The following Fedora EPEL 7 Security updates need testing: Age URL 38 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-2c81054303 remctl-3.14-1.el7 14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-5ae7f0e7c7 python-pygit2-0.26.4-1.el7 libgit2-0.26.3-1.el7 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-ce811a54c9 roundcubemail-1.1.12-2.el7 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-1ec98a14c5 seamonkey-2.49.3-1.el7 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-1698223c96 mysql-mmm-2.2.1-15.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing cabal-rpm-0.12.3-1.el7 gnome-shell-extension-freon-34-1.el7 nodejs-deep-extend-0.5.1-1.el7 Details about builds: ================================================================================ cabal-rpm-0.12.3-1.el7 (FEDORA-EPEL-2018-3756e5609c) RPM packaging tool for Haskell Cabal-based packages -------------------------------------------------------------------------------- Update Information: Update from 0.9.10: - run cabal update before cabal commands - add cabal-rpm version header line to spec files - new option --missing: comments out missing dependencies - put license files in lib subpackage - no longer append %_isa to C BuildRequires - no longer leave leftover tmpdirs - devel packages now provide doc subpackage for forward compatibility - new --hackage option to get package version from Hackage not Stackage - fix handling of no exposed modules - various other packaging fixes -------------------------------------------------------------------------------- ChangeLog: * Tue May 15 2018 Jens Petersen <petersen@xxxxxxxxxx> - 0.12.3-1 - build: remove erroneous tarball check - refresh: use cblrpm for old cabal-rpm * Thu Mar 29 2018 Jens Petersen <petersen@xxxxxxxxxx> - 0.12.2-1 - diff: now supports CBLRPM_DIFF envvar to override "diff -u" - build: attempt when missing rpms deps not available * Wed Feb 21 2018 Jens Petersen <petersen@xxxxxxxxxx> - 0.12.1-4 - fix build on epel7 ghc * Wed Feb 21 2018 Jens Petersen <petersen@xxxxxxxxxx> - 0.12.1-3 - add bcond for https * Wed Feb 21 2018 Jens Petersen <petersen@xxxxxxxxxx> - 0.12.1-2 - escape macro in previous changelog * Tue Feb 20 2018 Jens Petersen <petersen@xxxxxxxxxxxxxxxxx> - 0.12.1-1 - new option --missing: comments out missing dependencies - put license files in lib subpackage - no longer append %_isa to C BuildRequires (#54) - no longer leave leftover tmpdirs (#26) - change 'cblrpm' to 'cabal-rpm' in documentation * Fri Feb 9 2018 Igor Gnatenko <ignatenkobrain@xxxxxxxxxxxxxxxxx> - 0.12-4 - Escape macros in %changelog * Wed Feb 7 2018 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.12-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Fri Jan 26 2018 Jens Petersen <petersen@xxxxxxxxxx> - 0.12-2 - rebuild * Fri Nov 17 2017 Jens Petersen <petersen@xxxxxxxxxx> - 0.12-1 - query stackage.org directly via https - run cabal update before cabal commands - devel packages now provide doc subpackage for forward compatibility - new --hackage option to get package version from Hackage not Stackage - do not add .cabal files containing "doc" to docs - silence mock rpmbuild -bs warnings about undefined %ghc_version * Mon Jul 31 2017 Jens Petersen <petersen@xxxxxxxxxx> - 0.11.2-1 - fix cblrpm update --subpackage - fix rpm installation when no sudo - fix handling of no exposed modules - fix license handling for selfdep binlib * Mon Mar 13 2017 Jens Petersen <petersen@xxxxxxxxxx> - 0.11.1-1 - update to 0.11.1 release: - support for building meta (compat) lib packages - fix invocation of optional stackage-query for updating to LTS - preliminary --subpackage support for subpkgs of missing deps: including downloading, but update is not properly implemented yet - new pkgver macro - update do not reset release for subpkgs * Fri Feb 24 2017 Jens Petersen <petersen@xxxxxxxxxx> - 0.11-3 - refresh packaging to cabal-rpm-0.11.1 * Fri Feb 10 2017 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.11-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild * Fri Jan 27 2017 Jens Petersen <petersen@xxxxxxxxxx> - 0.11-1 - diff and update now follow package-version args - update from Hackage now follows "Default available version" - update tries to use stackage-query if installed to check latest Stackage version before falling back to latest Hackage - refresh command now reads the cabal-rpm version header in the spec file and installs that version of cabal-rpm under ~/.cblrpm/ and uses it to make patch * Tue Dec 6 2016 Jens Petersen <petersen@xxxxxxxxxx> - 0.10.1-2 - quote dist macro in old changelog entry * Tue Nov 29 2016 Jens Petersen <petersen@xxxxxxxxxx> - 0.10.1-1 - update to 0.10.1: - no longer need to remove License files from docdir - use new ghc_fix_rpath macro - include Contributors in docs * Wed Jul 27 2016 Jens Petersen <petersen@xxxxxxxxxx> - 0.10.0-1 - update to 0.10.0: - add cabal-rpm version header line to spec files - warn if unresolved clibs - update command displays diff - use cabal_test - no longer duplicate docs in datadir and package datadir better * Fri May 6 2016 Jens Petersen <petersen@xxxxxxxxxx> - 0.9.11-1 - update to 0.9.11 -------------------------------------------------------------------------------- ================================================================================ gnome-shell-extension-freon-34-1.el7 (FEDORA-EPEL-2018-b8b73adba1) GNOME Shell extension to display system temperature, voltage, and fan speed -------------------------------------------------------------------------------- Update Information: Bump to upstream version 34, which improves the Polish and Spanish translations, and fixed a bug where it did not check for Nvidia lockfiles. -------------------------------------------------------------------------------- ChangeLog: * Wed May 16 2018 Andrew Toskin <andrew@xxxxxxx> - 34-1 - Bump to upstream version 34, which improves the Polish and Spanish translations, and fixed a bug where it did not check for Nvidia lockfiles. * Wed Feb 7 2018 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 33-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ nodejs-deep-extend-0.5.1-1.el7 (FEDORA-EPEL-2018-8b8dc96235) Recursive object extending -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2018-3750 -------------------------------------------------------------------------------- ChangeLog: * Tue May 15 2018 Parag Nemade <pnemade AT redhat DOT com> - 0.5.1-1 - Update to 0.5.1 version (#1578247) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1578246 - CVE-2018-3750 nodejs-deep-extend: Prototype pollution can allow attackers to modify object properties https://bugzilla.redhat.com/show_bug.cgi?id=1578246 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx