The following Fedora EPEL 7 Security updates need testing:
Age URL
22 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3621/php-Smarty-3.…
22 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3642/Pound-2.7-0.4…
18 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3745/tnftp-2014103…
10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3886/python-reques…
9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3794/polarssl-1.3.…
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3989/cross-binutil…
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3995/oath-toolkit-…
6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4045/libvncserver-…
2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4113/kwebkitpart-1…
2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4100/erlang-R16B-0…
1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4152/lsyncd-2.1.5-…
1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4154/nodejs-0.10.3…
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4174/python-eyed3-…
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4170/clamav-0.98.5…
The following builds have been pushed to Fedora EPEL 7 updates-testing
clamav-0.98.5-1.el7
ga-5.3b-14.el7
gflags-2.1.1-6.el7
gtk-gnutella-1.1.1-1.el7
gtk-murrine-engine-0.98.2-7.el7
myproxy-6.1.6-1.el7
ncl-6.2.1-1.el7
php-EasyRdf-0.8.0-5.el7
php-solarium-3.3.0-1.el7
python-eyed3-0.7.4-4.el7
python-pyroute2-0.3.2-1.el7
python-sh-1.08-4.el7
python-testrepository-0.0.18-2.el7
qpid-dispatch-0.2-8.el7
subunit-0.0.21-2.el7
yaz-5.6.0-1.el7
Details about builds:
================================================================================
clamav-0.98.5-1.el7 (FEDORA-EPEL-2014-4170)
End-user tools for the Clam Antivirus scanner
--------------------------------------------------------------------------------
Update Information:
ClamAV 0.98.5
=============
ClamAV 0.98.5 also includes these new features and bug fixes:
* Support for the XDP file format and extracting, decoding, and scanning PDF files within XDP files. Addition of shared library support for LLVM versions 3.1 - 3.5 for the purpose of just-in-time(JIT) compilation of ClamAV bytecode signatures. Andreas Cadhalpun submitted the patch implementing this support.
* Enhancements to the clambc command line utility to assist ClamAV bytecode signature authors by providing introspection into compiled bytecode programs.
* Resolution of many of the warning messages from ClamAV compilation.
* Improved detection of malicious PE files.
* Security fix for ClamAV crash when using 'clamscan -a'. This issue was identified by Kurt Siefried of Red Hat.
* Security fix for ClamAV crash when scanning maliciously crafted yoda's crypter files. This issue, as well as several other bugs fixed in this release, were identified by Damien Millescamp of Oppida.
* ClamAV 0.98.5 now works with OpenSSL in FIPS compliant mode. Thanks to Reinhard Max for supplying the patch.
* Bug fixes and other feature enhancements.
Please see the ChangeLog file or GIT log for further details.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 Robert Scheck <robert(a)fedoraproject.org> - 0.98.5-1
- Upgrade to 0.98.5 and updated daily.cvd (#1138101)
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.98.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1138101 - CVE-2013-6497 ClamAV: -a segmentation fault when processing files
https://bugzilla.redhat.com/show_bug.cgi?id=1138101
--------------------------------------------------------------------------------
================================================================================
ga-5.3b-14.el7 (FEDORA-EPEL-2014-4160)
Global Arrays Toolkit
--------------------------------------------------------------------------------
Update Information:
Fix bug #1150473 to support epel7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1150473 - please build ga for EPEL7
https://bugzilla.redhat.com/show_bug.cgi?id=1150473
--------------------------------------------------------------------------------
================================================================================
gflags-2.1.1-6.el7 (FEDORA-EPEL-2014-4172)
Library for commandline flag processing
--------------------------------------------------------------------------------
Update Information:
Moved from rawhide to epel7.
--------------------------------------------------------------------------------
================================================================================
gtk-gnutella-1.1.1-1.el7 (FEDORA-EPEL-2014-4185)
GUI based Gnutella Client
--------------------------------------------------------------------------------
Update Information:
Upgrade to 1.1.1
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 Dmitry Butskoy <Dmitry(a)Butskoy.name> - 1.1.1-1
- Upgrade to 1.1.1
--------------------------------------------------------------------------------
================================================================================
gtk-murrine-engine-0.98.2-7.el7 (FEDORA-EPEL-2014-4186)
Murrine GTK2 engine
--------------------------------------------------------------------------------
Update Information:
Silence some terminal spam
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.98.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.98.2-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sun Apr 20 2014 Martin Sourada <mso(a)fedoraproject.org> - 0.98.2-5
- Silence deprecation warnings (#1046757)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1165876 - murrine engine spams the terminal
https://bugzilla.redhat.com/show_bug.cgi?id=1165876
--------------------------------------------------------------------------------
================================================================================
myproxy-6.1.6-1.el7 (FEDORA-EPEL-2014-4182)
Manage X.509 Public Key Infrastructure (PKI) security credentials
--------------------------------------------------------------------------------
Update Information:
MyProxy 6.1.6
* Allow TLS (no longer force SSLv3)
* VOMS support now in a separate package (myproxy-voms)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 6.1.6-1
- Update to 6.1.6
- Drop patch myproxy-deps.patch (fixed upstream)
- Upstream source moved from sourceforge to the Globus Toolkit github repo
- Use source tarball published by Globus
- Use upstream's init scripts and systemd unit files
- New binary package myproxy-voms (voms support split out as a plugin)
--------------------------------------------------------------------------------
================================================================================
ncl-6.2.1-1.el7 (FEDORA-EPEL-2014-4168)
NCAR Command Language and NCAR Graphics
--------------------------------------------------------------------------------
Update Information:
NCAR Command Language (NCL) is an interpreted language designed specifically for scientific data processing and visualization. Portable, robust, and free, NCL supports netCDF3/4, GRIB1/2, HDF-SDS, HDF4-EOS, binary, shapefiles, and ASCII files. Numerous analysis functions are built-in. High quality graphics are easily created and customized with hundreds of graphic resources. Many
example scripts and their corresponding graphics are available.
--------------------------------------------------------------------------------
================================================================================
php-EasyRdf-0.8.0-5.el7 (FEDORA-EPEL-2014-4163)
A PHP library designed to make it easy to consume and produce RDF
--------------------------------------------------------------------------------
Update Information:
EasyRdf is a PHP library designed to make it easy to consume and produce RDF (http://en.wikipedia.org/wiki/Resource_Description_Framework) It was designed for use in mixed teams of experienced and inexperienced RDF developers. It is written in Object Oriented PHP and has been tested extensively using PHPUnit.
After parsing EasyRdf builds up a graph of PHP objects that can then be walked around to get the data to be placed on the page. Dump methods are available to inspect what data is available during development.
Data is typically loaded into a EasyRdf_Graph object from source RDF documents, loaded from the web via HTTP. The EasyRdf_GraphStore class simplifies loading and saving data to a SPARQL 1.1 Graph Store.
SPARQL queries can be made over HTTP to a Triplestore using the EasyRdf_Sparql_Client class. SELECT and ASK queries will return an EasyRdf_Sparql_Result object and CONSTRUCT and DESCRIBE queries will return an EasyRdf_Graph object.
Optional dependencies: graphviz, graphviz-gd, raptor2
--------------------------------------------------------------------------------
================================================================================
php-solarium-3.3.0-1.el7 (FEDORA-EPEL-2014-4173)
Solarium PHP Solr client library
--------------------------------------------------------------------------------
Update Information:
See https://github.com/basdenooijer/solarium/issues/294
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2014 Remi Collet <remi(a)fedoraproject.org> - 3.3.0-1
- update to 3.3.0
- provide php-composer(solarium/solarium)
- fix license handling
- don't run test suite with php 5.3 (EL-6)
--------------------------------------------------------------------------------
================================================================================
python-eyed3-0.7.4-4.el7 (FEDORA-EPEL-2014-4174)
Python audio data toolkit (ID3 and MP3)
--------------------------------------------------------------------------------
Update Information:
- Fixed CVE-2014-1934.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 Mr Niranjan <mrniranjan(a)fedoraproject.org> - 0.7.4-4
- Fixed CVE-2014-1934, patch from Travis Shirk.
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.7.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1063671 - CVE-2014-1934 python-eyed3: insecure temporary file creation
https://bugzilla.redhat.com/show_bug.cgi?id=1063671
--------------------------------------------------------------------------------
================================================================================
python-pyroute2-0.3.2-1.el7 (FEDORA-EPEL-2014-4157)
Pure Python netlink library
--------------------------------------------------------------------------------
Update Information:
Update to 0.3.2
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Peter V. Saveliev <peter(a)svinota.eu> 0.3.2-1
- Update to 0.3.2
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.2.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-sh-1.08-4.el7 (FEDORA-EPEL-2014-4177)
Python module to simplify calling shell commands
--------------------------------------------------------------------------------
Update Information:
Branch for epel7.
--------------------------------------------------------------------------------
================================================================================
python-testrepository-0.0.18-2.el7 (FEDORA-EPEL-2014-4180)
A repository of test results
--------------------------------------------------------------------------------
Update Information:
- to support openstack juno testing
--------------------------------------------------------------------------------
================================================================================
qpid-dispatch-0.2-8.el7 (FEDORA-EPEL-2014-4175)
Dispatch router for Qpid
--------------------------------------------------------------------------------
Update Information:
DISPATCH-75 - Removed reference to qdstat.conf from qdstat manpage.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 Darryl L. Pierce <dpierce(a)redhat.com> - 0.2-8
- DISPATCH-75 - Removed reference to qdstat.conf from qdstat manpage.
- Include systemd service file for EPEL7 packages.
- Brought systemd support up to current Fedora packaging guidelines.
- Resolves: BZ#1165691
- Resolves: BZ#1165681
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1165691 - Man page for qdstat.conf is missing
https://bugzilla.redhat.com/show_bug.cgi?id=1165691
[ 2 ] Bug #1165681 - RPMs do not provide a systemd service unit file
https://bugzilla.redhat.com/show_bug.cgi?id=1165681
--------------------------------------------------------------------------------
================================================================================
subunit-0.0.21-2.el7 (FEDORA-EPEL-2014-4179)
C bindings for subunit
--------------------------------------------------------------------------------
Update Information:
- to support openstack juno testing
--------------------------------------------------------------------------------
================================================================================
yaz-5.6.0-1.el7 (FEDORA-EPEL-2014-4181)
Z39.50/SRW/SRU toolkit
--------------------------------------------------------------------------------
Update Information:
--- 5.6.0 2014/11/17
* When marc-8 charset is specified when decoding MARC records, yaz-marcdump and ZOOM record render will inspect leader 9 and switch to UTF-8 (Unicode) if that holds 'a'. This changes behavior, but is considered safe because only MARC21 with leader 9='a' are Unicode. YAZ-800
* Fix cs_put may reconnect if send fails. YAZ-798
--- 5.5.1 2014/11/03
* Fix cannot build YAZ on jessie : libgnutls-dev is gone YAZ-797
--- 5.5.0 2014/10/27
* Extended comstack with outgoing IP YAZ-795.
* For cs_create_host + cs_create_host_proxy the vhost may be followed by a outgoing host/IP. Separator is blank.
--- 5.4.4 2014/10/20
* Add YAZ_EXPORT to cql_transform_r fixes YAZ-793 . This issue fixes linker error with yazpp on Windows.
