Fedora EPEL 7 updates-testing report - epel-devel - Fedora mailing-lists

20 Nov 2018


      The following Fedora EPEL 7 Security updates need testing:
 Age  URL
 163  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3835d39d1a   unrtf-0.21.9-8.el7
 114  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-f9d6ff695a   bibutils-6.6-1.el7 ghc-hs-bibutils-6.6.0.0-1.el7 pandoc-citeproc-0.3.0.1-4.el7
  97  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d   condor-8.6.11-1.el7
  70  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3492a96896   myrepos-1.20180726-1.el7
  20  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-bdb21ebc3f   drupal7-7.60-2.el7
  13  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-be918c58c6   SDL2_image-2.0.4-1.el7
  13  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-df2d5af2fe   mingw-SDL2-2.0.9-1.el7 mingw-SDL2_mixer-2.0.4-1.el7 mingw-SDL2_image-2.0.4-1.el7
  13  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-32e0cee0bb   perl-Mojolicious-7.94-1.el7
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-9051b49e75   suricata-4.0.6-1.el7
   7  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-fc29932f12   pdns-4.0.6-2.el7
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-f9270bbaec   pdns-recursor-4.1.7-1.el7
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-a09ace87bb   php-PHPMailer-5.2.27-1.el7
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-0e73364530   python-paramiko-2.1.1-0.9.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
bird-1.6.4-2.el7
    gnome-screensaver-3.6.1-20.el7
    pam_2fa-1.0-1.el7
    python-fedmsg-meta-fedora-infrastructure-0.27.0-1.el7
Details about builds:
================================================================================
 bird-1.6.4-2.el7 (FEDORA-EPEL-2018-c25e48ded1)
 BIRD Internet Routing Daemon
--------------------------------------------------------------------------------
Update Information:
Update of bird to version 1.6.4 which includes fix for  CVE-2018-12066. bird now
runs under bird user and group rather than root Running bird in foreground
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 19 2018 Stanislav Kozina skozina@redhat.org - 1.6.4-2
- Fix running bird under non-root user and group
* Mon Nov 19 2018 Stanislav Kozina skozina@redhat.org - 1.6.4-1
- Update to 1.6.4
- Fix CVE-2018-12066 (#1588770)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1285672 - Bird should start in foreground in the systemd unit
        https://bugzilla.redhat.com/show_bug.cgi?id=1285672
  [ 2 ] Bug #1642737 - bird-1.6.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1642737
  [ 3 ] Bug #1397574 - Bird should drop privileges
        https://bugzilla.redhat.com/show_bug.cgi?id=1397574
  [ 4 ] Bug #1588770 - CVE-2018-12066 bird: Stack overflow in BGP mask expressions [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1588770
--------------------------------------------------------------------------------
================================================================================
 gnome-screensaver-3.6.1-20.el7 (FEDORA-EPEL-2018-844c12300f)
 GNOME Screensaver
--------------------------------------------------------------------------------
Update Information:
Rebuilt for RHEL 7.6 (gnome-desktop3 3.28)
--------------------------------------------------------------------------------
ChangeLog:
* Sun Feb 18 2018 Yaakov Selkowitz yselkowi@redhat.com - 3.6.1-20
- Rebuilt for gnome-desktop3 3.28
* Wed Feb  7 2018 Fedora Release Engineering releng@fedoraproject.org - 3.6.1-19
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Aug  2 2017 Fedora Release Engineering releng@fedoraproject.org - 3.6.1-18
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering releng@fedoraproject.org - 3.6.1-17
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Feb 10 2017 Fedora Release Engineering releng@fedoraproject.org - 3.6.1-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Wed Feb  3 2016 Fedora Release Engineering releng@fedoraproject.org - 3.6.1-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
 pam_2fa-1.0-1.el7 (FEDORA-EPEL-2018-f6b899126d)
 Second factor authentication for PAM
--------------------------------------------------------------------------------
Update Information:
The PAM 2FA module provides a second factor authentication, which can be
combined with the standard PAM-based password authentication to ask for:   *
What you know: user account password ( standard PAM modules )  *  What you have
(pick one of): (PAM 2FA)    +  A Google Authenticator Application on your phone
+  A Phone Number capable of receiving SMS    + A Yubikey  pam_ssh_user_auth
checks the value of SSH_USER_AUTH and will return success if is non-empty and
failure if it is.  It can be used to skip other PAM authentication methods with
a configuration like:      auth       [success=1 ignore=ignore default=die]
pam_ssh_user_auth.so     auth       substack     password-auth
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1650633 - Review Request: pam_2fa - Second factor authentication for PAM
        https://bugzilla.redhat.com/show_bug.cgi?id=1650633
--------------------------------------------------------------------------------
================================================================================
 python-fedmsg-meta-fedora-infrastructure-0.27.0-1.el7 (FEDORA-EPEL-2018-267ea6f622)
 Metadata providers for Fedora Infrastructure's fedmsg deployment
--------------------------------------------------------------------------------
Update Information:
Update to 0.27.0  Change log can be found at: https://github.com/fedora-
infra/fedmsg_meta_fedora_infrastructure/blob/develop/CHANGELOG.rst#0270  ----
Upgrade to 0.26.0  Changelog is at: https://github.com/fedora-
infra/fedmsg_meta_fedora_infrastructure/blob/develop/CHANGELOG.rst#0260  ----
Update to 0.25.0  Changelog at: https://github.com/fedora-
infra/fedmsg_meta_fedora_infrastructure/blob/develop/CHANGELOG.rst#0250
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 19 2018 Pierre-Yves Chibon pingou@pingoured.fr - 0.27.0-1
- Upgrade to 0.27.0
* Sat Jul 14 2018 Fedora Release Engineering releng@fedoraproject.org - 0.26.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jun 19 2018 Miro Hron��ok mhroncok@redhat.com - 0.26.0-2
- Rebuilt for Python 3.7
* Mon Jun 11 2018 Pierre-Yves Chibon pingou@pingoured.fr - 0.26.0-1
- Update to 0.26.0
* Tue May 29 2018 Pierre-Yves Chibon pingou@pingoured.fr - 0.25.0-2
- Fix the Requires in el6
* Fri May 25 2018 Pierre-Yves Chibon pingou@pingoured.fr - 0.25.0-1
- Update to 0.25.0
--------------------------------------------------------------------------------