The following Fedora EPEL 7 Security updates need testing: Age URL 446 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d condor-8.6.11-1.el7 188 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80 python-gnupg-0.4.4-1.el7 185 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b bubblewrap-0.3.3-2.el7 122 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-12067fc897 dosbox-0.74.3-2.el7 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-821ac0b641 mingw-libidn2-2.2.0-1.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-19535181a5 java-latest-openjdk-13.0.1.9-2.rolling.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-458a052bdb rssh-2.3.4-15.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-0d0c37fcca hostapd-2.9-2.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-e6e7d521d9 chromium-78.0.3904.70-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
airrac-1.00.3-1.el7 eccodes-2.14.1-1.el7 libmp4v2-2.1.0-0.18.trunkREV507.el7 perl-Text-Table-1.133-7.el7 pspg-2.5.2-1.el7 python-pexpect-4.6-2.el7 python-pytest-timeout-1.2.1-4.el7 rmol-1.00.3-1.el7 slowhttptest-1.8.1-1.el7 soci-4.0.0-1.el7 stdair-1.00.8-1.el7
Details about builds:
================================================================================ airrac-1.00.3-1.el7 (FEDORA-EPEL-2019-6f7bed05c5) C++ Simulated Revenue Accounting (RAC) System Library -------------------------------------------------------------------------------- Update Information:
Update to 1.00.3 -------------------------------------------------------------------------------- ChangeLog:
* Mon Oct 28 2019 Denis Arnaud denis.arnaud_fedora@m4x.org - 1.00.3-1 - First build for EPEL 8 --------------------------------------------------------------------------------
================================================================================ eccodes-2.14.1-1.el7 (FEDORA-EPEL-2019-241f3d9340) WMO data format decoding and encoding -------------------------------------------------------------------------------- Update Information:
Upgrade to upstream version 2.14.1 -------------------------------------------------------------------------------- ChangeLog:
* Sun Oct 27 2019 Jos de Kloe josdekloe@gmail.com - 2.14.1-1 - Upgrade to upstream version 2.14.1 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1742563 - eccodes-2.14.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1742563 --------------------------------------------------------------------------------
================================================================================ libmp4v2-2.1.0-0.18.trunkREV507.el7 (FEDORA-EPEL-2019-ec3a3dac15) Library for working with files using the mp4 container format -------------------------------------------------------------------------------- Update Information:
Fix https://nvd.nist.gov/vuln/detail/CVE-2018-14446 https://nvd.nist.gov/vuln/detail/CVE-2018-14403 https://nvd.nist.gov/vuln/detail/CVE-2018-14379 https://nvd.nist.gov/vuln/detail/CVE-2018-14326 https://nvd.nist.gov/vuln/detail/CVE-2018-14325 https://nvd.nist.gov/vuln/detail/CVE-2018-14054 based on https://github.com/TechSmith/mp4v2/pull/27 and https://github.com/sergiomb2/libmp4v2/ -------------------------------------------------------------------------------- ChangeLog:
* Sat Nov 2 2019 S��rgio Basto sergio@serjux.com - 2.1.0-0.18.trunkREV507 - Fix https://nvd.nist.gov/vuln/detail/CVE-2018-14446 https://nvd.nist.gov/vuln/detail/CVE-2018-14403 https://nvd.nist.gov/vuln/detail/CVE-2018-14379 https://nvd.nist.gov/vuln/detail/CVE-2018-14326 https://nvd.nist.gov/vuln/detail/CVE-2018-14325 https://nvd.nist.gov/vuln/detail/CVE-2018-14054 based on https://github.com/TechSmith/mp4v2/pull/27 and https://github.com/sergiomb2/libmp4v2/ - Update spec - Fix build on epel7 * Thu Jul 25 2019 Fedora Release Engineering releng@fedoraproject.org - 2.1.0-0.17.trunkREV507 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Tue Feb 19 2019 FeRD (Frank Dana) <ferdnyc AT gmail com> - 2.1.0-0.16.trunkREV507 - Add BuildRequires for help2man, fixes manpage generation * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 2.1.0-0.15.trunkREV507 