The following Fedora EPEL 7 Security updates need testing:
Age URL
24
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3835d39d1a
unrtf-0.21.9-8.el7
21
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-656b24ec40
chromium-67.0.3396.79-1.el7
19
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-15b7dc35af
pass-1.7.2-1.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-9d8de55465
drupal7-backup_migrate-3.5-1.el7
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-7926246d9d
libgit2-0.26.4-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
knot-resolver-2.4.0-1.el7
picard-1.4.2-3.el7
python-geoip2-2.9.0-3.el7
python-mwclient-0.9.0-1.el7
python-regex-2018.06.21-1.el7
singularity-2.5.2-1.el7
svn2cl-0.14-7.el7
xrdp-0.9.7-1.el7
Details about builds:
================================================================================
knot-resolver-2.4.0-1.el7 (FEDORA-EPEL-2018-ccbe8e3c4d)
Caching full DNS Resolver
--------------------------------------------------------------------------------
Update Information:
Knot Resolver 2.4.0 (2018-07-03) ================================ Incompatible
changes -------------------- - minimal libknot version is now 2.6.7 to pull in
latest fixes (#366) Security -------- - fix a rare case of zones incorrectly
dowgraded to insecure status (!576) New features ------------ - TLS session
resumption (RFC 5077), both server and client (!585, #105) (disabled when
compiling with gnutls < 3.5) - TLS_FORWARD policy uses system CA certificate
store by default (!568) - aggressive caching for NSEC3 zones (!600) - optional
protection from DNS Rebinding attack (module rebinding, !608) - module bogus_log
to log DNSSEC bogus queries without verbose logging (!613) Bugfixes -------- -
prefill: fix ability to read certificate bundle (!578) - avoid turning off qname
minimization in some cases, e.g. co.uk. (#339) - fix validation of explicit
wildcard queries (#274) - dns64 module: more properties from the RFC implemented
(incl. bug #375) Improvements ------------ - systemd: multiple enabled kresd
instances can now be started using kresd.target - ta_sentinel: switch to version
14 of the RFC draft (!596) - support for glibc systems with a non-Linux kernel
(!588) - support per-request variables for Lua modules (!533) - support custom
HTTP endpoints for Lua modules (!527)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 3 2018 Tomas Krizek <tomas.krizek(a)nic.cz> - 2.4.0-1
Knot Resolver 2.4.0 (2018-07-03)
================================
Incompatible changes
--------------------
- minimal libknot version is now 2.6.7 to pull in latest fixes (#366)
Security
--------
- fix a rare case of zones incorrectly dowgraded to insecure status (!576)
New features
------------
- TLS session resumption (RFC 5077), both server and client (!585, #105)
(disabled when compiling with gnutls < 3.5)
- TLS_FORWARD policy uses system CA certificate store by default (!568)
- aggressive caching for NSEC3 zones (!600)
- optional protection from DNS Rebinding attack (module rebinding, !608)
- module bogus_log to log DNSSEC bogus queries without verbose logging (!613)
Bugfixes
--------
- prefill: fix ability to read certificate bundle (!578)
- avoid turning off qname minimization in some cases, e.g. co.uk. (#339)
- fix validation of explicit wildcard queries (#274)
- dns64 module: more properties from the RFC implemented (incl. bug #375)
Improvements
------------
- systemd: multiple enabled kresd instances can now be started using kresd.target
- ta_sentinel: switch to version 14 of the RFC draft (!596)
- support for glibc systems with a non-Linux kernel (!588)
- support per-request variables for Lua modules (!533)
- support custom HTTP endpoints for Lua modules (!527)
--------------------------------------------------------------------------------
================================================================================
picard-1.4.2-3.el7 (FEDORA-EPEL-2018-d79b4b71bb)
MusicBrainz-based audio tagger
--------------------------------------------------------------------------------
Update Information:
update to the latest version of picard
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 3 2018 Oliver Haessler <oliver(a)redhat.com> - 1.4.2-3
- Exclude arch ppc64 in EPEL, as we are missing the python-mutagen rpm for ppc64
* Tue Jul 3 2018 Oliver Haessler <oliver(a)redhat.com> - 1.4.2-2
- corrected Source url to ftp:// as otherwise we get a 404 error
* Mon Jul 2 2018 Tim Jackson <rpm(a)timj.co.uk> - 1.4.2-1
- Update to 1.4.2
* Fri Feb 9 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.2-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Thu Aug 3 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.2-9
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Thu Jul 27 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.2-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1422291 - picard-1.4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1422291
--------------------------------------------------------------------------------
================================================================================
python-geoip2-2.9.0-3.el7 (FEDORA-EPEL-2018-a99806ff9a)
MaxMind GeoIP2 API
--------------------------------------------------------------------------------
Update Information:
- EPEL compatibility
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1584901 - Please branch to EPEL-7
https://bugzilla.redhat.com/show_bug.cgi?id=1584901
--------------------------------------------------------------------------------
================================================================================
python-mwclient-0.9.0-1.el7 (FEDORA-EPEL-2018-959e9f8b90)
Mwclient is a client to the MediaWiki API
--------------------------------------------------------------------------------
Update Information:
This update provides the latest release of mwclient, 0.9.0. The only significant
change in this release is the introduction of chunked uploading with
sufficiently new mediawiki servers.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 12 2018 Adam Williamson <awilliam(a)redhat.com> - 0.9.0-1
- New release 0.9.0
- Version the python2 requires (except one)
- Enable tests on EPEL 7+
* Fri Feb 9 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.8.7-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-regex-2018.06.21-1.el7 (FEDORA-EPEL-2018-579ec21d4f)
Alternative regular expression module, to replace re
--------------------------------------------------------------------------------
Update Information:
Update to the latest released version.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 28 2018 Thomas Moschny <thomas.moschny(a)gmx.de> - 2018.06.21-1
- Update to 2018.06.21.
* Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 2018.06.09-2
- Rebuilt for Python 3.7
* Mon Jun 18 2018 Thomas Moschny <thomas.moschny(a)gmx.de> - 2018.06.09-1
- Update to 2018.06.09.
* Wed Jun 6 2018 Thomas Moschny <thomas.moschny(a)gmx.de> - 2018.06.06-1
- Update to 2018.06.06.
--------------------------------------------------------------------------------
================================================================================
singularity-2.5.2-1.el7 (FEDORA-EPEL-2018-c45bf5cdcb)
Application and environment virtualization
--------------------------------------------------------------------------------
Update Information:
This is a straightforward update from 2.5.1 to the newly-released 2.5.2.
Release notes are here:
https://github.com/singularityware/singularity/releases/tag/2.5.2 The most
important fix is a security issue in the overlay code. Please look for
regressions in your Singularity runtime workflows.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 3 2018 Dave Dykstra <dwd(a)fnal.gov> - 2.5.2-1
- Update to upstream high severity security release 2.5.2. See
https://github.com/singularityware/singularity/releases/tag/2.5.2
and CVE #2018-12021.
- Only require python3 if macro defined
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1597879
https://bugzilla.redhat.com/show_bug.cgi?id=1597879
[ 2 ] Bug #1595725 - singularity-2.5.2-rc3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1595725
--------------------------------------------------------------------------------
================================================================================
svn2cl-0.14-7.el7 (FEDORA-EPEL-2018-e1c20790a4)
Create a ChangeLog from a Subversion log
--------------------------------------------------------------------------------
Update Information:
Rebuild in epel7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1462799 - EPEL 7 version for svn2cl
https://bugzilla.redhat.com/show_bug.cgi?id=1462799
[ 2 ] Bug #1529325 - Build in epel7 svn2cl
https://bugzilla.redhat.com/show_bug.cgi?id=1529325
--------------------------------------------------------------------------------
================================================================================
xrdp-0.9.7-1.el7 (FEDORA-EPEL-2018-8c9e3a3a4d)
Open source remote desktop protocol (RDP) server
--------------------------------------------------------------------------------
Update Information:
Release notes for xrdp v0.9.7 (2018/06/29) Deprecation notice x11rdp has been
removed from xrdp reposiory and stored in the separate repository. Checkout
x11rdp repository if you still need x11rdp. In most cases, xorgxrdp can replace
x11rdp. Bug fixes - Fix endianness detection on ppc64el #1082 - Fix a bug xrdp
file copy slow #1112 #1132 - Copy the PAM session environment for the reconnect
script #1120 - Accept fullpath for DefaultWindowManager, ReconnectScript #1147
Other changes - Add PAM support for Arch Linux #1078 - Show OpenSSL version to
'--version' CLI option #1096 - Separate x11rdp from xrdp repository #1104 -
Support sesrun start xorgxrdp sessions #1108 - Show configure summary when
configure is done #1126 #1134 #1137 - Less spit on the console when sesman
starts #1142 - Fix memory leaks #1146 - Separate rc script for FreeBSD into xrdp
and xrdp-sesman #1153 - Improve documents and helps Known issues - Audio
redirection by MP3 codec doesn't sound with some client, use AAC instead #965
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 4 2018 Bojan Smojver <bojan(a)rexurive.com> - 1:0.9.7-1
- Bump up to 0.9.7
--------------------------------------------------------------------------------