--- 5.4.3 2014/10/08
* Fix uri array may overflow in yaz_solr_encode_request YAZ-775
* Fix PQF to Solr conversion may produce invalid Solr query YAZ-792
* 0 ptr reference in handling Solr response with error YAZ-791
* Fix annoying warning about wrbuf_putc on newer GCC YAZ-789
* Fix documentation about --installa option YAZ-788
--- 5.4.2 2014/08/26
* daemon: properly report when receiving SIGUSR2 from child YAZ-785
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Christopher Meng <rpm(a)cicku.me> - 5.6.0-1
- Update to 5.6.0
* Tue Aug 26 2014 David Tardon <dtardon(a)redhat.com> - 5.4.1-2
- rebuild for ICU 53.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1134028 - yaz-5.5.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1134028
--------------------------------------------------------------------------------
The following Fedora EPEL 6 Security updates need testing:
Age URL
942 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.…
161 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.26…
32 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3434/pylint-1.3.1-…
28 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3527/asterisk-1.8.…
22 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3623/Pound-2.6-2.e…
18 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3748/tnftp-2014103…
15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3790/facter-1.6.18…
10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3851/python-reques…
9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3927/drupal7-ckedi…
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3962/oath-toolkit-…
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4005/nginx-1.0.15-…
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4008/cross-binutil…
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3975/polarssl-1.3.…
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2069/php-channel-p…
5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4057/moodle-2.5.9-…
1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4151/lsyncd-2.1.4-…
1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4144/nodejs-0.10.3…
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4165/python-eyed3-…
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4176/clamav-0.98.5…
The following builds have been pushed to Fedora EPEL 6 updates-testing
clamav-0.98.5-1.el6
golang-github-coreos-go-systemd-2-2.el6
gtk-gnutella-1.1.1-1.el6
myproxy-6.1.6-1.el6
ntfs-3g-2014.2.15-8.el6
php-EasyRdf-0.8.0-5.el6
php-solarium-3.3.0-1.el6
python-eyed3-0.7.4-5.el6
python-pyroute2-0.3.2-1.el6
qpdfview-0.4.13-1.el6
qpid-dispatch-0.2-8.el6
qpid-proton-0.8-1.el6
rubygem-qpid_proton-0.8-1.el6
Details about builds:
================================================================================
clamav-0.98.5-1.el6 (FEDORA-EPEL-2014-4176)
Anti-virus software
--------------------------------------------------------------------------------
Update Information:
ClamAV 0.98.5
=============
ClamAV 0.98.5 also includes these new features and bug fixes:
* Support for the XDP file format and extracting, decoding, and scanning PDF files within XDP files. Addition of shared library support for LLVM versions 3.1 - 3.5 for the purpose of just-in-time(JIT) compilation of ClamAV bytecode signatures. Andreas Cadhalpun submitted the patch implementing this support.
* Enhancements to the clambc command line utility to assist ClamAV bytecode signature authors by providing introspection into compiled bytecode programs.
* Resolution of many of the warning messages from ClamAV compilation.
* Improved detection of malicious PE files.
* Security fix for ClamAV crash when using 'clamscan -a'. This issue was identified by Kurt Siefried of Red Hat.
* Security fix for ClamAV crash when scanning maliciously crafted yoda's crypter files. This issue, as well as several other bugs fixed in this release, were identified by Damien Millescamp of Oppida.
* ClamAV 0.98.5 now works with OpenSSL in FIPS compliant mode. Thanks to Reinhard Max for supplying the patch.
* Bug fixes and other feature enhancements.
Please see the ChangeLog file or GIT log for further details.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 Robert Scheck <robert(a)fedoraproject.org> - 0.98.5-1
- Upgrade to 0.98.5 and updated daily.cvd (#1138101)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1138101 - CVE-2013-6497 ClamAV: -a segmentation fault when processing files
https://bugzilla.redhat.com/show_bug.cgi?id=1138101
--------------------------------------------------------------------------------
================================================================================
golang-github-coreos-go-systemd-2-2.el6 (FEDORA-EPEL-2014-4184)
Go bindings to systemd socket activation, journal and D-BUS APIs
--------------------------------------------------------------------------------
Update Information:
Update to a606a1e936df81b70d85448221c7b1c6d8a74ef1 commit
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 jchaloup <jchaloup(a)redhat.com> - 2-2
- Update to a606a1e936df81b70d85448221c7b1c6d8a74ef1 commit
resolves: #1165688
- remove gopath and add golang >= 1.2.1-3
- add Requires on github.com/godbus/dbus
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1165688 - Review Request: flannel - Flannel is an etcd backed network fabric for containers
https://bugzilla.redhat.com/show_bug.cgi?id=1165688
--------------------------------------------------------------------------------
================================================================================
gtk-gnutella-1.1.1-1.el6 (FEDORA-EPEL-2014-4161)
GUI based Gnutella Client
--------------------------------------------------------------------------------
Update Information:
Upgrade to 1.1.1
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 Dmitry Butskoy <Dmitry(a)Butskoy.name> - 1.1.1-1
- Upgrade to 1.1.1
--------------------------------------------------------------------------------
================================================================================
myproxy-6.1.6-1.el6 (FEDORA-EPEL-2014-4167)
Manage X.509 Public Key Infrastructure (PKI) security credentials
--------------------------------------------------------------------------------
Update Information:
MyProxy 6.1.6
* Allow TLS (no longer force SSLv3)
* VOMS support now in a separate package (myproxy-voms)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 6.1.6-1
- Update to 6.1.6
- Drop patch myproxy-deps.patch (fixed upstream)
- Upstream source moved from sourceforge to the Globus Toolkit github repo
- Use source tarball published by Globus
- Use upstream's init scripts and systemd unit files
- New binary package myproxy-voms (voms support split out as a plugin)
--------------------------------------------------------------------------------
================================================================================
ntfs-3g-2014.2.15-8.el6 (FEDORA-EPEL-2014-4178)
Linux NTFS userspace driver
--------------------------------------------------------------------------------
Update Information:
Apply upstream patch for old kernels (RHEL 6 or older) to properly fallback to the right fuse level. Resolves I/O errors on accessing mounted ntfs-3g filesystems on RHEL 6.
Fix ntfs-3g/ntfsprogs builds for EL-6 (and older, should we ever be so brave as to go into that snake pit). Add back hal file for ancient nautilus support.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 Tom Callaway <spot(a)fedoraproject.org> - 2:2014.2.15-8
- apply upstream patch to properly use fuse on older kernels
* Mon Nov 17 2014 Tom Callaway <spot(a)fedoraproject.org> - 2:2014.2.15-7
- old rhel (< 7) needs old pathing and hal file. CONDITIONALIZE ALL THE THINGS!
