The following Fedora EPEL 7 Security updates need testing: Age URL 28 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3835d39d1a unrtf-0.21.9-8.el7 24 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-656b24ec40 chromium-67.0.3396.79-1.el7 22 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-15b7dc35af pass-1.7.2-1.el7 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-9d8de55465 drupal7-backup_migrate-3.5-1.el7 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-7926246d9d libgit2-0.26.4-1.el7 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-ccbe8e3c4d knot-resolver-2.4.0-1.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3f114dff22 wordpress-4.9.7-1.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-6b0fdd8b40 guacamole-server-0.9.14-1.el7 libvncserver-0.9.9-0.12.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
ansible-2.6.1-1.el7 python-bigsuds-1.0.6-2.el7 python-f5-icontrol-rest-1.3.9-3.el7 python-f5-sdk-3.0.17-3.el7 zchunk-0.7.5-4.el7
Details about builds:
================================================================================ ansible-2.6.1-1.el7 (FEDORA-EPEL-2018-be727516a8) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information:
Update to ansible 2.6.1 bugfix release. Fixes also 2 CVEs: CVE-2018-10874 and CVE-2018-10875 See https://github.com/ansible/ansible/blob/stable-2.6/changelogs/CHANGELOG-v2.6... for full list of changes. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 5 2018 Kevin Fenzi kevin@scrye.com - 2.6.1-1 - Update to 2.6.1. Fixes bug #1598602 - Fixes CVE-2018-10874 and CVE-2018-10875 * Mon Jul 2 2018 Miro Hron��ok mhroncok@redhat.com - 2.6.0-2 - Rebuilt for Python 3.7 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1598810 - CVE-2018-10874 ansible: Inventory variables are loaded from current working directory when running ad-hoc command that can lead to code execution [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1598810 [ 2 ] Bug #1598806 - CVE-2018-10875 ansible: ansible.cfg is being read from current working directory allowing possible code execution [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1598806 [ 3 ] Bug #1598809 - CVE-2018-10874 ansible: Inventory variables are loaded from current working directory when running ad-hoc command that can lead to code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1598809 [ 4 ] Bug #1598805 - CVE-2018-10875 ansible: ansible.cfg is being read from current working directory allowing possible code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1598805 [ 5 ] Bug #1598602 - ansible-2.6.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1598602 --------------------------------------------------------------------------------
================================================================================ python-bigsuds-1.0.6-2.el7 (FEDORA-EPEL-2018-db359e990d) Library for F5 Networks iControl API -------------------------------------------------------------------------------- Update Information:
Initial build. --------------------------------------------------------------------------------
================================================================================ python-f5-icontrol-rest-1.3.9-3.el7 (FEDORA-EPEL-2018-0431502c4a) F5 BIG-IP iControl REST API client -------------------------------------------------------------------------------- Update Information:
Initial build ---- First EPEL 7 build. --------------------------------------------------------------------------------
================================================================================ python-f5-sdk-3.0.17-3.el7 (FEDORA-EPEL-2018-f2d2c9305a) F5 Networks Python SDK -------------------------------------------------------------------------------- Update Information:
Initial build. --------------------------------------------------------------------------------
================================================================================ zchunk-0.7.5-4.el7 (FEDORA-EPEL-2018-56581ffa1c) Compressed file format that allows easy deltas -------------------------------------------------------------------------------- Update Information:
Initial release -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1597287 - Review Request: zchunk - Compressed file format that allows easy deltas https://bugzilla.redhat.com/show_bug.cgi?id=1597287 --------------------------------------------------------------------------------