[EPEL-devel] Fedora EPEL 7 updates-testing report

updates Thu, 29 Jun 2017 18:22:16 -0700

The following Fedora EPEL 7 Security updates need testing:
 Age  URL
 844  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087   
dokuwiki-0-0.24.20140929c.el7
 606  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f   
mcollective-2.8.4-1.el7
 188  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d   
libbsd-0.8.3-1.el7
  86  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe   
mod_cluster-1.3.3-10.el7
  84  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5f9a6163b4   
tnef-1.4.14-1.el7
  83  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7ecb12e378   
python-XStatic-jquery-ui-1.12.0.1-1.el7
  18  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4aae1e22f1   
lxc-1.0.10-2.el7
  14  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d9786818e4   
python-nbxmpp-0.5.6-1.el7 gajim-0.16.8-1.el7
  10  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-30baf73207   
chromium-59.0.3071.104-1.el7
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-abfcb66c76   
python-djblets-0.9.8-1.el7 ReviewBoard-2.5.13.1-1.el7
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5ab90c7180   
zabbix20-2.0.21-1.el7
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-eb357ac3b3   
zabbix22-2.2.18-1.el7
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7c2e699925   
catdoc-0.95-1.el7
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-52b6bc17c1   
globus-xio-5.16-1.el7 globus-net-manager-0.17-1.el7 
globus-gass-cache-program-6.7-1.el7 globus-gass-copy-9.27-1.el7 
globus-gssapi-gsi-12.16-1.el7 globus-gram-job-manager-14.36-1.el7 
globus-gridftp-server-12.2-1.el7 globus-io-11.9-1.el7 
globus-xio-gsi-driver-3.11-1.el7 globus-xio-pipe-driver-3.10-1.el7 
globus-xio-udt-driver-1.27-1.el7 myproxy-6.1.28-1.el7 
globus-ftp-client-8.35-2.el7
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-bcfa38e123   
drupal7-7.56-1.el7
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-1ee32a5ffa   
libtomcrypt-1.17-25.el7 libtommath-0.42.0-5.el7
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-2b04537603   
phpMyAdmin-4.4.15.10-2.el7
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-2ba20eeb97   
php-horde-Horde-Image-2.5.1-1.el7
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-a8886eb42e   
cross-binutils-2.25.1-31.el7.1 cross-gcc-4.8.5-16.el7.1



The following builds have been pushed to Fedora EPEL 7 updates-testing

    cherrytree-0.38.1-1.el7
    cross-binutils-2.25.1-31.el7.1
    cross-gcc-4.8.5-16.el7.1
    fedmsg-0.18.4-1.el7
    grip-3.4.2-2.el7
    nagios-4.3.2-5.el7
    nodejs-6.11.0-1.el7
    picard-1.3.2-7.el7
    python-libdiscid-0.4.1-11.el7
    python-mutagen-1.38-2.el7
    python-tambo-0.4.0-1.el7
    rpkg-1.49-5.el7
    youtube-dl-2017.06.25-1.el7

Details about builds:


================================================================================
 cherrytree-0.38.1-1.el7 (FEDORA-EPEL-2017-9ae320ed1c)
 Hierarchical note taking application
--------------------------------------------------------------------------------
Update Information:

update to latest version 0.38.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1460404 - cherrytree-0.38.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1460404
--------------------------------------------------------------------------------


================================================================================
 cross-binutils-2.25.1-31.el7.1 (FEDORA-EPEL-2017-a8886eb42e)
 A GNU collection of cross-compilation binary utilities
--------------------------------------------------------------------------------
Update Information:

Rebase cross-gcc and cross-binutils.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 27 2017 Lubomir Rintel <lkundrak@v3.s> - 2.25.1-31.1
- Align with RHEL7 binutils
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1162664 - cross-binutils: binutils: directory traversal 
vulnerability [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1162664
  [ 2 ] Bug #1162629 - CVE-2014-8504 cross-binutils: binutils: stack overflow 
in the SREC parser [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1162629
  [ 3 ] Bug #1162618 - CVE-2014-8503 cross-binutils: binutils: stack overflow 
in objdump when parsing specially crafted ihex file [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1162618
  [ 4 ] Bug #1162605 - CVE-2014-8502 cross-binutils: binutils: heap overflow in 
objdump [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1162605
  [ 5 ] Bug #1162582 - CVE-2014-8501 cross-binutils: binutils: out-of-bounds 
write when parsing specially crafted PE executable [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1162582
  [ 6 ] Bug #1440669 - Rebase cross-gcc on EPEL with latest RHEL-7 gcc sources
        https://bugzilla.redhat.com/show_bug.cgi?id=1440669
--------------------------------------------------------------------------------


================================================================================
 cross-gcc-4.8.5-16.el7.1 (FEDORA-EPEL-2017-a8886eb42e)
 Cross C compiler
--------------------------------------------------------------------------------
Update Information:

Rebase cross-gcc and cross-binutils.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1162664 - cross-binutils: binutils: directory traversal 
vulnerability [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1162664
  [ 2 ] Bug #1162629 - CVE-2014-8504 cross-binutils: binutils: stack overflow 
in the SREC parser [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1162629
  [ 3 ] Bug #1162618 - CVE-2014-8503 cross-binutils: binutils: stack overflow 
in objdump when parsing specially crafted ihex file [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1162618
  [ 4 ] Bug #1162605 - CVE-2014-8502 cross-binutils: binutils: heap overflow in 
objdump [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1162605
  [ 5 ] Bug #1162582 - CVE-2014-8501 cross-binutils: binutils: out-of-bounds 
write when parsing specially crafted PE executable [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1162582
  [ 6 ] Bug #1440669 - Rebase cross-gcc on EPEL with latest RHEL-7 gcc sources
        https://bugzilla.redhat.com/show_bug.cgi?id=1440669
--------------------------------------------------------------------------------


================================================================================
 fedmsg-0.18.4-1.el7 (FEDORA-EPEL-2017-c5c246bcea)
 Tools for Fedora Infrastructure real-time messaging
--------------------------------------------------------------------------------
Update Information:

Update to latest upstream release (#1465692).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1465692 - fedmsg-0.18.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1465692
--------------------------------------------------------------------------------


================================================================================
 grip-3.4.2-2.el7 (FEDORA-EPEL-2017-23cbab3e02)
 Front-end for CD rippers and Ogg Vorbis encoders
--------------------------------------------------------------------------------
Update Information:

Updated to 3.4.2
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1455353 - Update grip to 3.4.1
        https://bugzilla.redhat.com/show_bug.cgi?id=1455353
--------------------------------------------------------------------------------


================================================================================
 nagios-4.3.2-5.el7 (FEDORA-EPEL-2017-a6bf582624)
 Host/service/network monitoring program
--------------------------------------------------------------------------------
Update Information:

Added fix for selinux from Patrick Uiterwijk  ----  Update to latest in git
----  Updated from 4.3.1 maint to 4.3.2
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1005974 - nagios-4.3.2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1005974
  [ 2 ] Bug #1084934 - Unable to reload nagios under systemd
        https://bugzilla.redhat.com/show_bug.cgi?id=1084934
  [ 3 ] Bug #1201849 - Support an environment file in the systemd unit file
        https://bugzilla.redhat.com/show_bug.cgi?id=1201849
  [ 4 ] Bug #1218320 - Install the Nagios checkresults directory with 
group-writable permissions
        https://bugzilla.redhat.com/show_bug.cgi?id=1218320
  [ 5 ] Bug #1426816 - Nagios RPM 4.2.4 forgot to reload systemd in postinstall
        https://bugzilla.redhat.com/show_bug.cgi?id=1426816
  [ 6 ] Bug #1428111 - Broken links in the View Trends and the View Histogram 
menu
        https://bugzilla.redhat.com/show_bug.cgi?id=1428111
--------------------------------------------------------------------------------


================================================================================
 nodejs-6.11.0-1.el7 (FEDORA-EPEL-2017-08a356e92b)
 JavaScript runtime
--------------------------------------------------------------------------------
Update Information:

Update to new version.
--------------------------------------------------------------------------------


================================================================================
 picard-1.3.2-7.el7 (FEDORA-EPEL-2017-6ba86beae7)
 MusicBrainz-based audio tagger
--------------------------------------------------------------------------------
Update Information:

Package reintroduced into EPEL7
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1440898 - Introduce picard to EPEL-7
        https://bugzilla.redhat.com/show_bug.cgi?id=1440898
  [ 2 ] Bug #1379033 - Picard doesn't start due to change in mutagen, throws 
BitPaddedInt import error
        https://bugzilla.redhat.com/show_bug.cgi?id=1379033
--------------------------------------------------------------------------------


================================================================================
 python-libdiscid-0.4.1-11.el7 (FEDORA-EPEL-2017-23126650f2)
 Python bindings for libdiscid
--------------------------------------------------------------------------------
Update Information:

Port to EPEL7 (and old Sphinx; RHBZ 1190344)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1190344 - python-mutagen conflicts with RHEL6/7 base
        https://bugzilla.redhat.com/show_bug.cgi?id=1190344
--------------------------------------------------------------------------------


================================================================================
 python-mutagen-1.38-2.el7 (FEDORA-EPEL-2017-23126650f2)
 Mutagen is a Python module to handle audio meta-data
--------------------------------------------------------------------------------
Update Information:

Port to EPEL7 (and old Sphinx; RHBZ 1190344)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1190344 - python-mutagen conflicts with RHEL6/7 base
        https://bugzilla.redhat.com/show_bug.cgi?id=1190344
--------------------------------------------------------------------------------


================================================================================
 python-tambo-0.4.0-1.el7 (FEDORA-EPEL-2017-76ab6036a0)
 A command line object dispatcher
--------------------------------------------------------------------------------
Update Information:

First EPEL 7 release
--------------------------------------------------------------------------------


================================================================================
 rpkg-1.49-5.el7 (FEDORA-EPEL-2017-5e3229c7b2)
 Python library for interacting with rpm+git
--------------------------------------------------------------------------------
Update Information:

* remove dependency on `python-osbs` * add support for namespaces in `--module-
name` argument
--------------------------------------------------------------------------------


================================================================================
 youtube-dl-2017.06.25-1.el7 (FEDORA-EPEL-2017-a42a2c9c1f)
 A small command-line program to download online videos
--------------------------------------------------------------------------------
Update Information:

Upstream update
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1458621 - youtube-dl-2017.06.25 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1458621
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org

[EPEL-devel] Fedora EPEL 7 updates-testing report

Reply via email to