The following Fedora EPEL 7 Security updates need testing: Age URL 26 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3835d39d1a unrtf-0.21.9-8.el7 23 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-656b24ec40 chromium-67.0.3396.79-1.el7 21 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-15b7dc35af pass-1.7.2-1.el7 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-9d8de55465 drupal7-backup_migrate-3.5-1.el7 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-7926246d9d libgit2-0.26.4-1.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-ccbe8e3c4d knot-resolver-2.4.0-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing guacamole-server-0.9.14-1.el7 libvncserver-0.9.9-0.12.el7 nekovm-2.2.0-5.el7 php-bartlett-php-compatinfo-db-1.33.0-1.el7 transifex-client-0.13.4-1.el7 wordpress-4.9.7-1.el7 Details about builds: ================================================================================ guacamole-server-0.9.14-1.el7 (FEDORA-EPEL-2018-6b0fdd8b40) Server-side native components that form the Guacamole proxy -------------------------------------------------------------------------------- Update Information: Limited arch package libvncserver for ppc64 + latest Guacamole server. -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 3 2018 Simone Caronni <negativo17@xxxxxxxxx> - 0.9.14-1 - Update to 0.9.14. - Update SPEC file. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1563305 - Please update guacamole to latest version https://bugzilla.redhat.com/show_bug.cgi?id=1563305 [ 2 ] Bug #1546859 - CVE-2018-7225 libvncserver: Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1546859 -------------------------------------------------------------------------------- ================================================================================ libvncserver-0.9.9-0.12.el7 (FEDORA-EPEL-2018-6b0fdd8b40) Library to make writing a vnc server easy -------------------------------------------------------------------------------- Update Information: Limited arch package libvncserver for ppc64 + latest Guacamole server. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1563305 - Please update guacamole to latest version https://bugzilla.redhat.com/show_bug.cgi?id=1563305 [ 2 ] Bug #1546859 - CVE-2018-7225 libvncserver: Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1546859 -------------------------------------------------------------------------------- ================================================================================ nekovm-2.2.0-5.el7 (FEDORA-EPEL-2018-5f4ca2ed51) Neko embedded scripting language and virtual machine -------------------------------------------------------------------------------- Update Information: initial release for EPEL7 -------------------------------------------------------------------------------- ================================================================================ php-bartlett-php-compatinfo-db-1.33.0-1.el7 (FEDORA-EPEL-2018-7853163ec6) Reference Database to be used with php-compatinfo library -------------------------------------------------------------------------------- Update Information: **Version 1.33.0** - 2018-07-05 * **Added** - Support to PHP 7.1.18 and 7.1.19 * **Changed** - Igbinary reference updated to version 2.0.7 (stable) - Stomp reference updated to version 2.0.2 (stable) - Varnish reference updated to version 1.2.4 (stable) -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 6 2018 Remi Collet <remi@xxxxxxxxxxxx> - 1.33.0-1 - update to 1.33.0 -------------------------------------------------------------------------------- ================================================================================ transifex-client-0.13.4-1.el7 (FEDORA-EPEL-2018-ddb17af229) Command line tool for Transifex translation management -------------------------------------------------------------------------------- Update Information: New upstream version -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 6 2018 Luis Bazan <lbazan@xxxxxxxxxxxxxxxxx> - 0.13.4-1 - New upstream version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1594046 - Cannot install due to missing dependency: python3-backports-ssl_match_hostname https://bugzilla.redhat.com/show_bug.cgi?id=1594046 -------------------------------------------------------------------------------- ================================================================================ wordpress-4.9.7-1.el7 (FEDORA-EPEL-2018-3f114dff22) Blog tool and publishing platform -------------------------------------------------------------------------------- Update Information: Update to 4.9.7 security release. https://wordpress.org/news/2018/07/wordpress-4-9-7-security-and-maintenance- release/ -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 5 2018 Kevin Fenzi <kevin@xxxxxxxxx> - 4.9.7-1 - Update to 4.9.7 security update. Fixes bug #1598612 - Fixes CVE-2018-12895 bugs #1595584 and #1595585 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1595585 - CVE-2018-12895 wordpress: Author users can execute arbitrary code by leveraging directory traversal on the wp-admin/post.php thumb parameter [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1595585 [ 2 ] Bug #1598612 - wordpress-4.9.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1598612 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx/message/7EL7OFM257OEXTUD3JP22NXXICII4T6O/
