The following Fedora EPEL 7 Security updates need testing:
Age URL
705
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
467
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f
mcollective-2.8.4-1.el7
186
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-23fa04bf1c
redis-3.2.3-1.el7
170
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8f4ff76b3
chicken-4.11.0-3.el7
50
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d
libbsd-0.8.3-1.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-cf95057959
viewvc-1.1.26-1.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-0f3297a19b
nagios-4.2.4-2.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e2cea1c22d
python-cjson-1.1.0-9.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
holland-1.0.14-3.el7
lynis-2.4.1-1.el7
mozjs31-31.5.0-1.el7
pdc-updater-0.5.2-1.el7
perl-Class-Std-Fast-0.0.8-2.el7
php-deepend-Mockery-0.9.8-1.el7
php-nikic-fast-route-1.2.0-1.el7
python-cjson-1.1.0-9.el7
python-defusedxml-0.5.0-1.el7
python-funcparserlib-0.3.6-11.el7
python-pygit2-0.21.4-3.el7
python-webcolors-1.7-2.el7
supybot-koji-0.2-12.el7
xrootd-4.6.0-2.el7
Details about builds:
================================================================================
holland-1.0.14-3.el7 (FEDORA-EPEL-2017-332307e847)
Pluggable Backup Framework
--------------------------------------------------------------------------------
Update Information:
- Remove unneeded holland_version macro - Remove example, maatkit, and random
subpackages - Move holland.lib.mysql and holland.lib.lvm modules into their own
subpackages - Clean up requirements
--------------------------------------------------------------------------------
================================================================================
lynis-2.4.1-1.el7 (FEDORA-EPEL-2017-c7fb8ea1fb)
Security and system auditing tool
--------------------------------------------------------------------------------
Update Information:
Update to 2.4.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1421133 - lynis-2.4.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1421133
--------------------------------------------------------------------------------
================================================================================
mozjs31-31.5.0-1.el7 (FEDORA-EPEL-2017-2661516dd3)
JavaScript interpreter and libraries
--------------------------------------------------------------------------------
Update Information:
mozjs 31.5.0 release, including backported patches for gjs support.
--------------------------------------------------------------------------------
================================================================================
pdc-updater-0.5.2-1.el7 (FEDORA-EPEL-2017-16594800f9)
Update the product definition center in response to fedmsg
--------------------------------------------------------------------------------
Update Information:
Latest upstream. ---- Latest upstream.
--------------------------------------------------------------------------------
================================================================================
perl-Class-Std-Fast-0.0.8-2.el7 (FEDORA-EPEL-2017-963e4ee3c5)
Faster but less secure replacement for Class::Std
--------------------------------------------------------------------------------
Update Information:
This is a new package. Building for epel7 was delayed until perl-Class-Std made
it to epel7 stable.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1418208 - Review Request: perl-Class-Std-Fast - Faster but less secure
replacement for Class::Std
https://bugzilla.redhat.com/show_bug.cgi?id=1418208
--------------------------------------------------------------------------------
================================================================================
php-deepend-Mockery-0.9.8-1.el7 (FEDORA-EPEL-2017-24347226e3)
Mockery is a simple but flexible PHP mock object framework
--------------------------------------------------------------------------------
Update Information:
Update to upstream version **0.9.8**. As [changelog is
missing](https://github.com/padraic/mockery/issues/644), see the [commit
history](https://github.com/padraic/mockery/commits/0.9).
--------------------------------------------------------------------------------
================================================================================
php-nikic-fast-route-1.2.0-1.el7 (FEDORA-EPEL-2017-d37ae19ee3)
Fast implementation of a regular expression based router
--------------------------------------------------------------------------------
Update Information:
Last upstream release ---- Last upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1419369 - php-nikic-fast-route-v1.2.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1419369
[ 2 ] Bug #1408886 - php-nikic-fast-route-v1.1.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1408886
--------------------------------------------------------------------------------
================================================================================
python-cjson-1.1.0-9.el7 (FEDORA-EPEL-2017-e2cea1c22d)
Fast JSON encoder/decoder for Python
--------------------------------------------------------------------------------
Update Information:
This update prevents `python-cjson` from crashing when attempting to parse
heavily nested JSON structures (which could be exploited for denial of service
purposes, against any application that uses `python-cjson` to parse arbitrary
input).
--------------------------------------------------------------------------------
================================================================================
python-defusedxml-0.5.0-1.el7 (FEDORA-EPEL-2017-dcd66fd3d3)
XML bomb protection for Python stdlib modules
--------------------------------------------------------------------------------
Update Information:
This update provides version 0.5.0 of `python-defusedxml`. The main feature of
this release is Python 3.6 compatibility, which affects only Fedora Rawhide, but
it includes various other minor cleanups that are worth having for all
distributions. This update is not provided for EPEL 6 as 0.5.0 drops
compatibility with Python 2.6, which is the system Python version on EL 6. This
update also enables the Python 3 subpackage on EPEL 7.
--------------------------------------------------------------------------------
================================================================================
python-funcparserlib-0.3.6-11.el7 (FEDORA-EPEL-2017-b146eb466f)
Recursive descent parsing library based on functional combinators
--------------------------------------------------------------------------------
Update Information:
First el7 package for this package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1390579 - Make python-blockdiag available in EPEL to use from centos
https://bugzilla.redhat.com/show_bug.cgi?id=1390579
--------------------------------------------------------------------------------
================================================================================
python-pygit2-0.21.4-3.el7 (FEDORA-EPEL-2017-dc9f5cde6d)
Python 2.x bindings for libgit2
--------------------------------------------------------------------------------
Update Information:
Rebuild for python-cffi update in rhel. Fixes bug #1400668
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1400668 - python-pygit2-0.21.4-2.el7 breaks due to new python-cffi in rhel
7.3
https://bugzilla.redhat.com/show_bug.cgi?id=1400668
--------------------------------------------------------------------------------
================================================================================
python-webcolors-1.7-2.el7 (FEDORA-EPEL-2017-b4954d5863)
A library for working with HTML and CSS color names and value formats
--------------------------------------------------------------------------------
Update Information:
First el7 submission for this package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1390579 - Make python-blockdiag available in EPEL to use from centos
https://bugzilla.redhat.com/show_bug.cgi?id=1390579
--------------------------------------------------------------------------------
================================================================================
supybot-koji-0.2-12.el7 (FEDORA-EPEL-2017-5f5f799cc6)
Plugin for Supybot to interact with Koji instances
--------------------------------------------------------------------------------
Update Information:
use https:// for the server config, clean up hosts = hosts = foo messiness
--------------------------------------------------------------------------------
================================================================================
xrootd-4.6.0-2.el7 (FEDORA-EPEL-2017-9b2cd39ee3)
Extended ROOT file server
--------------------------------------------------------------------------------
Update Information:
New version 4.6.0, release notes are here:
https://github.com/xrootd/xrootd/blob/v4.6.0/docs/ReleaseNotes.txt
--------------------------------------------------------------------------------