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1164757 - cannot mount ntfs partitions from Nautilus
https://bugzilla.redhat.com/show_bug.cgi?id=1164757
[ 2 ] Bug #1043236 - Update ntfs-3g/ntfsprogs packages in EPEL
https://bugzilla.redhat.com/show_bug.cgi?id=1043236
[ 3 ] Bug #1164565 - Can not mount external USB HDD
https://bugzilla.redhat.com/show_bug.cgi?id=1164565
--------------------------------------------------------------------------------
================================================================================
php-EasyRdf-0.8.0-5.el6 (FEDORA-EPEL-2014-4164)
A PHP library designed to make it easy to consume and produce RDF
--------------------------------------------------------------------------------
Update Information:
RPM-only release
* php-redland is now an optional dependency
* Added php-composer(easyrdf/easyrdf) virtual provide
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Shawn Iwinski <shawn.iwinski(a)gmail.com> - 0.8.0-5
- Modified raptor and redland logic
* Fri Nov 14 2014 Shawn Iwinski <shawn.iwinski(a)gmail.com> - 0.8.0-4
- No raptor or redland for el7
* Thu Nov 13 2014 Shawn Iwinski <shawn.iwinski(a)gmail.com> - 0.8.0-3
- Added php-composer(easyrdf/easyrdf) virtual provide
- Added option to build without tests ("--without tests")
- Reduce PHP min version from 5.3.3 to 5.2.8 (per composer.json)
- %license usage
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.8.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
php-solarium-3.3.0-1.el6 (FEDORA-EPEL-2014-4169)
Solarium PHP Solr client library
--------------------------------------------------------------------------------
Update Information:
See https://github.com/basdenooijer/solarium/issues/294
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2014 Remi Collet <remi(a)fedoraproject.org> - 3.3.0-1
- update to 3.3.0
- provide php-composer(solarium/solarium)
- fix license handling
- don't run test suite with php 5.3 (EL-6)
--------------------------------------------------------------------------------
================================================================================
python-eyed3-0.7.4-5.el6 (FEDORA-EPEL-2014-4165)
Python audio data toolkit (ID3 and MP3)
--------------------------------------------------------------------------------
Update Information:
- Fixed CVE-2014-1934.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 pjp <pjp(a)fedoraproject.org> - 0.7.4-5
- fixed __python macros, added python-argparse as build dependency.
* Wed Nov 19 2014 Mr Niranjan <mrniranjan(a)fedoraproject.org> - 0.7.4-4
- Fixed CVE-2014-1934, patch from Travis Shirk.
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.7.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Fri Jan 10 2014 Christopher Meng <rpm(a)cicku.me> - 0.7.4-2
- Dependencies cleanup.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1063671 - CVE-2014-1934 python-eyed3: insecure temporary file creation
https://bugzilla.redhat.com/show_bug.cgi?id=1063671
--------------------------------------------------------------------------------
================================================================================
python-pyroute2-0.3.2-1.el6 (FEDORA-EPEL-2014-4162)
Pure Python netlink library
--------------------------------------------------------------------------------
Update Information:
Update to 0.3.2
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Peter V. Saveliev <peter(a)svinota.eu> 0.3.2-1
- Update to 0.3.2
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.2.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
qpdfview-0.4.13-1.el6 (FEDORA-EPEL-2014-4187)
Tabbed PDF Viewer
--------------------------------------------------------------------------------
Update Information:
Version bump
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 TI_Eugene <ti.eugene(a)gmail.com> 0.4.13-1
- Version bump
--------------------------------------------------------------------------------
================================================================================
qpid-dispatch-0.2-8.el6 (FEDORA-EPEL-2014-4158)
Dispatch router for Qpid
--------------------------------------------------------------------------------
Update Information:
DISPATCH-75 - Removed reference to qdstat.conf from qdstat manpage.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 Darryl L. Pierce <dpierce(a)redhat.com> - 0.2-8
- DISPATCH-75 - Removed reference to qdstat.conf from qdstat manpage.
- Include systemd service file for EPEL7 packages.
- Brought systemd support up to current Fedora packaging guidelines.
- Resolves: BZ#1165691
- Resolves: BZ#1165681
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1165691 - Man page for qdstat.conf is missing
https://bugzilla.redhat.com/show_bug.cgi?id=1165691
[ 2 ] Bug #1165681 - RPMs do not provide a systemd service unit file
https://bugzilla.redhat.com/show_bug.cgi?id=1165681
--------------------------------------------------------------------------------
================================================================================
qpid-proton-0.8-1.el6 (FEDORA-EPEL-2014-4183)
A high performance, lightweight messaging library
--------------------------------------------------------------------------------
Update Information:
Rebased on Proton 0.8.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Darryl L. Pierce <dpierce(a)redhat.com> - 0.8-1
- Rebased on Proton 0.8.
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.7-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rubygem-qpid_proton-0.8-1.el6 (FEDORA-EPEL-2014-4171)
Ruby language bindings for the Qpid Proton messaging framework
--------------------------------------------------------------------------------
Update Information:
Rebased on Proton 0.8.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 Darryl L. Pierce <dpierce(a)redhat.com> - 0.8-1
- Rebased on Proton 0.8.
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.7-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
The following Fedora EPEL 5 Security updates need testing:
Age URL
942 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.…
396 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs-1…
161 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7.26…
57 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2669/check-mk-1.2.…
56 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2853/mediawiki119-…
22 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3675/Pound-2.6-2.e…
15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3784/mantis-1.2.17…
10 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3849/sblim-sfcb-1.…
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3972/nginx-0.8.55-…
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3983/polarssl-1.3.…
1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4147/lsyncd-2.1.4-…
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4166/clamav-0.98.5…
The following builds have been pushed to Fedora EPEL 5 updates-testing
clamav-0.98.5-1.el5
myproxy-6.1.6-1.el5
Details about builds:
================================================================================
clamav-0.98.5-1.el5 (FEDORA-EPEL-2014-4166)
Anti-virus software
--------------------------------------------------------------------------------
Update Information:
ClamAV 0.98.5
=============
ClamAV 0.98.5 also includes these new features and bug fixes:
* Support for the XDP file format and extracting, decoding, and scanning PDF files within XDP files. Addition of shared library support for LLVM versions 3.1 - 3.5 for the purpose of just-in-time(JIT) compilation of ClamAV bytecode signatures. Andreas Cadhalpun submitted the patch implementing this support.
* Enhancements to the clambc command line utility to assist ClamAV bytecode signature authors by providing introspection into compiled bytecode programs.
* Resolution of many of the warning messages from ClamAV compilation.
* Improved detection of malicious PE files.
* Security fix for ClamAV crash when using 'clamscan -a'. This issue was identified by Kurt Siefried of Red Hat.
* Security fix for ClamAV crash when scanning maliciously crafted yoda's crypter files. This issue, as well as several other bugs fixed in this release, were identified by Damien Millescamp of Oppida.
* ClamAV 0.98.5 now works with OpenSSL in FIPS compliant mode. Thanks to Reinhard Max for supplying the patch.
* Bug fixes and other feature enhancements.
Please see the ChangeLog file or GIT log for further details.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 Robert Scheck <robert(a)fedoraproject.org> - 0.98.5-1
- Upgrade to 0.98.5 and updated daily.cvd (#1138101)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1138101 - CVE-2013-6497 ClamAV: -a segmentation fault when processing files
https://bugzilla.redhat.com/show_bug.cgi?id=1138101
--------------------------------------------------------------------------------
================================================================================
myproxy-6.1.6-1.el5 (FEDORA-EPEL-2014-4159)
Manage X.509 Public Key Infrastructure (PKI) security credentials
--------------------------------------------------------------------------------
Update Information:
MyProxy 6.1.6
* Allow TLS (no longer force SSLv3)
* VOMS support now in a separate package (myproxy-voms)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 6.1.6-1
- Update to 6.1.6
- Drop patch myproxy-deps.patch (fixed upstream)
- Upstream source moved from sourceforge to the Globus Toolkit github repo
- Use source tarball published by Globus
- Use upstream's init scripts and systemd unit files
- New binary package myproxy-voms (voms support split out as a plugin)
--------------------------------------------------------------------------------
The following Fedora EPEL 7 Security updates need testing:
Age URL
21 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3621/php-Smarty-3.…
21 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3642/Pound-2.7-0.4…
17 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3745/tnftp-2014103…
9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3886/python-reques…
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3794/polarssl-1.3.…
6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3989/cross-binutil…
6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3995/oath-toolkit-…
5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4045/libvncserver-…
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4152/lsyncd-2.1.5-…
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4154/nodejs-0.10.3…
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4113/kwebkitpart-1…
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4100/erlang-R16B-0…
The following builds have been pushed to Fedora EPEL 7 updates-testing
abduco-0.2-1.el7
dmlite-0.7.2-1.el7
libuv-0.10.29-1.el7
lsyncd-2.1.5-6.el7
mock-1.2.2-1.el7
nodejs-0.10.33-1.el7
perl-DateTime-Format-Pg-0.16010-6.el7
perl-qpid_proton-0.8-1.el7
php-horde-Horde-Browser-2.0.8-1.el7
php-horde-Horde-Core-2.16.1-1.el7
php-horde-Horde-Crypt-2.5.1-1.el7
php-horde-Horde-Db-2.2.2-1.el7
php-horde-Horde-History-2.3.3-1.el7
php-horde-Horde-Mime-Viewer-2.0.8-1.el7
php-horde-Horde-Test-2.4.6-1.el7
python-bugzilla2fedmsg-0.2.1-1.el7
python-flask-openid-1.2.4-1.el7
python-testtools-1.1.0-1.el7
quiterss-0.17.1-1.el7
subunit-0.0.21-1.el7
voms-2.0.12-1.el7
voms-api-java-3.0.4-1.el7
Details about builds:
================================================================================
abduco-0.2-1.el7 (FEDORA-EPEL-2014-4137)
Session management in a clean and simple way
--------------------------------------------------------------------------------
Update Information:
update to 0.2 (RHBZ #1165180)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Igor Gnatenko <i.gnatenko.brain(a)gmail.com> - 0.2-1
- update to 0.2 (RHBZ #1165180)
* Fri Aug 15 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1165180 - abduco-0.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1165180
--------------------------------------------------------------------------------
================================================================================
dmlite-0.7.2-1.el7 (FEDORA-EPEL-2014-4150)
Lcgdm grid data management and storage framework
--------------------------------------------------------------------------------
Update Information:
Update to 0.7.2, BugFix for too much verbose logging
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Adrien Devresse <adevress at cern.ch> - 0.7.2-1
- Update to 0.7.2, BugFix for too much verbose logging
--------------------------------------------------------------------------------
================================================================================
libuv-0.10.29-1.el7 (FEDORA-EPEL-2014-4154)
Platform layer for node.js
--------------------------------------------------------------------------------
Update Information:
This release handles the recent POODLE vulnerability by disabling SSLv2/SSLv3
by default for the most predominate uses of TLS in Node.js.
It took longer than expected to get this release accomplished in a way that
would provide appropriate default security settings, while minimizing the
surface area for the behavior change we were introducing. It was also important
that we validated that our changes were being applied in the variety of
configurations we support in our APIs.
With this release, we are confident that the only behavior change is that of
the default allowed protocols do not include SSLv2 or SSLv3. Though you are
still able to programatically consume those protocols if necessary.
Included is the documentation that you can find at
https://nodejs.org/api/tls.html#tls_protocol_support that describes how this
works going forward for client and server implementations.
---
Node.js is compiled with SSLv2 and SSLv3 protocol support by default, but these
protocols are **disabled**. They are considered insecure and could be easily
compromised as was shown by CVE-2014-3566. However, in some situations, it
may cause problems with legacy clients/servers (such as Internet Explorer 6).
If you wish to enable SSLv2 or SSLv3, run node with the `--enable-ssl2` or
`--enable-ssl3` flag respectively. In future versions of Node.js SSLv2 and
SSLv3 will not be compiled in by default.
There is a way to force node into using SSLv3 or SSLv2 only mode by explicitly
specifying `secureProtocol` to `'SSLv3_method'` or `'SSLv2_method'`.
The default protocol method Node.js uses is `SSLv23_method` which would be more
accurately named `AutoNegotiate_method`. This method will try and negotiate
from the highest level down to whatever the client supports. To provide a
secure default, Node.js (since v0.10.33) explicitly disables the use of SSLv3
and SSLv2 by setting the `secureOptions` to be
`SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2` (again, unless you have passed
`--enable-ssl3`, or `--enable-ssl2`, or `SSLv3_method` as `secureProtocol`).
If you have set `securityOptions` to anything, we will not override your
options.
The ramifications of this behavior change:
* If your application is behaving as a secure server, clients who are `SSLv3`
only will now not be able to appropriately negotiate a connection and will be
refused. In this case your server will emit a `clientError` event. The error
message will include `'wrong version number'`.
