Dave Dykstra <dwd(a)fedoraproject.org> - 3.0.2-1.2
- Add patch for PR 2531
* Mon Jan 7 2019 Dave Dykstra <dwd(a)fedoraproject.org> - 3.0.2-1.1
- Update to upstream 3.0.2
- Added patches for PRs 2472, 2478, 2481
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1693909 - singularity-3.1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1693909
--------------------------------------------------------------------------------
================================================================================
zstd-1.4.0-1.el7 (FEDORA-EPEL-2019-a7a3b1e4c9)
Zstd compression library
--------------------------------------------------------------------------------
Update Information:
Latest upstream
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 29 2019 P��draig Brady <P(a)draigBrady.com> - 1.4.0-1
- Latest upstream
* Sun Feb 3 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.8-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------