The following Fedora EPEL 7 Security updates need testing:
Age URL
1075
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
837
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f
mcollective-2.8.4-1.el7
420
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d
libbsd-0.8.3-1.el7
317
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe
mod_cluster-1.3.3-10.el7
149
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e27758bd23
libmspack-0.6-0.1.alpha.el7
86
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e64eeb6ece
nagios-4.3.4-5.el7
36
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-73ee944e65
rootsh-1.5.3-17.el7
22
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-24ac4ff7df
knot-resolver-1.5.3-1.el7
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-f09712d924
pdns-3.4.11-4.el7
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-7134fc92a1
jhead-3.00-7.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-069884a87f
p7zip-16.02-10.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-097b4381c7
exim-4.90.1-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
blueberry-1.1.20-6.el7
cinnamon-settings-daemon-3.6.2-1.el7
ddupdate-0.5.2-1.el7
epel-rpm-macros-7-15
fts-3.7.8-1.el7
getmail-5.5-1.el7
lcgdm-1.10.0-4.el7
lightdm-settings-1.1.4-1.el7
phoronix-test-suite-7.8.0-1.el7
python-PyMySQL-0.8.0-4.el7
python-biopython-1.70-8.el7
python-digitalocean-1.13.2-2.el7
python-tldextract-2.2.0-1.el7
python2-dateutil-1.5-0.el7
python2-docutils-0.11-0.el7
python2-requests-2.6.0-0.el7
rdopkg-0.46.3-1.el7
rho-0.0.32-6.el7
stlink-1.5.0-1.el7
suricata-4.0.4-1.el7
vim-fugitive-2.2-8.el7
vim-jellybeans-1.6-1.el7
vim-vimoutliner-0.4.0-7.el7
vncpwd-0.0-3.20170607git596854c.el7
Details about builds:
================================================================================
blueberry-1.1.20-6.el7 (FEDORA-EPEL-2018-598aa5ea7f)
Bluetooth configuration tool
--------------------------------------------------------------------------------
Update Information:
- Add some upstream fixes - Remove the python3 dep - Update Python 2 dependency
declarations to new packaging standards (See
https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1530218 - blueberry: blueberry requires both Python 2 and Python 3
https://bugzilla.redhat.com/show_bug.cgi?id=1530218
--------------------------------------------------------------------------------
================================================================================
cinnamon-settings-daemon-3.6.2-1.el7 (FEDORA-EPEL-2018-28f1c4d089)
The daemon sharing settings from CINNAMON to GTK+/KDE applications
--------------------------------------------------------------------------------
Update Information:
Update to cinnamon-settings-daemon-3.6.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1515254 - [abrt] cinnamon-settings-daemon: csd_smartcard_get_name():
csd-smartcard killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1515254
[ 2 ] Bug #1477255 - [abrt] cinnamon-settings-daemon: csd_smartcard_get_name():
csd-smartcard killed by signal 11
https://bugzilla.redhat.com/show_bug.cgi?id=1477255
[ 3 ] Bug #1474166 - [abrt] cinnamon-settings-daemon: PK11_FreeSlot(): csd-smartcard
killed by signal 11
https://bugzilla.redhat.com/show_bug.cgi?id=1474166
--------------------------------------------------------------------------------
================================================================================
ddupdate-0.5.2-1.el7 (FEDORA-EPEL-2018-cae620ac17)
Tool updating DNS data for dynamic IP addresses
--------------------------------------------------------------------------------
Update Information:
Setting up the epel7 branch from current master/rawhide
--------------------------------------------------------------------------------
================================================================================
epel-rpm-macros-7-15 (FEDORA-EPEL-2018-7c8f403cdc)
Extra Packages for Enterprise Linux RPM macros
--------------------------------------------------------------------------------
Update Information:
Add %vimfiles_root macro.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1545901 - [epel-rpm-macros] please add %vimfiles_root
https://bugzilla.redhat.com/show_bug.cgi?id=1545901
--------------------------------------------------------------------------------
================================================================================
fts-3.7.8-1.el7 (FEDORA-EPEL-2018-c916aee4d7)
File Transfer Service V3
--------------------------------------------------------------------------------
Update Information:
* new upstream release
--------------------------------------------------------------------------------
================================================================================
getmail-5.5-1.el7 (FEDORA-EPEL-2018-1f8fb8482e)
POP3, IMAP4 and SDPS mail retriever with Maildir delivery
--------------------------------------------------------------------------------
