Fedora EPEL 7 updates-testing report

updates@xxxxxxxxxxxxxxxxx · Wed, 5 Jun 2019 00:07:06 +0000 (UTC)

The following Fedora EPEL 7 Security updates need testing:
 Age  URL
 294  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d   condor-8.6.11-1.el7
 101  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-f8311ec8a2   tor-0.3.5.8-1.el7
  69  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-d2c1368294   cinnamon-3.6.7-5.el7
  62  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-50a6a1ddfd   afflib-3.7.18-2.el7
  35  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80   python-gnupg-0.4.4-1.el7
  33  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b   bubblewrap-0.3.3-2.el7
  10  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-b909a6e178   sleuthkit-4.6.6-1.el7
  10  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-9cab93353c   drupal7-ds-2.16-1.el7
  10  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-2c1ec539fd   drupal7-uuid-1.2-1.el7
  10  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-f614c9a4bc   drupal7-xmlsitemap-2.6-1.el7
  10  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-8278894e4d   drupal7-context-3.10-1.el7
  10  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-de5e3216ff   drupal7-path_breadcrumbs-3.4-1.el7
  10  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-748b40598c   drupal7-module_filter-2.2-1.el7
  10  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-53f9189a5e   drupal7-views-3.23-1.el7
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-043371cfab   rust-1.35.0-1.el7
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-fc63c75ab1   hostapd-2.8-1.el7

The following builds have been pushed to Fedora EPEL 7 updates-testing

    python-django-1.11.21-1.el7
    snapd-2.39.1-1.el7

Details about builds:

================================================================================
 python-django-1.11.21-1.el7 (FEDORA-EPEL-2019-58a16a4811)
 A high-level Python Web framework
--------------------------------------------------------------------------------
Update Information:

fix for CVE-2019-12308 (rhbz#1716764)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun  4 2019 Matthias Runge <mrunge@xxxxxxxxxx> - 1.11.21-1
- fix for CVE-2019-12308 (rhbz#1716764)
* Fri Mar 15 2019 Matthias Runge <mrunge@xxxxxxxxxx> - 1.11.20-2
- enable python3 subpackage
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1716764 - CVE-2019-12308 python-django: django: missing URL validation by AdminURLFieldWidget leads to generation of clickable unsafe JavaScript link causing cross site scripting [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1716764
--------------------------------------------------------------------------------

================================================================================
 snapd-2.39.1-1.el7 (FEDORA-EPEL-2019-91a080fd55)
 A transactional software package manager
--------------------------------------------------------------------------------
Update Information:

Update to snapd-2.39.1 to fix SELinux issues.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun  4 2019 Neal Gompa <ngompa13@xxxxxxxxx> - 2.39.1-1
- Release 2.39.1 to Fedora (RH#1715505)
- Backport SELinux policy fixes for systemd unit mount namespacing (RH#1708991)
* Wed May 29 2019 Michael Vogt <mvo@xxxxxxxxxx>
- New upstream release 2.39.1
 - spread: enable Fedora 30
 - cmd/snap-confine, data/selinux: cherry pick Fedora 30 fixes
 - tests/unit/spread-shellcheck: temporary workaround for SC2251
 - packaging: build empty package on powerpc
 - interfaces: special-case "snapd" in sanitizeSlotReservedForOS*
   helper
 - cmd/snap: mangle descriptions that have indent > terminal width
 - cmd/snap-confine: unshare per-user mount ns once
 - tests: avoid adding spaces to the base snaps names
 - systemd: workaround systemctl show quirks on older systemd
   versions
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1708991 - Failed to set up mount namespacing: Permission denied
        https://bugzilla.redhat.com/show_bug.cgi?id=1708991
  [ 2 ] Bug #1715505 - snapd-2.39.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1715505
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx