The following Fedora EPEL 7 Security updates need testing: Age URL 1060 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 823 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 405 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7 302 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe mod_cluster-1.3.3-10.el7 134 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e27758bd23 libmspack-0.6-0.1.alpha.el7 71 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e64eeb6ece nagios-4.3.4-5.el7 35 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8d57a2487b monit-5.25.1-1.el7 21 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-73ee944e65 rootsh-1.5.3-17.el7 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-ce6223e559 GraphicsMagick-1.3.28-1.el7 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-9eb18da891 moodle-3.1.10-1.el7 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-c0d5d190b0 transmission-2.92-12.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-24ac4ff7df knot-resolver-1.5.3-1.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-dd0bc449d7 konversation-1.5.1-4.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-fb68becde7 w3m-0.5.3-36.git20180125.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing clamav-0.99.3-3.el7 composer-1.6.3-1.el7 fcitx-4.2.9.5-1.el7 fcitx-configtool-0.4.10-1.el7 fcitx-qt5-1.2.2-1.el7 libabigail-1.1-1.el7 php-composer-spdx-licenses-1.3.0-1.el7 proftpd-1.3.5e-4.el7 python-fedora-0.10.0-1.el7 tomcat-native-1.2.16-1.el7 Details about builds: ================================================================================ clamav-0.99.3-3.el7 (FEDORA-EPEL-2018-a19bc46b6c) End-user tools for the Clam Antivirus scanner -------------------------------------------------------------------------------- Update Information: - add systemctl daemon-reload (temporally) - Fix and organize systemd scriptlets, clamd@.service missed systemd_preun_macro and had a wrong systemd_postun_with_restart - Remove triggerin macros that aren't need it anymore - Fix scriplet - Organize startup scriptlets - Exclude one file listed twice -------------------------------------------------------------------------------- References: [ 1 ] Bug #1540100 - clamav-milter fails to restart after update https://bugzilla.redhat.com/show_bug.cgi?id=1540100 -------------------------------------------------------------------------------- ================================================================================ composer-1.6.3-1.el7 (FEDORA-EPEL-2018-9c09111eb9) Dependency Manager for PHP -------------------------------------------------------------------------------- Update Information: **composer/spdx-licenses 1.3.0**- 2018-01-31 * Added: `SpdxLicenses::getLicenses` to get the whole list of methods. * Changed: license identifiers are now case insensitive. ---- **composer 1.6.3** - 2018-01-31 * Fixed GitLab downloads failing in some edge cases * Fixed ctrl-C handling during create-project * Fixed GitHub VCS repositories not prompting for a token in some conditions * Fixed SPDX license identifiers being case sensitive * Fixed and clarified a few dependency resolution error reporting strings * Fixed SVN commit log fetching in verbose mode when using private repositories -------------------------------------------------------------------------------- ================================================================================ fcitx-4.2.9.5-1.el7 (FEDORA-EPEL-2018-b44163c20b) An input method framework -------------------------------------------------------------------------------- Update Information: Minor upstream update of Fcitx. Fcitx-configtool is included since it requires 4.2.9 version of Fcitx. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1473715 - fcitx-configtool requires a graphical configuration tool https://bugzilla.redhat.com/show_bug.cgi?id=1473715 -------------------------------------------------------------------------------- ================================================================================ fcitx-configtool-0.4.10-1.el7 (FEDORA-EPEL-2018-b44163c20b) Gtk+-based configuring tools for Fcitx -------------------------------------------------------------------------------- Update Information: Minor upstream update of Fcitx. Fcitx-configtool is included since it requires 4.2.9 version of Fcitx. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1473715 - fcitx-configtool requires a graphical configuration tool https://bugzilla.redhat.com/show_bug.cgi?id=1473715 -------------------------------------------------------------------------------- ================================================================================ fcitx-qt5-1.2.2-1.el7 (FEDORA-EPEL-2018-b44163c20b) Fcitx IM module for Qt5 -------------------------------------------------------------------------------- Update Information: Minor upstream update of Fcitx. Fcitx-configtool is included since it requires 4.2.9 version of Fcitx. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1473715 - fcitx-configtool requires a graphical configuration tool https://bugzilla.redhat.com/show_bug.cgi?id=1473715 -------------------------------------------------------------------------------- ================================================================================ libabigail-1.1-1.el7 (FEDORA-EPEL-2018-7ea892fb14) Set of ABI analysis tools -------------------------------------------------------------------------------- Update Information: Update to upstream 1.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1532670 - in compare_dies at: abg-dwarf-reader.cc:11423 https://bugzilla.redhat.com/show_bug.cgi?id=1532670 -------------------------------------------------------------------------------- ================================================================================ php-composer-spdx-licenses-1.3.0-1.el7 (FEDORA-EPEL-2018-9c09111eb9) SPDX licenses list and validation library -------------------------------------------------------------------------------- Update Information: **composer/spdx-licenses 1.3.0**- 2018-01-31 * Added: `SpdxLicenses::getLicenses` to get the whole list of methods. * Changed: license identifiers are now case insensitive. ---- **composer 1.6.3** - 2018-01-31 * Fixed GitLab downloads failing in some edge cases * Fixed ctrl-C handling during create-project * Fixed GitHub VCS repositories not prompting for a token in some conditions * Fixed SPDX license identifiers being case sensitive * Fixed and clarified a few dependency resolution error reporting strings * Fixed SVN commit log fetching in verbose mode when using private repositories -------------------------------------------------------------------------------- ================================================================================ proftpd-1.3.5e-4.el7 (FEDORA-EPEL-2018-cbd4882644) Flexible, stable and highly-configurable FTP server -------------------------------------------------------------------------------- Update Information: This update includes a backport of the `InsecureHostKeyPerms` `SFTPOption` from upstream version 1.3.6, which allows ProFTPD's `mod_sftp` to share group- readable host keys with `sshd`. To use this feature, add `SFTPOptions InsecureHostKeyPerms` to the ProFTPD configuration file before any `SFTPHostKey` lines. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1522998 - proftpd is overly strict about SFTPHostKey permisions https://bugzilla.redhat.com/show_bug.cgi?id=1522998 -------------------------------------------------------------------------------- ================================================================================ python-fedora-0.10.0-1.el7 (FEDORA-EPEL-2018-f0ad30b79f) Python modules for talking to Fedora Infrastructure Services -------------------------------------------------------------------------------- Update Information: Rebase to upstream 0.10.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1481210 - spec file points to URL: https://fedorahosted.org/python-fedora/ https://bugzilla.redhat.com/show_bug.cgi?id=1481210 [ 2 ] Bug #1540970 - python-fedora-0.10.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1540970 -------------------------------------------------------------------------------- ================================================================================ tomcat-native-1.2.16-1.el7 (FEDORA-EPEL-2018-18ea640f19) Tomcat native library -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-15698 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1540824 - CVE-2017-15698 tomcat-native: Mishandling of client certificates can allow for OCSP check bypass https://bugzilla.redhat.com/show_bug.cgi?id=1540824 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx