The following Fedora EPEL 7 Security updates need testing: Age URL 50 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-2c81054303 remctl-3.14-1.el7 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-8b8dc96235 nodejs-deep-extend-0.5.1-1.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-860176245e gifsicle-1.91-1.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-48b823c3dc strongswan-5.6.2-6.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-297fb7f6c0 chromium-66.0.3359.181-2.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-90002f509e pdns-recursor-4.1.3-2.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-74ee3ae47e phpMyAdmin-4.4.15.10-3.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing cobbler-2.8.3-2.el7 python-fedmsg-meta-fedora-infrastructure-0.25.0-1.el7 thunderbird-enigmail-2.0.6-1.el7 Details about builds: ================================================================================ cobbler-2.8.3-2.el7 (FEDORA-EPEL-2018-bbdc0ecf38) Boot server configurator -------------------------------------------------------------------------------- Update Information: Update to 2.8.3 - Fix security issue -------------------------------------------------------------------------------- ChangeLog: * Mon May 28 2018 Nicolas Chauvet <kwizart@xxxxxxxxx> - 2.8.3-2 - Restore mergeability with epel7 * Mon May 28 2018 Nicolas Chauvet <kwizart@xxxxxxxxx> - 2.8.3-1 - Update to 2.8.3 - security bugfix * Wed Feb 21 2018 Orion Poplawski <orion@xxxxxxxx> - 2.8.2-6 - Really fix django requires for Fedora 28+ * Tue Feb 20 2018 Orion Poplawski <orion@xxxxxxxx> - 2.8.2-5 - Fix django requires for Fedora 28+ * Fri Feb 9 2018 Igor Gnatenko <ignatenkobrain@xxxxxxxxxxxxxxxxx> - 2.8.2-4 - Escape macros in %changelog * Wed Feb 7 2018 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.8.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Tue Feb 6 2018 Iryna Shcherbina <ishcherb@xxxxxxxxxx> - 2.8.2-2 - Update Python 2 dependency declarations to new packaging standards (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1532469 - CVE-2017-1000469 cobbler: Command injection in the "add repo" component allows for remote code execution [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1532469 -------------------------------------------------------------------------------- ================================================================================ python-fedmsg-meta-fedora-infrastructure-0.25.0-1.el7 (FEDORA-EPEL-2018-5e1b155e15) Metadata providers for Fedora Infrastructure's fedmsg deployment -------------------------------------------------------------------------------- Update Information: Update to 0.25.0 Changelog at: https://github.com/fedora- infra/fedmsg_meta_fedora_infrastructure/blob/develop/CHANGELOG.rst#0250 -------------------------------------------------------------------------------- ChangeLog: * Fri May 25 2018 Pierre-Yves Chibon <pingou@xxxxxxxxxxxx> - 0.25.0-1 - Update to 0.25.0 -------------------------------------------------------------------------------- ================================================================================ thunderbird-enigmail-2.0.6-1.el7 (FEDORA-EPEL-2018-65614e9fc9) Authentication and encryption extension for Mozilla Thunderbird -------------------------------------------------------------------------------- Update Information: Some more efail fixes, https://enigmail.net/index.php/en/download/changelog ---- Enigmail update to version 2.0.4, introduces fixes for the efail attack. Please check and modify your Thunderbird settings if required: https://enigmail.net/index.php/en/home/news/66-2018-05-16-efail-vulnerability- affects-encrypted-mails -------------------------------------------------------------------------------- ChangeLog: * Mon May 28 2018 Christian Dersch <lupinix@xxxxxxxxxxxxxxxxx> - 2.0.6-1 - new version * Sat May 19 2018 Christian Dersch <lupinix@xxxxxxxxxxxxxxxxx> - 2.0.4-1 - new version fixing efail vulnerability * Fri Feb 9 2018 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.9.9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1583073 - enigmail: Multiple information leaks in responses to partially encrypted messages https://bugzilla.redhat.com/show_bug.cgi?id=1583073 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx/message/7SWCZHSFTWPYBIEQUDXJMPFULMFNQHLW/