The following Fedora EPEL 7 Security updates need testing:
Age URL
146
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3835d39d1a
unrtf-0.21.9-8.el7
96
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-f9d6ff695a
bibutils-6.6-1.el7 ghc-hs-bibutils-6.6.0.0-1.el7 pandoc-citeproc-0.3.0.1-4.el7
80
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d
condor-8.6.11-1.el7
52
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3492a96896
myrepos-1.20180726-1.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-1104372fa7
teeworlds-0.6.5-1.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-bdb21ebc3f
drupal7-7.60-2.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-29716ed12f
php-pear-CAS-1.3.6-1.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-8876f503ce
libgit2-0.26.8-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
SDL2-2.0.9-1.el7
ansible-2.7.1-1.el7
autowrap-0.19.0-1.el7
beaker-26.0-1.el7
composer-1.7.3-1.el7
gfal2-2.16.1-1.el7
hub-2.6.0-1.el7
icecast-2.4.4-1.el7
llvm-3.4.2-9.el7
nss_wrapper-1.1.5-1.el7
php-composer-spdx-licenses-1.5.0-1.el7
php-phpmyadmin-sql-parser-4.2.5-1.el7
psblas3-3.5.2-5.el7
rust-1.30.0-6.el7.1
ucx-1.4.0-1.el7
xorgxrdp-0.2.8-3.el7
zchunk-0.9.14-1.el7
Details about builds:
================================================================================
SDL2-2.0.9-1.el7 (FEDORA-EPEL-2018-6b0cd098f7)
Cross-platform multimedia library
--------------------------------------------------------------------------------
Update Information:
Update to 2.0.9
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 2 2018 Tom Callaway <spot(a)fedoraproject.org> - 2.0.9-1
- update to 2.0.9
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.0.8-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
ansible-2.7.1-1.el7 (FEDORA-EPEL-2018-307427f9ab)
SSH-based configuration management, deployment, and task execution system
--------------------------------------------------------------------------------
Update Information:
Update to ansible 2.7.1. See
https://github.com/ansible/ansible/blob/stable-2.7/changelogs/CHANGELOG-v...
for full details.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 29 2018 Kevin Fenzi <kevin(a)scrye.com> - 2.7.1-1
- Update to 2.7.1.
--------------------------------------------------------------------------------
================================================================================
autowrap-0.19.0-1.el7 (FEDORA-EPEL-2018-3469269734)
Generates Python Extension modules from [Cython] PXD files
--------------------------------------------------------------------------------
Update Information:
- Update OpenMS to 2.4.0
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 30 2018 Antonio Trande <sagitterATfedoraproject.org> - 0.19.0-1
- Release 0.19.0
* Sat Sep 1 2018 Antonio Trande <sagitterATfedoraproject.org> - 0.17.0-4
- Deprecate python2 on fedora 30+
- Prepare SPEC file for python3 migration on epel7
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.17.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 0.17.0-2
- Rebuilt for Python 3.7
* Sat May 26 2018 Antonio Trande <sagitterATfedoraproject.org> - 0.17.0-1
- Update to 0.17.0
--------------------------------------------------------------------------------
================================================================================
beaker-26.0-1.el7 (FEDORA-EPEL-2018-bf8497bf22)
Full-stack software and hardware integration testing system
--------------------------------------------------------------------------------
Update Information:
New upstream 26.0
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 2 2018 Greg Hellings <greg.hellings(a)gmail.com> - 26.0-1
- New upstream 26.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1636072 - beaker-26.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1636072
--------------------------------------------------------------------------------
================================================================================
composer-1.7.3-1.el7 (FEDORA-EPEL-2018-1c67d22971)
Dependency Manager for PHP
--------------------------------------------------------------------------------
Update Information:
**Version 1.7.3** 2018-11-01 * Fixed handling of replace/conflict rules. This
may affect dependency resolution in some edge cases. * Fixed Bitbucket API
support and migrated all calls to API v2 as v1 is deprecated * Fixed support
for lib-openssl 1.1.1 having only lowercase algorithm names * Fixed escaping
of URLs in Perforce and Svn drivers * Fixed `show` command not respecting
`--path` when a single package name was given * Fixed regression in 1.7.2's
handling of metapackages
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 2 2018 Remi Collet <remi(a)remirepo.net> - 1.7.3-1
- update to 1.7.3
--------------------------------------------------------------------------------
================================================================================
gfal2-2.16.1-1.el7 (FEDORA-EPEL-2018-55f1f67800)
Grid file access library 2.0
--------------------------------------------------------------------------------
Update Information:
* new upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 1 2018 Andrea Manzi <amanzi at cern.ch> - 2.16.1-1
- Upgraded to upstream release 2.16.1
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.15.5-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Jul 6 2018 Andrea Manzi <amanzi at cern.ch> - 2.15.5-2
- Upgraded to upstream release 2.15.5-2
--------------------------------------------------------------------------------
================================================================================
hub-2.6.0-1.el7 (FEDORA-EPEL-2018-d76898af51)
A command-line wrapper for git with github shortcuts
--------------------------------------------------------------------------------
Update Information:
Release [Hub
2.6.0](https://github.com/github/hub/releases/tag/v2.6.0) #
Features * Use "scissors" line to delineate comments in editable messages
instead of stripping away lines that start with `#`. This helps preserve
Markdown headings in `hub pull-request`, `hub release create`, and similar
commands that open a text editor interactively. Everything above the following
line is kept in the message; everything below is discarded: ``` #
------------------------ >8 ------------------------ ``` * New command `hub
issue show <NUMBER>` * Add `hub release show --format=<FORMAT>` functionality
*
`hub pr list --format=%rs` lists requested reviewers * Add support for
communicating with GitHub Enterprise over Unix socket ``` # ~/.config/hub
example.com: user: USER oauth_token: TOKEN unix_socket: /path/to/socket
``` # Fixes * Prevent `hub create` setting a public upstream when creating a
private repo * Fix `hub create` in place of a renamed repo * Fix `hub release
create/edit/delete` when there are multiple git remotes * Auto-detect
private/pushable repos in `hub remote add` * Fix `hub ci-status` exit code when
there is only Checks * Allow `hub compare <RANGE>` even if not on any branch *
Ensure consistent sort direction when listing issues, PRs * Match requested team
names by slug instead of name in `hub pull-request -r <TEAM>`
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 1 2018 Stephen Gallagher <sgallagh(a)redhat.com> - 2.6.0-1
- Update to 2.6.0
-
https://github.com/github/hub/releases/tag/v2.6.0
- Features
* Use "scissors" line to delineate comments in editable messages instead of
stripping away lines that start with #
* New command `hub issue show <NUMBER>`
* Add `hub release show --format=<FORMAT>` functionality
* `hub pr list --format=%rs` lists requested reviewers
* Add support for communicating with GitHub Enterprise over Unix socket
- Fixes
* Prevent `hub create` setting a public upstream when creating a private repo
* Fix `hub release create/edit/delete` when there are multiple git remotes
* Auto-detect private/pushable repos in `hub remote add`
* Fix `hub ci-status` exit code when there is only Checks
* Allow `hub compare <RANGE>` even if not on any branch
* Ensure consistent sort direction when listing issues, PRs
* Match requested team names by slug instead of name in
`hub pull-request -r <TEAM>`
--------------------------------------------------------------------------------
================================================================================
icecast-2.4.4-1.el7 (FEDORA-EPEL-2018-dea9ade8c1)
ShoutCast compatible streaming media server
--------------------------------------------------------------------------------
Update Information:
This release fixes buffer overflows in URL authentication code (CVE-2018-18820),
a crash in htpasswd authentication if no filename is set, a crash on
xsltApplyStylesheet() error, and a crash on malformed Opus streams. It also
corrects global listener counter. It stops displaying hashed user passwords for
security concerns. It adds support for announcing Opus streams to YP catalogs.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 2 2018 Petr Pisar <ppisar(a)redhat.com> - 2.4.4-1
- 2.4.4 bump
- License declaration corrected from "GPLv2+" to "GPLv2+ and GPLv2 and BSD
and
MIT and FSFULLR and FSFUL"
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.4.3-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Feb 7 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.4.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
llvm-3.4.2-9.el7 (FEDORA-EPEL-2018-04b4b8f093)
The Low Level Virtual Machine
--------------------------------------------------------------------------------
Update Information:
Rebuild for OCaml 4.05 in RHEL 7.5.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 1 2018 Richard W.M. Jones <rjones(a)redhat.com> - 3.4.2-9
- Rebuild for OCaml 4.05 in RHEL 7.5.
--------------------------------------------------------------------------------
================================================================================
nss_wrapper-1.1.5-1.el7 (FEDORA-EPEL-2018-94477850d1)
A wrapper for the user, group and hosts NSS API
--------------------------------------------------------------------------------
Update Information:
Update to version 1.1.5
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 2 2018 Andreas Schneider <asn(a)redhat.com> - 1.1.5-1
- Update to version 1.1.5
--------------------------------------------------------------------------------
================================================================================
php-composer-spdx-licenses-1.5.0-1.el7 (FEDORA-EPEL-2018-31399ba954)
SPDX licenses list and validation library
--------------------------------------------------------------------------------
Update Information:
**Version 1.5.0** * Changed: updated licenses list (SPDX 3.3)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 2 2018 Remi Collet <remi(a)remirepo.net> - 1.5.0-1
- update to 1.5.0 (SPDX 3.3)
--------------------------------------------------------------------------------
================================================================================
php-phpmyadmin-sql-parser-4.2.5-1.el7 (FEDORA-EPEL-2018-ebcbfb7daf)
A validating SQL lexer and parser with a focus on MySQL dialect
--------------------------------------------------------------------------------
Update Information:
**Version 4.2.5** - 2018-10-31 * Fix issue with CREATE OR REPLACE VIEW.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 1 2018 Remi Collet <remi(a)remirepo.net> - 4.2.5-1
- update to 4.2.5
- switch to phpunit6
--------------------------------------------------------------------------------
================================================================================
psblas3-3.5.2-5.el7 (FEDORA-EPEL-2018-591d2fb2c5)
Parallel Sparse Basic Linear Algebra Subroutines
--------------------------------------------------------------------------------
Update Information:
- Update to 3.5.2-2
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 2 2018 Antonio Trande <sagitter(a)fedoraproject.org> - 3.5.2-5
- Enable MPI builds
* Fri Nov 2 2018 Antonio Trande <sagitter(a)fedoraproject.org> - 3.5.2-4
- Update to release 3.5.2-2
--------------------------------------------------------------------------------
================================================================================
rust-1.30.0-6.el7.1 (FEDORA-EPEL-2018-56ae103eff)
The Rust Programming Language
--------------------------------------------------------------------------------
Update Information:
New versions of Rust and related tools -- see the release notes for
[
1.30](https://blog.rust-lang.org/2018/10/25/Rust-1.30.0.html).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 1 2018 Josh Stone <jistone(a)redhat.com> - 1.30.0-6.1
- Rebuild without bootstrap binaries.
* Thu Oct 25 2018 Josh Stone <jistone(a)redhat.com> - 1.30.0-6
- Update to 1.30.0.
- Re-bootstrap ppc64le for rust#54545
--------------------------------------------------------------------------------
================================================================================
ucx-1.4.0-1.el7 (FEDORA-EPEL-2018-82740ceaa5)
UCX is a communication library implementing high-performance messaging
--------------------------------------------------------------------------------
Update Information:
See NEWS
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
xorgxrdp-0.2.8-3.el7 (FEDORA-EPEL-2018-56edc5a0ea)
Implementation of xrdp backend as Xorg modules
--------------------------------------------------------------------------------
Update Information:
Rebuild against current Xorg.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 2 2018 Bojan Smojver <bojan(a)rexursive.com> - 0.2.8-3
- Rebuild against Xorg 1.20.3
* Thu Oct 25 2018 Bojan Smojver <bojan(a)rexursive.com> - 0.2.8-2
- Rebuild against Xorg 1.20.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1644659 - xorgxrdp needs to be rebuilt (again) against new Xorg
https://bugzilla.redhat.com/show_bug.cgi?id=1644659
--------------------------------------------------------------------------------
================================================================================
zchunk-0.9.14-1.el7 (FEDORA-EPEL-2018-9091f95cd5)
Compressed file format that allows easy deltas
--------------------------------------------------------------------------------
Update Information:
This update does sanity checking when an application passes in a checksum to
verify. Before this release, applications could pass in non-hex values for the
checksum, which could cause zchunk to crash. Now non-hex values will be
rejected.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 1 2018 Jonathan Dieter <jdieter(a)gmail.com> - 0.9.14-1
- Sanity check hex hashes passed in as an option
--------------------------------------------------------------------------------