The following Fedora EPEL 7 Security updates need testing: Age URL 721 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d condor-8.6.11-1.el7 460 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b bubblewrap-0.3.3-2.el7 170 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-fa8a2e97c6 python-waitress-1.4.3-1.el7 15 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-2c80eb66b5 libASL-0.1.7-6.el7 matio-1.5.17-3.el7 openmeeg-2.4-0.4.rc4.el7 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-452d014b82 java-latest-openjdk-14.0.2.12-1.rolling.el7 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-c9e7aa6a08 chromium-84.0.4147.89-1.el7 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-489c36a241 snmptt-1.4.2-1.el7 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-90cbb3a9ff golang-1.13.14-1.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-32e4ca563b rpki-client-6.7p1-1.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-2a93add193 python34-3.4.10-6.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
dislocker-0.7.1-17.el7 gitolite3-3.6.12-1.el7 hylafax+-7.0.3-1.el7 pagure-5.11.2-1.el7 seamonkey-2.53.3-3.el7 snapd-2.45.3.1-1.el7
Details about builds:
================================================================================ dislocker-0.7.1-17.el7 (FEDORA-EPEL-2020-5f83c4d5e2) Utility to access BitLocker encrypted volumes -------------------------------------------------------------------------------- Update Information:
- Work around CMake out-of-source builds on all branches (#1863427) - Add libdislocker.so symlink for dislocker-find (#1659733, #1583480) -------------------------------------------------------------------------------- ChangeLog:
* Tue Aug 4 2020 Robert Scheck robert@fedoraproject.org 0.7.1-17 - Work around CMake out-of-source builds on all branches (#1863427) - Add libdislocker.so symlink for dislocker-find (#1659733, #1583480) * Mon Jul 27 2020 Fedora Release Engineering releng@fedoraproject.org - 0.7.1-16 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Tue Jan 28 2020 Fedora Release Engineering releng@fedoraproject.org - 0.7.1-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Sat Jan 18 2020 Mamoru TASAKA mtasaka@fedoraproject.org - 0.7.1-14 - F-32: rebuild against ruby27 * Wed Jul 24 2019 Fedora Release Engineering releng@fedoraproject.org - 0.7.1-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 0.7.1-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Mon Jan 21 2019 V��t Ondruch vondruch@redhat.com - 0.7.1-11 - Rebuilt for https://fedoraproject.org/wiki/Changes/Ruby_2.6 * Thu Sep 27 2018 Morten Stevens mstevens@fedoraproject.org - 0.7.1-10 - Rebuilt for mbed TLS 2.13.0 * Thu Jul 12 2018 Fedora Release Engineering releng@fedoraproject.org - 0.7.1-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1583480 - Missing Link https://bugzilla.redhat.com/show_bug.cgi?id=1583480 [ 2 ] Bug #1659733 - Missing Link https://bugzilla.redhat.com/show_bug.cgi?id=1659733 [ 3 ] Bug #1863427 - dislocker: FTBFS in Fedora rawhide/f33 https://bugzilla.redhat.com/show_bug.cgi?id=1863427 --------------------------------------------------------------------------------
================================================================================ gitolite3-3.6.12-1.el7 (FEDORA-EPEL-2020-79efe90da9) Highly flexible server for git directory version tracker -------------------------------------------------------------------------------- Update Information:
3.6.12 -------------------------------------------------------------------------------- ChangeLog:
* Tue Aug 4 2020 Gwyn Ciesla gwync@protonmail.com - 1:3.6.12-1 - 3.6.12 * Mon Jul 27 2020 Fedora Release Engineering releng@fedoraproject.org - 1:3.6.11-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Fri Jun 26 2020 Jitka Plesnikova jplesnik@redhat.com - 1:3.6.11-7 - Perl 5.32 re-rebuild of bootstrapped packages * Mon Jun 22 2020 Jitka Plesnikova jplesnik@redhat.com - 1:3.6.11-6 - Perl 5.32 rebuild * Tue Jan 28 2020 Fedora Release Engineering releng@fedoraproject.org - 1:3.6.11-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Thu Jul 25 2019 Fedora Release Engineering releng@fedoraproject.org - 1:3.6.11-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Thu May 30 2019 Jitka Plesnikova jplesnik@redhat.com - 1:3.6.11-3 - Perl 5.30 rebuild * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 1:3.6.11-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ hylafax+-7.0.3-1.el7 (FEDORA-EPEL-2020-5d276cc1c4) An enterprise-strength fax server -------------------------------------------------------------------------------- Update Information:
update to 7.0.3 -------------------------------------------------------------------------------- ChangeLog:
* Tue Aug 4 2020 Lee Howard faxguy@howardsilvan.com - 7.0.3-1 - update to 7.0.3 * Tue Jul 28 2020 Fedora Release Engineering releng@fedoraproject.org - 7.0.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Thu Jan 30 2020 Lee Howard faxguy@howardsilvan.com - 7.0.2-1 - update to 7.0.2 * Wed Jan 29 2020 Fedora Release Engineering releng@fedoraproject.org - 7.0.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1852803 - CVE-2020-15397 hylafax+: unsafe handling of user-writable directories could lead to privileged code execution https://bugzilla.redhat.com/show_bug.cgi?id=1852803 [ 2 ] Bug #1852809 - CVE-2020-15396 hylafax+: race condition in faxsetup utility could lead to privileges escalation https://bugzilla.redhat.com/show_bug.cgi?id=1852809 --------------------------------------------------------------------------------
================================================================================ pagure-5.11.2-1.el7 (FEDORA-EPEL-2020-3de7707a0a) A git-centered forge -------------------------------------------------------------------------------- Update Information:
#### Changes with 5.11.2 - Allow having a dedicated logging configuration for the git hooks - Increase logging to the pagure_auth logger - Make work pagure- admin ensure-project-hooks when the target link exists but is broken - Fix sorting collaborators and groups of collaborators - Fix git push over http(s) - Change the project icon when the project is mirrored from an external source - Allow a theme or a blueprint to inject custom buttons in the navigation bar. - Add API endpoint to get a pull-request comment - Omit breaking original comment format in reply on pull-requests - Let the milter announce when it reject an email based on its address - Don't Let the milter process the email we send. - Add a collaborator level to projects - Allow collaborators to edit files in the branch that they have access to - Add orphan button to project page - Allow setting the default git branch when creating projects via the API - Allow creating mirrored project from the API - Add the possibility to set the default branch at project creation - Add API endpoint to set the default git branch and expose it in an existing endpoint - Adjust the example configuration for logging to a file - Allow project-less API token with the "modify_project" ACL to update watchers - spec: Have the log directory owned by the main package - Add a new API endpoint to retrieve a commit's metadata/info - Add a new API endpoint allowing to delete a project - Add support for customizing the new issue page - Introducing the boards feature - Add an API endpoint to view the content of a git repo - Port pagure's markdown extension to the new API - Multiple small fixes for the vagrant-based development environment - Use WhiteNoise to serve static assets for the Pagure web - Fix running the tests on py 3.8 - Port pagure's test suite to pytest - Fix the title of the graph showing the evolution of the number of open tickets on a project - Do not assume there is a SMTP_STARTTLS configuration key set - Bring back JS library used for the heatmap - Show the ACL name in addition to the description when creating API tokens - Allow editing the URL a project is mirrored from - Add comments to the mirror service files for clarifying their purpose. - Fix warning when compiling the doc - Add a dedicated logger for everything that is auth related - api: fix apidoc format on api_view_issues_history_detailed_stats Fixes web api doc view template issues - doc: Add a page documenting known Pagure instances - starttls support via SMTP_STARTTLS: provide additional documentation. - Add support for smtp server requiring starttls to work - Make the stats page use the new stats API endpoint -------------------------------------------------------------------------------- ChangeLog:
* Tue Aug 4 2020 Neal Gompa ngompa13@gmail.com - 5.11.2-1 - Update to 5.11.2 (RH#1862974) * Tue Jul 28 2020 Fedora Release Engineering releng@fedoraproject.org - 5.10.0-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1862974 - pagure-5.11.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1862974 --------------------------------------------------------------------------------
================================================================================ seamonkey-2.53.3-3.el7 (FEDORA-EPEL-2020-25060bcf13) Web browser, e-mail, news, IRC client, HTML editor -------------------------------------------------------------------------------- Update Information:
Add Default Zoom support. Site-specific settings always remain preserved (until reset by Ctrl+0), just the default can be altered now from 100% to more comfortable value. Add WebP image format support. (Can be toggled by image.webp.enabled preference in about:config, default enabled). Some fixes and improvements. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 30 2020 Dmitry Butskoy Dmitry@Butskoy.name 2.53.3-3 - fix requires filter * Wed Jul 29 2020 Dmitry Butskoy Dmitry@Butskoy.name 2.53.3-2 - add "Default zoom" support (mozbz#1655362) - add "Use system locale" switch in preferences (mozbz#1655842) - backport WebP image format support (mozbz#1653869) - update elfhack code up to esr68 - add fix for rust >= 1.45 (mozbz#1654465) - properly filter provides and requires from the application dir - spec file cleanups and fixes --------------------------------------------------------------------------------
================================================================================ snapd-2.45.3.1-1.el7 (FEDORA-EPEL-2020-aabdae0069) A transactional software package manager -------------------------------------------------------------------------------- Update Information:
New bugfix release to fix build with newer Go compiler... -------------------------------------------------------------------------------- ChangeLog:
* Tue Aug 4 2020 Maciek Borzecki maciek.borzecki@gmail.com - 2.45.3.1-1 - Release 2.45.3.1 to Fedora (RHBZ#1861024) - Fix FTBFS in Rawhide (RHBZ#1865496) * Sat Aug 1 2020 Fedora Release Engineering releng@fedoraproject.org - 2.45.2-3 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Wed Jul 29 2020 Fedora Release Engineering releng@fedoraproject.org - 2.45.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Tue Jul 28 2020 Samuele Pedroni pedronis@lucediurna.net - New upstream release, LP: #1875071 - o/ifacestate: fix bug in snapsWithSecurityProfiles - tests/main/selinux-clean: workaround SELinux denials triggered by linger setup on Centos8 * Mon Jul 27 2020 Zygmunt Krynicki me@zygoon.pl - New upstream release, LP: #1875071 - many: backport _writable_defaults dir changes - tests: fix incorrect check in smoke/remove test - cmd/snap-bootstrap,seed: backport of uc20 PRs - tests: avoid exit when nested type var is not defined - cmd/snap-preseed: backport fixes - interfaces: optimize rules of multiple connected iio/i2c/spi plugs - many: cherry-picks for 2.45, gh-action, test fixes - tests/lib: account for changes in arch package file name extension - postrm, snap-mgmt: cleanup modules and other cherry-picks - snap-confine: don't die if a device from sysfs path cannot be found by udev - data/selinux: update policy to allow forked processes to call getpw*() - tests/main/interfaces-time-control: exercise setting time via date - interfaces/builtin/time-control: allow POSIX clock API - usersession/userd: add "slack" to the white list of URL schemes handled by xdg-open -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1861024 - snapd-2.45.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1861024 [ 2 ] Bug #1865496 - snapd: FTBFS in Fedora rawhide/f33 https://bugzilla.redhat.com/show_bug.cgi?id=1865496 --------------------------------------------------------------------------------