* If your application is behaving as a secure client and communicating with a
server that doesn't support methods more secure than SSLv3 then your connection
won't be able to negotiate and will fail. In this case your client will emit a
an `error` event. The error message will include `'wrong version number'`.
---
2014.10.20, node.js Version 0.10.33 (Stable)
* child_process: properly support optional args (cjihrig)
* crypto: Disable autonegotiation for SSLv2/3 by default (Fedor Indutny, Timothy J Fontaine, Alexis Campailla)
This is a behavior change, by default we will not allow the negotiation to
SSLv2 or SSLv3. If you want this behavior, run Node.js with either
`--enable-ssl2` or `--enable-ssl3` respectively.
This does not change the behavior for users specifically requesting
`SSLv2_method` or `SSLv3_method`. While this behavior is not advised, it is
assumed you know what you're doing since you're specifically asking to use
these methods.
---
2014.10.21, libuv Version 0.10.29 (Stable)
Relevant changes since version 0.10.28:
* linux: try epoll_pwait if epoll_wait is missing (Michael Hudson-Doyle)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 T.C. Hollingsworth <tchollingsworth(a)gmail.com> - 1:0.10.29-1
- new upstream release 0.10.29
https://github.com/joyent/libuv/blob/v0.10.29/ChangeLog
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1152789 - CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack
https://bugzilla.redhat.com/show_bug.cgi?id=1152789
--------------------------------------------------------------------------------
================================================================================
lsyncd-2.1.5-6.el7 (FEDORA-EPEL-2014-4152)
File change monitoring and synchronization daemon
--------------------------------------------------------------------------------
Update Information:
Fix bad shell argument escaping
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Lubomir Rintel <lkundrak(a)v3.sk> - 2.1.5-6
- Fix bad shell argument escaping
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 2.1.5-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Wed Jun 18 2014 Peter Robinson <pbrobinson(a)fedoraproject.org> 2.1.5-4
- No prelink on aarch64/ppc64le
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 2.1.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1165078 - lsyncd: command injection through backticks in a filename
https://bugzilla.redhat.com/show_bug.cgi?id=1165078
--------------------------------------------------------------------------------
================================================================================
mock-1.2.2-1.el7 (FEDORA-EPEL-2014-4123)
Builds packages inside chroots
--------------------------------------------------------------------------------
Update Information:
Bump in plugin ABI.
New LVM plugin.
Nosync for better IO performance.
DNF support.
Printing more useful output on terminal.
Concurrent shell acces to buildroot.
Executing package management commands.
--enablerepo and --disablerepo options
Short circuit options.
Automatic initialization.
Python 3 support.
Experimental support for building using systemd-nspawn.
Accept path as config.
New compress_logs plugin.
And lots of bugfixes.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Miroslav Suchý <msuchy(a)redhat.com> - 1.2.2-1
- add missing import [RHBZ#1165061]
* Sat Nov 15 2014 Miroslav Suchý <msuchy(a)redhat.com> - 1.2.1-1
- allow mockchain to accept path as config
- end yum's installroot path with a slash [RHBZ#1160428]
- add --mount option [RHBZ#1162637]
- add some missing bash completation strings
- run --shell as root with --new-chroot
- Don't fail scrub when there's no pool [RHBZ#1162631]
- Globbing and tilde expansion
- move restoring priviledges to finally [RHBZ#1162720]
- Remove "Buildroot must be already initialized" note
- Add missing --print-root-path to manpage
- Do not print ANSI escape characters into log [RHBZ#1163037]
- in site-defaults.cfg initialize dictionary of plugins [RHBZ#1162595]
- Disable empty names and values in config_opts[macros] [RHBZ#1160765]
- Disable single macros in -D cmd option [RHBZ#1160765]
- rpmbuild is in /usr/bin [RHBZ#1161112]
- man page for --macro-file [RHBZ#1160326]
- Added option [--macro-file] to support external rpm macros file [RHBZ#1160326]
- Don't output installation/build output when redirected
- Better log message for intial buildroot installation
- Be more specific when installing configs
- Install into correct sitelib when using Python 3
- Fix nosync on aarch64
- wrap all remaining getcwd() [RHBZ#1159300]
- do not use rpm in %post scriptlet [RHBZ#1131279]
- Fix unclear legal host output [RHBZ#1159794]
- allow running from directory, which is deleted [RHBZ#1159300]
- create compress_logs plugin [RHBZ#1100923]
- when default.cfg exists create default.cfg.rpmnew [RHBZ#1085308]
- accept paths to target definition files [RHBZ#1126117]
- set title bar in xterm [RHBZ#1126235]
- pass --enablerepo/--disablerepo to yum in the same order as provided to mock [RHBZ#1154604]
- Fix incorrect printing of binary strings on py3
- Add missing Requires rpm-python3
- Don't print Yum and build output when quiet
- Prevent output being printed twice with --verbose (rhbz#1152971)
- Fix printing non-ascii characters with output redirected (rhbz#1152952)
- replace urlgrabber by python-requests
- use python3 for Fedora22+
- Don't print we're doing rpmbuild -bb, when it may not be true
- 'prep' choice missing in short-circuit option parser
- Don't execute prebuild in short-circuit mode
* Thu Oct 9 2014 Miroslav Suchý <msuchy(a)redhat.com> - 1.2.0-1
- update configs for secondary architecture (Dan Horák)
- caching of buildroots using LVM (Michael Simacek)
- add support for DNF (Michael Simacek)
- initial porting to python3 (Michael Simacek)
- new config option nosync (Michael Simacek)
- add CentOS extra repository [BZ# 1108402]
- correctly create default.cfg on arm [BZ# 1033786]
- postpone loading of rpm after chroot is set [BZ# 1111147]
- use systemd-nspawn instead of chroot [RHBZ# 1132762]
- in --copyout do not fail on symlinks [BZ# 971474]
- allow to short circuit to prep phase [BZ# 966985]
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1165061 - update to mock-1.2.1-1.fc21 breaks existing mock profiles
https://bugzilla.redhat.com/show_bug.cgi?id=1165061
