The following Fedora EPEL 7 Security updates need testing: Age URL 1039 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 801 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 384 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7 281 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe mod_cluster-1.3.3-10.el7 113 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e27758bd23 libmspack-0.6-0.1.alpha.el7 50 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e64eeb6ece nagios-4.3.4-5.el7 39 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d704442ae7 qpid-cpp-1.37.0-1.el7 14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8d57a2487b monit-5.25.1-1.el7 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-753e392fc4 xrdp-0.9.5-1.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-2e2d08b1ff awstats-7.6-4.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-49ca8440a1 gifsicle-1.90-1.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-28611aa33f python-bottle-0.12.13-1.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-885bb5ec89 poco-1.6.1-3.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-73ee944e65 rootsh-1.5.3-17.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing abrt-server-info-page-1.4-1.el7 cargo-0.24.0-1.el7 getdns-1.3.0-3.el7 ipmiutil-3.0.8-1.el7 odcs-0.1.6-1.el7 php-cs-fixer-2.2.14-1.el7 python3-gssapi-1.3.0-1.el7 recap-1.3.0-1.el7 rho-0.0.31-2.el7 rootsh-1.5.3-17.el7 rust-1.23.0-1.el7 Details about builds: ================================================================================ abrt-server-info-page-1.4-1.el7 (FEDORA-EPEL-2018-f3f386ffa5) Web page with summary of ABRT services -------------------------------------------------------------------------------- Update Information: swap two links -------------------------------------------------------------------------------- ================================================================================ cargo-0.24.0-1.el7 (FEDORA-EPEL-2018-3ed72a3992) Rust's package manager and build tool -------------------------------------------------------------------------------- Update Information: New versions of Rust and Cargo -- see the release notes for [1.23](https://blog .rust-lang.org/2018/01/04/Rust-1.23.html). -------------------------------------------------------------------------------- ================================================================================ getdns-1.3.0-3.el7 (FEDORA-EPEL-2018-93ca04b52b) Modern asynchronous API to the DNS -------------------------------------------------------------------------------- Update Information: Minor fixup for previous patch, Provides: stubby ---- Updated to 1.3.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1462043 - getdns-1.3.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1462043 -------------------------------------------------------------------------------- ================================================================================ ipmiutil-3.0.8-1.el7 (FEDORA-EPEL-2018-41c6724098) Easy-to-use IPMI server management utilities -------------------------------------------------------------------------------- Update Information: update from upstream 3.0.8, RHBZ#1423055 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1423055 - ipmiutil-3.0.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1423055 [ 2 ] Bug #1531830 - Typo in %post scriptlet https://bugzilla.redhat.com/show_bug.cgi?id=1531830 -------------------------------------------------------------------------------- ================================================================================ odcs-0.1.6-1.el7 (FEDORA-EPEL-2018-6f754fd3ab) The On Demand Compose Service -------------------------------------------------------------------------------- Update Information: New version 0.1.6. -------------------------------------------------------------------------------- ================================================================================ php-cs-fixer-2.2.14-1.el7 (FEDORA-EPEL-2018-bd66bfee39) A tool to automatically fix PHP code style -------------------------------------------------------------------------------- Update Information: **Changelog for v2.2.14** * bug #3298 DiffConsoleFormatter - fix output escaping. (SpacePossum) * bug #3337 BracesFixer: nowdoc bug on template files (Slamdunk) * bug #3349 Fix stdin handling and add tests for it (keradus) * bug #3359 BracesFixer - handle comment for content outside of given block (keradus) * bug #3415 FileFilterIterator - input checks and utests (SpacePossum, keradus) * bug #3429 Fix archive analysing (keradus) * minor #3137 PHPUnit - use common base class (keradus) * minor #3342 PhpUnitDedicateAssertFixer - Remove unexistent method is_boolean (carusogabriel) * minor #3345 StdinFileInfo - fix `__toString` (keradus) * minor #3346 StdinFileInfo - drop getContents (keradus) * minor #3347 DX: reapply newest CS (keradus) * minor #3365 COOKBOOK-FIXERS.md - update to provide definition instead of description (keradus) * minor #3370 AbstractFixer - FQCN in in exceptions (Slamdunk) * minor #3372 ProjectCodeTest - fix comment (keradus) * minor #3402 Always provide delimiter to `preg_quote` calls (ntzm) * minor #3403 Remove unused import (ntzm) * minor #3405 Fix `fopen` mode (ntzm) * minor #3408 Improving fixers descriptions (kubawerlos) * minor #3409 move itests from misc to priority (keradus) * minor #3411 Better type hinting for AbstractFixerTestCase::$fixer (kubawerlos) * minor #3412 Convert `strtolower` inside `strpos` to just `stripos` (ntzm) * minor #3425 FixerFactoryTest - test that priority pair fixers have itest (keradus, SpacePossum) * minor #3427 ConfigurationResolver: fix @return annotation (Slamdunk) -------------------------------------------------------------------------------- ================================================================================ python3-gssapi-1.3.0-1.el7 (FEDORA-EPEL-2018-9809cff157) Python 3 Bindings for GSSAPI (RFC 2743/2744 and extensions) -------------------------------------------------------------------------------- Update Information: New python3 version of python2-gssapi. Please note that its version tracks Fedora, not RHEL. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1531288 - Review Request: python3-gssapi - Python 3 Bindings for GSSAPI (RFC 2743/2744 and extensions) https://bugzilla.redhat.com/show_bug.cgi?id=1531288 [ 2 ] Bug #1529318 - EPEL package for python 34 https://bugzilla.redhat.com/show_bug.cgi?id=1529318 -------------------------------------------------------------------------------- ================================================================================ recap-1.3.0-1.el7 (FEDORA-EPEL-2018-a63a866d9f) Generates reports of various system information -------------------------------------------------------------------------------- Update Information: - Latest upstream - Move config file from /etc/recap to /etc/recap.conf -------------------------------------------------------------------------------- References: [ 1 ] Bug #1525746 - recap-1.3.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1525746 -------------------------------------------------------------------------------- ================================================================================ rho-0.0.31-2.el7 (FEDORA-EPEL-2018-143e2c2237) An SSH system profiler -------------------------------------------------------------------------------- Update Information: # Testing Rho To set up Rho, you create profiles that control how to run each scan. - Authentication profiles contain user credentials for a user with sufficient authority to complete the scan (for example, a root user or one with root-level access obtained through -sudo privilege escalation). - Network profiles contain network identifiers (for example, a hostname, IP address, or range of IP addresses) and the authentication profiles to be used for a scan. Complete the following steps, repeating them as necessary to access all parts of your environment that you want to scan: 1. Create at least one authentication profile with root-level access to Rho: ``` rho auth add --name auth_name --username root_name(--sshkeyfile key_file | --password) ``` a. At the Rho vault password prompt, create a new Rho vault password. This password is required to access the encrypted Rho data, such as authentication and network profiles, scan data, and other information. b. If you did not use the sshkeyfile option to provide an SSH key for the username value, enter the password of the user with root-level access at the connection password prompt. For example, for an authentication profile where the authentication profile name is roothost1, the user with root-level access is root, and the SSH key for the user is in the path ~/.ssh/id_rsa, you would enter the following command: ``` rho auth add --name roothost1 --username root --sshkeyfile ~/.ssh/id_rsa ``` You can also use the sudo-password option to create an authentication profile for a user with root-level access who requires a password to obtain this privilege. You can use the sudo-password option with either the sshkeyfile or the password option. For example, for an authentication profile where the authentication profile name is sudouser1, the user with root-level access is sysadmin, and the access is obtained through the password option, you would enter the following command: ``` rho auth add --name sudouser1 --username sysadmin --password --sudo-password ``` After you enter this command, you are prompted to enter two passwords. First, you would enter the connection password for the username user, and then you would enter the password for the sudo command. 2. Create at least one network profile that specifies one or more network identifiers, such as a host name, an IP address, a list of IP addresses, or an IP range, and one or more authentication profiles to be used for the scan: ``` rho profile add --name profile_name --hosts host_name_or_file --auth auth_name ``` For example, for a network profile where the name of the network profile is mynetwork, the network to be scanned is the 192.0.2.0/24 subnet, and the authentication profiles that are used to run the scan are roothost1 and roothost2, you would enter the following command: ``` rho profile add --name mynetwork --hosts 192.0.2.[1:254] --auth roothost1 roothost2 ``` You can also use a file to pass in the network identifiers. If you use a file to enter multiple network identifiers, such as multiple individual IP addresses, enter each on a single line. For example, for a network profile where the path to this file is /home/user1/hosts_file, you would enter the following command: ``` rho profile add --name mynetwork --hosts /home/user1/hosts_file --auth roothost1 roothost2 ``` # Running a scan Run the scan by using the scan command, specifying a network profile for the profile option and a location to store the output as a file in the comma-separated variables (CSV) format for the reportfile option: ``` rho scan --profile profile_name --reportfile filename.csv ``` For example, if you want to use the network profile mynetwork and save the report as mynetwork_scan1.csv, you would enter the following command: ``` rho scan --profile mynetwork --reportfile mynetwork_scan1.csv ``` -------------------------------------------------------------------------------- ================================================================================ rootsh-1.5.3-17.el7 (FEDORA-EPEL-2018-73ee944e65) Shell wrapper for auditing -------------------------------------------------------------------------------- Update Information: Fix permissions on rootsh log directory to limit it to root. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1526255 - rootsh log directory is world readable https://bugzilla.redhat.com/show_bug.cgi?id=1526255 -------------------------------------------------------------------------------- ================================================================================ rust-1.23.0-1.el7 (FEDORA-EPEL-2018-3ed72a3992) The Rust Programming Language -------------------------------------------------------------------------------- Update Information: New versions of Rust and Cargo -- see the release notes for [1.23](https://blog .rust-lang.org/2018/01/04/Rust-1.23.html). -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
