Fedora EPEL 7 updates-testing report
by updates@fedoraproject.org
The following Fedora EPEL 7 Security updates need testing:
Age URL
109 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3835d39d1a unrtf-0.21.9-8.el7
60 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-f9d6ff695a bibutils-6.6-1.el7 ghc-hs-bibutils-6.6.0.0-1.el7 pandoc-citeproc-0.3.0.1-4.el7
43 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d condor-8.6.11-1.el7
35 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3a3c72c5e5 chromium-68.0.3440.106-3.el7
16 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3492a96896 myrepos-1.20180726-1.el7
13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-ac179250ba gitolite3-3.6.9-1.el7
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-c0e0064bf7 moodle-3.1.14-1.el7
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-ae9b5a9e70 hylafax+-5.6.1-1.el7
7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-1141f91524 mozilla-noscript-10.1.9.6-1.el7
7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-bc87c43cdd libbson-1.3.5-6.el7
7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-181645f674 zchunk-0.9.10-1.el7
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-2150941371 mbedtls-2.7.6-1.el7
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-c5f71cfa34 python-marshmallow-2.0.0-0.7.gita8b3385.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-31ccd7aee3 php-tcpdf-6.2.25-1.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-c906338b6b libmad-0.15.1b-26.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
evtest-1.33-8.el7
ignition-0.28.0-6.gitf707912.el7
pam_wrapper-1.0.7-1.el7
php-horde-Horde-Core-2.31.6-1.el7
php-horde-horde-5.2.20-1.el7
php-horde-kronolith-4.2.25-1.el7
python-ModulemdTranslationHelpers-0.5-2.el7
python-sphinxcontrib-spelling-4.2.0-1.el7
rust-1.29.1-2.el7
sensible-utils-0.0.12-2.el7
xrdp-0.9.8-1.el7
zabbix22-2.2.23-1.el7
Details about builds:
================================================================================
evtest-1.33-8.el7 (FEDORA-EPEL-2018-eb0c2dac80)
Event device test program
--------------------------------------------------------------------------------
Update Information:
Add evtest for epel7
--------------------------------------------------------------------------------
================================================================================
ignition-0.28.0-6.gitf707912.el7 (FEDORA-EPEL-2018-77428ca041)
First boot installer and configuration tool
--------------------------------------------------------------------------------
Update Information:
Updates to newer version of ignition. ---- new package
--------------------------------------------------------------------------------
================================================================================
pam_wrapper-1.0.7-1.el7 (FEDORA-EPEL-2018-c862b7e3be)
A tool to test PAM applications and PAM modules
--------------------------------------------------------------------------------
Update Information:
Update to version 1.0.7
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 26 2018 Andreas Schneider <asn(a)redhat.com> - 1.0.7-1
- Update to version 1.0.7
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Core-2.31.6-1.el7 (FEDORA-EPEL-2018-1345280fd0)
Horde Core Framework libraries
--------------------------------------------------------------------------------
Update Information:
**Horde_Core 2.31.6** * [mjr] SECURITY: Fix XSS vulnerability when rendering a
colorpicker (Bug #14857).
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 26 2018 Remi Collet <remi(a)remirepo.net> - 2.31.6-1
- update to 2.31.6
--------------------------------------------------------------------------------
================================================================================
php-horde-horde-5.2.20-1.el7 (FEDORA-EPEL-2018-c1f95f55fd)
Horde Application Framework
--------------------------------------------------------------------------------
Update Information:
**Horde 5.2.20** * [mjr] SECURITY: Fix XSS vulnerability when rendering custom
background colors in a sidebar row (Bug #14857).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 27 2018 Remi Collet <remi(a)remirepo.net> - 5.2.20-1
- update to 5.2.20
--------------------------------------------------------------------------------
================================================================================
php-horde-kronolith-4.2.25-1.el7 (FEDORA-EPEL-2018-9209f8af0b)
A web based calendar
--------------------------------------------------------------------------------
Update Information:
**Kronolith 4.2.25** * [mjr] SECURITY: Fix XSS vulnerability in resource group
property view (Bug #14857). * [mjr] SECURITY: Fix XSS vulnerability in event URL
field (Bug #14857).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 27 2018 Remi Collet <remi(a)remirepo.net> - 4.2.25-1
- update to 4.2.25
--------------------------------------------------------------------------------
================================================================================
python-ModulemdTranslationHelpers-0.5-2.el7 (FEDORA-EPEL-2018-48dc6606b9)
Tools for working with translations of modulemd
--------------------------------------------------------------------------------
Update Information:
New package to manage translations of Fedora Modules. Replaces python-mmdzanata
with a version not bound to the Zanata translation tool.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1632868 - Review Request: python-ModulemdTranslationHelpers - Tools for working with translations of modulemd
https://bugzilla.redhat.com/show_bug.cgi?id=1632868
--------------------------------------------------------------------------------
================================================================================
python-sphinxcontrib-spelling-4.2.0-1.el7 (FEDORA-EPEL-2018-c9a86b4509)
A spelling checker for Sphinx-based documentation
--------------------------------------------------------------------------------
Update Information:
Updated to 4.0.1
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 25 2018 FAvram Lubkin <aviso(a)rockhopper.net> - 4.2.0-1
- Updated to 4.0.1
- Remove Python 2 from Fedora 30+ and EL8+
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.0.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 4.0.1-4
- Rebuilt for Python 3.7
* Wed Feb 28 2018 Iryna Shcherbina <ishcherb(a)redhat.com> - 4.0.1-3
- Update Python 2 dependency declarations to new packaging standards
(See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
* Fri Feb 9 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.0.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Tue Jan 9 2018 Avram Lubkin <aviso(a)rockhopper.net> - 4.0.1-1
- Updated to 4.0.1
* Thu Jul 27 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.3.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Sat Feb 11 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.3.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-1.29.1-2.el7 (FEDORA-EPEL-2018-a59cab95c9)
The Rust Programming Language
--------------------------------------------------------------------------------
Update Information:
Security fix for buffer overflow in str::repeat ---- New versions of Rust and
related tools -- see the release notes for [1.29](https://blog.rust-
lang.org/2018/09/13/Rust-1.29.html). A new `clippy-preview` subpackage also
matches the upstream component for extra code lints.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 25 2018 Josh Stone <jistone(a)redhat.com> - 1.29.1-2
- Update to 1.29.1.
