The following Fedora EPEL 7 Security updates need testing: Age URL 836 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 598 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 181 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7 78 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe mod_cluster-1.3.3-10.el7 76 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5f9a6163b4 tnef-1.4.14-1.el7 75 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7ecb12e378 python-XStatic-jquery-ui-1.12.0.1-1.el7 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-340bb46b1d capnproto-0.5.3.1-1.el7 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4aae1e22f1 lxc-1.0.10-2.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d9786818e4 python-nbxmpp-0.5.6-1.el7 gajim-0.16.8-1.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-a8886eb42e cross-binutils-2.28-1.el7 cross-gcc-7.0.1-0.4.el7.1.1 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-30baf73207 chromium-59.0.3071.104-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-79e30f9d33 openvpn-2.4.3-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-640f33c8e5 php-horde-Horde-Image-2.5.0-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing bodhi-2.8.1-1.el7 datagrepper-0.8.0-1.el7 openvpn-2.4.3-1.el7 php-horde-Horde-Image-2.5.0-1.el7 python-argh-0.26.1-5.el7 python-datanommer-consumer-0.8.0-1.el7 python-datanommer-models-0.8.0-1.el7 rpmdeplint-1.3-2.el7 xorgxrdp-0.2.2-1.el7 Details about builds: ================================================================================ bodhi-2.8.1-1.el7 (FEDORA-EPEL-2017-275ff3ffd4) A modular framework that facilitates publishing software updates -------------------------------------------------------------------------------- Update Information: Update to [2.8.1](https://github.com/fedora-infra/bodhi/releases/tag/2.8.1) See also the [2.8.0](https://github.com/fedora-infra/bodhi/releases/tag/2.8.0) release notes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1463446 - bodhi-2.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1463446 -------------------------------------------------------------------------------- ================================================================================ datagrepper-0.8.0-1.el7 (FEDORA-EPEL-2017-e44355fc0a) A webapp to query fedmsg history -------------------------------------------------------------------------------- Update Information: Latest upstream. Includes improved support for stomp-based backends and some theme/UI improvements. ---- https://lists.fedoraproject.org/archives/list/infr astructure%40lists.fedoraproject.org/thread/ZQGHRAWVSRC6LUAP7P5KR2ZDRJYVP5MP/ -------------------------------------------------------------------------------- ================================================================================ openvpn-2.4.3-1.el7 (FEDORA-EPEL-2017-79e30f9d33) A full-featured SSL VPN solution -------------------------------------------------------------------------------- Update Information: Updates to the latest upstream OpenVPN 2.4.3, containing security updates for CVE-2017-7508, CVE-2017-7520 and CVE-2017-7521. This update also re-enables automatic restart of OpenVPN on the next updates. For this update, the restart needs to be done manually. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1463644 - CVE-2017-7508 CVE-2017-7520 CVE-2017-7521 CVE-2017-7522 openvpn: Multiple security issues fixed in OpenVPN 2.4.3 and 2.3.17 [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1463644 [ 2 ] Bug #1463647 - openvpn-2.4.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1463647 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Image-2.5.0-1.el7 (FEDORA-EPEL-2017-640f33c8e5) Horde Image API -------------------------------------------------------------------------------- Update Information: **Horde_Image 2.5.0** * [mjr] **SECURITY**: Prevent DOS attack by preventing an infinite loop in certain conditions (CVE-2017-9773, reported by Fariskhi Vidyan). * [mjr] **SECURITY**: Prevent RCE attacks by properly sanitizing shell arguments (CVE-2017-9774, reported by Fariskhi Vidyan). * [jan] Add blur effect. -------------------------------------------------------------------------------- ================================================================================ python-argh-0.26.1-5.el7 (FEDORA-EPEL-2017-4f60483749) Unobtrusive argparse wrapper with natural syntax -------------------------------------------------------------------------------- Update Information: * Adapt spec-file to recent guidelines * Initial build for EPEL 7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1181845 - Request for EPEL7 build of python-argh https://bugzilla.redhat.com/show_bug.cgi?id=1181845 -------------------------------------------------------------------------------- ================================================================================ python-datanommer-consumer-0.8.0-1.el7 (FEDORA-EPEL-2017-e44355fc0a) Hub consumer plugin for datanommer -------------------------------------------------------------------------------- Update Information: Latest upstream. Includes improved support for stomp-based backends and some theme/UI improvements. ---- https://lists.fedoraproject.org/archives/list/infr astructure%40lists.fedoraproject.org/thread/ZQGHRAWVSRC6LUAP7P5KR2ZDRJYVP5MP/ -------------------------------------------------------------------------------- ================================================================================ python-datanommer-models-0.8.0-1.el7 (FEDORA-EPEL-2017-e44355fc0a) SQLAlchemy models for datanommer -------------------------------------------------------------------------------- Update Information: Latest upstream. Includes improved support for stomp-based backends and some theme/UI improvements. ---- https://lists.fedoraproject.org/archives/list/infr astructure%40lists.fedoraproject.org/thread/ZQGHRAWVSRC6LUAP7P5KR2ZDRJYVP5MP/ -------------------------------------------------------------------------------- ================================================================================ rpmdeplint-1.3-2.el7 (FEDORA-EPEL-2017-a16b07515f) Tool to find errors in RPM packages in the context of their dependency graph -------------------------------------------------------------------------------- Update Information: The main rpmdeplint package now has a versioned requirement on its python3-rpmdeplint package, to ensure they stay in sync (RHBZ#1462047) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1462047 - Upgrading rpmdeplint resulted in a version mismatch https://bugzilla.redhat.com/show_bug.cgi?id=1462047 -------------------------------------------------------------------------------- ================================================================================ xorgxrdp-0.2.2-1.el7 (FEDORA-EPEL-2017-79a0835693) Implementation of xrdp backend as Xorg modules -------------------------------------------------------------------------------- Update Information: This version includes: - RemoteFX codec bandwidth optimization when app redraws aggressively - Some cleanups ex. use const pointer, use more suitable variable types -------------------------------------------------------------------------------- References: [ 1 ] Bug #1437053 - xorgxrdp-0.2.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1437053 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
