The following Fedora EPEL 7 Security updates need testing: Age URL 754 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 516 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 218 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8f4ff76b3 chicken-4.11.0-3.el7 98 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7 15 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-05ac8b1dc4 php-onelogin-php-saml-2.10.5-1.el7 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-3d518cd4b9 libgit2-0.24.6-1.el7 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5794ee2486 moodle-3.1.5-1.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7e4f45cad3 tcpreplay-4.2.1-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-99c7c2f382 xorgxrdp-0.2.1-1.el7 xrdp-0.9.2-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e9e451db03 chromium-57.0.2987.133-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing chromium-57.0.2987.133-1.el7 geronimo-jpa-1.1.1-19.el7 lynis-2.4.8-1.el7 pluma-1.16.1-1.el7 python-bugzilla-2.1.0-1.el7 python-flask-oidc-1.1.1-1.el7 rpkg-1.49-2.el7 unifont-9.0.06-2.el7 xorgxrdp-0.2.1-1.el7 xrdp-0.9.2-1.el7 Details about builds: ================================================================================ chromium-57.0.2987.133-1.el7 (FEDORA-EPEL-2017-e9e451db03) A WebKit (Blink) powered web browser -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-5055, CVE-2017-5054, CVE-2017-5052, CVE-2017-5056, CVE-2017-5053 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1437353 - CVE-2017-5053 chromium-browser: out of bounds memory access in v8 https://bugzilla.redhat.com/show_bug.cgi?id=1437353 [ 2 ] Bug #1437352 - CVE-2017-5056 chromium-browser: use after free in blink https://bugzilla.redhat.com/show_bug.cgi?id=1437352 [ 3 ] Bug #1437351 - CVE-2017-5052 chromium-browser: bad cast in blink https://bugzilla.redhat.com/show_bug.cgi?id=1437351 [ 4 ] Bug #1437350 - CVE-2017-5054 chromium-browser: heap buffer overflow in v8 https://bugzilla.redhat.com/show_bug.cgi?id=1437350 [ 5 ] Bug #1437348 - CVE-2017-5055 chromium-browser: use after free in printing https://bugzilla.redhat.com/show_bug.cgi?id=1437348 -------------------------------------------------------------------------------- ================================================================================ geronimo-jpa-1.1.1-19.el7 (FEDORA-EPEL-2017-1452db417d) Java persistence API implementation -------------------------------------------------------------------------------- Update Information: Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ lynis-2.4.8-1.el7 (FEDORA-EPEL-2017-eb42c0fc2b) Security and system auditing tool -------------------------------------------------------------------------------- Update Information: Update to 2.4.8 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1437271 - lynis-2.4.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1437271 -------------------------------------------------------------------------------- ================================================================================ pluma-1.16.1-1.el7 (FEDORA-EPEL-2017-3456599801) Text editor for the MATE desktop -------------------------------------------------------------------------------- Update Information: - update to 1.16.1 -------------------------------------------------------------------------------- ================================================================================ python-bugzilla-2.1.0-1.el7 (FEDORA-EPEL-2017-4870805726) python2 library for interacting with Bugzilla -------------------------------------------------------------------------------- Update Information: * Rebased to version 2.1.0 * Support for bugzilla 5 API Keys (Dustin J. Mitchell) * bugzillarc can be used to set default URL for the cli tool * Revive update_flags wrapper * Bug fixes and minor improvements ---- * Rebased to version 2.0.0 * Several fixes for use with bugzilla 5 * This release contains several smallish API breaks: * Bugzilla.bug_autorefresh now defaults to False * Credentials are now cached in ~/.cache/python-bugzilla/ * bin/bugzilla was converted to argparse * bugzilla query --boolean_chart option is removed * Unify command line flags across sub commands -------------------------------------------------------------------------------- ================================================================================ python-flask-oidc-1.1.1-1.el7 (FEDORA-EPEL-2017-42113bf2bc) An openID Connect support for Flask -------------------------------------------------------------------------------- Update Information: Branch for EPEL7. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1437531 - Build and update for EPEL7 https://bugzilla.redhat.com/show_bug.cgi?id=1437531 -------------------------------------------------------------------------------- ================================================================================ rpkg-1.49-2.el7 (FEDORA-EPEL-2017-5d0bd36b1a) Python library for interacting with rpm+git -------------------------------------------------------------------------------- Update Information: Rename pyrpkg to python2-rpkg. Currently, only Python 2 package is available. Test cases: - installing ``python2-rpkg`` will replace ``pyrpkg`` with ``python2-rpkg`` - installing ``fedpkg`` should select ``python2-rpkg`` - original package ``rpkg``, which contains example CLI, is moved to ``%{_datadir}/rpkg/examples/cli`` -------------------------------------------------------------------------------- References: [ 1 ] Bug #1400592 - Rename subpackage pyrpkg to python2-rpkg https://bugzilla.redhat.com/show_bug.cgi?id=1400592 -------------------------------------------------------------------------------- ================================================================================ unifont-9.0.06-2.el7 (FEDORA-EPEL-2017-e102da4a95) Tools and glyph descriptions in a very simple text format -------------------------------------------------------------------------------- Update Information: Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ xorgxrdp-0.2.1-1.el7 (FEDORA-EPEL-2017-99c7c2f382) Implementation of xrdp backend as Xorg modules -------------------------------------------------------------------------------- Update Information: New upstream version of xorgxrdp and xrdp: New features in xrdp: - RemoteFX codec support is now enabled by default. - Bitmap updates support is now enabled by default. - TLS ciphers suites and version is now logged. - Connected computer name is now logged. - Switched to Xorg (xorgxrdp) as the default backend now. - Miscellaneous RemoteFX codec mode improvements. - Socket directory is configurable at the compile time. Bugfixes in xrdp: - Parallels client for MacOS / iOS can now connect (audio redirection must be disabled on client or xrdp server though). - MS RDP client for iOS can now connect using TLS security layer. - MS RDP client for Android can now connect to xrdp. - Large resolutions (4K) can be used with RemoteFX graphics. - Multiple RemoteApps can be opened throguh NeutrinoRDP proxy. - tls_ciphers in xrdp.ini is not limited to 63 chars anymore, it's variable-length. - Fixed an issue where tls_ciphers were ignored and rdp security layer could be used instead. - Kill disconnected sessions feature is working with Xorg (xorgxrdp) backend. - Miscellaneous code cleanup and memory issues fixes. Rebuild of xrdp requiring both xorgxrdp and tigervnc- minimal. VNC is still the default. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1433958 - CVE-2017-6967 xrdp: Incorrect placement of auth_start_session() [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1433958 -------------------------------------------------------------------------------- ================================================================================ xrdp-0.9.2-1.el7 (FEDORA-EPEL-2017-99c7c2f382) Open source remote desktop protocol (RDP) server -------------------------------------------------------------------------------- Update Information: New upstream version of xorgxrdp and xrdp: New features in xrdp: - RemoteFX codec support is now enabled by default. - Bitmap updates support is now enabled by default. - TLS ciphers suites and version is now logged. - Connected computer name is now logged. - Switched to Xorg (xorgxrdp) as the default backend now. - Miscellaneous RemoteFX codec mode improvements. - Socket directory is configurable at the compile time. Bugfixes in xrdp: - Parallels client for MacOS / iOS can now connect (audio redirection must be disabled on client or xrdp server though). - MS RDP client for iOS can now connect using TLS security layer. - MS RDP client for Android can now connect to xrdp. - Large resolutions (4K) can be used with RemoteFX graphics. - Multiple RemoteApps can be opened throguh NeutrinoRDP proxy. - tls_ciphers in xrdp.ini is not limited to 63 chars anymore, it's variable-length. - Fixed an issue where tls_ciphers were ignored and rdp security layer could be used instead. - Kill disconnected sessions feature is working with Xorg (xorgxrdp) backend. - Miscellaneous code cleanup and memory issues fixes. Rebuild of xrdp requiring both xorgxrdp and tigervnc- minimal. VNC is still the default. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1433958 - CVE-2017-6967 xrdp: Incorrect placement of auth_start_session() [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1433958 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx