The following Fedora EPEL 7 Security updates need testing: Age URL 148 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3835d39d1a unrtf-0.21.9-8.el7 98 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-f9d6ff695a bibutils-6.6-1.el7 ghc-hs-bibutils-6.6.0.0-1.el7 pandoc-citeproc-0.3.0.1-4.el7 82 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d condor-8.6.11-1.el7 54 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3492a96896 myrepos-1.20180726-1.el7 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-1104372fa7 teeworlds-0.6.5-1.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-bdb21ebc3f drupal7-7.60-2.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-29716ed12f php-pear-CAS-1.3.6-1.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-8876f503ce libgit2-0.26.8-1.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-9091f95cd5 zchunk-0.9.14-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
caja-actions-1.8.2-2.el7 marco-1.16.1-4.el7 mate-applets-1.16.0-2.el7 mate-system-monitor-1.16.0-2.el7 mate-utils-1.16.1-2.el7 mkvtoolnix-28.2.0-1.el7 python-pbr-4.2.0-2.el7 python-pytoml-0.1.18-2.el7 python-scandir-1.9.0-1.el7 python3-requests-2.12.5-2.el7 python3-urllib3-1.19.1-4.el7 snapd-2.36-1.el7 snapd-glib-1.44-1.el7
Details about builds:
================================================================================ caja-actions-1.8.2-2.el7 (FEDORA-EPEL-2018-417249babc) Caja extension for customizing the context menu -------------------------------------------------------------------------------- Update Information:
- rebuild for rhel-7-6 update (libgtop2) -------------------------------------------------------------------------------- ChangeLog:
* Wed Oct 31 2018 Wolfgang Ulbrich fedora@raveit.de - 1.8.2-2 - rebuild for rhel-7-6 update (libgtop2) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1644519 - epel mate is not compatible with rhel 7.6 https://bugzilla.redhat.com/show_bug.cgi?id=1644519 --------------------------------------------------------------------------------
================================================================================ marco-1.16.1-4.el7 (FEDORA-EPEL-2018-417249babc) MATE Desktop window manager -------------------------------------------------------------------------------- Update Information:
- rebuild for rhel-7-6 update (libgtop2) -------------------------------------------------------------------------------- ChangeLog:
* Wed Oct 31 2018 Wolfgang Ulbrich fedora@raveit.de - 1.16.1-4 - rebuild for rhel-7-6 update (libgtop2) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1644519 - epel mate is not compatible with rhel 7.6 https://bugzilla.redhat.com/show_bug.cgi?id=1644519 --------------------------------------------------------------------------------
================================================================================ mate-applets-1.16.0-2.el7 (FEDORA-EPEL-2018-417249babc) MATE Desktop panel applets -------------------------------------------------------------------------------- Update Information:
- rebuild for rhel-7-6 update (libgtop2) -------------------------------------------------------------------------------- ChangeLog:
* Wed Oct 31 2018 Wolfgang Ulbrich chat-to-me@raveit.de - 1.16.0-2 - rebuild for rhel-7-6 update (libgtop2) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1644519 - epel mate is not compatible with rhel 7.6 https://bugzilla.redhat.com/show_bug.cgi?id=1644519 --------------------------------------------------------------------------------
================================================================================ mate-system-monitor-1.16.0-2.el7 (FEDORA-EPEL-2018-417249babc) Process and resource monitor -------------------------------------------------------------------------------- Update Information:
- rebuild for rhel-7-6 update (libgtop2) -------------------------------------------------------------------------------- ChangeLog:
* Wed Oct 31 2018 Wolfgang Ulbrich chat-to-me@raveit.de - 1.16.0-2 - rebuild for rhel-7-6 update (libgtop2) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1644519 - epel mate is not compatible with rhel 7.6 https://bugzilla.redhat.com/show_bug.cgi?id=1644519 --------------------------------------------------------------------------------
================================================================================ mate-utils-1.16.1-2.el7 (FEDORA-EPEL-2018-417249babc) MATE utility programs -------------------------------------------------------------------------------- Update Information:
- rebuild for rhel-7-6 update (libgtop2) -------------------------------------------------------------------------------- ChangeLog:
* Wed Oct 31 2018 Wolfgang Ulbrich chat-to-me@raveit.de - 1.16.1-2 - rebuild for rhel-7-6 update (libgtop2) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1644519 - epel mate is not compatible with rhel 7.6 https://bugzilla.redhat.com/show_bug.cgi?id=1644519 --------------------------------------------------------------------------------
================================================================================ mkvtoolnix-28.2.0-1.el7 (FEDORA-EPEL-2018-cbfa290941) Matroska container manipulation utilities -------------------------------------------------------------------------------- Update Information:
# Version 28.2.0 "The Awakening" 2018-10-25 ## Bug fixes * mkvmerge, mkvinfo, mkvextract, mkvpropedit, MKVToolNix GUI's info tool & chapter editor: fixed a case of memory being accessed after it had been freed earlier. This can be triggered by specially crafted Matroska files and lead to arbitrary code execution. The vulnerability was reported as Cisco TALOS 2018-0694 on 2018-10-25. # Version 28.1.0 "Morning Child" 2018-10-23 ## Bug fixes * mkvmerge: AV1 parser: fixed an error in the sequence header parser if neither the `reduced_still_picture_header` nor the `frame_id_numbers_present_flag` is set. Part of the fix for #2410. * mkvmerge: AV1 parser: when creating the `av1C` structure for the Codec Private element the sequence header OBU wasn't copied completely: its common data (type field & OBU size among others) was missing. Part of the fix for #2410. * mkvmerge: Matroska reader, AV1: mkvmerge will try to re-create the `av1C` data stored in Codec Private when reading AV1 from Matroska or WebM files created by mkvmerge v28.0.0. Part of the fix for #2410. * MKVToolNix GUI: info tool: the tool will no longer stop scanning elements when an EBML Void element is found after the first Cluster element. Fixes #2413. # Version 28.0.0 "Voice In My Head" 2018-10-20 ## New features and enhancements * mkvmerge: AV1 parser: updated the code for the finalized AV1 bitstream specification. Part of the implementation of #2261. * mkvmerge: AV1 packetizer: updated the code for the finalized AV1-in-Matroska & WebM mapping specification. Part of the implementation of #2261. * mkvmerge: AV1 support: the `--engage enable_av1` option has been removed again. Part of the implementation of #2261. * mkvmerge: MP4 reader: added support for AV1. Part of the implementation of #2261. * mkvmerge: DTS: implemented dialog normalization gain removal for extension substreams. Implements #2377. * mkvmerge, mkvextract: simple text subtitles: added a workaround for simple text subtitle tracks that don't contain a duration. Implements #2397. * mkvextract: added support for extracting AV1 to IVF. Part of the implementation of #2261. * mkvextract: IVF extractor (AV1, VP8, VP9): precise values will be used for the frame rate numerator & denominator header fields for certain well-known values of the track's default duration. * mkvmerge: VP9: mkvmerge will now create codec private data according to the VP9 codec mapping described in the WebM specifications. Implements #2379. * MKVToolNix GUI: automatic scaling for high DPI displays is activated if the GUI is compiled with Qt ��� 5.6.0. Fixes #1996 and #2383. * MKVToolNix GUI: added a menu item ("Help" ��� "System information") for displaying information about the system MKVToolNix is running on in order to make debugging easier. * MKVToolNix GUI: multiplexer, header editor: the user can enter a list of predefined track names in the preferences. She can later select from them in "track name" combo box. Implements #2230. ## Bug fixes * mkvmerge: JSON identification: fixed a bug when removing invalid UTF-8 data from strings before they're output as JSON. Fixes #2398. * mkvmerge: MP4/QuickTime reader: fixed handling of PCM audio with FourCC `in24`. Fixes #2391. * mkvmerge: MPEG transport stream reader, teletext subtitles: the decision whether or not to keep frames around in order to potentially merge them with the following frame is made sooner. That avoids problems if there are large gaps between teletext subtitle frames which could lead to frames being interleaved too late. Fixes #2393. * mkvextract: IVF extractor (AV1, VP8, VP8): the frame rate header fields weren't clamped to 16 bits properly causing wrong frame rates to be written in certain situations. * mkvpropedit, MKVToolNix GUI's header editor: fixed file corruption when a one- byte space must be covered with a new EBML void element but all surrounding elements have a "size length" field that's eight bytes long already. Fixes #2406. -------------------------------------------------------------------------------- ChangeLog:
* Tue Oct 30 2018 Dominik Mierzejewski rpm@greysector.net - 28.2.0-1 - update to 28.2.0 - fixes CVE-2018-4022 (#1644258) - unbundle sound files from oxygen sound theme -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1644258 - CVE-2018-4022 mkvtoolnix: MKVINFO read_one_element code execution vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1644258 --------------------------------------------------------------------------------
================================================================================ python-pbr-4.2.0-2.el7 (FEDORA-EPEL-2018-ce98bc9b06) Python Build Reasonableness -------------------------------------------------------------------------------- Update Information:
- Update to 4.2.0 - Build for python 3 -------------------------------------------------------------------------------- ChangeLog:
* Sat Nov 3 2018 Orion Poplwski orion@nwra.com - 4.2.0-2 - Build for Python 3 for EPEL * Tue Sep 4 2018 Matthias Runge mrunge@redhat.com - 4.2.0-1 - update to 4.2.0 (rhbz#1605192) * Wed Aug 8 2018 Ha��kel Gu��mar hguemar@fedoraproject.org - 4.1.1-2 - Add runtime requirement to git-core * Fri Jul 20 2018 Matthias Runge mrunge@redhat.com - 4.1.1-1 - rebase to 4.1.1 (rhbz#1605192) * Wed Jul 18 2018 Ha��kel Gu��mar hguemar@fedoraproject.org - 4.1.0-2 - Add dependency to setuptools (RHBZ#1601767) * Tue Jul 17 2018 Matthias Runge mrunge@redhat.com - 4.1.0-1 - update to 4.1.0 (rhbz#1561252) - modernize spec * Sat Jul 14 2018 Fedora Release Engineering releng@fedoraproject.org - 3.1.1-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Wed Jun 13 2018 Miro Hron��ok mhroncok@redhat.com - 3.1.1-8 - Rebuilt for Python 3.7 * Tue Feb 27 2018 Iryna Shcherbina ishcherb@redhat.com - 3.1.1-7 - Update Python 2 dependency declarations to new packaging standards (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3) * Thu Feb 15 2018 Tomas Orsava torsava@redhat.com - 3.1.1-6 - Switch %python macro to %python2 * Fri Feb 9 2018 Fedora Release Engineering releng@fedoraproject.org - 3.1.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Fri Sep 29 2017 Troy Dawson tdawson@redhat.com - 3.1.1-4 - Cleanup spec file conditionals --------------------------------------------------------------------------------
================================================================================ python-pytoml-0.1.18-2.el7 (FEDORA-EPEL-2018-6d311024d9) Parser for TOML -------------------------------------------------------------------------------- Update Information:
Disable Python 2 subpackage on epel 7 -------------------------------------------------------------------------------- ChangeLog:
* Sun Nov 4 2018 Julien Enselme jujens@jujens.eu - 0.1.18-2 - Disable Python 2 subpackage on epel 7 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1625710 - python2-pytoml overrides python-pytoml from rhel-7-server-extras-rpms https://bugzilla.redhat.com/show_bug.cgi?id=1625710 --------------------------------------------------------------------------------
================================================================================ python-scandir-1.9.0-1.el7 (FEDORA-EPEL-2018-9535d5c655) A better directory iterator and faster os.walk() for Python -------------------------------------------------------------------------------- Update Information:
Updated to 1.9.0 (bz#1614995) -------------------------------------------------------------------------------- ChangeLog:
* Sun Nov 4 2018 Avram Lubkin aviso@fedoraproject.org - 1.9.0-1 - Updated to 1.9.0 (bz#1614995) - Don't include tests -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1614995 - python-scandir-1.9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1614995 --------------------------------------------------------------------------------
================================================================================ python3-requests-2.12.5-2.el7 (FEDORA-EPEL-2018-4004d6feae) HTTP library, written in Python, for human beings -------------------------------------------------------------------------------- Update Information:
Ship python36-urllib3, python36-requests -------------------------------------------------------------------------------- ChangeLog:
* Sun Nov 4 2018 Orion Poplwski orion@nwra.com - 2.12.5-2 - Ship python36-requests (bug #1645072) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1645072 - Please provide a subpackage for python36 https://bugzilla.redhat.com/show_bug.cgi?id=1645072 --------------------------------------------------------------------------------
================================================================================ python3-urllib3-1.19.1-4.el7 (FEDORA-EPEL-2018-4004d6feae) Python 3 HTTP library with thread-safe connection pooling and file post -------------------------------------------------------------------------------- Update Information:
Ship python36-urllib3, python36-requests -------------------------------------------------------------------------------- ChangeLog:
* Sat Sep 29 2018 Raphael Groner projects.rg@smart.ms - add python3_other subpackage - add BR: python3X-setuptools - use pypi macros -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1645072 - Please provide a subpackage for python36 https://bugzilla.redhat.com/show_bug.cgi?id=1645072 --------------------------------------------------------------------------------
================================================================================ snapd-2.36-1.el7 (FEDORA-EPEL-2018-b240f3418f) A transactional software package manager -------------------------------------------------------------------------------- Update Information:
Initial packaging for EPEL 7 based on Fedora `snapd-2.36` and `snapd-glib-1.44` packages. --------------------------------------------------------------------------------
================================================================================ snapd-glib-1.44-1.el7 (FEDORA-EPEL-2018-b240f3418f) Library providing a GLib interface to snapd -------------------------------------------------------------------------------- Update Information:
Initial packaging for EPEL 7 based on Fedora `snapd-2.36` and `snapd-glib-1.44` packages. --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org