The following Fedora EPEL 7 Security updates need testing: Age URL 867 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 629 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 211 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7 109 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe mod_cluster-1.3.3-10.el7 107 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5f9a6163b4 tnef-1.4.14-1.el7 106 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7ecb12e378 python-XStatic-jquery-ui-1.12.0.1-1.el7 41 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4aae1e22f1 lxc-1.0.10-2.el7 21 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-ffb0e00f3b mosquitto-1.4.13-1.el7 15 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-52b6bc17c1 globus-ftp-client-8.36-1.el7 globus-gass-cache-program-6.7-1.el7 globus-gass-copy-9.27-1.el7 globus-gram-client-13.18-1.el7 globus-gram-job-manager-14.36-1.el7 globus-gram-job-manager-condor-2.6-5.el7 globus-gridftp-server-12.2-1.el7 globus-gssapi-gsi-12.17-1.el7 globus-io-11.9-1.el7 globus-net-manager-0.17-1.el7 globus-xio-5.16-1.el7 globus-xio-gsi-driver-3.11-1.el7 globus-xio-pipe-driver-3.10-1.el7 globus-xio-udt-driver-1.28-1.el7 myproxy-6.1.28-1.el7 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-47be021843 heimdal-7.4.0-1.el7 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-a8886eb42e cross-binutils-2.27-9.el7.1 cross-gcc-4.8.5-16.el7.1 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-93f422baa0 nodejs-6.11.1-1.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-491dd51db6 phpldapadmin-1.2.3-10.el7 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-64c36b5282 rubygem-rack-cors-0.4.1-1.el7 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-0e0fd785bc yara-3.6.3-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-c39b9065fa GraphicsMagick-1.3.26-3.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-c4e53cc90d chicken-4.12.0-3.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-1024674dfb moodle-3.1.7-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing GraphicsMagick-1.3.26-3.el7 NetworkManager-l2tp-1.2.8-1.el7 cacti-1.1.13-1.el7 cargo-0.20.0-1.el7 chicken-4.12.0-3.el7 cscppc-1.3.3-1.el7 csmock-2.0.4-1.el7 cswrap-1.3.4-2.el7 execstack-0.5.0-11.el7 gdb-exploitable-1.32-1.20170717git35b742d.el7 gsmartcontrol-1.0.2-1.el7 hdf-4.2.13-1.el7 mediaconch-17.06-3.el7 moodle-3.1.7-1.el7 nagios-4.3.2-6.el7 nagios-plugins-2.2.1-4git.el7 qotd-0.11.3-2.el7 rust-1.19.0-1.el7 vulkan-1.0.54.0-2.el7 Details about builds: ================================================================================ GraphicsMagick-1.3.26-3.el7 (FEDORA-EPEL-2017-c39b9065fa) An ImageMagick fork, offering faster image generation and better quality -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-11403 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1472214 - CVE-2017-11403 GraphicsMagick: Use-after-free in CloseBlob https://bugzilla.redhat.com/show_bug.cgi?id=1472214 -------------------------------------------------------------------------------- ================================================================================ NetworkManager-l2tp-1.2.8-1.el7 (FEDORA-EPEL-2017-9d75c976e1) NetworkManager VPN plugin for L2TP and L2TP/IPsec -------------------------------------------------------------------------------- Update Information: Updated to 1.2.8 release -------------------------------------------------------------------------------- ================================================================================ cacti-1.1.13-1.el7 (FEDORA-EPEL-2017-7eb3e93901) An rrd based graphing tool -------------------------------------------------------------------------------- Update Information: - Update to 1.1.13 Release notes: https://www.cacti.net/release_notes.php?version=1.1.13 -------------------------------------------------------------------------------- ================================================================================ cargo-0.20.0-1.el7 (FEDORA-EPEL-2017-5027ee3180) Rust's package manager and build tool -------------------------------------------------------------------------------- Update Information: New versions of Rust and Cargo -- see the release notes for [1.19](https://blog .rust-lang.org/2017/07/20/Rust-1.19.html). -------------------------------------------------------------------------------- ================================================================================ chicken-4.12.0-3.el7 (FEDORA-EPEL-2017-c4e53cc90d) A practical and portable Scheme system -------------------------------------------------------------------------------- Update Information: Fix for CVE-2017-11343 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1471816 - CVE-2017-11343 chicken: Predictable symbol table due to using default libc seed in PRNG https://bugzilla.redhat.com/show_bug.cgi?id=1471816 -------------------------------------------------------------------------------- ================================================================================ cscppc-1.3.3-1.el7 (FEDORA-EPEL-2017-01d4d2abef) A compiler wrapper that runs cppcheck in background -------------------------------------------------------------------------------- Update Information: - update to latest upstream bugfix release -------------------------------------------------------------------------------- ================================================================================ csmock-2.0.4-1.el7 (FEDORA-EPEL-2017-01d4d2abef) A mock wrapper for Static Analysis tools -------------------------------------------------------------------------------- Update Information: - update to latest upstream bugfix release -------------------------------------------------------------------------------- ================================================================================ cswrap-1.3.4-2.el7 (FEDORA-EPEL-2017-01d4d2abef) Generic compiler wrapper -------------------------------------------------------------------------------- Update Information: - update to latest upstream bugfix release -------------------------------------------------------------------------------- ================================================================================ execstack-0.5.0-11.el7 (FEDORA-EPEL-2017-cb6ae5d6d4) Utility to set/clear/query executable stack bit -------------------------------------------------------------------------------- Update Information: Initial import from fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1472817 - execstack not available on EPEL7 for aarch64 and ppc64le https://bugzilla.redhat.com/show_bug.cgi?id=1472817 -------------------------------------------------------------------------------- ================================================================================ gdb-exploitable-1.32-1.20170717git35b742d.el7 (FEDORA-EPEL-2017-c3c6c321cd) GDB extension for exploitability -------------------------------------------------------------------------------- Update Information: This is the initial packaging release for gdb-explotable. -------------------------------------------------------------------------------- ================================================================================ gsmartcontrol-1.0.2-1.el7 (FEDORA-EPEL-2017-6b5ca33647) Graphical user interface for smartctl -------------------------------------------------------------------------------- Update Information: Update to 1.0.2. -------------------------------------------------------------------------------- ================================================================================ hdf-4.2.13-1.el7 (FEDORA-EPEL-2017-5fecf1db92) A general purpose library and file format for storing scientific data -------------------------------------------------------------------------------- Update Information: Update to 4.2.13 -------------------------------------------------------------------------------- ================================================================================ mediaconch-17.06-3.el7 (FEDORA-EPEL-2017-4ccde3210e) Most relevant technical and tag data for video and audio files (CLI) -------------------------------------------------------------------------------- Update Information: Fist release of mediaconch in Fedora repo. -------------------------------------------------------------------------------- ================================================================================ moodle-3.1.7-1.el7 (FEDORA-EPEL-2017-1024674dfb) A Course Management System -------------------------------------------------------------------------------- Update Information: Fix for multiple CVEs -------------------------------------------------------------------------------- References: [ 1 ] Bug #1472243 - CVE-2017-2642 CVE-2017-7532 moodle: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1472243 -------------------------------------------------------------------------------- ================================================================================ nagios-4.3.2-6.el7 (FEDORA-EPEL-2017-6a923c6fbd) Host/service/network monitoring program -------------------------------------------------------------------------------- Update Information: Fix nagios selinux entries -------------------------------------------------------------------------------- ================================================================================ nagios-plugins-2.2.1-4git.el7 (FEDORA-EPEL-2017-87ebfdc686) Host/service/network monitoring program plugins for Nagios -------------------------------------------------------------------------------- Update Information: Add explicit file require. Fix BZ# 1470823 ---- Updated patches to fix check_http problems ---- Update to git for 20170703 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1052740 - SELinux is preventing check_log via NRPE from read and open var_log_t files https://bugzilla.redhat.com/show_bug.cgi?id=1052740 [ 2 ] Bug #1204683 - check_ide_smart cannot be started by nrpe https://bugzilla.redhat.com/show_bug.cgi?id=1204683 [ 3 ] Bug #1210380 - SELinux prevents check_mailq from executing postfix when run via NRPE https://bugzilla.redhat.com/show_bug.cgi?id=1210380 [ 4 ] Bug #1256848 - nagios-plugins-log has incorrect paths to egrep/tail (EL6) https://bugzilla.redhat.com/show_bug.cgi?id=1256848 [ 5 ] Bug #1423008 - nagios-plugins-2.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1423008 [ 6 ] Bug #1427925 - check_http 2.2.0-4 fails if Transfer-Encoding ends the header https://bugzilla.redhat.com/show_bug.cgi?id=1427925 [ 7 ] Bug #1463674 - check_http segfaults once Location header terminates with additional 0x0a and is last header line https://bugzilla.redhat.com/show_bug.cgi?id=1463674 [ 8 ] Bug #1465784 - nagios http plugin is old and buggy https://bugzilla.redhat.com/show_bug.cgi?id=1465784 -------------------------------------------------------------------------------- ================================================================================ qotd-0.11.3-2.el7 (FEDORA-EPEL-2017-4084c13468) A simple and lightweight Quote of the Day daemon -------------------------------------------------------------------------------- Update Information: Add missing systemd scriplets, this was missed in review. ---- A simple and lightweight Quote of the Day daemon -------------------------------------------------------------------------------- References: [ 1 ] Bug #1462472 - Review Request: qotd - A simple and lightweight Quote of the Day daemon https://bugzilla.redhat.com/show_bug.cgi?id=1462472 -------------------------------------------------------------------------------- ================================================================================ rust-1.19.0-1.el7 (FEDORA-EPEL-2017-5027ee3180) The Rust Programming Language -------------------------------------------------------------------------------- Update Information: New versions of Rust and Cargo -- see the release notes for [1.19](https://blog .rust-lang.org/2017/07/20/Rust-1.19.html). -------------------------------------------------------------------------------- ================================================================================ vulkan-1.0.54.0-2.el7 (FEDORA-EPEL-2017-901ea5ebd1) Vulkan loader and validation layers -------------------------------------------------------------------------------- Update Information: - Update to 1.0.54.0 release - Use build requires cmake3 for epel build - Build layers for epel - Cleanup cmake commands -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
