The following Fedora EPEL 7 Security updates need testing:
Age URL
935
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
697
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f
mcollective-2.8.4-1.el7
279
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d
libbsd-0.8.3-1.el7
177
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe
mod_cluster-1.3.3-10.el7
175
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5f9a6163b4
tnef-1.4.14-1.el7
174
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7ecb12e378
python-XStatic-jquery-ui-1.12.0.1-1.el7
41
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-17b77b3268
botan-1.10.16-1.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-9f88067c22
mpg123-1.25.6-1.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e27758bd23
libmspack-0.6-0.1.alpha.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-2795d59fcc
python3-numpy-1.10.4-5.el7
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-30a9c74908
php-horde-Horde-Image-2.5.2-1.el7
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5b07cc6958
wordpress-4.8.2-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8da6477f0a
moodle-3.1.8-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-3a2abe4898
php-horde-passwd-5.0.7-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-a3ae700da7
php-horde-wicked-2.0.8-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d49c1ef800
php-horde-nag-4.2.17-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-52b8147c68
openvpn-auth-ldap-2.0.3-15.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e3436f7a95
libbson-1.3.5-4.el7
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-9179bc1cf5
chromium-61.0.3163.100-1.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-3dcce634cb
MySQL-zrm-3.0-17.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-afdcf119f4
freexl-1.0.4-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
freexl-1.0.4-1.el7
globus-ftp-control-8.1-1.el7
globus-gass-copy-9.28-1.el7
globus-gridftp-server-12.3-1.el7
globus-gssapi-gsi-13.1-1.el7
gnucash-2.6.18-1.el7
gnucash-docs-2.6.18-1.el7
greenwave-0.2-1.el7
nmon-16g-3.el7
oci-kvm-hook-0.2-2.el7
perl-XML-SemanticDiff-1.0006-1.el7
redis-3.2.11-1.el7
waiverdb-0.3.1-1.el7
Details about builds:
================================================================================
freexl-1.0.4-1.el7 (FEDORA-EPEL-2017-afdcf119f4)
Library to extract data from within an Excel spreadsheet
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2017-2923 and CVE-2017-2924
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1490896 - CVE-2017-2924 freexl: Heap-based buffer overflow in the
read_legacy_biff function
https://bugzilla.redhat.com/show_bug.cgi?id=1490896
[ 2 ] Bug #1490898 - CVE-2017-2923 freexl: Heap-based buffer overflow in the
read_biff_next_record function
https://bugzilla.redhat.com/show_bug.cgi?id=1490898
--------------------------------------------------------------------------------
================================================================================
globus-ftp-control-8.1-1.el7 (FEDORA-EPEL-2017-1dc5d03ce3)
Globus Toolkit - GridFTP Control Library
--------------------------------------------------------------------------------
Update Information:
Globus Toolkit update. * globus-ftp-control 8.1 * globus-gass-copy 9.28 *
globus-gridftp-server 12.3 * globus-gssapi-gsi 13.1
--------------------------------------------------------------------------------
================================================================================
globus-gass-copy-9.28-1.el7 (FEDORA-EPEL-2017-1dc5d03ce3)
Globus Toolkit - Globus Gass Copy
--------------------------------------------------------------------------------
Update Information:
Globus Toolkit update. * globus-ftp-control 8.1 * globus-gass-copy 9.28 *
globus-gridftp-server 12.3 * globus-gssapi-gsi 13.1
--------------------------------------------------------------------------------
================================================================================
globus-gridftp-server-12.3-1.el7 (FEDORA-EPEL-2017-1dc5d03ce3)
Globus Toolkit - Globus GridFTP Server
--------------------------------------------------------------------------------
Update Information:
Globus Toolkit update. * globus-ftp-control 8.1 * globus-gass-copy 9.28 *
globus-gridftp-server 12.3 * globus-gssapi-gsi 13.1
--------------------------------------------------------------------------------
================================================================================
globus-gssapi-gsi-13.1-1.el7 (FEDORA-EPEL-2017-1dc5d03ce3)
Globus Toolkit - GSSAPI library
--------------------------------------------------------------------------------
Update Information:
Globus Toolkit update. * globus-ftp-control 8.1 * globus-gass-copy 9.28 *
globus-gridftp-server 12.3 * globus-gssapi-gsi 13.1
--------------------------------------------------------------------------------
================================================================================
gnucash-2.6.18-1.el7 (FEDORA-EPEL-2017-abd8cfa312)
Finance management application
--------------------------------------------------------------------------------
Update Information:
This updates GnuCash to 2.6.18, the latest stable release. For more information
on bugs fixed in this release, see the upstream release notes at:
http://gnucash.org/news.phtml#n-170924-2.6.18.news
--------------------------------------------------------------------------------
================================================================================
gnucash-docs-2.6.18-1.el7 (FEDORA-EPEL-2017-abd8cfa312)
Help files and documentation for the GnuCash personal finance manager
--------------------------------------------------------------------------------
Update Information:
This updates GnuCash to 2.6.18, the latest stable release. For more information
on bugs fixed in this release, see the upstream release notes at:
http://gnucash.org/news.phtml#n-170924-2.6.18.news
--------------------------------------------------------------------------------
================================================================================
greenwave-0.2-1.el7 (FEDORA-EPEL-2017-287ea137b7)
Service for gating on automated tests
--------------------------------------------------------------------------------
Update Information:
new upstream release 0.2.1:
--------------------------------------------------------------------------------
================================================================================
nmon-16g-3.el7 (FEDORA-EPEL-2017-a23ce691ec)
Nigel's performance Monitor for Linux
--------------------------------------------------------------------------------
Update Information:
Unretiring EPEL branches
--------------------------------------------------------------------------------
================================================================================
oci-kvm-hook-0.2-2.el7 (FEDORA-EPEL-2017-46a691889d)
Golang binary to mount /dev/kvm into OCI containers
--------------------------------------------------------------------------------
Update Information:
Initial release of oci-kvm-hook in EPEL
--------------------------------------------------------------------------------
================================================================================
perl-XML-SemanticDiff-1.0006-1.el7 (FEDORA-EPEL-2017-a5868e23c3)
Perl extension for comparing XML documents
--------------------------------------------------------------------------------
Update Information:
This update fixes the module treating a zero node value as the same as being
undefined or missing (
https://rt.cpan.org/Public/Bug/Display.html?id=84546).
--------------------------------------------------------------------------------
================================================================================
redis-3.2.11-1.el7 (FEDORA-EPEL-2017-2735f42785)
A persistent key-value database
--------------------------------------------------------------------------------
Update Information:
Upstream 3.2.11 bug-fix-only release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1172841 - Service start returns success even when service fails to start
https://bugzilla.redhat.com/show_bug.cgi?id=1172841
[ 2 ] Bug #788500 - redis bundles jemalloc and hiredis and lua
https://bugzilla.redhat.com/show_bug.cgi?id=788500
--------------------------------------------------------------------------------
================================================================================
waiverdb-0.3.1-1.el7 (FEDORA-EPEL-2017-958e6ea028)
Service for waiving results in ResultsDB
--------------------------------------------------------------------------------
Update Information:
Bump to 0.3.1-1 to fix a few minor issues. ---- New upstream release 0.3.1:
https://docs.pagure.org/waiverdb/release-notes.html#waiverdb-0-3
--------------------------------------------------------------------------------