The following Fedora EPEL 7 Security updates need testing:
Age URL
714
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
477
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f
mcollective-2.8.4-1.el7
195
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-23fa04bf1c
redis-3.2.3-1.el7
179
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8f4ff76b3
chicken-4.11.0-3.el7
59
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d
libbsd-0.8.3-1.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e2cea1c22d
python-cjson-1.1.0-9.el7
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-920059d2ed
mingw-wavpack-5.1.0-1.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d5fe44714a
cacti-1.0.3-2.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d1c56cd592
xrdp-0.9.1-4.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
activemq-cpp-3.9.3-3.el7
fusioninventory-agent-2.3.19-2.el7
gfal2-2.13.1-1.el7
gfal2-python-1.9.1-1.el7
gfal2-util-1.5.0-1.el7
ocserv-0.11.7-3.el7
po-debconf-1.0.16-9.nmu3.el7
srm-ifce-1.24.2-1.el7
xrdp-0.9.1-4.el7
Details about builds:
================================================================================
activemq-cpp-3.9.3-3.el7 (FEDORA-EPEL-2017-ee27d3d4e2)
C++ implementation of JMS-like messaging client
--------------------------------------------------------------------------------
Update Information:
* Upstream to 3.9.3 * Add activemqcpp-lib3.8 package to provide old version so.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1369701 - Please upgrade to upstream version
https://bugzilla.redhat.com/show_bug.cgi?id=1369701
--------------------------------------------------------------------------------
================================================================================
fusioninventory-agent-2.3.19-2.el7 (FEDORA-EPEL-2017-e965d500af)
FusionInventory agent
--------------------------------------------------------------------------------
Update Information:
Update to last upstream release on EL6 Fix a setup/path issue ---- Last
upstream release ---- Update systemd files to use "systemctl edit" Make cron
mode work again; re-add sysconfig file comments
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1424664 - fusioninventory-agent-2.3.19 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1424664
--------------------------------------------------------------------------------
================================================================================
gfal2-2.13.1-1.el7 (FEDORA-EPEL-2017-c019168ed1)
Grid file access library 2.0
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
================================================================================
gfal2-python-1.9.1-1.el7 (FEDORA-EPEL-2017-7967eacea2)
Python bindings for gfal 2
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
================================================================================
gfal2-util-1.5.0-1.el7 (FEDORA-EPEL-2017-b3b809787d)
GFAL2 utility tools
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
================================================================================
ocserv-0.11.7-3.el7 (FEDORA-EPEL-2017-89d24ea7a4)
OpenConnect SSL VPN server
--------------------------------------------------------------------------------
Update Information:
Included liboath in the build ---- - Update to upstream 0.11.7 release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1423880 - Liboath Support is Missing from Ocserv Binaries
https://bugzilla.redhat.com/show_bug.cgi?id=1423880
--------------------------------------------------------------------------------
================================================================================
po-debconf-1.0.16-9.nmu3.el7 (FEDORA-EPEL-2017-2ef0ea428d)
Tool for managing templates file translations with gettext
--------------------------------------------------------------------------------
Update Information:
We already may have Requires: perl(Mail::Box::Manager) on epel7
--------------------------------------------------------------------------------
================================================================================
srm-ifce-1.24.2-1.el7 (FEDORA-EPEL-2017-431720c89d)
SRM client side library
--------------------------------------------------------------------------------
Update Information:
Upstream release 1.24.2
--------------------------------------------------------------------------------
================================================================================
xrdp-0.9.1-4.el7 (FEDORA-EPEL-2017-d1c56cd592)
Open source remote desktop protocol (RDP) server
--------------------------------------------------------------------------------
Update Information:
WARNING: Please note that this update comes with a slightly different syntax of
sesman.ini file, so if you edited this file by hand, you may need to look at the
.rpmnew file and merge any required changes by hand. This release also creates
three files in /etc/xrdp directory if they don't already exist or are empty: -
rsakeys.ini - cert.pem - key.pem Also note that in Fedora, the only backend
that will really work is still Xvnc for now. New features - New xorgxrdp
backend using existing Xorg with additional modules - Improvements to X11rdp
backend - Support for IPv6 (disabled by default) - Initial support for RemoteFX
Codec (disabled by default) - Support for TLS security layer (preferred over RDP
layer if supported by the client) - Support for disabling deprecated SSLv3
protocol and for selecting custom cipher suites in xrdp.ini - Support for
bidirectional fastpath (enabled in both directions by default) - Support clients
that don't support drawing orders, such as MS RDP client for Android, ChromeRDP
(disabled by default) - More configurable login screen - Support for new virtual
channels: - - rdpdr: device redirection - - rdpsnd: audio output - - cliprdr:
clipboard - - xrdpvr: xrdp video redirection channel (can be used along with
NeutrinoRDP client) - Support for disabling virtual channels globally or by
session type - Allow to specify the path for backends (Xorg, X11rdp, Xvnc) -
Added files for systemd support - Multi-monitor support - xrdp-chansrv stroes
logs in ${XDG_DATA_HOME}/xrdp now Security fixes - User's password could be
recovered from the Xvnc password file - X11 authentication was not used
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1404972 - CVE-2013-1430 xrdp: Cleartext password shown in file after logging
into xrdp session [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1404972
[ 2 ] Bug #1404971 - CVE-2013-1430 xrdp: Cleartext password shown in file after logging
into xrdp session [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1404971
--------------------------------------------------------------------------------