Update Information:
update to upstream version 5.5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1471495 - getmail-5.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1471495
--------------------------------------------------------------------------------
================================================================================
lcgdm-1.10.0-4.el7 (FEDORA-EPEL-2018-1c0f3fd846)
LHC Computing Grid Data Management
--------------------------------------------------------------------------------
Update Information:
* new upstream release
--------------------------------------------------------------------------------
================================================================================
lightdm-settings-1.1.4-1.el7 (FEDORA-EPEL-2018-84e1e4cbf1)
Configuration tool for the LightDM display manager
--------------------------------------------------------------------------------
Update Information:
Update to 1.1.4
--------------------------------------------------------------------------------
================================================================================
phoronix-test-suite-7.8.0-1.el7 (FEDORA-EPEL-2018-8fe6d68398)
An Automated, Open-Source Testing Framework
--------------------------------------------------------------------------------
Update Information:
update to 7.8.0
--------------------------------------------------------------------------------
================================================================================
python-PyMySQL-0.8.0-4.el7 (FEDORA-EPEL-2018-807485c1ec)
Pure-Python MySQL client library
--------------------------------------------------------------------------------
Update Information:
make spec file compatible with epel7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1545488 - python-PyMySQL for epel-7
https://bugzilla.redhat.com/show_bug.cgi?id=1545488
--------------------------------------------------------------------------------
================================================================================
python-biopython-1.70-8.el7 (FEDORA-EPEL-2018-f62482c5ae)
Python tools for computational molecular biology
--------------------------------------------------------------------------------
Update Information:
- Remove %sum macro - Use %py2_prefix - Required 'numpy' on rhel (without
prefix)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1546089 - python2-biopython-1.70-2.el7: Summary is shown as %{sum}
https://bugzilla.redhat.com/show_bug.cgi?id=1546089
--------------------------------------------------------------------------------
================================================================================
python-digitalocean-1.13.2-2.el7 (FEDORA-EPEL-2018-17b1e7df7e)
Easy access to Digital Ocean APIs to deploy droplets, images and more
--------------------------------------------------------------------------------
Update Information:
Fix requires
--------------------------------------------------------------------------------
================================================================================
python-tldextract-2.2.0-1.el7 (FEDORA-EPEL-2018-16e075e225)
Accurately separate the TLD from the registered domain and subdomains of a URL
--------------------------------------------------------------------------------
Update Information:
Initial package (#1545951)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1545951 - Review Request: python-tldextract - Accurately separate the TLD
from the registered domain and subdomains of a URL
https://bugzilla.redhat.com/show_bug.cgi?id=1545951
--------------------------------------------------------------------------------
================================================================================
python2-dateutil-1.5-0.el7 (FEDORA-EPEL-2018-96dc31df60)
Dummy package depending on python-dateutil
--------------------------------------------------------------------------------
Update Information:
This package exists only to allow packagers to uniformly depend upon
python2-dateutil.
--------------------------------------------------------------------------------
================================================================================
python2-docutils-0.11-0.el7 (FEDORA-EPEL-2018-b80060f45f)
Dummy package depending on python-docutils
--------------------------------------------------------------------------------
Update Information:
This package exists only to allow packagers to uniformly depend upon
python2-docutils.
--------------------------------------------------------------------------------
================================================================================
python2-requests-2.6.0-0.el7 (FEDORA-EPEL-2018-348279fada)
Dummy package depending on python-requests
--------------------------------------------------------------------------------
Update Information:
This package exists only to allow packagers to uniformly depend upon
python2-requests.
