The following Fedora EPEL 7 Security updates need testing: Age URL 926 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 688 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 270 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7 168 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe mod_cluster-1.3.3-10.el7 166 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5f9a6163b4 tnef-1.4.14-1.el7 165 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7ecb12e378 python-XStatic-jquery-ui-1.12.0.1-1.el7 32 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-17b77b3268 botan-1.10.16-1.el7 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-2e4b6b7b5c lightdm-1.18.3-5.el7 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-59c79d3a8a google-api-python-client-1.6.3-1.el7 python-httplib2-0.9.2-0.1.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7bdf242c17 drupal7-views-3.18-1.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-10553ac5bd ReviewBoard-2.5.16-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-9f88067c22 mpg123-1.25.6-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e27758bd23 libmspack-0.6-0.1.alpha.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-2795d59fcc python3-numpy-1.10.4-5.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing PyDrive-1.3.1-3.el7 batctl-2017.2-1.el7 distribution-gpg-keys-1.15-1.el7 flrig-1.3.34-1.el7 flxmlrpc-0.1.4-7.el7 lcgdm-dav-0.19.0-1.el7 libmspack-0.6-0.1.alpha.el7 nordugrid-arc-5.4.0-1.el7 nordugrid-arc-doc-2.0.17-1.el7 nordugrid-arc-nagios-plugins-1.9.1-1.el7 pgpdump-0.32-1.el7 php-horde-Horde-Crypt-2.7.10-1.el7 php-horde-Horde-Editor-2.0.5-1.el7 php-horde-horde-5.2.17-1.el7 php-horde-kronolith-4.2.23-1.el7 php-horde-mnemo-4.2.14-1.el7 py4j-0.10.6-1.el7 python3-numpy-1.10.4-5.el7 rakudo-Readline-0.0.2-0.1.20170918gita9f6dc4.el7 xrdp-0.9.3-2.el7 Details about builds: ================================================================================ PyDrive-1.3.1-3.el7 (FEDORA-EPEL-2017-a9e2fb2654) A wrapper library of google-api-python-client for Google Drive API tasks -------------------------------------------------------------------------------- Update Information: Fix BR for python2/python3 prefix. -------------------------------------------------------------------------------- ================================================================================ batctl-2017.2-1.el7 (FEDORA-EPEL-2017-293706db16) B.A.T.M.A.N. advanced control and management tool -------------------------------------------------------------------------------- Update Information: Fix error messages on traceroute send failures -------------------------------------------------------------------------------- ================================================================================ distribution-gpg-keys-1.15-1.el7 (FEDORA-EPEL-2017-4bc1da56ef) GPG keys of various Linux distributions -------------------------------------------------------------------------------- Update Information: - update Copr keys - add new remi key -------------------------------------------------------------------------------- ================================================================================ flrig-1.3.34-1.el7 (FEDORA-EPEL-2017-3c362844bd) Transceiver control program -------------------------------------------------------------------------------- Update Information: Version 1.3.34 * Maintenance release doc update * update help document Save/Restore * Allow user to selectively read, save and restore transceiver operating characteristics. - expansion of previous save/restore for freq mode and bandwidth * Separated Initialization of main, separate PTT and Aux serial ports flrig shell * added Perl script for controlling flrig using the xmlrpc interface. FT1000 update * backend code update IC7300 NR scale * Changed NR scale iaw AE5ZA tests IC7200/7300 compile warning * Correct compile warning in both backends IC7100 * correct flrig always reported the mode as USB-D regardless of the radio's actual mode. * correct flrig would not set the radio to USB-D if it had previous set the radio to a different mode. * correct flrig would not set the attenuator. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1489209 - flrig-1.3.34 is available https://bugzilla.redhat.com/show_bug.cgi?id=1489209 -------------------------------------------------------------------------------- ================================================================================ flxmlrpc-0.1.4-7.el7 (FEDORA-EPEL-2017-3c362844bd) An xmlrpc library for the NBEMS suite of programs -------------------------------------------------------------------------------- Update Information: Version 1.3.34 * Maintenance release doc update * update help document Save/Restore * Allow user to selectively read, save and restore transceiver operating characteristics. - expansion of previous save/restore for freq mode and bandwidth * Separated Initialization of main, separate PTT and Aux serial ports flrig shell * added Perl script for controlling flrig using the xmlrpc interface. FT1000 update * backend code update IC7300 NR scale * Changed NR scale iaw AE5ZA tests IC7200/7300 compile warning * Correct compile warning in both backends IC7100 * correct flrig always reported the mode as USB-D regardless of the radio's actual mode. * correct flrig would not set the radio to USB-D if it had previous set the radio to a different mode. * correct flrig would not set the attenuator. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1489209 - flrig-1.3.34 is available https://bugzilla.redhat.com/show_bug.cgi?id=1489209 -------------------------------------------------------------------------------- ================================================================================ lcgdm-dav-0.19.0-1.el7 (FEDORA-EPEL-2017-73c4afedf1) HTTP/DAV front end to the DPM/LFC services -------------------------------------------------------------------------------- Update Information: New upstream release 0.19.0 -------------------------------------------------------------------------------- ================================================================================ libmspack-0.6-0.1.alpha.el7 (FEDORA-EPEL-2017-e27758bd23) Library for CAB and related files compression and decompression -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-6419 and CVE-2017-11423 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1483909 - CVE-2017-6419 libmspack, clamav: heap-based buffer overflow in mspack/lzxd.c https://bugzilla.redhat.com/show_bug.cgi?id=1483909 [ 2 ] Bug #1472776 - CVE-2017-11423 libmspack, clamav: Stack-based buffer over-read in cabd_read_string function https://bugzilla.redhat.com/show_bug.cgi?id=1472776 -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-5.4.0-1.el7 (FEDORA-EPEL-2017-2e06b77774) Advanced Resource Connector Grid Middleware -------------------------------------------------------------------------------- Update Information: http://www.nordugrid.org/arc/releases/15.03u16/release_notes_15.03u16.html -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-doc-2.0.17-1.el7 (FEDORA-EPEL-2017-2e06b77774) Advanced Resource Connector Documentation -------------------------------------------------------------------------------- Update Information: http://www.nordugrid.org/arc/releases/15.03u16/release_notes_15.03u16.html -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-nagios-plugins-1.9.1-1.el7 (FEDORA-EPEL-2017-2e06b77774) Nagios plugins for ARC -------------------------------------------------------------------------------- Update Information: http://www.nordugrid.org/arc/releases/15.03u16/release_notes_15.03u16.html -------------------------------------------------------------------------------- ================================================================================ pgpdump-0.32-1.el7 (FEDORA-EPEL-2017-c871534332) PGP packet visualizer -------------------------------------------------------------------------------- Update Information: Update to 0.32 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1457283 - pgpdump-0.32 is available https://bugzilla.redhat.com/show_bug.cgi?id=1457283 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Crypt-2.7.10-1.el7 (FEDORA-EPEL-2017-e36f007ba6) Horde Cryptography API -------------------------------------------------------------------------------- Update Information: **Horde_Crypt 2.7.10** * [jan] Correctly determine expiration dates of short living PGP keys. -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Editor-2.0.5-1.el7 (FEDORA-EPEL-2017-d60eaf88c6) Horde Editor API -------------------------------------------------------------------------------- Update Information: **Horde_Editor 2.0.5** * [jan] Mark PHP 7 as supported. -------------------------------------------------------------------------------- ================================================================================ php-horde-horde-5.2.17-1.el7 (FEDORA-EPEL-2017-88b806887b) Horde Application Framework -------------------------------------------------------------------------------- Update Information: **horde 5.2.17** * [jan] Fix returning to last URL after using the login link. * [jan] Officially support PHP 7. -------------------------------------------------------------------------------- ================================================================================ php-horde-kronolith-4.2.23-1.el7 (FEDORA-EPEL-2017-c08ce634ac) A web based calendar -------------------------------------------------------------------------------- Update Information: **kronolith 4.2.23** * [jan] Officially support PHP 7. * [jan] Fix time offsets when importing CSV data with two-digit years. * [jan] Fix updating and deleting events from external CalDAV servers (martin1 AT k0k.net, Bug #14021). * [jan] Fix exporting multiple tags to iCalendar CATEGORIES (Bug #14057). -------------------------------------------------------------------------------- ================================================================================ php-horde-mnemo-4.2.14-1.el7 (FEDORA-EPEL-2017-de329c854a) A web based notes manager -------------------------------------------------------------------------------- Update Information: **mnemo 4.2.14** * [jan] Officially support PHP 7. * [jan] Fix exporting multiple tags to vNote CATEGORIES (Bug #14057). -------------------------------------------------------------------------------- ================================================================================ py4j-0.10.6-1.el7 (FEDORA-EPEL-2017-7259d27af5) Dynamically access in Python programs to arbitrary Java objects -------------------------------------------------------------------------------- Update Information: bump to 0.10.6 https://blog.py4j.org/2017/07/05/py4j-0-10-6-released/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #1467882 - py4j-0.10.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1467882 -------------------------------------------------------------------------------- ================================================================================ python3-numpy-1.10.4-5.el7 (FEDORA-EPEL-2017-2795d59fcc) A fast multidimensional array facility for Python 3 -------------------------------------------------------------------------------- Update Information: Add a patch for the security vulnerability (rhbz#1483689) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1483689 - CVE-2017-12852 python3-numpy: numpy: Missing input validation on empty list or ndarray in numpy.pad function [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483689 -------------------------------------------------------------------------------- ================================================================================ rakudo-Readline-0.0.2-0.1.20170918gita9f6dc4.el7 (FEDORA-EPEL-2017-0fc5f2289e) Simple Perl 6 binding to GNU libreadline -------------------------------------------------------------------------------- Update Information: initial build for el7 -------------------------------------------------------------------------------- ================================================================================ xrdp-0.9.3-2.el7 (FEDORA-EPEL-2017-7e69be6ea6) Open source remote desktop protocol (RDP) server -------------------------------------------------------------------------------- Update Information: Attempt to fix bug #1492822. Add patch to clean leftover sockets. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1492822 - xrdp cannot reuse display numbers because of leftover sockets https://bugzilla.redhat.com/show_bug.cgi?id=1492822 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
