The following Fedora EPEL 7 Security updates need testing: Age URL 539 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d condor-8.6.11-1.el7 281 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80 python-gnupg-0.4.4-1.el7 278 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b bubblewrap-0.3.3-2.el7 14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-751a496bfa java-latest-openjdk-13.0.2.8-1.rolling.el7 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-fa33fd16b3 chromium-79.0.3945.130-1.el7 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-6d47c64c04 upx-3.96-1.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-4a1efc409a pure-ftpd-1.0.47-3.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-ebd7293594 python-pip-epel-8.1.2-12.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
composer-1.9.3-1.el7 innoextract-1.8-3.el7 pcc-1.1.0-1.1.20200203cvs.el7 python-django-tastypie-0.12.2-2.el7 radare2-4.2.1-1.el7 regindexer-0.6.2-1.el7 scanssh-2.1.2-6.el7
Details about builds:
================================================================================ composer-1.9.3-1.el7 (FEDORA-EPEL-2020-8847a5e7f2) Dependency Manager for PHP -------------------------------------------------------------------------------- Update Information:
**Version 1.9.3** - 2020-02-04 * Fixed GitHub deprecation of access_token query parameter, now using Authorization header -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 4 2020 Remi Collet remi@remirepo.net - 1.9.3-1 - update to 1.9.3 --------------------------------------------------------------------------------
================================================================================ innoextract-1.8-3.el7 (FEDORA-EPEL-2020-cab1e84ad5) Tool to extract installers created by Inno Setup -------------------------------------------------------------------------------- Update Information:
port to epel7 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 29 2020 Fedora Release Engineering releng@fedoraproject.org - 1.8-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Fri Nov 15 2019 Dan Hor��k <dan[at]danny.cz> - 1.8-2 - switch to ld.bfd * Sun Sep 15 2019 Artem Polishchuk ego.cordatus@gmail.com - 1.8-1 - Update to 1.8 - Switch to https over http - Disable ppc64le for now, it fails to build * Thu Jul 25 2019 Fedora Release Engineering releng@fedoraproject.org - 1.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Fri Feb 22 2019 Dominik Mierzejewski rpm@greysector.net - 1.7-1 - New upstream release (#1590790) * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 1.6-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Fri Jan 25 2019 Jonathan Wakely jwakely@redhat.com - 1.6-12 - Rebuilt for Boost 1.69 * Wed Jan 23 2019 Bj��rn Esser besser82@fedoraproject.org - 1.6-11 - Append curdir to CMake invokation. (#1668512) * Fri Jul 13 2018 Fedora Release Engineering releng@fedoraproject.org - 1.6-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Wed Feb 7 2018 Fedora Release Engineering releng@fedoraproject.org - 1.6-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Tue Jan 23 2018 Jonathan Wakely jwakely@redhat.com - 1.6-8 - Rebuilt for Boost 1.66 * Wed Aug 2 2017 Fedora Release Engineering releng@fedoraproject.org - 1.6-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Wed Jul 26 2017 Fedora Release Engineering releng@fedoraproject.org - 1.6-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Wed Jul 19 2017 Jonathan Wakely jwakely@redhat.com - 1.6-5 - Rebuilt for s390x binutils bug * Tue Jul 18 2017 Jonathan Wakely jwakely@redhat.com - 1.6-4 - Rebuilt for Boost 1.64 * Mon May 15 2017 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_27_Mass_Rebuild * Tue Feb 7 2017 Kalev Lember klember@redhat.com - 1.6-2 - Rebuilt for Boost 1.63 * Fri Mar 25 2016 Alexandre Detiste- 1.6-1 - New upstream release * Thu Feb 4 2016 Fedora Release Engineering releng@fedoraproject.org - 1.5-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild * Sun Jan 24 2016 Alexandre Detiste alexandre@detiste.be - 1.5-5.fc24 - rebuilt for Boost 1.60 * Fri Jan 22 2016 Alexandre Detiste alexandre@detiste.be - 1.5-4.fc24 - add ?dist part to version number * Tue Dec 29 2015 Alexandre Detiste alexandre@detiste.be - 1.5-3 - add blank line between changelog entries * Thu Nov 19 2015 Alexandre Detiste alexandre@detiste.be - 1.5-2 - Remove "suse_version" blocks - Drop Group: and BuildRoot: lines * Sun Nov 8 2015 Alexandre Detiste alexandre@detiste.be - 1.5-1 - Initial Fedora package based on upstream spec-file for 1.5-1 --------------------------------------------------------------------------------
================================================================================ pcc-1.1.0-1.1.20200203cvs.el7 (FEDORA-EPEL-2020-9cd27a6077) The Portable C Compiler -------------------------------------------------------------------------------- Update Information:
Update to 03 Feb 2020 snapshot. -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 4 2020 Susi Lehtola jussilehtola@fedoraproject.org - 1.1.0-1.1.20200203cvs - Update to 20200203 snapshot. * Sun Feb 2 2020 Susi Lehtola jussilehtola@fedoraproject.org - 1.1.0-1.1.20200201cvs - Update to 20200201 snapshot. * Wed Jan 29 2020 Fedora Release Engineering releng@fedoraproject.org - 1.1.0-1.1.20180504cvs.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Fri Jul 26 2019 Fedora Release Engineering releng@fedoraproject.org - 1.1.0-1.1.20180504cvs.3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 1.1.0-1.1.20180504cvs.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Fri Jul 13 2018 Fedora Release Engineering releng@fedoraproject.org - 1.1.0-1.1.20180504cvs.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ python-django-tastypie-0.12.2-2.el7 (FEDORA-EPEL-2020-f6a725ed14) A flexible and capable API layer for Django -------------------------------------------------------------------------------- Update Information:
Addition of python36-django-tastypie build -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 4 2020 Steve Traylen steve.traylen@cern.ch - 0.12.2-2 - Add a python3(6) build --------------------------------------------------------------------------------
================================================================================ radare2-4.2.1-1.el7 (FEDORA-EPEL-2020-453d58e60f) The reverse engineering framework -------------------------------------------------------------------------------- Update Information:
Rebase to radare2 4.2.1. -------------------------------------------------------------------------------- ChangeLog:
* Mon Feb 3 2020 Riccardo Schirone rschirone91@gmail.com - 4.2.1-1 - Rebase to upstream version 4.2.1 - Fix CVE-2019-19647 - Fix CVE-2019-19590 * Thu Jan 30 2020 Fedora Release Engineering releng@fedoraproject.org - 3.9.0-3.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1783454 - CVE-2019-19647 radare2: improper variable validation in r_asm_pseudo_incbin in libr/asm/asm.c leads to DoS [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1783454 [ 2 ] Bug #1770918 - CVE-2019-16718 radare2: command injection vulnerability in bin_symbols() in libr/core/cbin.c [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1770918 [ 3 ] Bug #1795158 - CVE-2019-19590 radare2: integer overflow in for the variable new_token_size in the function r_asm_massemble at libr/asm/asm.c [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1795158 --------------------------------------------------------------------------------
================================================================================ regindexer-0.6.2-1.el7 (FEDORA-EPEL-2020-8b55643030) Tool for creating an index of a container registry -------------------------------------------------------------------------------- Update Information:
This update fixes a problem in 0.6.0 where the `required_labels` config key wasn't interpreted correctly. ---- Fixes an accident requirement of www- authenticate in the code which caused problems because it wasn't reflected in the packaging. ---- Update to regindexer-0.6. This adds features for supporting indexes where the Flatpak metadata is stored in labels rather than in annotations. Including: - Allow writing an index of images that include a particular label - Allow writing that skips including the Flatpak labels or annotations (so that dual-metadata images don't create a bloated index.) - Handle icons in labels ---- This update makes the regindexer daemon compatible with fedmsg topics that are generated by Bodhi v4 via the fedora- messaging => fedmsg bridge. -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 4 2020 Owen Taylor otaylor@redhat.com - 0.6.2-1 - Version 0.6.2 - make require_labels work correctly * Mon Feb 3 2020 Owen Taylor otaylor@redhat.com - 0.6.1-1 - Version 0.6.1 - remove stray python2-www-authenticate requirement - Add python2-setuptools dependency * Wed Jan 22 2020 Owen Taylor otaylor@redhat.com - 0.6-1 - Version 0.6 (add support for Flatpak metadata in labels) * Thu Jun 6 2019 fedora-toolbox otaylor@redhat.com - 0.5-1 - Version 0.5 (compatibility with Bodhi v4) --------------------------------------------------------------------------------
================================================================================ scanssh-2.1.2-6.el7 (FEDORA-EPEL-2020-a8f85d7ec8) Fast SSH server and open proxy scanner -------------------------------------------------------------------------------- Update Information:
