[EPEL-devel] Fedora EPEL 7 updates-testing report

updates Sun, 01 Oct 2017 16:50:45 -0700

The following Fedora EPEL 7 Security updates need testing:
 Age  URL
 938  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087   
dokuwiki-0-0.24.20140929c.el7
 700  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f   
mcollective-2.8.4-1.el7
 282  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d   
libbsd-0.8.3-1.el7
 180  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe   
mod_cluster-1.3.3-10.el7
 178  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5f9a6163b4   
tnef-1.4.14-1.el7
 177  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7ecb12e378   
python-XStatic-jquery-ui-1.12.0.1-1.el7
  44  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-17b77b3268   
botan-1.10.16-1.el7
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-9f88067c22   
mpg123-1.25.6-1.el7
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e27758bd23   
libmspack-0.6-0.1.alpha.el7
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-2795d59fcc   
python3-numpy-1.10.4-5.el7
  11  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-30a9c74908   
php-horde-Horde-Image-2.5.2-1.el7
  11  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5b07cc6958   
wordpress-4.8.2-1.el7
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8da6477f0a   
moodle-3.1.8-1.el7
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-3a2abe4898   
php-horde-passwd-5.0.7-1.el7
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-a3ae700da7   
php-horde-wicked-2.0.8-1.el7
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d49c1ef800   
php-horde-nag-4.2.17-1.el7
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-52b8147c68   
openvpn-auth-ldap-2.0.3-15.el7
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e3436f7a95   
libbson-1.3.5-4.el7
   8  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-9179bc1cf5   
chromium-61.0.3163.100-1.el7
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-3dcce634cb   
MySQL-zrm-3.0-17.el7
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-afdcf119f4   
freexl-1.0.4-1.el7
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4826761f5d   
openvpn-2.4.4-1.el7
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-abe6f98ebf   
tor-0.2.9.12-1.el7
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-0f92580f68   
yadifa-2.2.6-1.el7



The following builds have been pushed to Fedora EPEL 7 updates-testing

    bgpq3-0.1.31-1.el7
    fedmsg-1.0.1-4.el7
    fedora-easy-karma-0-0.32.20170930git0c81432c.el7
    nova-agent-2.1.6-1.el7
    odcs-0.0.7-1.el7
    openboardview-7.3-5.el7
    openscap-daemon-0.1.8-1.el7
    opensmtpd-6.0.2p1-6.el7
    openvpn-2.4.4-1.el7
    petsc-3.7.7-1.el7
    php-phpmyadmin-sql-parser-4.2.2-1.el7
    python-sync2jira-1.4-1.el7
    sysbench-1.0.9-2.el7
    tor-0.2.9.12-1.el7
    tsung-1.7.0-1.el7
    yadifa-2.2.6-1.el7

Details about builds:


================================================================================
 bgpq3-0.1.31-1.el7 (FEDORA-EPEL-2017-666fc07261)
 Automate BGP filter generation based on routing database information
--------------------------------------------------------------------------------
Update Information:

Initial package.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1495004 - Review Request: bgpq3 - Automate BGP filter generation 
based on routing database information
        https://bugzilla.redhat.com/show_bug.cgi?id=1495004
--------------------------------------------------------------------------------


================================================================================
 fedmsg-1.0.1-4.el7 (FEDORA-EPEL-2017-57b6bb1261)
 Tools for Fedora Infrastructure real-time messaging
--------------------------------------------------------------------------------
Update Information:

* Refactor subpackages so that python2-fedmsg contains everything * Update to
the latest upstream release
--------------------------------------------------------------------------------


================================================================================
 fedora-easy-karma-0-0.32.20170930git0c81432c.el7 (FEDORA-EPEL-2017-35e7efea31)
 Fedora update feedback made easy
--------------------------------------------------------------------------------
Update Information:

Add support for new bodhi client bindings and add hard dependencies for yum or
python2-dnf
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1494644 - fedora.client.bodhi.BodhiClientException: You must 
provide a captcha_key
        https://bugzilla.redhat.com/show_bug.cgi?id=1494644
  [ 2 ] Bug #1270600 - fedora-easy-karma can not execute without yum or 
python2-dnf (missing dependency)
        https://bugzilla.redhat.com/show_bug.cgi?id=1270600
--------------------------------------------------------------------------------


================================================================================
 nova-agent-2.1.6-1.el7 (FEDORA-EPEL-2017-3fb011c248)
 Agent for setting up clean servers on Xen
--------------------------------------------------------------------------------
Update Information:

This is a new package.
--------------------------------------------------------------------------------


================================================================================
 odcs-0.0.7-1.el7 (FEDORA-EPEL-2017-45f7d47d2a)
 The On Demand Compose Service
--------------------------------------------------------------------------------
Update Information:

Now with fedmsg support.  ----  Fixes from @puiterwijk's security audit.
--------------------------------------------------------------------------------


