The following Fedora EPEL 7 Security updates need testing: Age URL 716 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 479 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 197 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-23fa04bf1c redis-3.2.3-1.el7 181 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8f4ff76b3 chicken-4.11.0-3.el7 61 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e2cea1c22d python-cjson-1.1.0-9.el7 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-920059d2ed mingw-wavpack-5.1.0-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d5fe44714a cacti-1.0.3-3.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d1c56cd592 xrdp-0.9.1-5.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-759dd56b65 firebird-2.5.7.27050.0-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing cacti-1.0.3-3.el7 codec2-0.6-1.el7 dynafed-1.2.4-1.el7 elasticdump-2.2.0-2.el7 fedpkg-1.27-2.el7 firebird-2.5.7.27050.0-1.el7 freedv-1.2-1.el7 libmfx-1.19-1.20170114gita5ba231.el7 lugaru-1.2-1.el7 nextcloud-10.0.3-1.el7 pbuilder-0.228.3-2.el7 perl-Git-Wrapper-0.047-3.el7 perl-Parse-DebControl-2.005-10.el7 perl-X10-0.04-2.el7 prelude-lml-rules-3.1.0-1.el7 python-junit_xml-1.7-1.el7 python-speedtest-cli-1.0.2-1.el7 rabbitmq-server-3.3.5-33.el7 rpkg-1.49-1.el7 warzone2100-3.2.2-4.el7 xrdp-0.9.1-5.el7 ykpers-1.18.0-2.el7 Details about builds: ================================================================================ cacti-1.0.3-3.el7 (FEDORA-EPEL-2017-d5fe44714a) An rrd based graphing tool -------------------------------------------------------------------------------- Update Information: - Update to 1.0.3 Release notes: http://www.cacti.net/release_notes_1_0_0.php http://www.cacti.net/release_notes_1_0_1.php http://www.cacti.net/release_notes_1_0_2.php http://www.cacti.net/release_notes_1_0_3.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1400364 - Graph export tree view is broken https://bugzilla.redhat.com/show_bug.cgi?id=1400364 [ 2 ] Bug #1417494 - cacti-1.0.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1417494 [ 3 ] Bug #1417605 - CVE-2014-4000 cacti: Multiple issues fixed in 1.0.0 version [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1417605 [ 4 ] Bug #1422854 - cacti-1.0.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1422854 -------------------------------------------------------------------------------- ================================================================================ codec2-0.6-1.el7 (FEDORA-EPEL-2017-aca7b610af) Next-Generation Digital Voice for Two-Way Radio -------------------------------------------------------------------------------- Update Information: Update to latest upstream release. Includes new 700C mode support. -------------------------------------------------------------------------------- ================================================================================ dynafed-1.2.4-1.el7 (FEDORA-EPEL-2017-4f823cef8d) Ultra-scalable dynamic system for federating HTTP-based storage resources -------------------------------------------------------------------------------- Update Information: * new upstream release -------------------------------------------------------------------------------- ================================================================================ elasticdump-2.2.0-2.el7 (FEDORA-EPEL-2017-b849d5375f) Import and export tools for elasticsearch -------------------------------------------------------------------------------- Update Information: Fixdep async for all working versions (needed for epel) -------------------------------------------------------------------------------- ================================================================================ fedpkg-1.27-2.el7 (FEDORA-EPEL-2017-61adf7d645) Fedora utility for working with dist-git -------------------------------------------------------------------------------- Update Information: fedpkg - Python 3.6 invalid escape sequence deprecation fixes (ville.skytta) - Disable tag inheritance check - [#98](https://pagure.io/fedpkg/issue/98) (cqi) - Enable the fix to allow anonymous clone via https rpkg - More upload PyCURL fixes for EL 7 (merlin) - Move tag inheritance check into a separate method (cqi) ---- This version should fix chain building. -------------------------------------------------------------------------------- ================================================================================ firebird-2.5.7.27050.0-1.el7 (FEDORA-EPEL-2017-759dd56b65) SQL relational database management system -------------------------------------------------------------------------------- Update Information: update to 2.5.7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1425332 - firebird: Access to undesired external modules during 'Restrict' configuration mode [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1425332 -------------------------------------------------------------------------------- ================================================================================ freedv-1.2-1.el7 (FEDORA-EPEL-2017-aca7b610af) FreeDV Digital Voice -------------------------------------------------------------------------------- Update Information: Update to latest upstream release. Includes new 700C mode support. -------------------------------------------------------------------------------- ================================================================================ libmfx-1.19-1.20170114gita5ba231.el7 (FEDORA-EPEL-2017-4db90c730e) Intel hardware video acceleration dispatcher library -------------------------------------------------------------------------------- Update Information: Update to latest snapshot. -------------------------------------------------------------------------------- ================================================================================ lugaru-1.2-1.el7 (FEDORA-EPEL-2017-836511e8bb) Ninja rabbit fighting game -------------------------------------------------------------------------------- Update Information: Upgrade to v1.2 (#1421396) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1421396 - lugaru-1.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1421396 -------------------------------------------------------------------------------- ================================================================================ nextcloud-10.0.3-1.el7 (FEDORA-EPEL-2017-5a6a9ae10c) Private file sync and share server -------------------------------------------------------------------------------- Update Information: New package nextcloud, a fork of owncloud. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1360482 - Review Request: nextcloud - a private, secure way to share and access files https://bugzilla.redhat.com/show_bug.cgi?id=1360482 -------------------------------------------------------------------------------- ================================================================================ pbuilder-0.228.3-2.el7 (FEDORA-EPEL-2017-c837a68c52) Personal package builder for Debian packages -------------------------------------------------------------------------------- Update Information: Add pbuilder to epel7, devscripts and dependencies. unpush devscripts-2.17.1-3.el7 -------------------------------------------------------------------------------- ================================================================================ perl-Git-Wrapper-0.047-3.el7 (FEDORA-EPEL-2017-c837a68c52) Wrap git command-line interface for Perl -------------------------------------------------------------------------------- Update Information: Add pbuilder to epel7, devscripts and dependencies. unpush devscripts-2.17.1-3.el7 -------------------------------------------------------------------------------- ================================================================================ perl-Parse-DebControl-2.005-10.el7 (FEDORA-EPEL-2017-c837a68c52) Easy OO parsing of debian control-like files -------------------------------------------------------------------------------- Update Information: Add pbuilder to epel7, devscripts and dependencies. unpush devscripts-2.17.1-3.el7 -------------------------------------------------------------------------------- ================================================================================ perl-X10-0.04-2.el7 (FEDORA-EPEL-2017-650714234c) Enables Perl to communicate with X10 devices -------------------------------------------------------------------------------- Update Information: New package. Very simple, uncomplicated specfile. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1409869 - Review Request: perl-X10 - X10 perl module https://bugzilla.redhat.com/show_bug.cgi?id=1409869 -------------------------------------------------------------------------------- ================================================================================ prelude-lml-rules-3.1.0-1.el7 (FEDORA-EPEL-2017-6bd5b4f901) Prelude LML community ruleset -------------------------------------------------------------------------------- Update Information: Bump version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1423377 - Review Request: prelude-lml-rules https://bugzilla.redhat.com/show_bug.cgi?id=1423377 -------------------------------------------------------------------------------- ================================================================================ python-junit_xml-1.7-1.el7 (FEDORA-EPEL-2017-efff7df77e) python library for creating junit xml files -------------------------------------------------------------------------------- Update Information: New python library to create junit xml files, as used by the ansible junit callback plugin. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1422429 - Review Request: python-junit_xml - python library to create junit compatible XML files https://bugzilla.redhat.com/show_bug.cgi?id=1422429 -------------------------------------------------------------------------------- ================================================================================ python-speedtest-cli-1.0.2-1.el7 (FEDORA-EPEL-2017-f8ab429144) Command line interface for testing internet bandwidth using speedtest.net -------------------------------------------------------------------------------- Update Information: * Initial rpm-release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1425203 - Review Request: python-speedtest-cli - Command line interface for testing internet bandwidth using speedtest.net https://bugzilla.redhat.com/show_bug.cgi?id=1425203 -------------------------------------------------------------------------------- ================================================================================ rabbitmq-server-3.3.5-33.el7 (FEDORA-EPEL-2017-941cd18cb0) The RabbitMQ server -------------------------------------------------------------------------------- Update Information: * Backported fixes for GH#368, GH#714 -------------------------------------------------------------------------------- ================================================================================ rpkg-1.49-1.el7 (FEDORA-EPEL-2017-61adf7d645) Utility for interacting with rpm+git packaging systems -------------------------------------------------------------------------------- Update Information: fedpkg - Python 3.6 invalid escape sequence deprecation fixes (ville.skytta) - Disable tag inheritance check - [#98](https://pagure.io/fedpkg/issue/98) (cqi) - Enable the fix to allow anonymous clone via https rpkg - More upload PyCURL fixes for EL 7 (merlin) - Move tag inheritance check into a separate method (cqi) ---- This version should fix chain building. -------------------------------------------------------------------------------- ================================================================================ warzone2100-3.2.2-4.el7 (FEDORA-EPEL-2017-221434bf4b) Innovative 3D real-time strategy -------------------------------------------------------------------------------- Update Information: Update to 3.2.2 -------------------------------------------------------------------------------- ================================================================================ xrdp-0.9.1-5.el7 (FEDORA-EPEL-2017-d1c56cd592) Open source remote desktop protocol (RDP) server -------------------------------------------------------------------------------- Update Information: WARNING: Please note that this update comes with a slightly different syntax of sesman.ini file, so if you edited this file by hand, you may need to look at the .rpmnew file and merge any required changes by hand. This release also creates three files in /etc/xrdp directory if they don't already exist or are empty: - rsakeys.ini - cert.pem - key.pem Also note that in Fedora, the only backend that will really work is still Xvnc for now. New features - New xorgxrdp backend using existing Xorg with additional modules - Improvements to X11rdp backend - Support for IPv6 (disabled by default) - Initial support for RemoteFX Codec (disabled by default) - Support for TLS security layer (preferred over RDP layer if supported by the client) - Support for disabling deprecated SSLv3 protocol and for selecting custom cipher suites in xrdp.ini - Support for bidirectional fastpath (enabled in both directions by default) - Support clients that don't support drawing orders, such as MS RDP client for Android, ChromeRDP (disabled by default) - More configurable login screen - Support for new virtual channels: - - rdpdr: device redirection - - rdpsnd: audio output - - cliprdr: clipboard - - xrdpvr: xrdp video redirection channel (can be used along with NeutrinoRDP client) - Support for disabling virtual channels globally or by session type - Allow to specify the path for backends (Xorg, X11rdp, Xvnc) - Added files for systemd support - Multi-monitor support - xrdp-chansrv stroes logs in ${XDG_DATA_HOME}/xrdp now Security fixes - User's password could be recovered from the Xvnc password file - X11 authentication was not used -------------------------------------------------------------------------------- References: [ 1 ] Bug #1404972 - CVE-2013-1430 xrdp: Cleartext password shown in file after logging into xrdp session [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1404972 [ 2 ] Bug #1404971 - CVE-2013-1430 xrdp: Cleartext password shown in file after logging into xrdp session [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1404971 -------------------------------------------------------------------------------- ================================================================================ ykpers-1.18.0-2.el7 (FEDORA-EPEL-2017-4605731188) Yubikey personalization program -------------------------------------------------------------------------------- Update Information: update to 1.18.0 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