Port to EPEL -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 30 2020 Fedora Release Engineering releng@fedoraproject.org - 2.1.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Fri Jul 26 2019 Fedora Release Engineering releng@fedoraproject.org - 2.1.2-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Sat Feb 2 2019 Fedora Release Engineering releng@fedoraproject.org - 2.1.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Sat Oct 6 2018 Oliver Falk oliver@linux-kernel.at - 2.1.2-3 - Bump release for rebuilding against latest libdnet version * Sat Jul 14 2018 Fedora Release Engineering releng@fedoraproject.org - 2.1.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Mon Apr 30 2018 Oliver Falk oliver@linux-kernel.at - 2.1.2-1 - Update - Rebuild for f28 (RHBZ#1573057) - Cleanup spec * Fri Feb 9 2018 Igor Gnatenko ignatenkobrain@fedoraproject.org - 2.1.1-13 - Escape macros in %changelog * Thu Aug 3 2017 Fedora Release Engineering releng@fedoraproject.org - 2.1.1-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Thu Jul 27 2017 Fedora Release Engineering releng@fedoraproject.org - 2.1.1-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Sat Feb 11 2017 Fedora Release Engineering releng@fedoraproject.org - 2.1.1-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild * Thu Feb 4 2016 Fedora Release Engineering releng@fedoraproject.org - 2.1.1-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild * Sat Aug 22 2015 Ralf Cors��pius corsepiu@fedoraproject.org - 2.1.1-8 - Add scanssh-2.1.1-autotools.patch (Fix F23FTBFS, RHBZ#1239993). - Remove redundant -Wall from CFLAGS (Already in %optflags) * Tue Jul 7 2015 Mosaab Alzoubi moceap@hotmail.com - 2.1.1-7 - Fix #1239993 * Fri Jun 19 2015 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.1.1-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Mon Aug 18 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.1.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sun Jun 8 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.1.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Mon Sep 2 2013 Christopher Meng rpm@cicku.me - 2.1.1-3 - SPEC cleanup. * Sun Aug 4 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.1.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Thu Apr 4 2013 Oliver Falk oliver@linux-kernel.at - 2.1.1-1 - Update to - hopefully fix BZ#926490 * Thu Feb 14 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.1-25 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Sat Jul 21 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.1-24 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jan 14 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.1-23 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Mon Aug 1 2011 Oliver Falk oliver@linux-kernel.at - 2.1-22 - Rebuild for new libevent/libdnet * Sun Feb 13 2011 Oliver Falk oliver@linux-kernel.at - 2.1-21 - Rebuild for new libevent * Wed Feb 9 2011 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.1-20 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Sun Jul 26 2009 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.1-19 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Wed Feb 25 2009 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.1-18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Mon Jun 30 2008 Patrick "Jima" Laughton jima@beer.tclug.org 2.1-17 - Rebuild for new libevent * Wed Feb 13 2008 Patrick "Jima" Laughton jima@beer.tclug.org 2.1-16 - Bump-n-build for GCC 4.3 * Sat Jan 26 2008 Alex Lancaster <alexlan[AT]fedoraproject org> - 2.1-15 - Rebuild for new libevent. * Tue Aug 21 2007 Patrick "Jima" Laughton jima@beer.tclug.org 2.1-14 - License correction * Tue Aug 21 2007 Patrick "Jima" Laughton jima@beer.tclug.org 2.1-13 - Rebuild for BuildID * Sun Mar 11 2007 Patrick "Jima" Laughton jima@beer.tclug.org 2.1-12 - Bump-n-build due to libevent upgrade (my own fault) * Mon Feb 26 2007 Patrick "Jima" Laughton jima@beer.tclug.org 2.1-11 - Bump-n-build due to libevent upgrade * Wed Nov 29 2006 Patrick "Jima" Laughton jima@beer.tclug.org 2.1-10 - Rebuild due to libpcap upgrade * Wed Oct 4 2006 Patrick "Jima" Laughton jima@beer.tclug.org 2.1-9 - Bump-n-build * Tue Sep 19 2006 Patrick "Jima" Laughton jima@beer.tclug.org - 2.1-8 - I suppose I need to port this one to FC6 now, huh? * Tue Sep 19 2006 Patrick "Jima" Laughton jima@beer.tclug.org - 2.1-7 - Bump for FC6 rebuild * Mon Nov 14 2005 Oliver Falk oliver@linux-kernel.at - 2.1-6 - Rebuild * Thu Aug 11 2005 Oliver Falk oliver@linux-kernel.at - 2.1-5 - Make hidescan patch not applied by default, use --define 'with_hidescan 1' if you want it enabled * Mon Aug 8 2005 Oliver Falk oliver@linux-kernel.at - 2.1-4 - Remove Requires, rpm will detect it automatically * Mon Aug 8 2005 Oliver Falk oliver@linux-kernel.at - 2.1-3 - Integrate changes suggested by Jos�� Pedro Oliveira after first FE review * Mon Jun 20 2005 Oliver Falk oliver@linux-kernel.at - 2.1-2 - Add patch to make us invisible/hide us. Don't let OpenSSH know that we scan it. * Tue Jun 7 2005 Oliver Falk oliver@linux-kernel.at - 2.1-1 - Initial build for FC 4 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org