The following Fedora EPEL 7 Security updates need testing: Age URL 844 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 606 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 188 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7 86 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe mod_cluster-1.3.3-10.el7 84 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5f9a6163b4 tnef-1.4.14-1.el7 83 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7ecb12e378 python-XStatic-jquery-ui-1.12.0.1-1.el7 18 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4aae1e22f1 lxc-1.0.10-2.el7 14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d9786818e4 python-nbxmpp-0.5.6-1.el7 gajim-0.16.8-1.el7 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-30baf73207 chromium-59.0.3071.104-1.el7 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-abfcb66c76 python-djblets-0.9.8-1.el7 ReviewBoard-2.5.13.1-1.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5ab90c7180 zabbix20-2.0.21-1.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-eb357ac3b3 zabbix22-2.2.18-1.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7c2e699925 catdoc-0.95-1.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-52b6bc17c1 globus-xio-5.16-1.el7 globus-net-manager-0.17-1.el7 globus-gass-cache-program-6.7-1.el7 globus-gass-copy-9.27-1.el7 globus-gssapi-gsi-12.16-1.el7 globus-gram-job-manager-14.36-1.el7 globus-gridftp-server-12.2-1.el7 globus-io-11.9-1.el7 globus-xio-gsi-driver-3.11-1.el7 globus-xio-pipe-driver-3.10-1.el7 globus-xio-udt-driver-1.27-1.el7 myproxy-6.1.28-1.el7 globus-ftp-client-8.35-2.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-bcfa38e123 drupal7-7.56-1.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-1ee32a5ffa libtomcrypt-1.17-25.el7 libtommath-0.42.0-5.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-2b04537603 phpMyAdmin-4.4.15.10-2.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-2ba20eeb97 php-horde-Horde-Image-2.5.1-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-a8886eb42e cross-binutils-2.25.1-31.el7.1 cross-gcc-4.8.5-16.el7.1 The following builds have been pushed to Fedora EPEL 7 updates-testing cherrytree-0.38.1-1.el7 cross-binutils-2.25.1-31.el7.1 cross-gcc-4.8.5-16.el7.1 fedmsg-0.18.4-1.el7 grip-3.4.2-2.el7 nagios-4.3.2-5.el7 nodejs-6.11.0-1.el7 picard-1.3.2-7.el7 python-libdiscid-0.4.1-11.el7 python-mutagen-1.38-2.el7 python-tambo-0.4.0-1.el7 rpkg-1.49-5.el7 youtube-dl-2017.06.25-1.el7 Details about builds: ================================================================================ cherrytree-0.38.1-1.el7 (FEDORA-EPEL-2017-9ae320ed1c) Hierarchical note taking application -------------------------------------------------------------------------------- Update Information: update to latest version 0.38.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1460404 - cherrytree-0.38.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1460404 -------------------------------------------------------------------------------- ================================================================================ cross-binutils-2.25.1-31.el7.1 (FEDORA-EPEL-2017-a8886eb42e) A GNU collection of cross-compilation binary utilities -------------------------------------------------------------------------------- Update Information: Rebase cross-gcc and cross-binutils. -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 27 2017 Lubomir Rintel <lkundrak@v3.s> - 2.25.1-31.1 - Align with RHEL7 binutils -------------------------------------------------------------------------------- References: [ 1 ] Bug #1162664 - cross-binutils: binutils: directory traversal vulnerability [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162664 [ 2 ] Bug #1162629 - CVE-2014-8504 cross-binutils: binutils: stack overflow in the SREC parser [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162629 [ 3 ] Bug #1162618 - CVE-2014-8503 cross-binutils: binutils: stack overflow in objdump when parsing specially crafted ihex file [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162618 [ 4 ] Bug #1162605 - CVE-2014-8502 cross-binutils: binutils: heap overflow in objdump [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162605 [ 5 ] Bug #1162582 - CVE-2014-8501 cross-binutils: binutils: out-of-bounds write when parsing specially crafted PE executable [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162582 [ 6 ] Bug #1440669 - Rebase cross-gcc on EPEL with latest RHEL-7 gcc sources https://bugzilla.redhat.com/show_bug.cgi?id=1440669 -------------------------------------------------------------------------------- ================================================================================ cross-gcc-4.8.5-16.el7.1 (FEDORA-EPEL-2017-a8886eb42e) Cross C compiler -------------------------------------------------------------------------------- Update Information: Rebase cross-gcc and cross-binutils. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1162664 - cross-binutils: binutils: directory traversal vulnerability [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162664 [ 2 ] Bug #1162629 - CVE-2014-8504 cross-binutils: binutils: stack overflow in the SREC parser [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162629 [ 3 ] Bug #1162618 - CVE-2014-8503 cross-binutils: binutils: stack overflow in objdump when parsing specially crafted ihex file [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162618 [ 4 ] Bug #1162605 - CVE-2014-8502 cross-binutils: binutils: heap overflow in objdump [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162605 [ 5 ] Bug #1162582 - CVE-2014-8501 cross-binutils: binutils: out-of-bounds write when parsing specially crafted PE executable [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162582 [ 6 ] Bug #1440669 - Rebase cross-gcc on EPEL with latest RHEL-7 gcc sources https://bugzilla.redhat.com/show_bug.cgi?id=1440669 -------------------------------------------------------------------------------- ================================================================================ fedmsg-0.18.4-1.el7 (FEDORA-EPEL-2017-c5c246bcea) Tools for Fedora Infrastructure real-time messaging -------------------------------------------------------------------------------- Update Information: Update to latest upstream release (#1465692). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1465692 - fedmsg-0.18.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1465692 -------------------------------------------------------------------------------- ================================================================================ grip-3.4.2-2.el7 (FEDORA-EPEL-2017-23cbab3e02) Front-end for CD rippers and Ogg Vorbis encoders -------------------------------------------------------------------------------- Update Information: Updated to 3.4.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1455353 - Update grip to 3.4.1 https://bugzilla.redhat.com/show_bug.cgi?id=1455353 -------------------------------------------------------------------------------- ================================================================================ nagios-4.3.2-5.el7 (FEDORA-EPEL-2017-a6bf582624) Host/service/network monitoring program -------------------------------------------------------------------------------- Update Information: Added fix for selinux from Patrick Uiterwijk ---- Update to latest in git ---- Updated from 4.3.1 maint to 4.3.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1005974 - nagios-4.3.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1005974 [ 2 ] Bug #1084934 - Unable to reload nagios under systemd https://bugzilla.redhat.com/show_bug.cgi?id=1084934 [ 3 ] Bug #1201849 - Support an environment file in the systemd unit file https://bugzilla.redhat.com/show_bug.cgi?id=1201849 [ 4 ] Bug #1218320 - Install the Nagios checkresults directory with group-writable permissions https://bugzilla.redhat.com/show_bug.cgi?id=1218320 [ 5 ] Bug #1426816 - Nagios RPM 4.2.4 forgot to reload systemd in postinstall https://bugzilla.redhat.com/show_bug.cgi?id=1426816 [ 6 ] Bug #1428111 - Broken links in the View Trends and the View Histogram menu https://bugzilla.redhat.com/show_bug.cgi?id=1428111 -------------------------------------------------------------------------------- ================================================================================ nodejs-6.11.0-1.el7 (FEDORA-EPEL-2017-08a356e92b) JavaScript runtime -------------------------------------------------------------------------------- Update Information: Update to new version. -------------------------------------------------------------------------------- ================================================================================ picard-1.3.2-7.el7 (FEDORA-EPEL-2017-6ba86beae7) MusicBrainz-based audio tagger -------------------------------------------------------------------------------- Update Information: Package reintroduced into EPEL7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1440898 - Introduce picard to EPEL-7 https://bugzilla.redhat.com/show_bug.cgi?id=1440898 [ 2 ] Bug #1379033 - Picard doesn't start due to change in mutagen, throws BitPaddedInt import error https://bugzilla.redhat.com/show_bug.cgi?id=1379033 -------------------------------------------------------------------------------- ================================================================================ python-libdiscid-0.4.1-11.el7 (FEDORA-EPEL-2017-23126650f2) Python bindings for libdiscid -------------------------------------------------------------------------------- Update Information: Port to EPEL7 (and old Sphinx; RHBZ 1190344) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1190344 - python-mutagen conflicts with RHEL6/7 base https://bugzilla.redhat.com/show_bug.cgi?id=1190344 -------------------------------------------------------------------------------- ================================================================================ python-mutagen-1.38-2.el7 (FEDORA-EPEL-2017-23126650f2) Mutagen is a Python module to handle audio meta-data -------------------------------------------------------------------------------- Update Information: Port to EPEL7 (and old Sphinx; RHBZ 1190344) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1190344 - python-mutagen conflicts with RHEL6/7 base https://bugzilla.redhat.com/show_bug.cgi?id=1190344 -------------------------------------------------------------------------------- ================================================================================ python-tambo-0.4.0-1.el7 (FEDORA-EPEL-2017-76ab6036a0) A command line object dispatcher -------------------------------------------------------------------------------- Update Information: First EPEL 7 release -------------------------------------------------------------------------------- ================================================================================ rpkg-1.49-5.el7 (FEDORA-EPEL-2017-5e3229c7b2) Python library for interacting with rpm+git -------------------------------------------------------------------------------- Update Information: * remove dependency on `python-osbs` * add support for namespaces in `--module- name` argument -------------------------------------------------------------------------------- ================================================================================ youtube-dl-2017.06.25-1.el7 (FEDORA-EPEL-2017-a42a2c9c1f) A small command-line program to download online videos -------------------------------------------------------------------------------- Update Information: Upstream update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1458621 - youtube-dl-2017.06.25 is available https://bugzilla.redhat.com/show_bug.cgi?id=1458621 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx