The following Fedora EPEL 7 Security updates need testing: Age URL 759 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 522 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 224 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8f4ff76b3 chicken-4.11.0-3.el7 104 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7 20 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-05ac8b1dc4 php-onelogin-php-saml-2.10.5-1.el7 14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-3d518cd4b9 libgit2-0.24.6-1.el7 14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5794ee2486 moodle-3.1.5-1.el7 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7e4f45cad3 tcpreplay-4.2.1-1.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e9e451db03 chromium-57.0.2987.133-1.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-99c7c2f382 xorgxrdp-0.2.1-1.el7 xrdp-0.9.2-3.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-1ae79d206b ReviewBoard-2.5.10-1.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d9e3bfe77d php-horde-Horde-Crypt-2.7.6-1.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7889b3b509 libupnp-1.6.21-1.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe mod_cluster-1.3.3-10.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-45845d256f python-django-1.6.11.6-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5f9a6163b4 tnef-1.4.14-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing bean-validation-api-1.1.0-8.el7 cacti-1.1.2-1.el7 dictd-1.12.1-14.el7 dkms-2.3-4.20170313git974d838.el7 gnuchess-6.2.4-2.el7 google-gson-2.3.1-7.el7 jboss-annotations-1.2-api-1.0.0-3.el7 jboss-ejb3-ext-api-2.2.0-3.el7 jboss-el-3.0-api-1.0.5-3.el7 jboss-jms-2.0-api-1.0.0-3.el7 jboss-jsp-2.3-api-1.0.1-3.el7 jboss-servlet-3.1-api-1.0.0-3.el7 kompose-0.5.0-0.1.el7 libmediainfo-0.7.94-1.el7 libzen-0.4.35-1.el7 lldpd-0.9.7-5.el7 mediainfo-0.7.94-1.el7 mingw-libidn2-2.0.0-1.el7 mote-0.6.1-4.el7 oneko-1.2-18.el7 pdc-updater-0.5.5-1.el7 pylint-1.6.5-4.el7 python-django-1.6.11.6-1.el7 tnef-1.4.14-1.el7 tripwire-2.4.3.5-1.el7 xonotic-0.8.2-2.el7 Details about builds: ================================================================================ bean-validation-api-1.1.0-8.el7 (FEDORA-EPEL-2017-7d25e7fd78) Bean Validation API (JSR 349) -------------------------------------------------------------------------------- Update Information: Disable doclint -------------------------------------------------------------------------------- ================================================================================ cacti-1.1.2-1.el7 (FEDORA-EPEL-2017-f6a96218be) An rrd based graphing tool -------------------------------------------------------------------------------- Update Information: - Update to 1.1.2 Release notes: http://www.cacti.net/release_notes_1_1_2.php ---- - Update to 1.1.1 Release notes: http://www.cacti.net/release_notes_1_0_5.php http://www.cacti.net/release_notes_1_0_6.php http://www.cacti.net/release_notes_1_1_0.php http://www.cacti.net/release_notes_1_1_1.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1438425 - cacti-1.1.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1438425 [ 2 ] Bug #1430893 - cacti package is missing requires php-gd php-posix https://bugzilla.redhat.com/show_bug.cgi?id=1430893 [ 3 ] Bug #1431597 - cacti-1.0.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1431597 [ 4 ] Bug #1432443 - cacti-1.0.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1432443 [ 5 ] Bug #1433932 - cacti-1.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1433932 [ 6 ] Bug #1436665 - cacti-1.1.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1436665 -------------------------------------------------------------------------------- ================================================================================ dictd-1.12.1-14.el7 (FEDORA-EPEL-2017-c043a26467) DICT protocol (RFC 2229) server and command-line client -------------------------------------------------------------------------------- Update Information: Unify SPEC file to one version for all distributions. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1116553 - Make available for EPEL-6 https://bugzilla.redhat.com/show_bug.cgi?id=1116553 -------------------------------------------------------------------------------- ================================================================================ dkms-2.3-4.20170313git974d838.el7 (FEDORA-EPEL-2017-70ba4182c0) Dynamic Kernel Module Support Framework -------------------------------------------------------------------------------- Update Information: Do not attempt to always install the "base" kernel-devel package even if the correct variant is already installed. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1421106 - Switch from Requires kernel-devel to kernel-devel-uname-r https://bugzilla.redhat.com/show_bug.cgi?id=1421106 [ 2 ] Bug #1436840 - on i386, dkms specifically requires kernel-devel and not kernel-PAE-devel https://bugzilla.redhat.com/show_bug.cgi?id=1436840 -------------------------------------------------------------------------------- ================================================================================ gnuchess-6.2.4-2.el7 (FEDORA-EPEL-2017-3cc309d8e8) The GNU chess program -------------------------------------------------------------------------------- Update Information: New branch -------------------------------------------------------------------------------- References: [ 1 ] Bug #1439719 - Please add EPEL7 branch https://bugzilla.redhat.com/show_bug.cgi?id=1439719 -------------------------------------------------------------------------------- ================================================================================ google-gson-2.3.1-7.el7 (FEDORA-EPEL-2017-11a0f1df4d) Java lib for conversion of Java objects into JSON representation -------------------------------------------------------------------------------- Update Information: Disable doclint -------------------------------------------------------------------------------- ================================================================================ jboss-annotations-1.2-api-1.0.0-3.el7 (FEDORA-EPEL-2017-5d6485031e) Common Annotations 1.2 API -------------------------------------------------------------------------------- Update Information: Disable doclint -------------------------------------------------------------------------------- ================================================================================ jboss-ejb3-ext-api-2.2.0-3.el7 (FEDORA-EPEL-2017-310455d38f) JBoss EJB 3 Extension API -------------------------------------------------------------------------------- Update Information: Disable doclint -------------------------------------------------------------------------------- ================================================================================ jboss-el-3.0-api-1.0.5-3.el7 (FEDORA-EPEL-2017-cd8f0c1d53) JSR-341 Expression Language 3.0 API -------------------------------------------------------------------------------- Update Information: Source 1.7 for diamond support operator -------------------------------------------------------------------------------- ================================================================================ jboss-jms-2.0-api-1.0.0-3.el7 (FEDORA-EPEL-2017-0486d949cc) JBoss JMS API 2.0 Spec -------------------------------------------------------------------------------- Update Information: Disable doclint -------------------------------------------------------------------------------- ================================================================================ jboss-jsp-2.3-api-1.0.1-3.el7 (FEDORA-EPEL-2017-61044d7f10) JavaServer Pages 2.3 API (JSP) -------------------------------------------------------------------------------- Update Information: Disable doclint -------------------------------------------------------------------------------- ================================================================================ jboss-servlet-3.1-api-1.0.0-3.el7 (FEDORA-EPEL-2017-cafee6b49c) Java Servlet 3.1 API -------------------------------------------------------------------------------- Update Information: Disable doclint -------------------------------------------------------------------------------- ================================================================================ kompose-0.5.0-0.1.el7 (FEDORA-EPEL-2017-e402bf9b5a) Tool to move from 'docker-compose' to Kubernetes -------------------------------------------------------------------------------- Update Information: Update to kompose version 0.5.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1435032 - kompose-v0.5.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1435032 -------------------------------------------------------------------------------- ================================================================================ libmediainfo-0.7.94-1.el7 (FEDORA-EPEL-2017-4b93792bfa) Library for supplies technical and tag information about a video or audio file -------------------------------------------------------------------------------- Update Information: Updae to last MediaInfo release. -------------------------------------------------------------------------------- ================================================================================ libzen-0.4.35-1.el7 (FEDORA-EPEL-2017-4b93792bfa) Shared library for libmediainfo and medianfo* -------------------------------------------------------------------------------- Update Information: Updae to last MediaInfo release. -------------------------------------------------------------------------------- ================================================================================ lldpd-0.9.7-5.el7 (FEDORA-EPEL-2017-fe76c20831) ISC-licensed implementation of LLDP -------------------------------------------------------------------------------- Update Information: New package for the LLDP daemon -------------------------------------------------------------------------------- References: [ 1 ] Bug #1438853 - Review Request: lldpd - an ISC-licensed implementation of LLDP https://bugzilla.redhat.com/show_bug.cgi?id=1438853 -------------------------------------------------------------------------------- ================================================================================ mediainfo-0.7.94-1.el7 (FEDORA-EPEL-2017-4b93792bfa) Supplies technical and tag information about a video or audio file (CLI) -------------------------------------------------------------------------------- Update Information: Updae to last MediaInfo release. -------------------------------------------------------------------------------- ================================================================================ mingw-libidn2-2.0.0-1.el7 (FEDORA-EPEL-2017-7426f27045) MinGW Windows Internationalized Domain Name 2008 support library -------------------------------------------------------------------------------- Update Information: New upstream release -------------------------------------------------------------------------------- ================================================================================ mote-0.6.1-4.el7 (FEDORA-EPEL-2017-47926d2699) A MeetBot log wrangler, providing a user-friendly interface for Fedora's logs -------------------------------------------------------------------------------- Update Information: Fixes exception logging, adds deep links, adds more descriptive icons. -------------------------------------------------------------------------------- References: [ 1 ] Bug #94 - script 'rc' glob is too general https://bugzilla.redhat.com/show_bug.cgi?id=94 -------------------------------------------------------------------------------- ================================================================================ oneko-1.2-18.el7 (FEDORA-EPEL-2017-d62503c52f) Cat chases the cursor -------------------------------------------------------------------------------- Update Information: Introduction of the package into EPEL-7 -------------------------------------------------------------------------------- ================================================================================ pdc-updater-0.5.5-1.el7 (FEDORA-EPEL-2017-af6176ad55) Update the product definition center in response to fedmsg -------------------------------------------------------------------------------- Update Information: Latest upstream. -------------------------------------------------------------------------------- ================================================================================ pylint-1.6.5-4.el7 (FEDORA-EPEL-2017-a40f89d2de) Analyzes Python code looking for bugs and signs of poor quality -------------------------------------------------------------------------------- Update Information: Provide python major version links (bug #1439070) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1439070 - New name for pylint binaries makes it unusable for automatic testing https://bugzilla.redhat.com/show_bug.cgi?id=1439070 -------------------------------------------------------------------------------- ================================================================================ python-django-1.6.11.6-1.el7 (FEDORA-EPEL-2017-45845d256f) A high-level Python Web framework -------------------------------------------------------------------------------- Update Information: Update to the latest Django 1.6.11.6 security release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1390687 - CVE-2016-9013 CVE-2016-9014 python-django: various flaws [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1390687 [ 2 ] Bug #1379489 - CVE-2016-7401 python-django: CSRF protection bypass on a site with Google Analytics [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1379489 -------------------------------------------------------------------------------- ================================================================================ tnef-1.4.14-1.el7 (FEDORA-EPEL-2017-5f9a6163b4) Extract files from email attachments like WINMAIL.DAT -------------------------------------------------------------------------------- Update Information: Release 1.4.14 includes security bug fixes introduced in 1.4.13 and a further bug fix. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1427435 - CVE-2017-6307 CVE-2017-6308 CVE-2017-6309 CVE-2017-6310 tnef: Multiple vulnerabilities fixed in 1.4.13 [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1427435 -------------------------------------------------------------------------------- ================================================================================ tripwire-2.4.3.5-1.el7 (FEDORA-EPEL-2017-aa5ed15389) IDS (Intrusion Detection System) -------------------------------------------------------------------------------- Update Information: update to 2.4.3.5 -------------------------------------------------------------------------------- ================================================================================ xonotic-0.8.2-2.el7 (FEDORA-EPEL-2017-e1707361ba) Multiplayer, deathmatch oriented first person shooter -------------------------------------------------------------------------------- Update Information: Build dedicated server. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1203793 - xonotic-dedicated fails to build https://bugzilla.redhat.com/show_bug.cgi?id=1203793 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx