The following Fedora EPEL 7 Security updates need testing:
Age URL
1082
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
845
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f
mcollective-2.8.4-1.el7
427
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d
libbsd-0.8.3-1.el7
324
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe
mod_cluster-1.3.3-10.el7
156
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e27758bd23
libmspack-0.6-0.1.alpha.el7
93
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e64eeb6ece
nagios-4.3.4-5.el7
43
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-73ee944e65
rootsh-1.5.3-17.el7
17
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-7134fc92a1
jhead-3.00-7.el7
16
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-069884a87f
p7zip-16.02-10.el7
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-72e5d3ef89
suricata-4.0.4-1.el7
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-276ec6ee2b
exim-4.90.1-2.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-e50c94a832
seamonkey-2.49.2-2.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-525417d3d4
mbedtls-2.7.0-1.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-cee77fc9b3
knot-resolver-2.1.0-1.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-b7a74678b1
openjpeg2-2.3.0-6.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-50566f0a39
uwsgi-2.0.16-1.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-0296296d7c
mingw-wavpack-5.1.0-4.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
datagrepper-0.9.1-2.el7
freexl-1.0.5-1.el7
lcgdm-1.10.0-5.el7
lynis-2.6.2-1.el7
meson-0.44.1-1.el7
nsd-4.1.20-1.el7
php-cs-fixer-2.2.17-1.el7
python-toml-0.9.4-3.el7
spglib-1.10.3-1.el7
Details about builds:
================================================================================
datagrepper-0.9.1-2.el7 (FEDORA-EPEL-2018-954236b0e6)
A webapp to query fedmsg history
--------------------------------------------------------------------------------
Update Information:
Latest upstream.
--------------------------------------------------------------------------------
================================================================================
freexl-1.0.5-1.el7 (FEDORA-EPEL-2018-9111777f91)
Library to extract data from within an Excel spreadsheet
--------------------------------------------------------------------------------
Update Information:
Fixes several heap-buffer-overflows, see related Bugzilla tickets!
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1547892 - heap-buffer-overflow in freexl.c:3912 read_mini_biff_next_record of
FreeXL 1.0.4
https://bugzilla.redhat.com/show_bug.cgi?id=1547892
[ 2 ] Bug #1547889 - heap-buffer-overflow in freexl.c:383 parse_unicode_string of FreeXL
1.0.4
https://bugzilla.redhat.com/show_bug.cgi?id=1547889
[ 3 ] Bug #1547885 - heap-buffer-overflow in freexl.c:1866 parse_SST of FreeXL 1.0.4
https://bugzilla.redhat.com/show_bug.cgi?id=1547885
[ 4 ] Bug #1547883 - heap-buffer-overflow in freexl.c:1805 parse_SST parse_SST
https://bugzilla.redhat.com/show_bug.cgi?id=1547883
[ 5 ] Bug #1547879 - heap-buffer-overflow in freexl::destroy_cell of FreeXL 1.0.4
https://bugzilla.redhat.com/show_bug.cgi?id=1547879
--------------------------------------------------------------------------------
================================================================================
lcgdm-1.10.0-5.el7 (FEDORA-EPEL-2018-a914bf925b)
LHC Computing Grid Data Management
--------------------------------------------------------------------------------
Update Information:
* new upstream release ---- * new upstream release
--------------------------------------------------------------------------------
================================================================================
lynis-2.6.2-1.el7 (FEDORA-EPEL-2018-d7a6cbf9d8)
Security and system auditing tool
--------------------------------------------------------------------------------
Update Information:
Update to 2.6.2 (rhbz #1539272) ---- Update to 2.6.1 (rhbz #1539272)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1539272 - lynis-2.6.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1539272
--------------------------------------------------------------------------------
================================================================================
meson-0.44.1-1.el7 (FEDORA-EPEL-2018-9e6b270e6f)
High productivity build system
--------------------------------------------------------------------------------
Update Information:
Update to 0.44.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1547304 - meson-0.44.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1547304
--------------------------------------------------------------------------------
================================================================================
nsd-4.1.20-1.el7 (FEDORA-EPEL-2018-faef4af4e5)
Fast and lean authoritative DNS Name Server
--------------------------------------------------------------------------------
Update Information:
Updated to 4.1.20 (fixup memory leaks)
--------------------------------------------------------------------------------
================================================================================
php-cs-fixer-2.2.17-1.el7 (FEDORA-EPEL-2018-b768043f85)
A tool to automatically fix PHP code style
--------------------------------------------------------------------------------
Update Information:
Changelog for v2.2.17 --------------------- * bug #3504
NoBlankLinesAfterPhpdocFixer - allow blank line before declare statement
(julienfalque) * bug #3522 Remove LOCK_EX (SpacePossum) * bug #3560
SelfAccessorFixer is risky (Slamdunk) * minor #3435 Add tests for
general_phpdoc_annotation_remove (BackEndTea) * minor #3484 Create
Tokens::findBlockStart (ntzm) * minor #3512 Add missing array typehints (ntzm) *
minor #3516 Use null|type instead of ?type in PHPDocs (ntzm) * minor #3518
FixerFactoryTest - Test each priority test file is listed as test (SpacePossum)
* minor #3520 Fix typos: ran vs. run (SpacePossum) * minor #3521 Use HTTPS
(carusogabriel) * minor #3526 Remove gecko dependency (SpacePossum, keradus,
julienfalque) * minor #3531 Backport PHPMD to LTS version to ease
maintainability (keradus) * minor #3532 Implement Tokens::findOppositeBlockEdge
(ntzm) * minor #3533 DX: SCA - drop src/Resources exclusion (keradus) * minor
#3538 Don't use third parameter of Tokens::findBlockStart (ntzm) * minor #3542
Enhancement: Run composer-normalize on Travis CI (localheinz, keradus) * minor
#3555 DX: composer.json - drop branch-alias, branch is already following the
version (keradus) * minor #3556 DX: Add AutoReview/ComposerTest (keradus) *
minor #3559 Don't expose new files under Test namespace (keradus)
--------------------------------------------------------------------------------
================================================================================
python-toml-0.9.4-3.el7 (FEDORA-EPEL-2018-13d8b1e6c1)
Python Library for Tom's Obvious, Minimal Language
--------------------------------------------------------------------------------
Update Information:
Make changes to build the package for EPEL
--------------------------------------------------------------------------------
================================================================================
spglib-1.10.3-1.el7 (FEDORA-EPEL-2018-80f11c510b)
C library for finding and handling crystal symmetries
--------------------------------------------------------------------------------
Update Information:
- Update to 1.10.3
--------------------------------------------------------------------------------