The following Fedora EPEL 7 Security updates need testing: Age URL 343 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d condor-8.6.11-1.el7 119 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-d2c1368294 cinnamon-3.6.7-5.el7 85 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80 python-gnupg-0.4.4-1.el7 82 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b bubblewrap-0.3.3-2.el7 54 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-fc63c75ab1 hostapd-2.8-1.el7 19 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-12067fc897 dosbox-0.74.3-2.el7 14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-670ca3c5f3 pyxdg-0.25-8.el7 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-487a6fb279 knot-2.8.2-1.el7 knot-resolver-4.1.0-1.el7 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-aabd063c30 squirrelmail-1.4.23-1.el7.20190710 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-931a6c5c69 chromium-75.0.3770.100-3.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-d69da1824e java-latest-openjdk-12.0.2.9-1.rolling.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
apachetop-0.19.7-1.el7 bird2-2.0.4-2.el7 cc65-2.18-8.el7 lua-psl-0.3-2.el7 proftpd-1.3.5e-5.el7 suricata-4.1.4-2.el7
Details about builds:
================================================================================ apachetop-0.19.7-1.el7 (FEDORA-EPEL-2019-dc6705ad39) A top-like display of Apache logs -------------------------------------------------------------------------------- Update Information:
ApacheTop 0.19.7 (20th July, 2019) ================================== * attempt to find ncurses via `pkg-config` first * add `.editorconfig` for consistent coding style -------------------------------------------------------------------------------- ChangeLog:
* Tue Jul 23 2019 Robert Scheck robert@fedoraproject.org - 0.19.7-1 - Upgrade to 0.19.7 --------------------------------------------------------------------------------
================================================================================ bird2-2.0.4-2.el7 (FEDORA-EPEL-2019-86ce97f312) BIRD Internet Routing Daemon -------------------------------------------------------------------------------- Update Information:
- Build require libssh-devel for RPKI-RTR protocol -------------------------------------------------------------------------------- ChangeLog:
* Mon Apr 1 2019 Robert Scheck robert@fedoraproject.org - 2.0.4-2 - Build require libssh-devel for RPKI-RTR protocol --------------------------------------------------------------------------------
================================================================================ cc65-2.18-8.el7 (FEDORA-EPEL-2019-8c1732b7e0) A free C compiler for 6502 based systems -------------------------------------------------------------------------------- Update Information:
- Add a set of upstream patches to fix several minor bugs. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 22 2019 Bj��rn Esser besser82@fedoraproject.org - 2.18-8 - Add a set of upstream patches to fix several minor bugs * Mon Jul 15 2019 Bj��rn Esser besser82@fedoraproject.org - 2.18-7 - Add two upstream patches for minor fixes * Fri Jul 5 2019 Bj��rn Esser besser82@fedoraproject.org - 2.18-6 - Clarify the purpose of the devel package in its %description a bit more verbose * Fri Jul 5 2019 Bj��rn Esser besser82@fedoraproject.org - 2.18-5 - Add an upstream patch to fix ld65 behaviour --------------------------------------------------------------------------------
================================================================================ lua-psl-0.3-2.el7 (FEDORA-EPEL-2019-f162d2cc5a) Lua bindings to Public Suffix List library -------------------------------------------------------------------------------- Update Information:
initial release of lua-psl package --------------------------------------------------------------------------------
================================================================================ proftpd-1.3.5e-5.el7 (FEDORA-EPEL-2019-ef655ec55e) Flexible, stable and highly-configurable FTP server -------------------------------------------------------------------------------- Update Information:
This update addresses an arbitrary file copy vulnerability in mod_copy in ProFTPD, which allowed for remote code execution and information disclosure without authentication due to not honoring `<Limit>` constraints. Upstream bug: http://bugs.proftpd.org/show_bug.cgi?id=4372 The upstream fix for this issue has been back-ported to ProFTPD 1.3.5e for EPEL-7. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jul 23 2019 Paul Howarth paul@city-fan.org - 1.3.5e-5 - An arbitrary file copy vulnerability in mod_copy in ProFTPD allowed for remote code execution and information disclosure without authentication (CVE-2019-12815) http://bugs.proftpd.org/show_bug.cgi?id=4372 https://github.com/proftpd/proftpd/pull/816 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1732365 - CVE-2019-12815 proftpd: file copy vulnerability in mod_copy allows for remote code execution https://bugzilla.redhat.com/show_bug.cgi?id=1732365 --------------------------------------------------------------------------------
================================================================================ suricata-4.1.4-2.el7 (FEDORA-EPEL-2019-e32ce92a7f) Intrusion Detection System -------------------------------------------------------------------------------- Update Information:
Rebuilt for new libprelude -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 22 2019 Steve Grubb sgrubb@redhat.com 4.1.4-2 - Rebuild for libprelude so bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1730284 - Need recompile : libprelude new version 5.0 soname bump https://bugzilla.redhat.com/show_bug.cgi?id=1730284 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org