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Sun Nov 18 2018 Zbigniew J��drzejewski-Szmek zbyszek@in.waw.pl - 2.1.0-0.14.trunkREV507 - Add BR:glibc-langpack-en See https://fedoraproject.org/wiki/Changes/Remove_glibc-langpacks-all_from_build... * Fri Jul 13 2018 Fedora Release Engineering releng@fedoraproject.org - 2.1.0-0.13.trunkREV507 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Wed Feb 7 2018 Fedora Release Engineering releng@fedoraproject.org - 2.1.0-0.12.trunkREV507 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Thu Aug 3 2017 Fedora Release Engineering releng@fedoraproject.org - 2.1.0-0.11.trunkREV507 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Wed Jul 26 2017 Fedora Release Engineering releng@fedoraproject.org - 2.1.0-0.10.trunkREV507 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Mon May 15 2017 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.1.0-0.9.trunkREV507 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_27_Mass_Rebuild * Wed Feb 8 2017 S��rgio Basto sergio@serjux.com - 2.1.0-0.8.trunkREV507 - Add patch for GCC7 - Add new pactch 0003-Fix-out-of-tree-builds-182.patch - Rename the others patches * Mon Feb 6 2017 S��rgio Basto sergio@serjux.com - 2.1.0-0.7.trunkREV507 - Fix python3 support in EPEL7 * Thu Feb 4 2016 Fedora Release Engineering releng@fedoraproject.org - 2.1.0-0.6.trunkREV507 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild * Sun Oct 4 2015 S��rgio Basto sergio@serjux.com - 2.1.0-0.5.trunkREV507 - Tidy a little more. - Added mp4v2-2.1-fixdoc2.patch : install man/man3/, BTW like in libmp4v2-1.5.0.1 and fix 30 annoying warnings "target x given more than once in the same rule". - Make api documentation and add it (doc/api/html/) into -devel package. * Fri Oct 2 2015 David King amigadave@amigadave.com - 2.1.0-0.4.trunkREV507 - Remove obsolete tags - Use license macro for COPYING - Tighten requirements on base package - Update man pages glob in files section - Tidy spec file * Wed Jun 17 2015 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.1.0-0.3.trunkREV507 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Fri Apr 24 2015 S��rgio Basto sergio@serjux.com - 2.1.0-0.2.trunkREV507 - Use trunk source, not source generated with make dist * Wed Apr 22 2015 S��rgio Basto sergio@serjux.com - 2.1.0-0.1.trunkREV507 - Update pre release 2.1.0, svn trunk version REV 507 . -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1601676 - CVE-2018-14326 libmp4v2: Missing check for integer overflow in mp4array.h:Resize() allows for denial of service via crafted MP4 [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1601676 [ 2 ] Bug #1603225 - CVE-2018-14403 libmp4v2: Out-of-bounds read in MP4NameFirstMatches in mp4util.cpp [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1603225 [ 3 ] Bug #1603237 - CVE-2018-14379 libmp4v2: Type confusion in MP4Atom::factory in mp4atom.cpp [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1603237 [ 4 ] Bug #1603298 - CVE-2018-14054 libmp4v2: Double free in the MP4StringProperty class in mp4property.cpp [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1603298 [ 5 ] Bug #1601675 - CVE-2018-14326 libmp4v2: Missing check for integer overflow in mp4array.h:Resize() allows for denial of service via crafted MP4 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1601675 [ 6 ] Bug #1601680 - CVE-2018-14325 libmp4v2: Integer underflow in when parsing MP4Atom in mp4atom.cpp [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1601680 --------------------------------------------------------------------------------
================================================================================ perl-Text-Table-1.133-7.el7 (FEDORA-EPEL-2019-e7e425e31a) Organize Data in Tables -------------------------------------------------------------------------------- Update Information:
This package contains the Perl module Text::Table, which allows you to create and maintain tables that adapt to alignment requirements as you use them. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1768131 - [RFE] EPEL7, EPEL8 branch of perl-Text-Table https://bugzilla.redhat.com/show_bug.cgi?id=1768131 --------------------------------------------------------------------------------
================================================================================ pspg-2.5.2-1.el7 (FEDORA-EPEL-2019-5d20768521) A unix pager optimized for psql -------------------------------------------------------------------------------- Update Information:
new upstream release, per release notes: - https://github.com/okbob/pspg/releases/tag/2.5.2 - https://github.com/okbob/pspg/releases/tag/2.5.0 - https://github.com/okbob/pspg/releases/tag/2.1.8 - https://github.com/okbob/pspg/releases/tag/2.1.7 -------------------------------------------------------------------------------- ChangeLog:
* Sun Nov 3 2019 Pavel Raiskup praiskup@redhat.com - 2.5.2-1 - new upstream release, per release notes: https://github.com/okbob/pspg/releases/tag/2.5.2 https://github.com/okbob/pspg/releases/tag/2.5.0 https://github.com/okbob/pspg/releases/tag/2.1.8 https://github.com/okbob/pspg/releases/tag/2.1.7 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1760951 - pspg-2.5.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1760951 --------------------------------------------------------------------------------
================================================================================ python-pexpect-4.6-2.el7 (FEDORA-EPEL-2019-ba69cc1174) Unicode-aware Pure Python Expect-like module -------------------------------------------------------------------------------- Update Information:
New packages --------------------------------------------------------------------------------
================================================================================ python-pytest-timeout-1.2.1-4.el7 (FEDORA-EPEL-2019-ba69cc1174) py.test plugin to abort hanging tests -------------------------------------------------------------------------------- Update Information:
New packages --------------------------------------------------------------------------------
================================================================================ rmol-1.00.3-1.el7 (FEDORA-EPEL-2019-06929e4375) C++ library of Revenue Management and Optimisation classes and functions -------------------------------------------------------------------------------- Update Information:
Update to 1.00.3 -------------------------------------------------------------------------------- ChangeLog:
* Mon Oct 28 2019 Denis Arnaud denis.arnaud_fedora@m4x.org - 1.00.3-1 - First build on EPEL 8 --------------------------------------------------------------------------------
================================================================================ slowhttptest-1.8.1-1.el7 (FEDORA-EPEL-2019-31d63de1c6) An Application Layer DoS attack simulator -------------------------------------------------------------------------------- Update Information:
Version 1.8.1 - Dockerfile to build and run in a container - Fixes the version number in the package - Fixes compilation warnings - Modernized build scripts - Bug fixes -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 1 2019 Denis Fateyev denis@fateyev.com - 1.8.1-1 - Update to release 1.8.1 * Fri Jul 26 2019 Fedora Release Engineering releng@fedoraproject.org - 1.7-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Sat Feb 2 2019 Fedora Release Engineering releng@fedoraproject.org - 1.7-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Sat Jul 14 2018 Fedora Release Engineering releng@fedoraproject.org - 1.7-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Thu Mar 15 2018 Fabian Affolter mail@fabian-affolter.ch - 1.7-5 - Fix FTBFS (rhbz#1556449) * Fri Feb 9 2018 Fedora Release Engineering releng@fedoraproject.org - 1.7-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Thu Aug 3 2017 Fedora Release Engineering releng@fedoraproject.org - 1.7-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Thu Jul 27 2017 Fedora Release Engineering releng@fedoraproject.org - 1.