[EPEL-devel] Fedora EPEL 7 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Thu May 14 20:09:38 UTC 2015
The following Fedora EPEL 7 Security updates need testing:
Age URL
182 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3989/cross-binutils-2.23.88.0.1-2.el7.1
66 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1087/dokuwiki-0-0.24.20140929c.el7
66 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0952/qpid-qmf-0.28-27.el7,qpid-cpp-0.30-12.el7
50 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1421/quassel-0.11.0-2.el7
43 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1545/strongswan-5.3.0-1.el7
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6122/libssh-0.6.5-1.el7
6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5937/wordpress-4.2.2-1.el7
3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6203/php-ZendFramework2-2.3.8-1.el7
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6273/phpMyAdmin-4.4.6.1-1.el7
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6262/cabal-install-1.16.1.0-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
amavisd-new-2.10.1-4.el7
burp-1.4.36-5.el7
createrepo_c-0.8.2-1.el7
mock-1.2.9-1.el7
perl-Parse-Debian-Packages-0.03-2.el7
php-seld-cli-prompt-1.0.0-1.el7
php-seld-phar-utils-1.0.0-1.el7
phpMyAdmin-4.4.6.1-1.el7
python-bottle-0.12.6-1.el7
python-geoip-geolite2-2015.0303-3.el7
Details about builds:
================================================================================
amavisd-new-2.10.1-4.el7 (FEDORA-EPEL-2015-6283)
Email filter with virus scanner and spamassassin support
--------------------------------------------------------------------------------
Update Information:
Update to version 2.10.1
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 27 2015 Juan Orti Alcaine <jorti at fedoraproject.org> 2.10.1-4
- Move amavisd socket to /var/run/amavisd
* Thu Apr 9 2015 Juan Orti Alcaine <jorti at fedoraproject.org> 2.10.1-3
- Use license macro
* Thu Feb 26 2015 Robert Scheck <robert at fedoraproject.org> 2.10.1-2
- Replaced requirement to cpio by pax (upstream recommendation)
* Mon Oct 27 2014 Juan Orti Alcaine <jorti at fedoraproject.org> 2.10.1-1
- Update to 2.10.1
- Patch5 merged upstream
* Sat Oct 25 2014 Juan Orti Alcaine <jorti at fedoraproject.org> 2.10.0-2
- Improve conf patch to fix amavis-mc daemon
- Add patch to fix imports when SQL is used
* Thu Oct 23 2014 Juan Orti Alcaine <jorti at fedoraproject.org> 2.10.0-1
- Update to 2.10.0
- Replace IO::Socket::INET6 with IO::Socket::IP
- Review perl dependencies minimum version
- Add subpackages amavisd-new-zeromq and amavisd-new-snmp-zeromq
* Mon Oct 20 2014 Juan Orti Alcaine <jorti at fedoraproject.org> 2.10.0-0.1.rc2
- Update to 2.10.0-rc2
--------------------------------------------------------------------------------
================================================================================
burp-1.4.36-5.el7 (FEDORA-EPEL-2015-6280)
A network-based backup and restore program
--------------------------------------------------------------------------------
Update Information:
Burp - A network backup and restore program
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1186819 - Review Request: burp - Network backup / restore program
https://bugzilla.redhat.com/show_bug.cgi?id=1186819
--------------------------------------------------------------------------------
================================================================================
createrepo_c-0.8.2-1.el7 (FEDORA-EPEL-2015-6282)
Creates a common metadata repository
--------------------------------------------------------------------------------
Update Information:
Update to 0.8.2
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 14 2015 Tomas Mlcoch <tmlcoch at redhat.com> - 0.8.2-1
- doc: Add man pages for sqliterepo and update manpages for other tools
- mergerepo: Work only with noarch packages if --koji is used and
no archlist is specified
- mergerepo: Use file:// protocol in local baseurl
- mergerepo: Do not include baseurl for first repo if --koji is specified (RhBug: 1220082)
- mergerepo_c: Support multilib arch for --koji repos
- mergerepo_c: Refactoring
- Print debug message with version in each tool when --verbose is used
- modifyrepo: Don't override file with itself (RhBug: 1215229)
* Wed May 6 2015 Tomas Mlcoch <tmlcoch at redhat.com> - 0.8.1-1
- Fix bash completion for RHEL 6
* Tue May 5 2015 Tomas Mlcoch <tmlcoch at redhat.com> - 0.8.0-1
- New tool Sqliterepo_c - It generates sqlite databases into repos
where the sqlite is missing.
- Internal refactoring and code cleanup
* Fri Feb 20 2015 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.7-1
- Proper directory for temporary files when --local-sqlite is used (Issue #12)
- Bring bash completion install dir and filenames up to date with current bash-completion
* Thu Jan 8 2015 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.6-1
- Python: Add __contains__ method to Repomd() class
* Sun Dec 28 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.5-1
- Python repomd: Support for iteration and indexing by type - e.g. record = repomd['primary']
- Show warning if an XML parser probably parsed a bad type of medata (New XML parser warning type CR_XML_WARNING_BADMDTYPE)
- drpm library: Explicitly try to locate libdrpm.so.0
- deltarpms: Don't show options for delta rpms if support is not available
--------------------------------------------------------------------------------
================================================================================
mock-1.2.9-1.el7 (FEDORA-EPEL-2015-6057)
Builds packages inside chroots
--------------------------------------------------------------------------------
Update Information:
* new upstream release 1.2.9
* new plugin pm_request
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 13 2015 Miroslav Suchý <msuchy at redhat.com> - 1.2.9-1
- scm: do not keep copy of environ, this is now handled by uidmanager [RHBZ#1204395]
- Add pm_request plugin
- Drop lvm2-python-libs requires and enable lvm subpackage on el6
- Use lvs instead of lvm python bindings
- Unshare IPC ns only for chroot processes
- Add missing flush in logOutput
- Avoid infinite recursion in selinux plugin
* Wed Apr 29 2015 Miroslav Suchý <msuchy at redhat.com> - 1.2.8-1
- LVM plugin is removed on F22+ due RHBZ 1136366
- allow the chroot's location to be configurable [RHBZ#452730]
- send output of --chroot to log [RHBZ#1214178]
- chroot_scan: implement "only_failed" option [RHBZ#1190763]
- add comment why this previous commit was done [RHBZ#1192128]
- use rpm macros instead of cmd option for --nocheck [RHBZ#1192128]
- plugin options can be string if specified on command line [RHBZ#1193487]
- root_cache: do not assume volatile root with tmpfs [RHBZ#1193487]
- use CONFIG instead of CHROOT in help/man for --root option [RHBZ#1197131]
- more clarification on --dnf-cmd/--yum-cmd [RHBZ#1211621]
- scm correct the logic of exclude_vcs [RHBZ#1204240]
- ignore missing files in ccache [RHBZ#1210569]
- install buildsys-macros in el5 chroot [RHBZ#1213482]
- remove forgotten print statement [RHBZ#1202845]
- add a plugin that calls command (from the host) on the produced rpms.
- save/restore os.environ when dropping/restoring Privs [RHBZ#1204395]
- mock-scm pull tarball name from specfile instead of hardcoding [RHBZ#1204935]
- clarify "--yum-cmd" / "--dnf-cmd" options [RHBZ#1211621]
- return the SRPM name from do_buildsrpm (required for SCM builds) [1190450]
- binding DNF cache directory with yum_cache [RHBZ#1176560]
- suggest user to install dnf-plugins-core [RHBZ#1196248]
- ignore btrfs errors on non-btrfs systems [RHBZ#1205564]
- on F21- use hard deps instead of soft [RHBZ#1198769]
- delete btrfs subvolumes on exit [RHBZ#1205564]
- on python3 convert err from bytes to str [RHBZ#1211199]
- on F22+ use yum-deprecated instead of yum [RHBZ#1211978]
- if mountpoint is inside chroot, remove chroot part [RHBZ#1208299]
- chmod directory only if we really created it [RHBZ#1209532]
- port epel-5 configs to Python 3 [RHBZ#1204662]
- use nosync only for package management and chroot init [RHBZ#1184964]
- missing config file should not be fatal [RHBZ#1195749]
- pass variable "name" [RHBZ#1194171]
- correct chroot_scan configuration sample in site-defaults
- install missing chroot_scan plugin
- avoid creating resultdir as root
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1214178 - mock --chroot do not send output to log files
https://bugzilla.redhat.com/show_bug.cgi?id=1214178
[ 2 ] Bug #1192128 - --nocheck does not work with older rpm
https://bugzilla.redhat.com/show_bug.cgi?id=1192128
[ 3 ] Bug #1197131 - CONFIG instead of CHROOT in help for -r option
https://bugzilla.redhat.com/show_bug.cgi?id=1197131
[ 4 ] Bug #1204240 - the exclude_vcs option seems to be behaving opposite its intended meaning
https://bugzilla.redhat.com/show_bug.cgi?id=1204240
[ 5 ] Bug #1213482 - Please provide buildsys-macros for EPEL5 builds
https://bugzilla.redhat.com/show_bug.cgi?id=1213482
[ 6 ] Bug #1202845 - --copyin has gotten noisy
https://bugzilla.redhat.com/show_bug.cgi?id=1202845
[ 7 ] Bug #1204395 - mock-scm not using SSH_AUTH_SOCK environment variable
https://bugzilla.redhat.com/show_bug.cgi?id=1204395
[ 8 ] Bug #1190450 - SCM build fails with "CRITICAL: No package specified to rebuild command."
https://bugzilla.redhat.com/show_bug.cgi?id=1190450
[ 9 ] Bug #1196248 - Unable to build package for rawhide (f22)
https://bugzilla.redhat.com/show_bug.cgi?id=1196248
[ 10 ] Bug #1211199 - mockchain: TypeError: must be str, not bytes
https://bugzilla.redhat.com/show_bug.cgi?id=1211199
[ 11 ] Bug #1208299 - mock archives bind mounts in root cache tar file
https://bugzilla.redhat.com/show_bug.cgi?id=1208299
[ 12 ] Bug #1204662 - epel-5-x86_64 can't be initialilzed
https://bugzilla.redhat.com/show_bug.cgi?id=1204662
[ 13 ] Bug #1195749 - mock exits with traceback if there is no /etc/resolv.conf
https://bugzilla.redhat.com/show_bug.cgi?id=1195749
[ 14 ] Bug #452730 - RFE: Allow mock chroot's location to be configurable
https://bugzilla.redhat.com/show_bug.cgi?id=452730
[ 15 ] Bug #1190763 - RFE: Can Koji be made to grab logs from a tree it has just built or failed to build?
https://bugzilla.redhat.com/show_bug.cgi?id=1190763
[ 16 ] Bug #1193487 - root_cache plug-in overwrites root data if the tmpfs plug-in is enabled
https://bugzilla.redhat.com/show_bug.cgi?id=1193487
[ 17 ] Bug #1211621 - doc: unclear "--yum-cmd" / "--dnf-cmd" options
https://bugzilla.redhat.com/show_bug.cgi?id=1211621
[ 18 ] Bug #1210569 - Race condition in mock's ccache plugin
https://bugzilla.redhat.com/show_bug.cgi?id=1210569
[ 19 ] Bug #1204935 - RFE: mock-scm pull tarball name from specfile instead of hardcoding
https://bugzilla.redhat.com/show_bug.cgi?id=1204935
[ 20 ] Bug #1176560 - RFE: support binding the DNF cache directory like Yum's
https://bugzilla.redhat.com/show_bug.cgi?id=1176560
[ 21 ] Bug #1205564 - systemd creates 'var/lib/machines' btrfs subvolumes in mock root
https://bugzilla.redhat.com/show_bug.cgi?id=1205564
[ 22 ] Bug #1198769 - mock invokes dnf builddep but doesn't say dnf-plugins-core needs to be installed
https://bugzilla.redhat.com/show_bug.cgi?id=1198769
[ 23 ] Bug #1211978 - mock does not use "yum-deprecated" if yum >= 3.4.3-505 is installed
https://bugzilla.redhat.com/show_bug.cgi?id=1211978
[ 24 ] Bug #1209532 - [abrt] mock: mockchain:250:main:OSError: [Errno 1] Operation not permitted: '/var/tmp/taskotron-mockchain'
https://bugzilla.redhat.com/show_bug.cgi?id=1209532
[ 25 ] Bug #1184964 - mock builds with the nosync plugin result in nosync.so being a dependency
https://bugzilla.redhat.com/show_bug.cgi?id=1184964
[ 26 ] Bug #1194171 - mock exits with traceback: NameError: global name 'name' is not defined
https://bugzilla.redhat.com/show_bug.cgi?id=1194171
--------------------------------------------------------------------------------
================================================================================
perl-Parse-Debian-Packages-0.03-2.el7 (FEDORA-EPEL-2015-6272)
Parse the data from a Debian Packages.gz
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1168260 - Review Request: perl-Parse-Debian-Packages - Parse the data from a debian Packages.gz
https://bugzilla.redhat.com/show_bug.cgi?id=1168260
--------------------------------------------------------------------------------
================================================================================
php-seld-cli-prompt-1.0.0-1.el7 (FEDORA-EPEL-2015-6275)
Allows you to prompt for user input on the command line
--------------------------------------------------------------------------------
Update Information:
While prompting for user input using fgets() is quite easy, sometimes you need to prompt for sensitive information. In these cases, the characters typed in by the user should not be directly visible, and this is quite a pain to do in a cross-platform way.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1218089 - Review Request: php-seld-cli-prompt - Allows you to prompt for user input on the command line
https://bugzilla.redhat.com/show_bug.cgi?id=1218089
--------------------------------------------------------------------------------
================================================================================
php-seld-phar-utils-1.0.0-1.el7 (FEDORA-EPEL-2015-6281)
PHAR file format utilities
--------------------------------------------------------------------------------
Update Information:
PHAR file format utilities, for when PHP phars you up.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1218090 - Review Request: php-seld-phar-utils - PHAR file format utilities
https://bugzilla.redhat.com/show_bug.cgi?id=1218090
--------------------------------------------------------------------------------
================================================================================
phpMyAdmin-4.4.6.1-1.el7 (FEDORA-EPEL-2015-6273)
Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:
phpMyAdmin 4.4.6.1 (2015-05-13)
===============================
- [security] CSRF vulnerability in setup
- [security] Vulnerability allowing man-in-the-middle attack
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 14 2015 Robert Scheck <robert at fedoraproject.org> 4.4.6.1-1
- Upgrade to 4.4.6.1 (#1221418, #1221580, #1221581)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1221580 - CVE-2015-3902 phpMyAdmin: XSRF/CSRF vulnerability in phpMyAdmin setup
https://bugzilla.redhat.com/show_bug.cgi?id=1221580
[ 2 ] Bug #1221581 - CVE-2015-3903 phpMyAdmin: Vulnerability allowing man-in-the-middle attack on API call to GitHub
https://bugzilla.redhat.com/show_bug.cgi?id=1221581
--------------------------------------------------------------------------------
================================================================================
python-bottle-0.12.6-1.el7 (FEDORA-EPEL-2015-6278)
Fast and simple WSGI-framework for small web-applications
--------------------------------------------------------------------------------
Update Information:
Released also for epel7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1221002 - Build epel7 package of python-bottle
https://bugzilla.redhat.com/show_bug.cgi?id=1221002
--------------------------------------------------------------------------------
================================================================================
python-geoip-geolite2-2015.0303-3.el7 (FEDORA-EPEL-2015-6276)
GeoIP database access for Python under a BSD license
--------------------------------------------------------------------------------
Update Information:
2015.0303-3
--------------------------------------------------------------------------------
More information about the epel-devel
mailing list