- Security fix for str::repeat (pending CVE).
* Thu Sep 13 2018 Josh Stone <jistone(a)redhat.com> - 1.29.0-1
- Update to 1.29.0.
- Add a clippy-preview subpackage
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1632932 - rust: Buffer overflow in str::repeat function in the standard library
https://bugzilla.redhat.com/show_bug.cgi?id=1632932
--------------------------------------------------------------------------------
================================================================================
sensible-utils-0.0.12-2.el7 (FEDORA-EPEL-2018-f13feb5e4b)
Utilities for sensible alternative selection
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2017-17512
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.0.12-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Mar 13 2018 Sandro Mani <manisandro(a)gmail.com> - 0.0.12-1
- Update to 0.0.12
* Fri Feb 9 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.0.11-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Dec 13 2017 Sandro Mani <manisandro(a)gmail.com> - 0.0.11-1
- Update to 0.0.11
* Tue Oct 31 2017 Sandro Mani <manisandro(a)gmail.com> - 0.0.10-1
- Update to 0.0.10
* Wed Sep 6 2017 Sandro Mani <manisandro(a)gmail.com> - 0.0.9-8
- Use --config instead of --list in update-alternatives --config editor
* Thu Jul 27 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.0.9-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Jul 14 2017 Sandro Mani <manisandro(a)gmail.com> - 0.0.9-6
- Silence stderr when looking for $EDITOR, $VISUAL and $SELECTED_EDITOR (#1467077)
- Modernize spec
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1524934 - CVE-2017-17512 sensible-utils: Argument injection in sensible-browser
https://bugzilla.redhat.com/show_bug.cgi?id=1524934
--------------------------------------------------------------------------------
================================================================================
xrdp-0.9.8-1.el7 (FEDORA-EPEL-2018-c11ea3b077)
Open source remote desktop protocol (RDP) server
--------------------------------------------------------------------------------
Update Information:
Release notes for xrdp v0.9.8 (2018/09/25) Deprecation notice - We removed
TLSv1 and TLSv1.1 from the default config. The current default is TLSv1.2 and
TLSv1.3. Users can whenever re-enable these early TLS versions by editing xrdp.
To use TLSv1.3, OpenSSL or LibreSSL must support TLSv1.3. You can know the
OpenSSL or LibreSSL version by xrdp --version command that compiled with xrdp.
Other topics - Pulseaudio modules has been removed from xrdp source tree since
it is actually independent and not part of xrdp. The repository has been moved
to: https://github.com/neutrinolabs/pulseaudio-module-xrdp - If you want to use
audio redirection, make sure install the module separately. New features - Add
TLSv1.3 support #1193 Bug fixes - Ensure unmount redirected drive on fatal X
error #1140 Other changes - Show more helpful message if xrdp-dis failed #1206
- Pass pulse socket name via environment variable #1198 - Fix xrdp's log path in
man page #1168
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 26 2018 Bojan Smojver <bojan(a)rexurive.com> - 1:0.9.8-1
- Bump up to 0.9.8
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1:0.9.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
zabbix22-2.2.23-1.el7 (FEDORA-EPEL-2018-54036f443d)
Open-source monitoring solution for your IT infrastructure
--------------------------------------------------------------------------------
Update Information:
IMPORTANT: This update removes support for native Jabber (XMPP) messaging! This
was necessary because the used library, iksemel, is practically unmaintained
upstream and was therefore dropped from the package collection. You may be
interested in following https://support.zabbix.com/browse/ZBXNEXT-2842 on this
matter. https://www.zabbix.com/rn/rn2.2.23
--------------------------------------------------------------------------------
ChangeLog:
* Sat Sep 15 2018 Volker Fr��hlich <volker27(a)gmx.at> - 2.2.23-1
- New upstream release
- iksemel is discontinued, so build without Jabber support
--------------------------------------------------------------------------------