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Mon Apr 3 2017 Fabian Affolter mail@fabian-affolter.ch - 1.7-1 - Update to latest upstream release 1.7 * Mon Apr 3 2017 Fabian Affolter mail@fabian-affolter.ch - 1.6-9 - Fix FTBFS (rhbz#1424451) * Sat Feb 11 2017 Fedora Release Engineering releng@fedoraproject.org - 1.6-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild * Sun May 1 2016 Fabian Affolter mail@fabian-affolter.ch - 1.6-7 - Update upstream link * Fri Feb 5 2016 Fedora Release Engineering releng@fedoraproject.org - 1.6-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild * Fri Jun 19 2015 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.6-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Sat May 2 2015 Kalev Lember kalevlember@gmail.com - 1.6-4 - Rebuilt for GCC 5 C++11 ABI change * Mon Aug 18 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1768120 - slowhttptest: 1.8.1 release https://bugzilla.redhat.com/show_bug.cgi?id=1768120 --------------------------------------------------------------------------------
================================================================================ soci-4.0.0-1.el7 (FEDORA-EPEL-2019-232d7011aa) The database access library for C++ programmers -------------------------------------------------------------------------------- Update Information:
Upgrade to 4.0.0-rc1 -------------------------------------------------------------------------------- ChangeLog:
* Sat Oct 26 2019 Denis Arnaud denis.arnaud_fedora@m4x.org 4.0.0-1 - Update to upstream release 4.0.0-rc1 - Slightly modernized the RPM spec file * Fri Jul 26 2019 Fedora Release Engineering releng@fedoraproject.org - 3.2.3-20 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Sun Feb 3 2019 Fedora Release Engineering releng@fedoraproject.org - 3.2.3-19 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Thu Jan 24 2019 Jonathan Wakely jwakely@redhat.com - 3.2.3-18 - Rebuilt for Boost 1.69 * Sat Jul 14 2018 Fedora Release Engineering releng@fedoraproject.org - 3.2.3-17 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Fri Feb 9 2018 Fedora Release Engineering releng@fedoraproject.org - 3.2.3-16 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Mon Jan 22 2018 Jonathan Wakely jwakely@redhat.com - 3.2.3-15 - Rebuilt for Boost 1.66 * Thu Aug 3 2017 Fedora Release Engineering releng@fedoraproject.org - 3.2.3-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Thu Jul 27 2017 Fedora Release Engineering releng@fedoraproject.org - 3.2.3-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Tue Jul 4 2017 Jonathan Wakely jwakely@redhat.com - 3.2.3-12 - Rebuilt for Boost 1.64 * Sat Feb 11 2017 Fedora Release Engineering releng@fedoraproject.org - 3.2.3-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild * Fri Jan 27 2017 Jonathan Wakely jwakely@redhat.com - 3.2.3-10 - Rebuilt for Boost 1.63 * Fri Jan 13 2017 Denis Arnaud denis.arnaud_fedora@m4x.org - 3.2.3-9 - Fixed compilation issues with C++11 (deprecation of auto_ptr) * Mon May 16 2016 Jonathan Wakely jwakely@redhat.com - 3.2.3-8 - Rebuilt for linker errors in boost (#1331983) * Fri Feb 5 2016 Fedora Release Engineering releng@fedoraproject.org - 3.2.3-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild * Fri Jan 15 2016 Jonathan Wakely jwakely@redhat.com - 3.2.3-6 - Rebuilt for Boost 1.60 * Thu Aug 27 2015 Jonathan Wakely jwakely@redhat.com - 3.2.3-5 - Rebuilt for Boost 1.59 * Wed Jul 29 2015 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.2.3-4 - Rebuilt for https://fedoraproject.org/wiki/Changes/F23Boost159 * Wed Jul 22 2015 David Tardon dtardon@redhat.com - 3.2.3-3 - rebuild for Boost 1.58 * Fri Jun 19 2015 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.2.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ stdair-1.00.8-1.el7 (FEDORA-EPEL-2019-3d682a15bd) C++ Standard Airline IT Object Library -------------------------------------------------------------------------------- Update Information:
Update to 1.00.8 -------------------------------------------------------------------------------- ChangeLog:
* Mon Oct 28 2019 Denis Arnaud denis.arnaud_fedora@m4x.org - 1.00.8-1 - Update to 1.00.8 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org