The following Fedora EPEL 7 Security updates need testing: Age URL 760 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 523 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 225 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8f4ff76b3 chicken-4.11.0-3.el7 105 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7 21 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-05ac8b1dc4 php-onelogin-php-saml-2.10.5-1.el7 15 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-3d518cd4b9 libgit2-0.24.6-1.el7 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7e4f45cad3 tcpreplay-4.2.1-1.el7 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e9e451db03 chromium-57.0.2987.133-1.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-1ae79d206b ReviewBoard-2.5.10-1.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d9e3bfe77d php-horde-Horde-Crypt-2.7.6-1.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7889b3b509 libupnp-1.6.21-1.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe mod_cluster-1.3.3-10.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-99c7c2f382 xorgxrdp-0.2.1-1.el7 xrdp-0.9.2-4.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-45845d256f python-django-1.6.11.6-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5f9a6163b4 tnef-1.4.14-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7ecb12e378 python-XStatic-jquery-ui-1.12.0.1-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing beaker-24.2-1.el7 fedfind-3.5.3-1.el7 golang-github-milochristiansen-axis2-0-0.3.git20ad745.el7 libidn2-2.0.0-1.el7 pam_mapi-0.3.2-1.el7 python-XStatic-jquery-ui-1.12.0.1-1.el7 sysbench-1.0.5-1.el7 xorgxrdp-0.2.1-1.el7 xrdp-0.9.2-4.el7 Details about builds: ================================================================================ beaker-24.2-1.el7 (FEDORA-EPEL-2017-4c4a4bcd77) Full-stack software and hardware integration testing system -------------------------------------------------------------------------------- Update Information: Upstream release 24.2 -------------------------------------------------------------------------------- ================================================================================ fedfind-3.5.3-1.el7 (FEDORA-EPEL-2017-6962510d2b) Fedora compose and image finder -------------------------------------------------------------------------------- Update Information: This update provides a new release of fedfind. It adds the PowerPC, S390 and ARM secondary arch compose locations to the 'known URL prefixes' whitelist, which means that if you pass `get_release` a URL in one of these locations, it will return a generic `Pungi4Compose` instance. `get_release` would always return a generic `Pungi4Compose` instance for any URL it could not match to a known release type prior to fedfind 3.4.0, but this was changed in 3.4.0 to only do so for 'known' URL prefixes, as a security measure. Also, `helpers.parse_cid` now accepts compose IDs for composes with 'FACD' as their short name. This will prevent relvalconsumer throwing exceptions whenever one of these composes appears. -------------------------------------------------------------------------------- ================================================================================ golang-github-milochristiansen-axis2-0-0.3.git20ad745.el7 (FEDORA-EPEL-2017-fe6485afd2) A simple virtual filesystem API -------------------------------------------------------------------------------- Update Information: A simple virtual filesystem API -------------------------------------------------------------------------------- References: [ 1 ] Bug #1411961 - Review Request: golang-github-milochristiansen-axis2 - A simple virtual filesystem API https://bugzilla.redhat.com/show_bug.cgi?id=1411961 -------------------------------------------------------------------------------- ================================================================================ libidn2-2.0.0-1.el7 (FEDORA-EPEL-2017-41e18fbc17) Library to support IDNA2008 internationalized domain names -------------------------------------------------------------------------------- Update Information: Libidn2 2.0.0 (released 2017-03-29) =================================== * Added to ASCII conversion functions corresponding to libidn1 functions: - idn2_to_ascii_4i - idn2_to_ascii_4z - idn2_to_ascii_8z - idn2_to_ascii_lz * Added to unicode conversion functions corresponding to libidn1 functions: - idn2_to_unicode_8z4z - idn2_to_unicode_4z4z - idn2_to_unicode_44i - idn2_to_unicode_8z8z - idn2_to_unicode_8zlz - idn2_to_unicode_lzlz * The idn2 manual page is generated from markdown text instead of utilizing help2man on the generated tool. * Including idn2.h will provide libidn1 compatibility functions unless IDN2_SKIP_LIBIDN_COMPAT is defined. That allows converting applications from libidn1 (which offers IDNA2003) to libidn2 (which offers IDNA2008) by replacing idna.h to idn2.h in the applications' source. * API and ABI is backwards compatible with the previous version. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1439727 - update libidn2 to 2.0.0 https://bugzilla.redhat.com/show_bug.cgi?id=1439727 -------------------------------------------------------------------------------- ================================================================================ pam_mapi-0.3.2-1.el7 (FEDORA-EPEL-2017-da5de45de8) PAM module for authentication via MAPI against a Zarafa server -------------------------------------------------------------------------------- Update Information: Update to pam_mapi 0.3.1 -------------------------------------------------------------------------------- ================================================================================ python-XStatic-jquery-ui-1.12.0.1-1.el7 (FEDORA-EPEL-2017-7ecb12e378) jquery-ui (XStatic packaging standard) -------------------------------------------------------------------------------- Update Information: Security fix for `CVE-2016-7103 ` -------------------------------------------------------------------------------- References: [ 1 ] Bug #1360286 - CVE-2016-7103 jquery-ui: cross-site scripting in dialog closeText https://bugzilla.redhat.com/show_bug.cgi?id=1360286 -------------------------------------------------------------------------------- ================================================================================ sysbench-1.0.5-1.el7 (FEDORA-EPEL-2017-c929a8c5fa) System performance benchmark -------------------------------------------------------------------------------- Update Information: sysbench 1.0.5 contains additional fixes ---- Update to version 1.0.x : - Lua scripts instead of hard-coded C tests for database ("oltp") benchmarks + ability to create custom workloads - much better single-threaded performance - much better scalability - improvements and cleanups in command line syntax and options - latency histograms in cumulative statistic reports -report hooks to print statistics in custom formats (CSV/JSON/XML/etc.) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1424670 - sysbench-1.0.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1424670 [ 2 ] Bug #1419273 - Rebase to the version 1.0.0 https://bugzilla.redhat.com/show_bug.cgi?id=1419273 [ 3 ] Bug #1439713 - sysbench-1.0.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1439713 -------------------------------------------------------------------------------- ================================================================================ xorgxrdp-0.2.1-1.el7 (FEDORA-EPEL-2017-99c7c2f382) Implementation of xrdp backend as Xorg modules -------------------------------------------------------------------------------- Update Information: New upstream version of xorgxrdp and xrdp: New features in xrdp: - RemoteFX codec support is now enabled by default. - Bitmap updates support is now enabled by default. - TLS ciphers suites and version is now logged. - Connected computer name is now logged. - Switched to Xorg (xorgxrdp) as the default backend now. - Miscellaneous RemoteFX codec mode improvements. - Socket directory is configurable at the compile time. Bugfixes in xrdp: - Parallels client for MacOS / iOS can now connect (audio redirection must be disabled on client or xrdp server though). - MS RDP client for iOS can now connect using TLS security layer. - MS RDP client for Android can now connect to xrdp. - Large resolutions (4K) can be used with RemoteFX graphics. - Multiple RemoteApps can be opened throguh NeutrinoRDP proxy. - tls_ciphers in xrdp.ini is not limited to 63 chars anymore, it's variable-length. - Fixed an issue where tls_ciphers were ignored and rdp security layer could be used instead. - Kill disconnected sessions feature is working with Xorg (xorgxrdp) backend. - Miscellaneous code cleanup and memory issues fixes. Rebuild of xrdp requiring both xorgxrdp and tigervnc- minimal. VNC is still the default. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1433958 - CVE-2017-6967 xrdp: Incorrect placement of auth_start_session() [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1433958 -------------------------------------------------------------------------------- ================================================================================ xrdp-0.9.2-4.el7 (FEDORA-EPEL-2017-99c7c2f382) Open source remote desktop protocol (RDP) server -------------------------------------------------------------------------------- Update Information: New upstream version of xorgxrdp and xrdp: New features in xrdp: - RemoteFX codec support is now enabled by default. - Bitmap updates support is now enabled by default. - TLS ciphers suites and version is now logged. - Connected computer name is now logged. - Switched to Xorg (xorgxrdp) as the default backend now. - Miscellaneous RemoteFX codec mode improvements. - Socket directory is configurable at the compile time. Bugfixes in xrdp: - Parallels client for MacOS / iOS can now connect (audio redirection must be disabled on client or xrdp server though). - MS RDP client for iOS can now connect using TLS security layer. - MS RDP client for Android can now connect to xrdp. - Large resolutions (4K) can be used with RemoteFX graphics. - Multiple RemoteApps can be opened throguh NeutrinoRDP proxy. - tls_ciphers in xrdp.ini is not limited to 63 chars anymore, it's variable-length. - Fixed an issue where tls_ciphers were ignored and rdp security layer could be used instead. - Kill disconnected sessions feature is working with Xorg (xorgxrdp) backend. - Miscellaneous code cleanup and memory issues fixes. Rebuild of xrdp requiring both xorgxrdp and tigervnc- minimal. VNC is still the default. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1433958 - CVE-2017-6967 xrdp: Incorrect placement of auth_start_session() [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1433958 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
