The following Fedora EPEL 7 Security updates need testing: Age URL 490 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d condor-8.6.11-1.el7 232 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80 python-gnupg-0.4.4-1.el7 229 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b bubblewrap-0.3.3-2.el7 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-eb770d67f7 knot-resolver-4.3.0-1.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-de07c8591e cacti-1.2.8-1.el7 cacti-spine-1.2.8-1.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-39eb4afe6e libuv-1.34.0-1.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-ad1ffea646 chromium-79.0.3945.79-1.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-936f369393 wordpress-5.1.4-1.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-b3b252ad49 drupal7-l10n_update-2.3-1.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c44b218d4a drupal7-webform-4.21-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing conda-4.6.14-1.el7 htmldoc-1.8.28-6.el7 python-openshift-0.10.1-3.el7 singularity-3.5.2-1.1.el7 xrootd-4.11.1-1.el7 Details about builds: ================================================================================ conda-4.6.14-1.el7 (FEDORA-EPEL-2019-a6e87b96c1) Cross-platform, Python-agnostic binary package manager -------------------------------------------------------------------------------- Update Information: - Update to 4.6.14 - Make "conda shell.bash hook" work (bz#1737165) -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 15 2019 Orion Poplawski <orion@xxxxxxxx> - 4.6.14-1 - Update 4.6.14 - Make "conda shell.bash hook" work (bz#1737165) - Unbundle more libraries -------------------------------------------------------------------------------- ================================================================================ htmldoc-1.8.28-6.el7 (FEDORA-EPEL-2019-3221ff1dea) Converter from HTML into indexed HTML, PostScript, or PDF -------------------------------------------------------------------------------- Update Information: Backport fix for CVE-2019-19630 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 17 2019 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1.8.28-6 - backport fix for CVE-2019-19630 (#1783941) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1783941 - CVE-2019-19630 htmldoc: crafted HTML document allows for a stack-based buffer overflow in the hd_strlcpy() function in string.c [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1783941 -------------------------------------------------------------------------------- ================================================================================ python-openshift-0.10.1-3.el7 (FEDORA-EPEL-2019-b509a50c8e) Python client for the OpenShift API -------------------------------------------------------------------------------- Update Information: Update to 0.10.1 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 17 2019 Jason Montleon <jmontleo@xxxxxxxxxx> 0.10.1-3 - work around BZ 1759100 * Tue Dec 17 2019 Jason Montleon <jmontleo@xxxxxxxxxx> 0.10.1-2 - remove exclude possibly causing problems * Tue Dec 17 2019 Jason Montleon <jmontleo@xxxxxxxxxx> 0.10.1-1 - Update to upstream 0.10.1 -------------------------------------------------------------------------------- ================================================================================ singularity-3.5.2-1.1.el7 (FEDORA-EPEL-2019-0ac439f69e) Application and environment virtualization -------------------------------------------------------------------------------- Update Information: Upgrade to upstream 3.5.2, still using golang-1.11 on epel8 ---- Upgrade to upstream 3.5.1, use golang-1.11 on epel8 ---- Upgrade to upstream 3.5.0 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 17 2019 Dave Dykstra <dwd@xxxxxxxxxxxxxxxxx> - 3.5.2-1.1 - Upgrade to upstream 3.5.2, keeping #4768 patch only on el8 * Thu Dec 5 2019 Dave Dykstra <dwd@xxxxxxxxxxxxxxxxx> - 3.5.1-1.1 - Upgrade to upstream 3.5.1, keeping #4768 patch only on el8 * Wed Nov 20 2019 Dave Dykstra <dwd@xxxxxxxxxxxxxxxxx> - 3.5.0-1.1 - Apply patch from PR #4769 to build with golang-1.11 on el8 only * Wed Nov 13 2019 Dave Dykstra <dwd@xxxxxxxxxxxxxxxxx> - 3.5.0-1 - Upgrade to upstream 3.5.0 * Thu Nov 7 2019 Dave Dykstra <dwd@xxxxxxxxxxxxxxxxx> - 3.5.0~rc.2-1 - Upgrade to upstream 3.5.0~rc.2. * Wed Oct 30 2019 Dave Dykstra <dwd@xxxxxxxxxxxxxxxxx> - 3.5.0~rc.1-1 - Upgrade to upstream 3.5.0~rc.1. Drop PR #4522 patch. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1777565 - singularity-3.5.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1777565 -------------------------------------------------------------------------------- ================================================================================ xrootd-4.11.1-1.el7 (FEDORA-EPEL-2019-2dc1958ff6) Extended ROOT file server -------------------------------------------------------------------------------- Update Information: xrootd 4.11.1 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 17 2019 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 1:4.11.1-1 - Update to version 4.11.1 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
