The following Fedora EPEL 7 Security updates need testing:
Age URL
28
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3835d39d1a
unrtf-0.21.9-8.el7
24
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-656b24ec40
chromium-67.0.3396.79-1.el7
22
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-15b7dc35af
pass-1.7.2-1.el7
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-9d8de55465
drupal7-backup_migrate-3.5-1.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-7926246d9d
libgit2-0.26.4-1.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-ccbe8e3c4d
knot-resolver-2.4.0-1.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3f114dff22
wordpress-4.9.7-1.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-6b0fdd8b40
guacamole-server-0.9.14-1.el7 libvncserver-0.9.9-0.12.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
ansible-2.6.1-1.el7
python-bigsuds-1.0.6-2.el7
python-f5-icontrol-rest-1.3.9-3.el7
python-f5-sdk-3.0.17-3.el7
zchunk-0.7.5-4.el7
Details about builds:
================================================================================
ansible-2.6.1-1.el7 (FEDORA-EPEL-2018-be727516a8)
SSH-based configuration management, deployment, and task execution system
--------------------------------------------------------------------------------
Update Information:
Update to ansible 2.6.1 bugfix release. Fixes also 2 CVEs: CVE-2018-10874 and
CVE-2018-10875 See
https://github.com/ansible/ansible/blob/stable-2.6/changelogs/CHANGELOG-v...
for full list of changes.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 5 2018 Kevin Fenzi <kevin(a)scrye.com> - 2.6.1-1
- Update to 2.6.1. Fixes bug #1598602
- Fixes CVE-2018-10874 and CVE-2018-10875
* Mon Jul 2 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 2.6.0-2
- Rebuilt for Python 3.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1598810 - CVE-2018-10874 ansible: Inventory variables are loaded from current
working directory when running ad-hoc command that can lead to code execution [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1598810
[ 2 ] Bug #1598806 - CVE-2018-10875 ansible: ansible.cfg is being read from current
working directory allowing possible code execution [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1598806
[ 3 ] Bug #1598809 - CVE-2018-10874 ansible: Inventory variables are loaded from current
working directory when running ad-hoc command that can lead to code execution
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1598809
[ 4 ] Bug #1598805 - CVE-2018-10875 ansible: ansible.cfg is being read from current
working directory allowing possible code execution [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1598805
[ 5 ] Bug #1598602 - ansible-2.6.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1598602
--------------------------------------------------------------------------------
================================================================================
python-bigsuds-1.0.6-2.el7 (FEDORA-EPEL-2018-db359e990d)
Library for F5 Networks iControl API
--------------------------------------------------------------------------------
Update Information:
Initial build.
--------------------------------------------------------------------------------
================================================================================
python-f5-icontrol-rest-1.3.9-3.el7 (FEDORA-EPEL-2018-0431502c4a)
F5 BIG-IP iControl REST API client
--------------------------------------------------------------------------------
Update Information:
Initial build ---- First EPEL 7 build.
--------------------------------------------------------------------------------
================================================================================
python-f5-sdk-3.0.17-3.el7 (FEDORA-EPEL-2018-f2d2c9305a)
F5 Networks Python SDK
--------------------------------------------------------------------------------
Update Information:
Initial build.
--------------------------------------------------------------------------------
================================================================================
zchunk-0.7.5-4.el7 (FEDORA-EPEL-2018-56581ffa1c)
Compressed file format that allows easy deltas
--------------------------------------------------------------------------------
Update Information:
Initial release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1597287 - Review Request: zchunk - Compressed file format that allows easy
deltas
https://bugzilla.redhat.com/show_bug.cgi?id=1597287
--------------------------------------------------------------------------------