--------------------------------------------------------------------------------
================================================================================
rdopkg-0.46.3-1.el7 (FEDORA-EPEL-2018-51b64b0fde)
RPM packaging automation tool CLI
--------------------------------------------------------------------------------
Update Information:
- distgit: Add -R/--release-bump-index argument - distgit: Support DLRN
0.date.hash and 0.1.date.hash Release formats - distgit: Preserve Change-Id when
amending a commit - distgit: normalize commit messages - new-version: ensure -H
and -B work together - new-version: don't display redundant message on -b - new-
version: enable `fedpkg new-sources` for Fedora by default - new-version: fix
`fedpkg new-sources` getting wrong tarball - patch: return 0 on no new patches -
pkgenv: show patches base and base git ref information - rdoinfo: Fix error on
info-tags-diff for packages without buildsys-tags - rdoinfo: Use "project" as
package primary key to compare tags - reqcheck: normalize python2/python3
package names - spec: better detection of multiple changelog entries - spec:
don't get confused by changelog mentions in the changelog - spec: don't
duplicate %%{?dist} - core: action alias support - core: fix new action check
for old state - refactor: Remove legacy coprbuild action - refactor: nice error
messages on invalid Version/patches_base - refactor: split utils.cmd, create
separate utils.git module - refactor: unify patch and update-patches - tests:
Add Zuul v3 jobs - tests: Add newversion.feature scenario using --bug - tests:
Add topy to tox as a linting check - tests: Extend newversion.feature for
coverage of -H - tests: add topy to whitelist_externals - tests: expand
fix.feature scenarios - tests: improved reporting and test names - tests: make
spec file Then assert more descriptive - doc: Trailing whitespace cleanup in doc
files - doc: Typo fixes from topy - doc: include feature scenarios in the
documentation - doc: make file naming consistent - doc: remove obsolete building
doc - doc: update README.md with Fedora/EPEL install instructions - doc: update
README.md with current information - doc: update bug tracker information in the
manual
--------------------------------------------------------------------------------
================================================================================
rho-0.0.32-6.el7 (FEDORA-EPEL-2018-81eed61d56)
An SSH system profiler
--------------------------------------------------------------------------------
Update Information:
# Testing Rho To set up Rho, you create profiles that control how to run each
scan. - Authentication profiles contain user credentials for a user with
sufficient authority to complete the scan (for example, a root user or one with
root-level access obtained through -sudo privilege escalation). - Network
profiles contain network identifiers (for example, a hostname, IP address, or
range of IP addresses) and the authentication profiles to be used for a scan.
Complete the following steps, repeating them as necessary to access all parts of
your environment that you want to scan: 1. Create at least one authentication
profile with root-level access to Rho: ``` rho auth add --name auth_name
--username root_name(--sshkeyfile key_file | --password) ``` a. At the Rho
vault password prompt, create a new Rho vault password. This password is
required to access the encrypted Rho data, such as authentication and network
profiles, scan data, and other information. b. If you did not use the
sshkeyfile option to provide an SSH key for the username value, enter the
password of the user with root-level access at the connection password prompt.
For example, for an authentication profile where the authentication profile name
is roothost1, the user with root-level access is root, and the SSH key for the
user is in the path ~/.ssh/id_rsa, you would enter the following command: ```
rho auth add --name roothost1 --username root --sshkeyfile ~/.ssh/id_rsa ``` You
can also use the sudo-password option to create an authentication profile for a
user with root-level access who requires a password to obtain this privilege.
You can use the sudo-password option with either the sshkeyfile or the password
option. For example, for an authentication profile where the authentication
profile name is sudouser1, the user with root-level access is sysadmin, and the
access is obtained through the password option, you would enter the following
command: ``` rho auth add --name sudouser1 --username sysadmin --password
--sudo-password ``` After you enter this command, you are prompted to enter two
passwords. First, you would enter the connection password for the username user,
and then you would enter the password for the sudo command. 2. Create at least
one network profile that specifies one or more network identifiers, such as a
host name, an IP address, a list of IP addresses, or an IP range, and one or
more authentication profiles to be used for the scan: ``` rho profile add --name
profile_name --hosts host_name_or_file --auth auth_name ``` For example, for a
network profile where the name of the network profile is mynetwork, the network
to be scanned is the 192.0.2.0/24 subnet, and the authentication profiles that
are used to run the scan are roothost1 and roothost2, you would enter the
following command: ``` rho profile add --name mynetwork --hosts 192.0.2.[1:254]
--auth roothost1 roothost2 ``` You can also use a file to pass in the network
identifiers. If you use a file to enter multiple network identifiers, such as
multiple individual IP addresses, enter each on a single line. For example, for
a network profile where the path to this file is /home/user1/hosts_file, you
would enter the following command: ``` rho profile add --name mynetwork --hosts
/home/user1/hosts_file --auth roothost1 roothost2 ``` # Running a scan Run the
scan by using the scan command, specifying a network profile for the profile
option and a location to store the output as a file in the comma-separated
variables (CSV) format for the reportfile option: ``` rho scan --profile
profile_name --reportfile filename.csv ``` For example, if you want to use the
network profile mynetwork and save the report as mynetwork_scan1.csv, you would
enter the following command: ``` rho scan --profile mynetwork --reportfile
mynetwork_scan1.csv ```
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1545730 - Stop throwing away changes made in Fedora
https://bugzilla.redhat.com/show_bug.cgi?id=1545730
--------------------------------------------------------------------------------
================================================================================
stlink-1.5.0-1.el7 (FEDORA-EPEL-2018-c9a5bbad05)
STM32 discovery line Linux programmer
--------------------------------------------------------------------------------
Update Information:
Update to 1.5.0.
--------------------------------------------------------------------------------
================================================================================
suricata-4.0.4-1.el7 (FEDORA-EPEL-2018-72e5d3ef89)
Intrusion Detection System
--------------------------------------------------------------------------------
Update Information:
fixes bz#1543250 and bz#1543251
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1543250 - CVE-2018-6794 suricata: HTTP detection bypass in detect.c and
stream-tcp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1543250
[ 2 ] Bug #1543251 - CVE-2018-6794 suricata: HTTP detection bypass in detect.c and
stream-tcp.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1543251
--------------------------------------------------------------------------------
================================================================================
vim-fugitive-2.2-8.el7 (FEDORA-EPEL-2018-24d16cfe5d)
A Git wrapper so awesome, it should be illegal
--------------------------------------------------------------------------------
Update Information:
First build of vim-fugitive for EPEL7.
--------------------------------------------------------------------------------
================================================================================
vim-jellybeans-1.6-1.el7 (FEDORA-EPEL-2018-9bc0c7d0f7)
A colorful, dark color scheme for Vim
--------------------------------------------------------------------------------
Update Information:
- Initial package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1545941 - Review Request: vim-jellybeans - A colorful, dark color scheme for
Vim
https://bugzilla.redhat.com/show_bug.cgi?id=1545941
--------------------------------------------------------------------------------
================================================================================
vim-vimoutliner-0.4.0-7.el7 (FEDORA-EPEL-2018-594372cc2e)
Script for building an outline editor on top of Vim
--------------------------------------------------------------------------------
Update Information:
Just rebuild upon clean-up and taking over the maintenance of the package.
--------------------------------------------------------------------------------
================================================================================
vncpwd-0.0-3.20170607git596854c.el7 (FEDORA-EPEL-2018-391af85d0a)
VNC Password Decrypter
--------------------------------------------------------------------------------
Update Information:
New Package - vncpwd The vncpwd decrypts the VNC password.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1433657 - Review Request: vncpwd - VNC Password Decrypter
https://bugzilla.redhat.com/show_bug.cgi?id=1433657
--------------------------------------------------------------------------------