Fedora EPEL 7 updates-testing report

updates@xxxxxxxxxxxxxxxxx · Wed, 16 May 2018 14:02:51 +0000 (UTC)

The following Fedora EPEL 7 Security updates need testing:
 Age  URL
  38  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-2c81054303   remctl-3.14-1.el7
  14  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-5ae7f0e7c7   python-pygit2-0.26.4-1.el7 libgit2-0.26.3-1.el7
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-ce811a54c9   roundcubemail-1.1.12-2.el7
  10  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-1ec98a14c5   seamonkey-2.49.3-1.el7
  10  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-1698223c96   mysql-mmm-2.2.1-15.el7

The following builds have been pushed to Fedora EPEL 7 updates-testing

    cabal-rpm-0.12.3-1.el7
    gnome-shell-extension-freon-34-1.el7
    nodejs-deep-extend-0.5.1-1.el7

Details about builds:

================================================================================
 cabal-rpm-0.12.3-1.el7 (FEDORA-EPEL-2018-3756e5609c)
 RPM packaging tool for Haskell Cabal-based packages
--------------------------------------------------------------------------------
Update Information:

Update from 0.9.10:  - run cabal update before cabal commands - add cabal-rpm
version header line to spec files - new option --missing: comments out missing
dependencies - put license files in lib subpackage - no longer append %_isa to C
BuildRequires - no longer leave leftover tmpdirs - devel packages now provide
doc subpackage for forward compatibility - new --hackage option to get package
version from Hackage not Stackage - fix handling of no exposed modules - various
other packaging fixes
--------------------------------------------------------------------------------
ChangeLog:

* Tue May 15 2018 Jens Petersen <petersen@xxxxxxxxxx> - 0.12.3-1
- build: remove erroneous tarball check
- refresh: use cblrpm for old cabal-rpm
* Thu Mar 29 2018 Jens Petersen <petersen@xxxxxxxxxx> - 0.12.2-1
- diff: now supports CBLRPM_DIFF envvar to override "diff -u"
- build: attempt when missing rpms deps not available
* Wed Feb 21 2018 Jens Petersen <petersen@xxxxxxxxxx> - 0.12.1-4
- fix build on epel7 ghc
* Wed Feb 21 2018 Jens Petersen <petersen@xxxxxxxxxx> - 0.12.1-3
- add bcond for https
* Wed Feb 21 2018 Jens Petersen <petersen@xxxxxxxxxx> - 0.12.1-2
- escape macro in previous changelog
* Tue Feb 20 2018 Jens Petersen <petersen@xxxxxxxxxxxxxxxxx> - 0.12.1-1
- new option --missing: comments out missing dependencies
- put license files in lib subpackage
- no longer append %_isa to C BuildRequires (#54)
- no longer leave leftover tmpdirs (#26)
- change 'cblrpm' to 'cabal-rpm' in documentation
* Fri Feb  9 2018 Igor Gnatenko <ignatenkobrain@xxxxxxxxxxxxxxxxx> - 0.12-4
- Escape macros in %changelog
* Wed Feb  7 2018 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.12-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Fri Jan 26 2018 Jens Petersen <petersen@xxxxxxxxxx> - 0.12-2
- rebuild
* Fri Nov 17 2017 Jens Petersen <petersen@xxxxxxxxxx> - 0.12-1
- query stackage.org directly via https
- run cabal update before cabal commands
- devel packages now provide doc subpackage for forward compatibility
- new --hackage option to get package version from Hackage not Stackage
- do not add .cabal files containing "doc" to docs
- silence mock rpmbuild -bs warnings about undefined %ghc_version
* Mon Jul 31 2017 Jens Petersen <petersen@xxxxxxxxxx> - 0.11.2-1
- fix cblrpm update --subpackage
- fix rpm installation when no sudo
- fix handling of no exposed modules
- fix license handling for selfdep binlib
* Mon Mar 13 2017 Jens Petersen <petersen@xxxxxxxxxx> - 0.11.1-1
- update to 0.11.1 release:
- support for building meta (compat) lib packages
- fix invocation of optional stackage-query for updating to LTS
- preliminary --subpackage support for subpkgs of missing deps:
  including downloading, but update is not properly implemented yet
- new pkgver macro
- update do not reset release for subpkgs
* Fri Feb 24 2017 Jens Petersen <petersen@xxxxxxxxxx> - 0.11-3
- refresh packaging to cabal-rpm-0.11.1
* Fri Feb 10 2017 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.11-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Fri Jan 27 2017 Jens Petersen <petersen@xxxxxxxxxx> - 0.11-1
- diff and update now follow package-version args
- update from Hackage now follows "Default available version"
- update tries to use stackage-query if installed to check latest Stackage
  version before falling back to latest Hackage
- refresh command now reads the cabal-rpm version header in the spec file and
  installs that version of cabal-rpm under ~/.cblrpm/ and uses it to make patch
* Tue Dec  6 2016 Jens Petersen <petersen@xxxxxxxxxx> - 0.10.1-2
- quote dist macro in old changelog entry
* Tue Nov 29 2016 Jens Petersen <petersen@xxxxxxxxxx> - 0.10.1-1
- update to 0.10.1:
- no longer need to remove License files from docdir
- use new ghc_fix_rpath macro
- include Contributors in docs
* Wed Jul 27 2016 Jens Petersen <petersen@xxxxxxxxxx> - 0.10.0-1
- update to 0.10.0:
- add cabal-rpm version header line to spec files
- warn if unresolved clibs
- update command displays diff
- use cabal_test
- no longer duplicate docs in datadir and package datadir better
* Fri May  6 2016 Jens Petersen <petersen@xxxxxxxxxx> - 0.9.11-1
- update to 0.9.11
--------------------------------------------------------------------------------

================================================================================
 gnome-shell-extension-freon-34-1.el7 (FEDORA-EPEL-2018-b8b73adba1)
 GNOME Shell extension to display system temperature, voltage, and fan speed
--------------------------------------------------------------------------------
Update Information:

Bump to upstream version 34, which improves the Polish and Spanish translations,
and fixed a bug where it did not check for Nvidia lockfiles.
--------------------------------------------------------------------------------
ChangeLog:

* Wed May 16 2018 Andrew Toskin <andrew@xxxxxxx> - 34-1
- Bump to upstream version 34, which improves the Polish and Spanish
  translations, and fixed a bug where it did not check for Nvidia
  lockfiles.
* Wed Feb  7 2018 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 33-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
--------------------------------------------------------------------------------

================================================================================
 nodejs-deep-extend-0.5.1-1.el7 (FEDORA-EPEL-2018-8b8dc96235)
 Recursive object extending
--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2018-3750
--------------------------------------------------------------------------------
ChangeLog:

* Tue May 15 2018 Parag Nemade <pnemade AT redhat DOT com> - 0.5.1-1
- Update to 0.5.1 version (#1578247)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1578246 - CVE-2018-3750 nodejs-deep-extend: Prototype pollution can allow attackers to modify object properties
        https://bugzilla.redhat.com/show_bug.cgi?id=1578246
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx