The following Fedora EPEL 7 Security updates need testing: Age URL 861 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 623 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 205 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7 103 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe mod_cluster-1.3.3-10.el7 101 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5f9a6163b4 tnef-1.4.14-1.el7 100 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7ecb12e378 python-XStatic-jquery-ui-1.12.0.1-1.el7 35 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4aae1e22f1 lxc-1.0.10-2.el7 14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-ffb0e00f3b mosquitto-1.4.13-1.el7 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7678ea423a jabberd-2.6.1-1.el7 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-86125e7897 GraphicsMagick-1.3.26-1.el7 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-52b6bc17c1 globus-ftp-client-8.36-1.el7 globus-gass-cache-program-6.7-1.el7 globus-gass-copy-9.27-1.el7 globus-gram-client-13.18-1.el7 globus-gram-job-manager-14.36-1.el7 globus-gram-job-manager-condor-2.6-5.el7 globus-gridftp-server-12.2-1.el7 globus-gssapi-gsi-12.17-1.el7 globus-io-11.9-1.el7 globus-net-manager-0.17-1.el7 globus-xio-5.16-1.el7 globus-xio-gsi-driver-3.11-1.el7 globus-xio-pipe-driver-3.10-1.el7 globus-xio-udt-driver-1.28-1.el7 myproxy-6.1.28-1.el7 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d13b9e8413 cacti-1.1.12-2.el7 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-47be021843 heimdal-7.4.0-1.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-a8886eb42e cross-binutils-2.27-9.el7.1 cross-gcc-4.8.5-16.el7.1 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-93f422baa0 nodejs-6.11.1-1.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-491dd51db6 phpldapadmin-1.2.3-10.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-64c36b5282 rubygem-rack-cors-0.4.1-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-0e0fd785bc yara-3.6.3-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing git-extras-4.4.0-1.el7 rubygem-rack-cors-0.4.1-1.el7 yara-3.6.3-1.el7 zstd-1.3.0-1.el7 Details about builds: ================================================================================ git-extras-4.4.0-1.el7 (FEDORA-EPEL-2017-7adf128772) Little git extras -------------------------------------------------------------------------------- Update Information: git-extras-4.4.0 is available -------------------------------------------------------------------------------- References: [ 1 ] Bug #1471372 - git-extras-4.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1471372 -------------------------------------------------------------------------------- ================================================================================ rubygem-rack-cors-0.4.1-1.el7 (FEDORA-EPEL-2017-64c36b5282) Middleware for enabling Cross-Origin Resource Sharing in Rack apps -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-11173, new upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1470688 - CVE-2017-11173 rubygem-rack-cors: Missing anchor in generated regex in rack/cors.rb#L256 may permit forged malicious requests [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470688 -------------------------------------------------------------------------------- ================================================================================ yara-3.6.3-1.el7 (FEDORA-EPEL-2017-0e0fd785bc) Pattern matching Swiss knife for malware researchers -------------------------------------------------------------------------------- Update Information: bump to 3.6.3 release - bugfix CVE-2017-11328 ---- Security fix for CVE-2017-9304, CVE-2017-9465 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1459490 - CVE-2017-9465 yara: Buffer over-read in yr_arena_write_data function https://bugzilla.redhat.com/show_bug.cgi?id=1459490 -------------------------------------------------------------------------------- ================================================================================ zstd-1.3.0-1.el7 (FEDORA-EPEL-2017-e8af27910d) Zstd compression library -------------------------------------------------------------------------------- Update Information: Latest upstream -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx