The following Fedora EPEL 7 Security updates need testing:
Age URL
716
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
479
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f
mcollective-2.8.4-1.el7
197
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-23fa04bf1c
redis-3.2.3-1.el7
181
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8f4ff76b3
chicken-4.11.0-3.el7
61
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d
libbsd-0.8.3-1.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e2cea1c22d
python-cjson-1.1.0-9.el7
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-920059d2ed
mingw-wavpack-5.1.0-1.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d5fe44714a
cacti-1.0.3-3.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d1c56cd592
xrdp-0.9.1-5.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-759dd56b65
firebird-2.5.7.27050.0-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
cacti-1.0.3-3.el7
codec2-0.6-1.el7
dynafed-1.2.4-1.el7
elasticdump-2.2.0-2.el7
fedpkg-1.27-2.el7
firebird-2.5.7.27050.0-1.el7
freedv-1.2-1.el7
libmfx-1.19-1.20170114gita5ba231.el7
lugaru-1.2-1.el7
nextcloud-10.0.3-1.el7
pbuilder-0.228.3-2.el7
perl-Git-Wrapper-0.047-3.el7
perl-Parse-DebControl-2.005-10.el7
perl-X10-0.04-2.el7
prelude-lml-rules-3.1.0-1.el7
python-junit_xml-1.7-1.el7
python-speedtest-cli-1.0.2-1.el7
rabbitmq-server-3.3.5-33.el7
rpkg-1.49-1.el7
warzone2100-3.2.2-4.el7
xrdp-0.9.1-5.el7
ykpers-1.18.0-2.el7
Details about builds:
================================================================================
cacti-1.0.3-3.el7 (FEDORA-EPEL-2017-d5fe44714a)
An rrd based graphing tool
--------------------------------------------------------------------------------
Update Information:
- Update to 1.0.3 Release notes:
http://www.cacti.net/release_notes_1_0_0.php
http://www.cacti.net/release_notes_1_0_1.php
http://www.cacti.net/release_notes_1_0_2.php
http://www.cacti.net/release_notes_1_0_3.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1400364 - Graph export tree view is broken
https://bugzilla.redhat.com/show_bug.cgi?id=1400364
[ 2 ] Bug #1417494 - cacti-1.0.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1417494
[ 3 ] Bug #1417605 - CVE-2014-4000 cacti: Multiple issues fixed in 1.0.0 version
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1417605
[ 4 ] Bug #1422854 - cacti-1.0.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1422854
--------------------------------------------------------------------------------
================================================================================
codec2-0.6-1.el7 (FEDORA-EPEL-2017-aca7b610af)
Next-Generation Digital Voice for Two-Way Radio
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release. Includes new 700C mode support.
--------------------------------------------------------------------------------
================================================================================
dynafed-1.2.4-1.el7 (FEDORA-EPEL-2017-4f823cef8d)
Ultra-scalable dynamic system for federating HTTP-based storage resources
--------------------------------------------------------------------------------
Update Information:
* new upstream release
--------------------------------------------------------------------------------
================================================================================
elasticdump-2.2.0-2.el7 (FEDORA-EPEL-2017-b849d5375f)
Import and export tools for elasticsearch
--------------------------------------------------------------------------------
Update Information:
Fixdep async for all working versions (needed for epel)
--------------------------------------------------------------------------------
================================================================================
fedpkg-1.27-2.el7 (FEDORA-EPEL-2017-61adf7d645)
Fedora utility for working with dist-git
--------------------------------------------------------------------------------
Update Information:
fedpkg - Python 3.6 invalid escape sequence deprecation fixes (ville.skytta) -
Disable tag inheritance check - [#98](https://pagure.io/fedpkg/issue/98) (cqi) -
Enable the fix to allow anonymous clone via https rpkg - More upload PyCURL
fixes for EL 7 (merlin) - Move tag inheritance check into a separate method
(cqi) ---- This version should fix chain building.
--------------------------------------------------------------------------------
================================================================================
firebird-2.5.7.27050.0-1.el7 (FEDORA-EPEL-2017-759dd56b65)
SQL relational database management system
--------------------------------------------------------------------------------
Update Information:
update to 2.5.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1425332 - firebird: Access to undesired external modules during
'Restrict' configuration mode [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1425332
--------------------------------------------------------------------------------
================================================================================
freedv-1.2-1.el7 (FEDORA-EPEL-2017-aca7b610af)
FreeDV Digital Voice
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release. Includes new 700C mode support.
--------------------------------------------------------------------------------
================================================================================
libmfx-1.19-1.20170114gita5ba231.el7 (FEDORA-EPEL-2017-4db90c730e)
Intel hardware video acceleration dispatcher library
--------------------------------------------------------------------------------
Update Information:
Update to latest snapshot.
--------------------------------------------------------------------------------
================================================================================
lugaru-1.2-1.el7 (FEDORA-EPEL-2017-836511e8bb)
Ninja rabbit fighting game
--------------------------------------------------------------------------------
Update Information:
Upgrade to v1.2 (#1421396)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1421396 - lugaru-1.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1421396
--------------------------------------------------------------------------------
================================================================================
nextcloud-10.0.3-1.el7 (FEDORA-EPEL-2017-5a6a9ae10c)
Private file sync and share server
--------------------------------------------------------------------------------
Update Information:
New package nextcloud, a fork of owncloud.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1360482 - Review Request: nextcloud - a private, secure way to share and
access files
https://bugzilla.redhat.com/show_bug.cgi?id=1360482
--------------------------------------------------------------------------------
================================================================================
pbuilder-0.228.3-2.el7 (FEDORA-EPEL-2017-c837a68c52)
Personal package builder for Debian packages
--------------------------------------------------------------------------------
Update Information:
Add pbuilder to epel7, devscripts and dependencies. unpush
devscripts-2.17.1-3.el7
--------------------------------------------------------------------------------
================================================================================
perl-Git-Wrapper-0.047-3.el7 (FEDORA-EPEL-2017-c837a68c52)
Wrap git command-line interface for Perl
--------------------------------------------------------------------------------
Update Information:
Add pbuilder to epel7, devscripts and dependencies. unpush
devscripts-2.17.1-3.el7
--------------------------------------------------------------------------------
================================================================================
perl-Parse-DebControl-2.005-10.el7 (FEDORA-EPEL-2017-c837a68c52)
Easy OO parsing of debian control-like files
--------------------------------------------------------------------------------
Update Information:
Add pbuilder to epel7, devscripts and dependencies. unpush
devscripts-2.17.1-3.el7
--------------------------------------------------------------------------------
================================================================================
perl-X10-0.04-2.el7 (FEDORA-EPEL-2017-650714234c)
Enables Perl to communicate with X10 devices
--------------------------------------------------------------------------------
Update Information:
New package. Very simple, uncomplicated specfile.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1409869 - Review Request: perl-X10 - X10 perl module
https://bugzilla.redhat.com/show_bug.cgi?id=1409869
--------------------------------------------------------------------------------
================================================================================
prelude-lml-rules-3.1.0-1.el7 (FEDORA-EPEL-2017-6bd5b4f901)
Prelude LML community ruleset
--------------------------------------------------------------------------------
Update Information:
Bump version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1423377 - Review Request: prelude-lml-rules
https://bugzilla.redhat.com/show_bug.cgi?id=1423377
--------------------------------------------------------------------------------
================================================================================
python-junit_xml-1.7-1.el7 (FEDORA-EPEL-2017-efff7df77e)
python library for creating junit xml files
--------------------------------------------------------------------------------
Update Information:
New python library to create junit xml files, as used by the ansible junit
callback plugin.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1422429 - Review Request: python-junit_xml - python library to create junit
compatible XML files
https://bugzilla.redhat.com/show_bug.cgi?id=1422429
--------------------------------------------------------------------------------
================================================================================
python-speedtest-cli-1.0.2-1.el7 (FEDORA-EPEL-2017-f8ab429144)
Command line interface for testing internet bandwidth using
speedtest.net
--------------------------------------------------------------------------------
Update Information:
* Initial rpm-release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1425203 - Review Request: python-speedtest-cli - Command line interface for
testing internet bandwidth using
speedtest.net
https://bugzilla.redhat.com/show_bug.cgi?id=1425203
--------------------------------------------------------------------------------
================================================================================
rabbitmq-server-3.3.5-33.el7 (FEDORA-EPEL-2017-941cd18cb0)
The RabbitMQ server
--------------------------------------------------------------------------------
Update Information:
* Backported fixes for GH#368, GH#714
--------------------------------------------------------------------------------
================================================================================
rpkg-1.49-1.el7 (FEDORA-EPEL-2017-61adf7d645)
Utility for interacting with rpm+git packaging systems
--------------------------------------------------------------------------------
Update Information:
fedpkg - Python 3.6 invalid escape sequence deprecation fixes (ville.skytta) -
Disable tag inheritance check - [#98](https://pagure.io/fedpkg/issue/98) (cqi) -
Enable the fix to allow anonymous clone via https rpkg - More upload PyCURL
fixes for EL 7 (merlin) - Move tag inheritance check into a separate method
(cqi) ---- This version should fix chain building.
--------------------------------------------------------------------------------
================================================================================
warzone2100-3.2.2-4.el7 (FEDORA-EPEL-2017-221434bf4b)
Innovative 3D real-time strategy
--------------------------------------------------------------------------------
Update Information:
Update to 3.2.2
--------------------------------------------------------------------------------
================================================================================
xrdp-0.9.1-5.el7 (FEDORA-EPEL-2017-d1c56cd592)
Open source remote desktop protocol (RDP) server
--------------------------------------------------------------------------------
Update Information:
WARNING: Please note that this update comes with a slightly different syntax of
sesman.ini file, so if you edited this file by hand, you may need to look at the
.rpmnew file and merge any required changes by hand. This release also creates
three files in /etc/xrdp directory if they don't already exist or are empty: -
rsakeys.ini - cert.pem - key.pem Also note that in Fedora, the only backend
that will really work is still Xvnc for now. New features - New xorgxrdp
backend using existing Xorg with additional modules - Improvements to X11rdp
backend - Support for IPv6 (disabled by default) - Initial support for RemoteFX
Codec (disabled by default) - Support for TLS security layer (preferred over RDP
layer if supported by the client) - Support for disabling deprecated SSLv3
protocol and for selecting custom cipher suites in xrdp.ini - Support for
bidirectional fastpath (enabled in both directions by default) - Support clients
that don't support drawing orders, such as MS RDP client for Android, ChromeRDP
(disabled by default) - More configurable login screen - Support for new virtual
channels: - - rdpdr: device redirection - - rdpsnd: audio output - - cliprdr:
clipboard - - xrdpvr: xrdp video redirection channel (can be used along with
NeutrinoRDP client) - Support for disabling virtual channels globally or by
session type - Allow to specify the path for backends (Xorg, X11rdp, Xvnc) -
Added files for systemd support - Multi-monitor support - xrdp-chansrv stroes
logs in ${XDG_DATA_HOME}/xrdp now Security fixes - User's password could be
recovered from the Xvnc password file - X11 authentication was not used
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1404972 - CVE-2013-1430 xrdp: Cleartext password shown in file after logging
into xrdp session [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1404972
[ 2 ] Bug #1404971 - CVE-2013-1430 xrdp: Cleartext password shown in file after logging
into xrdp session [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1404971
--------------------------------------------------------------------------------
================================================================================
ykpers-1.18.0-2.el7 (FEDORA-EPEL-2017-4605731188)
Yubikey personalization program
--------------------------------------------------------------------------------
Update Information:
update to 1.18.0
--------------------------------------------------------------------------------