Fedora EPEL 7 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora EPEL 7 Security updates need testing:
 Age  URL
 357  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d   condor-8.6.11-1.el7
 132  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-d2c1368294   cinnamon-3.6.7-5.el7
  98  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80   python-gnupg-0.4.4-1.el7
  96  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b   bubblewrap-0.3.3-2.el7
  68  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-fc63c75ab1   hostapd-2.8-1.el7
  33  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-12067fc897   dosbox-0.74.3-2.el7
  25  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-487a6fb279   knot-2.8.2-1.el7 knot-resolver-4.1.0-1.el7
  25  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-aabd063c30   squirrelmail-1.4.23-1.el7.20190710
  13  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-ef655ec55e   proftpd-1.3.5e-5.el7
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-44d26d23ea   upx-3.95-4.el7
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-b6948289f0   pdns-4.1.11-1.el7
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-ad7b11b384   igraph-0.7.1-12.el7
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-643d621522   jhead-3.03-4.el7


The following builds have been pushed to Fedora EPEL 7 updates-testing

    bird-1.6.7-1.el7
    boinc-client-7.16.1-2.el7
    git-secret-0.2.6-2.el7
    perl-Net-BGP-0.17-1.el7
    purple-discord-0-25.20190805git250a8a0.el7
    purple-hangouts-0-65.20190607hg3f7d89b.el7
    python-django-1.11.23-1.el7
    python-plumbum-1.6.7-2.el7
    qdigidoc-4.2.2-4.el7

Details about builds:


================================================================================
 bird-1.6.7-1.el7 (FEDORA-EPEL-2019-9657484745)
 BIRD Internet Routing Daemon
--------------------------------------------------------------------------------
Update Information:

BIRD 1.6.7 (2019-08-01) =======================    * BFD: Support for VRFs   *
Several bugfixes
--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug  5 2019 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> - 1.6.7-1
- Upgrade to 1.6.7
--------------------------------------------------------------------------------


================================================================================
 boinc-client-7.16.1-2.el7 (FEDORA-EPEL-2019-f641534c73)
 The BOINC client
--------------------------------------------------------------------------------
Update Information:

7.16.1 release  ----  7.16.1 release
--------------------------------------------------------------------------------
ChangeLog:

* Tue Aug  6 2019 Germano Massullo <germano.massullo@xxxxxxx>
- replaced %setup -q -n boinc-%{gittag_custom} with %autosetup -n boinc-%{gittag_custom}
* Tue Aug  6 2019 Germano Massullo <germano.massullo@xxxxxxx> - 7.16.1-1
- 7.16.1 release
- Removed scheduler.patch tray_icon_removal.patch window_close.patch because they have been merged into 7.16.1
* Wed Jul 24 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 7.14.2-18
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 git-secret-0.2.6-2.el7 (FEDORA-EPEL-2019-5578d0c2fa)
 A bash-tool to store your private data inside a git repository
--------------------------------------------------------------------------------
Update Information:

Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 perl-Net-BGP-0.17-1.el7 (FEDORA-EPEL-2019-f267faa772)
 Perl module for object-oriented API to the BGP protocol
--------------------------------------------------------------------------------
Update Information:

Net::BGP 0.17 =============    - Fixed bug where the wrong aggregator variable
was being tested.   - Added an "OpaqueData" parameter and equivalent accessor
sub `opaque_data()`     to allow for the storage of arbitrary data with the
peer. The main purpose     of this is to allow the user to store extra data (a
scalar or ref) with the     peer that is then readable by the call back
routines. I realise there are     other ways to do this, but this seems much
cleaner.   - Fixes the situation where a socket is still in the list of sockets
to be     selected on, yet it has been closed. I believe this is caused when we
create a new connection to a peer at the same time as we receive one.     When
we find ourselves with a bad FD, we re-check the list of sockets to     select
on.   - It is possible to receive a notification message (error) in response to
an     OPEN message (e.g. an unrecognised ASN). We were getting a Finite State
Machine error, now we call the notification callback.   - `_kill_session()` will
call `_close_session()` even if the socket is not open.     This will finally
terminate the session properly (stops some weird loops).   - Added extra members
of the notification state engine.     Now calls `_kill_session()` rather than
`_cease()` when the peer socket is closed.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Aug  6 2019 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 0.17-1
- Upgrade to 0.17 (#1737397)
* Fri Jul 26 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.16-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Fri May 31 2019 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 0.16-3
- Perl 5.30 rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1737397 - Upgrade perl-Net-BGP to 0.17
        https://bugzilla.redhat.com/show_bug.cgi?id=1737397
--------------------------------------------------------------------------------


================================================================================
 purple-discord-0-25.20190805git250a8a0.el7 (FEDORA-EPEL-2019-1920abccdb)
 Discord plugin for libpurple
--------------------------------------------------------------------------------
Update Information:

Updated some purple plugins to latest snapshots.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Aug  6 2019 Vitaly Zaitsev <vitaly@xxxxxxxxxxxxxx> - 0-25.20190805git250a8a0
- Updated to latest snapshot.
* Fri Jul 26 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0-24.20190505git8623ec7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 purple-hangouts-0-65.20190607hg3f7d89b.el7 (FEDORA-EPEL-2019-1920abccdb)
 Hangouts plugin for libpurple
--------------------------------------------------------------------------------
Update Information:

Updated some purple plugins to latest snapshots.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Aug  6 2019 Vitaly Zaitsev <vitaly@xxxxxxxxxxxxxx> - 1:0-65.20190607hg3f7d89b
- Updated to latest snapshot.
* Fri Jul 26 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1:0-64.20190303hgeffc9b4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 python-django-1.11.23-1.el7 (FEDORA-EPEL-2019-4e6da66b9f)
 A high-level Python Web framework
--------------------------------------------------------------------------------
Update Information:

Fix CVE-2019-14232 (rhbz#1735768)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Aug  6 2019 Matthias Runge <mrunge@xxxxxxxxxx> - 1.11.23-1
- Fix CVE-2019-14232 (rhbz#1735768)
- Fix CVE-2019-14233 (rhbz#1735772)
- Fix CVE-2019-14234 (rhbz#1735776)
- Fix CVE-2019-14235 (rhbz#1735781)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1735768 - CVE-2019-14232 python-django: Django: backtracking in a regular expression in django.utils.text.Truncator leads to DoS [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1735768
  [ 2 ] Bug #1735772 - CVE-2019-14233 python-django: Django: the behavior of the underlying HTMLParser leading to DoS [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1735772
  [ 3 ] Bug #1735776 - CVE-2019-14234 python-django: Django: SQL injection possibility in key and index lookups for JSONField/HStoreField [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1735776
  [ 4 ] Bug #1735781 - CVE-2019-14235 python-django: Django: Potential memory exhaustion in django.utils.encoding.uri_to_iri() [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1735781
--------------------------------------------------------------------------------


================================================================================
 python-plumbum-1.6.7-2.el7 (FEDORA-EPEL-2019-cca94d8cc6)
 Shell combinators library
--------------------------------------------------------------------------------
Update Information:

Upstream version 1.6.7  ----  Upstream version 1.6.7
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 22 2019 Greg Hellings <greg.hellings@xxxxxxxxx> - 1.6.7-1
- Upstream version 1.6.7
- Restored Python 3 version
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1244181 - python-plumbum-1.6.7 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1244181
--------------------------------------------------------------------------------


================================================================================
 qdigidoc-4.2.2-4.el7 (FEDORA-EPEL-2019-e29d1e586e)
 Estonian digital signature and encryption application
--------------------------------------------------------------------------------
Update Information:

- Latest upstream release 4.2.2 - Fix for epel7 build by calling cmake3
explicitly
--------------------------------------------------------------------------------
ChangeLog:

* Tue Aug  6 2019 Dmitri Smirnov <dmitri@xxxxxxxxxx> - 4.2.2-4
- Call cmake3 explicitly to fix epel7 build
* Wed Jul 31 2019 Dmitri Smirnov <dmitri@xxxxxxxxxx> - 4.2.2-3
- Patch nautilus extension to work with python 3
* Fri Jul 26 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.2.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Mon Jul 22 2019 Dmitri Smirnov <dmitri@xxxxxxxxxx> - 4.2.2-1
- Upstream release 4.2.2
* Fri Jul 19 2019 Dmitri Smirnov <dmitri@xxxxxxxxxx> - 4.2.1-1
- Upstream release 4.2.1
* Sat Feb  2 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.2.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Dec 28 2018 Germano Massullo <germano@xxxxxxxxxxxxxxxxxxx> - 4.2.0-4
- added Provides: qesteidutil
* Tue Dec 11 2018 Germano Massullo <germano@xxxxxxxxxxxxxxxxxxx> - 4.2.0-3
- adding obsoletes: qesteidutil for F30
* Tue Dec  4 2018 Dmitri Smirnov <dmitri@xxxxxxxxxx> - 4.2.0-2
- Add proper provides and obsoletes
* Tue Dec  4 2018 Dmitri Smirnov <dmitri@xxxxxxxxxx> - 4.2.0-1
- Upstream release 4.2.0
* Mon Nov 19 2018 Dmitri Smirnov <dmitri@xxxxxxxxxx> - 4.1.0-1
- Upstream release 4.1.0
* Thu Oct  4 2018 Dmitri Smirnov <dmitri@xxxxxxxxxx> - 4.0.0-4
- Use the officially provided zip pack
- Update static resource files
* Mon Jun 25 2018 Dmitri Smirnov <dmitri@xxxxxxxxxx> - 4.0.0-3
- Add instructions on how to obtain the tarball
- Re-pack the sources tarball with ones obtained from VCS.
* Mon Jun 18 2018 Dmitri Smirnov <dmitri@xxxxxxxxxx> - 4.0.0-2
- Add a patch for sanbox compilation
* Wed Jun 13 2018 Dmitri Smirnov <dmitri@xxxxxxxxxx> - 4.0.0-1
- Update sources to the 4.0.0 release
- Add a patch to workaround the Qt 5.11 compatibility
* Sun Jun  3 2018 Dmitri Smirnov <dmitri@xxxxxxxxxx> - 0.6.0-3
- Update sources to the latest one
* Thu May  3 2018 Dmitri Smirnov <dmitri@xxxxxxxxxx> - 0.6.0-2
- Remove filetype bindings and icons to avoid conflict with DigiDoc3
* Tue May  1 2018 Dmitri Smirnov <dmitri@xxxxxxxxxx> - 0.6.0-1
- Initial packaging of 0.6.0 beta
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1662491 - Fix EPEL7 build
        https://bugzilla.redhat.com/show_bug.cgi?id=1662491
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux