The following Fedora EPEL 7 Security updates need testing: Age URL 759 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d condor-8.6.11-1.el7 499 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b bubblewrap-0.3.3-2.el7 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-49c5f31e92 python-pip-epel-8.1.2-14.el7 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-864bc6779e chromium-85.0.4183.83-1.el7 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-83bdeb2965 ansible-2.9.13-1.el7 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-0a324e529d drupal7-7.72-1.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-f9a066663b mbedtls-2.7.17-1.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-25e525a9ca seamonkey-2.53.4-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing pulledpork-0.7.4-1.el7 rpminspect-1.1-1.el7 rpminspect-data-fedora-1.1-1.el7 Details about builds: ================================================================================ pulledpork-0.7.4-1.el7 (FEDORA-EPEL-2020-0e43b20d82) Pulled Pork for Snort and Suricata rule management -------------------------------------------------------------------------------- Update Information: New upstream version -------------------------------------------------------------------------------- ChangeLog: * Sat Sep 12 2020 Marcin Dulak <Marcin.Dulak@xxxxxxxxx> - 0.7.4-1 - New upstream version - Add a simple execution test * Tue Jul 28 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.3-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Thu Jan 30 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.3-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Fri Jul 26 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.3-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Sat Feb 2 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.3-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Fri Jul 13 2018 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Fri Feb 9 2018 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1878338 - pulledpork-0.7.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1878338 -------------------------------------------------------------------------------- ================================================================================ rpminspect-1.1-1.el7 (FEDORA-EPEL-2020-7dbefa245f) Build deviation compliance tool -------------------------------------------------------------------------------- Update Information: Upgrade to rpminspect-1.1 -------------------------------------------------------------------------------- ChangeLog: * Fri Sep 11 2020 David Cantrell <dcantrell@xxxxxxxxxx> - 1.1-1 - Formatting fixes in Makefile help output - Begin config file restructuring starting with rpminspect-data-generic - Support multiple configuration files. - Docs work in progress. - Only fail the annocheck inspection for RESULT_VERIFY. - Read debuginfo if available when running the 'annocheck' inspection. - Add the '%files' inspection to librpminspect - Add __attribute__((__sentinel__)) to the run_cmd() prototype - Add test suite cases for the '%files' inspection. - Added the 'types' inspection to compare MIME types between builds. - Update TODO file - Update the MISSING file - s/rpminspect.yaml/generic.yaml/ in the Makefile and README - Skip debuginfo and debugsource packages in the 'types' inspection - Add test_types.py to the test suite - Note the 'types' inspection generic.yaml - Modify add_entry() in init.c to skip duplicate entries - Start GitHub Action workflow files for rpminspect. - Install meson in ci-ubuntu.yml - Change 'nls' option in meson_options.txt to a boolean - Install gettext for ci-ubuntu - Add more build dependencies to ci-ubuntu.yml - Drop the 'method' parameter from dependency() lines in meson.build - Split xmlrpc libs to separate dependency() lines in meson.build - More xmlrpc updates for meson.build and lib/meson.build - Try to support systems with xmlrpc-c without the pkgconfig file. - Changes to build on Ubuntu, specifically the GitHub Actions system - Syntax error in ci-ubuntu.yml - Add ci-fedora.yml for GitHub Action CI on Fedora - Fix errors in ci-fedora.yml - Put all of the ci-ubuntu.yml steps in ci-ubuntu.yml - Remove install-libmandoc.sh and ubuntu-pkgs.sh helper scripts. - Install python3-setuptools in ci-ubuntu.yml - Install rpm-build in ci-fedora.yml - Install libxmlrpc-core-c3-dev in ci-ubuntu.yml - Disable ci-ubuntu.yml for now, enable code coverage in ci-fedora.yml - Remove Travis-CI files. - coverage fixes for ci-fedora.yml - Install git in ci-fedora.yml - Enable manual dispatching of the CI on Fedora tests - Remove actionspanel thing for GitHub Actions, drop Coveralls block - Comment the ci-fedora-yaml file - Fix the 'elf' inspection and test_elf.py on Ubuntu - Enable the ci-ubuntu GitHub Action again - Check all return values of getcwd() - Ignore installed Python modules with pip3 in ci-ubuntu.yml - Build 'execstack' test program with -Wl,-z,lazy - Add ci-centos8.yml to enable CI on CentOS 8 as a GitHub Action - s/centos8:latest/centos8/g - Trying 'container: centos:centos8' - Drop 'sudo' from ci-centos8.yml - Rename README to README.md - Enable GitHub Action for CI on CentOS 7 - Drop -I from the pip install line in ci-centos7.yml - Use the 'make instreqs' target for install test suite deps. - Add back 'dnf -y install 'dnf-command(builddep)'' to ci-fedora.yml - Nope, that doesn't do it. Just install make in ci-fedora.yml first - More 'make instreqs' fixes. - s/scripts/utils/g in the Makefile - s/TOPDIR/topdir/g in the Makefile - Install make in ci-centos7.yml - Move REQS and PIP lists out of the Makefile to files in osdep/ - '^$$' -> '^$' - Slightly different sourcing of the osdep/ files - Set OS using := in the Makefile - Make the reqs.txt files in osdep/ contain all deps - linux-headers -> linux-headers-$(uname -r) for Ubuntu - Remove html401-dtds from osdep/centos8/reqs.txt - Use `` instead of $() since this list goes through make(1) - Does $(shell uname -r) work in this case? - More osdep/ work and simplification. - Rename 'osdep' to 'osdeps' - meson patches for opensuse - Move mandoc installation to post.sh in osdep/ubuntu - Add GitHub Action for CI on OpenSUSE - opensuse:latest -> opensuse/leap:latest - Install tar in ci-opensuse.yml - Install gzip in ci-opensuse.yml - More fixes for ci-opensuse.yml - Small fixes to determine-os.sh - ci: Add Python linting jobs - ShellCheck fixes for the regress/ scripts - ci: Add ShellCheck to lint shell scripts - Adjust how the Makefile reports unknown operating system. - Just check $ID in determine-os.sh for opensuse - Use pip for PIP_CMD on opensuse-leap - Update the centos images before doing anything else. - Install curl in opensuse-leap - Get 'rc' from Fedora on opensuse and copy it to /usr/local - Install kernel-default-devel for opensuse CI - Move the 'uses' part of the centos CI jobs to the first step - ShellCheck fixes for the utils/ scripts. - Some flake8 fixes in test/, using yapf - Combine all of the GitHub Actions CI runs in to ci.yml - Manually install rpmfluff on CentOS 7; pip is failing here - Use rpmfluff-0.5.7 explicitly for centos7 - Use rpmfluff-0.5.6 on centos7 - OK, let's try rpmfluff-0.5 for centos7 - Last try, rpmfluff-0.5.4.1 for centos7 - Back to trying to manually install rpmfluff for centos7 - Style the Python code with Black - Add the Black formatting commit to blame revision ignore list - OK, just copy rpmfluff.py in place - Make sure to manually install rpmfluff-0.5.7.1 for centos7 - Don't assume we have a header or even a list of files (#161) - python: flake8: drop * imports - python: flake8: wrap long lines to less than 100 characters - python: flake8: drop unused imports - python: flake8: remove unused local variables - python: flake8: add PEP8 whitespace - python: flake8: mark in-line bash scripts as raw strings - python: rename several duplicate test cases - ci: merge style workflows - Adjust rpminspect.spec.in for file moves and default changes. - Return the reallybadword to the metadata tests - Adjust test_metadata.LosingVendorCompareKojiBuild to expect VERIFY - The shared libmandoc check should not look for a static libmandoc - Update the AUTHORS file - Rename ipv6_blacklist to forbidden_ipv6_functions - Rename stat-whitelist to fileinfo - Rename 'caps_whitelist' to 'caps' and drop the use of 'whitelist' - Rename abi-checking-whitelist/ to abi/ in /usr/share/rpminspect - Rename 'version-whitelist/' to 'rebaseable/' in /usr/share/rpminspect - Rename "political-whitelist/" to "politics/" in /usr/share/rpminspect - Drop unnecessary method re-definitions in base test classes - Use super() rather than explicitly calling the parent class - Call configFile() on object instance rather than using the parent class - Upload coverage report to codecov - Improve the error reporting for test result checking - Convert to AUTHORS.md file, add Makefile target to generate it. - Introduce the 'movedfiles' inspection and a lot of other fixes (#155) - AUTHORS -> AUTHORS.md in rpminspect.spec.in - Add basic tests for the filesize inspection - Multiply the file size difference before dividing - Update README.md - Update README.md (more Markdown changes) - Update POTFILES and rpminspect.pot - chmod 0755 test_filesize.py - tests: optionally check the result message - tests: add further filesize tests for shrinking files - inspect_filesize: drop extra - from the message about file shrinkage - Enable 'permissions' inspect for single build analysis. - Add 24 new test cases to cover the 'permissions' inspection. - chmod 0755 test_permissions.py - Make sure all RESULT_INFO results are set to NOT_WAIVABLE - Fix some specific problems with the 'permissions' inspection. - Pass "-r GENERIC" to rpminspect in the TestCompareKoji class - Add 12 more permissions test cases for setuid file checks - Update TODO list - Update test_symlink.py tests for new waiver_auth values - Add a fedora-rawhide job and renamed 'fedora' to fedora-stable - Update the rpminspect.pot translation template - Relicense librpminspect (lib/ and include/) as LGPL-3.0-or-later - Ignore .tox/ subdirectory - License the rpminspect-data-generic subpackage as CC-BY-4.0 - Add a copy of the Apache 2.0 license for the 5 files in librpminspect - Update the License tag in the spec file and the %license lines - Add debian-testing as a CI workflow; add missing osdeps files. - Update determine-os.sh to handle Fedora stable and rawhide - Drop the use of 'sudo' in ci.yml - sudo required for Ubuntu CI job, install make for debian-testing - See what $ID is set to in determine-os.sh - Workaround a bug in meson 0.55.0 for Fedora CI jobs - Add 'debian' catch to utils/determine-os.sh - Rename 'osdeps/debian-testing/' to 'osdeps/debian/' - Add opensuse-tumbleweed to the CI job list - Add libmagic-dev to osdeps/debian/reqs.txt - Fix memory corruption in init_rpminspect - Add comment clarifying the License tag in the spec file. - If check_results() raises AssertionError, dump the JSON output - Fix test_changelog.py test cases that are failing. - Fix UnbalancedChangeLogEditCompareKoji - Handle rpm versions with x.y.z.w version numbers in test_symlinks.py - Fix mandoc build problems in opensuse-tumbleweed CI job - Install gcovr using pip on opensuse-tumbleweed - Handle systems that lack pkg-config files for libelf and libcap - Add archlinux CI job in GitHub Actions - Forgot --noconfirm on the 'pacman -Syu' line. - Add missing DESC_MOVEDFILES block to inspection_desc() - More minor fixes to the Arch Linux CI job. - Install gcovr with pip for the Arch Linux CI job. - Support building on systems that lack <sys/queue.h> - Add detection for <sys/queue.h> to meson.build - Ensure an int is used for snprintf() in inspect_manpage_path() - WIP: 'abidiff' inspection - Only report permissions change if there is a mode_diff (#181) - Fix -Werror failures in inspect_abidiff.c - Add sl_run_cmd() to librpminspect. - Add get_arches() to librpminspect - WIP: abidiff inspection - Some minor edits to the README.md file - More minor updates to the README.md file - Replace get_arches() with init_arches() - Add test_addedfiles.py to the integration test suite - Expand find_one_peer() to soft match versioned ELF shared libraries - Add the beginnings of the 'abidiff' inspection code. - Report out findings in the abidiff inspection. - Update the test suite to cover rpmfluff 0.6 - libmandoc configure workaround needed on Debian too - shellcheck fixes for the scripts in utils/ - Add abi.c, the code that reads in the ABI compat level files (#144) - Be sure to close the open file before exiting init_fileinfo() - Python formatting cleanups - Add --diff to the Python format checker - Add new setting to abidiff section of the config file - Add -n/--no-rebase command line option to disable rebase detection - Store size_threshold as a long int rather than a char * - Check abidiff(1) results against the ABI compat level definitions (#144) - Add 'apt-get -y install libgcc-s1:i386' to pre.sh for Debian - Add integration test cases for the abidiff inspection (#144) - Add 'dpkg --configure -a' to pre.sh for debian - Install libterm-readline-perl-perl for debian CI - Install libabigail for Fedora and CentOS CI jobs - libgcc-s1:i386 -> lib32gcc-s1 for debian CI - Install libabigail for opensuse-leap, opensuse-tumbleweed, and arch CI - Install libabigail for debian and ubuntu CI - Install libabigail-dev for debian and ubuntu, not libabigail - Install libabigail-tools on opensuse-leap and opensuse-tumbleweed - Install libabigail-git for arch linux CI - Move free_argv_table() to runcmd.c - Install 'abigail-tools' for debian-testing and ubuntu CI - Install libabigail using the Arch User Repo on arch CI - Explain the osdeps/ subdirectory. - No, just clone libabigail from git and build it manually on arch - Add beginning of kmidiff inspection, put ABI functions in abi.c - Read list of possible kernel executable filenames from the config file. - Drop abidiff_ and kmidiff_ from extra_args; add kernel_filenames - Just call the abidiff and kmidiff extra args settings "extra_args" - Define 'kmi_ignore_pattern' in the config file. - Handle builds that lack all debuginfo packages (#186) - Do not assume peer->after_hdr exists (#187) - Store copy of original pointer in strsplit() to free at the end. - Use mmap() and strsplit() in read_file() rather than a getline() loop - Fix memory leaks in abi.c functions - open() failure in readfile() is not fatal, just return NULL - Add utils/gate.sh - Have check_abi() pass back the ABI compat level found - Update descriptions for abidiff and kmidiff inspections - Hook up the kmidiff inspection. - Use read_file() in init_fileinfo() and init_caps() - Use read_file() in validate_desktop_contents() - Use read_file() in disttag_driver() - Adjust how init_fileinfo() and init_caps() iterate over file contents - Fix 'tox -e format' style problems found. - Avoid comparing elf files that are not shared libraries - Support --kmi-whitelist in the kmidiff inspection - Trim worksubdir from paths in reported abidiff and kmidiff commands - Remove the kmi_ignore_pattern setting for the config file. - Create include/queue.h to replace the _COMPAT_QUEUE blocks everywhere - Update AUTHORS.md - Report metadata changes for rebased packages as INFO - Do not fail the specname inspection when given a non-SRPM - For passing upstream inspections, do not report a remedy string. - Do not fail the lostpayload inspections if it only gives INFO messages - Clarify unapproved license message in the license inspection - Use FOPEN_MAX for nopenfd parameter in nftw() calls - Make sure to close open file descriptors from get_elf() calls. - Include 'src' architecture in the rpminspect runs in gate.sh - Make sure kmidiff is listed in the spec file - TODO updates - Update rpminspect.pot and POTFILES for translations -------------------------------------------------------------------------------- References: [ 1 ] Bug #144 - terminfo files location changed https://bugzilla.redhat.com/show_bug.cgi?id=144 [ 2 ] Bug #155 - Console fonts messed up https://bugzilla.redhat.com/show_bug.cgi?id=155 [ 3 ] Bug #161 - Java Frame.setTitle("foo") does not work in Netscape 4.07 https://bugzilla.redhat.com/show_bug.cgi?id=161 [ 4 ] Bug #181 - dosemu does not use shipped font "vga" under X11 https://bugzilla.redhat.com/show_bug.cgi?id=181 [ 5 ] Bug #186 - Please consider adding diald to next Redhat https://bugzilla.redhat.com/show_bug.cgi?id=186 [ 6 ] Bug #187 - Sndconfig cant configurate Ensoniq card. https://bugzilla.redhat.com/show_bug.cgi?id=187 -------------------------------------------------------------------------------- ================================================================================ rpminspect-data-fedora-1.1-1.el7 (FEDORA-EPEL-2020-f75ed2d102) Build deviation compliance tool data files -------------------------------------------------------------------------------- Update Information: Upgrade to rpminspect-data-fedora-1.1 -------------------------------------------------------------------------------- ChangeLog: * Fri Sep 11 2020 David Cantrell <dcantrell@xxxxxxxxxx> - 1.1-1 - Restructure rpminspect-data-fedora so it can coexist with other pkgs - Update the README - Add 'types: off' to the list of commented out inspections - Rename ipv6_blacklist to forbidden_ipv6_blacklist - Rename stat-whitelist to fileinfo, adjust header comments - Rename abi-checking-whitelist/ to abi/ - Rename political-whitelist/ to politics/ - Rename version-whitelist/ to rebaseable/ - Change default licensing to CC-BY-SA-4.0 - A few missed files for the license change - Rollback project version change - Add abidiff section to fedora.yaml - Update abidiff and kmidiff blocks in fedora.yaml - Add kabi_dir and kabi_filename to fedora.yaml, but commented out. - Add Firmware and Distributable licenses. - Set minimum JVM bytecode version for Fedora 34 (#9) - Update the inspections section in fedora.yaml - Utility script and Copr Makefile updates -------------------------------------------------------------------------------- References: [ 1 ] Bug #9 - Wrong URL for changing password https://bugzilla.redhat.com/show_bug.cgi?id=9 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
