The following Fedora EPEL 7 Security updates need testing:
Age URL
40
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3835d39d1a
unrtf-0.21.9-8.el7
35
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-15b7dc35af
pass-1.7.2-1.el7
16
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-ccbe8e3c4d
knot-resolver-2.4.0-1.el7
14
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3f114dff22
wordpress-4.9.7-1.el7
14
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-6b0fdd8b40
guacamole-server-0.9.14-1.el7 libvncserver-0.9.9-0.12.el7
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-d2e0971e9b
uwsgi-2.0.17.1-1.el7
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-755a438aca
libgit2-0.26.5-1.el7
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-86150d9653
rust-1.27.1-2.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3f07844689
znc-1.7.1-1.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-d8d62b4f6c
suricata-4.0.5-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
NetworkManager-vpnc-1.2.6-1.el7
ctstream-28-1.el7
gnudos-1.11-5.el7
needrestart-3.3-1.el7
python-certbot-dns-gehirn-0.26.1-1.el7
python-certbot-dns-linode-0.26.1-1.el7
python-certbot-dns-ovh-0.26.1-1.el7
python-certbot-dns-sakuracloud-0.26.1-1.el7
redis-3.2.12-1.el7
Details about builds:
================================================================================
NetworkManager-vpnc-1.2.6-1.el7 (FEDORA-EPEL-2018-e603289e79)
NetworkManager VPN plugin for vpnc
--------------------------------------------------------------------------------
Update Information:
Update to 1.2.6 to fix a local authenticated privilege escalation bug
(CVE-2018-10900). The issue has been discovered and responsibly disclosed by
Denis Andzakovic:
https://pulsesecurity.co.nz/advisories/NM-VPNC-Privesc
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 20 2018 Lubomir Rintel <lkundrak(a)v3.sk> - 1.2.6-1
- Update to 1.2.6 release
- Fix a local authenticated privilege escalation bug (CVE-2018-10900)
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1:1.2.4-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Feb 7 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1:1.2.4-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Jan 31 2018 Igor Gnatenko <ignatenkobrain(a)fedoraproject.org> - 1:1.2.4-6
- Remove obsolete scriptlets
* Thu Nov 30 2017 Lubomir Rintel <lkundrak(a)v3.sk> - 1.2.4-5
- Drop libnm-glib for Fedora 28
--------------------------------------------------------------------------------
================================================================================
ctstream-28-1.el7 (FEDORA-EPEL-2018-7bc03ad3c3)
Get URLs of Czech Television video streams
--------------------------------------------------------------------------------
Update Information:
This release adapts to server changes effective since 2018-07-17.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 20 2018 Petr Pisar <ppisar(a)redhat.com> - 28-1
- Version 28 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1604727 - ctstream-28 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1604727
--------------------------------------------------------------------------------
================================================================================
gnudos-1.11-5.el7 (FEDORA-EPEL-2018-d0fddd566e)
The GnuDOS library for GNU/Linux
--------------------------------------------------------------------------------
Update Information:
Added BuildRequires: gcc
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 20 2018 Mohammed Isam <mohammed_isam1984(a)yahoo.com> 1.11-5
- Added BuildRequires: gcc
* Sat May 12 2018 Mohammed Isam <mohammed_isam1984(a)yahoo.com> 1.11-4
- Bugfixes
* Sat May 12 2018 Mohammed Isam <mohammed_isam1984(a)yahoo.com> 1.11-3
- Added missing copyright notice for ChangeLog file
* Fri May 11 2018 Mohammed Isam <mohammed_isam1984(a)yahoo.com> 1.11-2
- Added THANKS file and fixed missing copyright notices
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1604166 - gnudos: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1604166
--------------------------------------------------------------------------------
================================================================================
needrestart-3.3-1.el7 (FEDORA-EPEL-2018-8d246c1178)
Restart daemons after library updates
--------------------------------------------------------------------------------
Update Information:
This package has been introduced in Fedora a bit before F28 after having being
worked on for quite some time in Copr and there are no bugs since then. We've
been using it in production in OSAS with automatic restart of service for
months. This new version fixes a few bugs and I believe it is time to make it
available to EPEL now.
--------------------------------------------------------------------------------
================================================================================
python-certbot-dns-gehirn-0.26.1-1.el7 (FEDORA-EPEL-2018-d84efb5475)
Gehirn Infrastructure Service DNS Authenticator plugin for Certbot
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1602080 - Review Request: python-certbot-dns-gehirn - Gehirn Infrastructure
Service DNS Authenticator plugin for Certbot
https://bugzilla.redhat.com/show_bug.cgi?id=1602080
--------------------------------------------------------------------------------
================================================================================
python-certbot-dns-linode-0.26.1-1.el7 (FEDORA-EPEL-2018-42ce8bfab3)
Linode DNS Authenticator plugin for Certbot
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1602091 - Review Request: python-certbot-dns-linode - Linode DNS
Authenticator plugin for Certbot
https://bugzilla.redhat.com/show_bug.cgi?id=1602091
--------------------------------------------------------------------------------
================================================================================
python-certbot-dns-ovh-0.26.1-1.el7 (FEDORA-EPEL-2018-961c0ed2ac)
OVH DNS Authenticator plugin for Certbot
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1602109 - Review Request: python-certbot-dns-ovh - OVH DNS Authenticator
plugin for Certbot
https://bugzilla.redhat.com/show_bug.cgi?id=1602109
--------------------------------------------------------------------------------
================================================================================
python-certbot-dns-sakuracloud-0.26.1-1.el7 (FEDORA-EPEL-2018-2edc9b4586)
Sakura Cloud DNS Authenticator plugin for Certbot
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1602111 - Review Request: python-certbot-dns-sakuracloud - Sakura Cloud DNS
Authenticator plugin for Certbot
https://bugzilla.redhat.com/show_bug.cgi?id=1602111
--------------------------------------------------------------------------------
================================================================================
redis-3.2.12-1.el7 (FEDORA-EPEL-2018-8de40d24ca)
A persistent key-value database
--------------------------------------------------------------------------------
Update Information:
Upstream 3.2.12 security fix release. ---- Upstream 3.2.11 bug-fix-only
release
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 20 2018 Nathan Scott <nathans(a)redhat.com> - 3.2.12-1
- Upstream 3.2.12 security fix release.
- Fixes CVE-2017-15047: Lack clusterLoadConfig input validation (RHBZ #1499153)
- Fixes CVE-2018-11218: Heap corruption in lua_cmsgpack.c (RHBZ #1591537)
- Fixes CVE-2018-11219: Integer overflow in lua_struct.c b_unpack (RHBZ #1591538)
- Fixes CVE-2018-12326: code execution via a crafted command line (RHBZ #1594294)
* Tue Sep 26 2017 Nathan Scott <nathans(a)redhat.com> - 3.2.11-1
- Upstream 3.2.11 bug-fix-only release
- Switch to using Type=notify for Redis systemd services (RHBZ #1172841)
- Add Provides:bundled hiredis, linenoise, lua-libs clauses (RHBZ #788500)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1594294 - CVE-2018-12326 redis: code execution via a crafted command line
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1594294
[ 2 ] Bug #1592931 - /var/run/redis directory not created by RPM
(redis-3.2.11-1.el6.x86_64.rpm)
https://bugzilla.redhat.com/show_bug.cgi?id=1592931
[ 3 ] Bug #1591538 - CVE-2018-11219 redis: Integer overflow in lua_struct.c:b_unpack()
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1591538
[ 4 ] Bug #1591537 - CVE-2018-11218 redis: Heap corruption in lua_cmsgpack.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1591537
[ 5 ] Bug #1499153 - CVE-2017-15047 redis: Insufficient input validation in the
clusterLoadConfig function [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1499153
[ 6 ] Bug #1172841 - Service start returns success even when service fails to start
https://bugzilla.redhat.com/show_bug.cgi?id=1172841
[ 7 ] Bug #788500 - redis bundles jemalloc and hiredis and lua
https://bugzilla.redhat.com/show_bug.cgi?id=788500
--------------------------------------------------------------------------------