================================================================================
 openboardview-7.3-5.el7 (FEDORA-EPEL-2017-dced3e892c)
 Viewer for PCB layouts
--------------------------------------------------------------------------------
Update Information:

New package.
--------------------------------------------------------------------------------


================================================================================
 openscap-daemon-0.1.8-1.el7 (FEDORA-EPEL-2017-f033be17d0)
 Manages continuous SCAP scans of your infrastructure
--------------------------------------------------------------------------------
Update Information:

upgrade to the latest upstream release
--------------------------------------------------------------------------------


================================================================================
 opensmtpd-6.0.2p1-6.el7 (FEDORA-EPEL-2017-8f47a3c83f)
 Free implementation of the server-side SMTP protocol as defined by RFC 5321
--------------------------------------------------------------------------------
Update Information:

Fixing HAVE_REALLOCARRAY in portable
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1480303 - opensmptd: Accidentally interposes reallocarray
        https://bugzilla.redhat.com/show_bug.cgi?id=1480303
--------------------------------------------------------------------------------


================================================================================
 openvpn-2.4.4-1.el7 (FEDORA-EPEL-2017-4826761f5d)
 A full-featured SSL VPN solution
--------------------------------------------------------------------------------
Update Information:

Maintenance release with several minor upstream bugfixes and a security fix
related to legacy configurations deploying the deprecated `key-method 1`
configuration option
([CVE-2017-12166](https://community.openvpn.net/openvpn/wiki/CVE-2017-12166)).
From this update of, OpenVPN will use the lz4 compression library from Fedora
EPEL instead of the upstream bundled library.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1497109 - CVE-2017-12166 openvpn: Incorrect bounds check in 
read_key() with 'key-method 1'
        https://bugzilla.redhat.com/show_bug.cgi?id=1497109
--------------------------------------------------------------------------------


================================================================================
 petsc-3.7.7-1.el7 (FEDORA-EPEL-2017-95cf1c696b)
 Portable Extensible Toolkit for Scientific Computation
--------------------------------------------------------------------------------
Update Information:

- Update to 3.7.7 - Move petscvariables/petscrules under a private directory of
libdir
--------------------------------------------------------------------------------


================================================================================
 php-phpmyadmin-sql-parser-4.2.2-1.el7 (FEDORA-EPEL-2017-3a8700adef)
 A validating SQL lexer and parser with a focus on MySQL dialect
--------------------------------------------------------------------------------
Update Information:

**Version 4.2.2** - 2017-09-28  * Added support for binding parameters.
--------------------------------------------------------------------------------


================================================================================
 python-sync2jira-1.4-1.el7 (FEDORA-EPEL-2017-b1ccb3cb7a)
 Sync pagure and github issues to jira, via fedmsg
--------------------------------------------------------------------------------
Update Information:

Now with support for spaces!  ----  Latest upstream.  Supports labels.  Thanks
@pingou!
--------------------------------------------------------------------------------


================================================================================
 sysbench-1.0.9-2.el7 (FEDORA-EPEL-2017-b96ffec815)
 System performance benchmark
--------------------------------------------------------------------------------
Update Information:

Update to latest upstream release.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1488694 - sysbench-1.0.9 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1488694
--------------------------------------------------------------------------------


================================================================================
 tor-0.2.9.12-1.el7 (FEDORA-EPEL-2017-abe6f98ebf)
 Anonymizing overlay network for TCP
--------------------------------------------------------------------------------
Update Information:

update to upstream release 0.2.9.12 (SECURITY) (#1494860)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1494860 - tor-0.2.9.10-1.el7.x86_64 is unsecure and out of date
        https://bugzilla.redhat.com/show_bug.cgi?id=1494860
  [ 2 ] Bug #1493512 - CVE-2017-0380 tor: Stack disclosure in hidden services 
logs when SafeLogging disabled [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1493512
  [ 3 ] Bug #1493513 - CVE-2017-0380 tor: Stack disclosure in hidden services 
logs when SafeLogging disabled [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1493513
--------------------------------------------------------------------------------


================================================================================
 tsung-1.7.0-1.el7 (FEDORA-EPEL-2017-6cf6da0e9a)
 A distributed multi-protocol load testing tool
--------------------------------------------------------------------------------
Update Information:

Update to 1.7.0 (#1486744)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1486744 - tsung-1.7.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1486744
--------------------------------------------------------------------------------


================================================================================
 yadifa-2.2.6-1.el7 (FEDORA-EPEL-2017-0f92580f68)
 Lightweight authoritative Name Server with DNSSEC capabilities
--------------------------------------------------------------------------------
Update Information:

20170912: YADIFA 2.2.6  --- Fixes an issue where a maliciously crafted message
may block the server.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1494005 - CVE-2017-14339 yadifa: Infinite loop due to insufficient 
checks in the DNS packet parser
        https://bugzilla.redhat.com/show_bug.cgi?id=1494005
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org

[EPEL-devel] Fedora EPEL 7 updates-testing report

Reply via email to