[ 2 ] Bug #1160428 - mock 1.2.0 tries to install f21 packages in f19 chroot
https://bugzilla.redhat.com/show_bug.cgi?id=1160428
[ 3 ] Bug #1162637 - Provide --umount counterpart for LVM plugin
https://bugzilla.redhat.com/show_bug.cgi?id=1162637
[ 4 ] Bug #1162631 - With LVM plugin enabled, I can't scrub traditional directories
https://bugzilla.redhat.com/show_bug.cgi?id=1162631
[ 5 ] Bug #1162720 - --copyout prints confusing errors when the copied file doesn't exist
https://bugzilla.redhat.com/show_bug.cgi?id=1162720
[ 6 ] Bug #1163037 - Do not print ANSI escape characters into log
https://bugzilla.redhat.com/show_bug.cgi?id=1163037
[ 7 ] Bug #1162595 - lvm_root_opts options in site-defaults.cfg don't work
https://bugzilla.redhat.com/show_bug.cgi?id=1162595
[ 8 ] Bug #1160765 - empty and single values for rpm macros in mock cfg file and cmd option
https://bugzilla.redhat.com/show_bug.cgi?id=1160765
[ 9 ] Bug #1161112 - pre-UsrMove profiles stopped working after update of mock
https://bugzilla.redhat.com/show_bug.cgi?id=1161112
[ 10 ] Bug #1160326 - mock new command line option --macro-file for defining rpm macros file
https://bugzilla.redhat.com/show_bug.cgi?id=1160326
[ 11 ] Bug #1159300 - running mock from chroot path directory produces "error retrieving current directory: getcwd"
https://bugzilla.redhat.com/show_bug.cgi?id=1159300
[ 12 ] Bug #1131279 - mock package has a questionable scriptlet, leading to errors about rpm db version mismatch
https://bugzilla.redhat.com/show_bug.cgi?id=1131279
[ 13 ] Bug #1159794 - invalid legal_host_arches option can cause unclear output
https://bugzilla.redhat.com/show_bug.cgi?id=1159794
[ 14 ] Bug #1100923 - RFE: compress mock build logs when done building
https://bugzilla.redhat.com/show_bug.cgi?id=1100923
[ 15 ] Bug #1085308 - mock: User configuration is lost during update
https://bugzilla.redhat.com/show_bug.cgi?id=1085308
[ 16 ] Bug #1126117 - Mock should accept paths to target definition files
https://bugzilla.redhat.com/show_bug.cgi?id=1126117
[ 17 ] Bug #1126235 - PROMPT_COMMAND does not include required escape codes
https://bugzilla.redhat.com/show_bug.cgi?id=1126235
[ 18 ] Bug #1154604 - mock: enablerepo doesn't work if used after disablerepo
https://bugzilla.redhat.com/show_bug.cgi?id=1154604
[ 19 ] Bug #1152971 - Verbose mode is repeating lines
https://bugzilla.redhat.com/show_bug.cgi?id=1152971
[ 20 ] Bug #1152952 - [mock] UnicodeEncodeError: 'ascii' codec can't encode characters in position 6-7: ordinal not in range(128)
https://bugzilla.redhat.com/show_bug.cgi?id=1152952
--------------------------------------------------------------------------------
================================================================================
nodejs-0.10.33-1.el7 (FEDORA-EPEL-2014-4154)
JavaScript runtime
--------------------------------------------------------------------------------
Update Information:
This release handles the recent POODLE vulnerability by disabling SSLv2/SSLv3
by default for the most predominate uses of TLS in Node.js.
It took longer than expected to get this release accomplished in a way that
would provide appropriate default security settings, while minimizing the
surface area for the behavior change we were introducing. It was also important
that we validated that our changes were being applied in the variety of
configurations we support in our APIs.
With this release, we are confident that the only behavior change is that of
the default allowed protocols do not include SSLv2 or SSLv3. Though you are
still able to programatically consume those protocols if necessary.
Included is the documentation that you can find at
https://nodejs.org/api/tls.html#tls_protocol_support that describes how this
works going forward for client and server implementations.
---
Node.js is compiled with SSLv2 and SSLv3 protocol support by default, but these
protocols are **disabled**. They are considered insecure and could be easily
compromised as was shown by CVE-2014-3566. However, in some situations, it
may cause problems with legacy clients/servers (such as Internet Explorer 6).
If you wish to enable SSLv2 or SSLv3, run node with the `--enable-ssl2` or
`--enable-ssl3` flag respectively. In future versions of Node.js SSLv2 and
SSLv3 will not be compiled in by default.
There is a way to force node into using SSLv3 or SSLv2 only mode by explicitly
specifying `secureProtocol` to `'SSLv3_method'` or `'SSLv2_method'`.
The default protocol method Node.js uses is `SSLv23_method` which would be more
accurately named `AutoNegotiate_method`. This method will try and negotiate
from the highest level down to whatever the client supports. To provide a
secure default, Node.js (since v0.10.33) explicitly disables the use of SSLv3
and SSLv2 by setting the `secureOptions` to be
`SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2` (again, unless you have passed
`--enable-ssl3`, or `--enable-ssl2`, or `SSLv3_method` as `secureProtocol`).
If you have set `securityOptions` to anything, we will not override your
options.
The ramifications of this behavior change:
* If your application is behaving as a secure server, clients who are `SSLv3`
only will now not be able to appropriately negotiate a connection and will be
refused. In this case your server will emit a `clientError` event. The error
message will include `'wrong version number'`.
* If your application is behaving as a secure client and communicating with a
server that doesn't support methods more secure than SSLv3 then your connection
won't be able to negotiate and will fail. In this case your client will emit a
an `error` event. The error message will include `'wrong version number'`.
---
2014.10.20, node.js Version 0.10.33 (Stable)
* child_process: properly support optional args (cjihrig)
* crypto: Disable autonegotiation for SSLv2/3 by default (Fedor Indutny, Timothy J Fontaine, Alexis Campailla)
This is a behavior change, by default we will not allow the negotiation to
SSLv2 or SSLv3. If you want this behavior, run Node.js with either
`--enable-ssl2` or `--enable-ssl3` respectively.
This does not change the behavior for users specifically requesting
`SSLv2_method` or `SSLv3_method`. While this behavior is not advised, it is
assumed you know what you're doing since you're specifically asking to use
these methods.
---
2014.10.21, libuv Version 0.10.29 (Stable)
Relevant changes since version 0.10.28:
* linux: try epoll_pwait if epoll_wait is missing (Michael Hudson-Doyle)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 T.C. Hollingsworth <tchollingsworth(a)gmail.com> - 0.10.33-1
- new upstream release 0.10.33
http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/
- This release disables SSLv3 to secure Node.js services against the POODLE
attack. (CVE-2014-3566; RHBZ#1152789) For more information or to learn how
to re-enable SSLv3 in order to support legacy clients, please see the upstream
release announcement linked above.
* Tue Oct 21 2014 T.C. Hollingsworth <tchollingsworth(a)gmail.com> - 0.10.32-2
- add Provides nodejs-punycode (RHBZ#1151811)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1152789 - CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack
https://bugzilla.redhat.com/show_bug.cgi?id=1152789
--------------------------------------------------------------------------------
================================================================================
perl-DateTime-Format-Pg-0.16010-6.el7 (FEDORA-EPEL-2014-4141)
Parse and format PostgreSQL dates and times
--------------------------------------------------------------------------------
Update Information:
add perl-DateTime-Format-Pg to epel7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #459934 - Review Request: perl-DateTime-Format-Pg - Parse and format PostgreSQL dates and times
https://bugzilla.redhat.com/show_bug.cgi?id=459934
--------------------------------------------------------------------------------
================================================================================
perl-qpid_proton-0.8-1.el7 (FEDORA-EPEL-2014-4139)
Perl language bindings for Qpid Proton
--------------------------------------------------------------------------------
Update Information:
Rebased on Proton 0.8.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Darryl L. Pierce <dpierce(a)redhat.com> - 0.8-1
- Rebased on Proton 0.8.
* Thu Aug 28 2014 Jitka Plesnikova <jplesnik(a)redhat.com> - 0.7-4
- Perl 5.20 rebuild
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.7-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Browser-2.0.8-1.el7 (FEDORA-EPEL-2014-4155)
Horde Browser API
--------------------------------------------------------------------------------
Update Information:
Horde_Browser 2.0.8
* [jan] Consider all user agents with 'bot' in the name as robots.
Horde_Test 2.4.6
* [jan] Add convertUsername() to Horde_Test_Stub_Registry.
Horde_Db 2.2.2
* [jan] Make Oracle's updateBlob() compatible with PHP 5.3.
Horde_History 2.3.3
* [jan] Fix migration with Oracle.
Horde_Crypt 2.5.1
* [jan] Fix using non-deprecated Content-Type for encrypted messages (Bug #13659).
Horde_Mime_Viewer 2.0.8
* [mms] More thorough handling of tar.gz data.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Remi Collet <remi(a)fedoraproject.org> - 2.0.8-1
- Update to 2.0.8
- add dependency on Horde_Translation
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Core-2.16.1-1.el7 (FEDORA-EPEL-2014-4127)
Horde Core Framework libraries
--------------------------------------------------------------------------------
Update Information:
Horde_Core 2.16.1:
* [mms] Fix file permissions of dynamically generated static CSS/JS files.
* [jan] Use correct user name as a fallback for identity full names with existing authusername hook.
Horde_Core 2.16.0:
* [mjr] Add the activesync_provisioning_check hook.
* [mjr] Fix determining multiplex settting for EAS notes (Bug #13637).
* [mjr] Fix adding new tasklists from EAS (Bug #13642).
* [jan] Update Czech translation (Michael Grafnetter).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 6 2014 Remi Collet <remi(a)fedoraproject.org> - 2.16.1-1
- Update to 2.16.1
- raise dependency on Horde_Translation >= 2.2.0
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Crypt-2.5.1-1.el7 (FEDORA-EPEL-2014-4155)
Horde Cryptography API
--------------------------------------------------------------------------------
Update Information:
Horde_Browser 2.0.8
* [jan] Consider all user agents with 'bot' in the name as robots.
Horde_Test 2.4.6
* [jan] Add convertUsername() to Horde_Test_Stub_Registry.
Horde_Db 2.2.2
* [jan] Make Oracle's updateBlob() compatible with PHP 5.3.
Horde_History 2.3.3
* [jan] Fix migration with Oracle.
Horde_Crypt 2.5.1
* [jan] Fix using non-deprecated Content-Type for encrypted messages (Bug #13659).
Horde_Mime_Viewer 2.0.8
* [mms] More thorough handling of tar.gz data.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Remi Collet <remi(a)fedoraproject.org> - 2.5.1-1
- Update to 2.5.1
- raise dependency on Horde_Translation 2.2.0
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Db-2.2.2-1.el7 (FEDORA-EPEL-2014-4155)
Horde Database Libraries
--------------------------------------------------------------------------------
Update Information:
Horde_Browser 2.0.8
* [jan] Consider all user agents with 'bot' in the name as robots.
Horde_Test 2.4.6
* [jan] Add convertUsername() to Horde_Test_Stub_Registry.
Horde_Db 2.2.2
* [jan] Make Oracle's updateBlob() compatible with PHP 5.3.
Horde_History 2.3.3
* [jan] Fix migration with Oracle.
Horde_Crypt 2.5.1
* [jan] Fix using non-deprecated Content-Type for encrypted messages (Bug #13659).
Horde_Mime_Viewer 2.0.8
* [mms] More thorough handling of tar.gz data.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Remi Collet <remi(a)fedoraproject.org> - 2.2.2-1
- Update to 2.2.2
* Thu Nov 6 2014 Remi Collet <remi(a)fedoraproject.org> - 2.2.0-1
- Update to 2.2.0
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-History-2.3.3-1.el7 (FEDORA-EPEL-2014-4155)
API for tracking the history of an object
--------------------------------------------------------------------------------
Update Information:
Horde_Browser 2.0.8
* [jan] Consider all user agents with 'bot' in the name as robots.
Horde_Test 2.4.6
* [jan] Add convertUsername() to Horde_Test_Stub_Registry.
Horde_Db 2.2.2
* [jan] Make Oracle's updateBlob() compatible with PHP 5.3.
Horde_History 2.3.3
* [jan] Fix migration with Oracle.
Horde_Crypt 2.5.1
* [jan] Fix using non-deprecated Content-Type for encrypted messages (Bug #13659).
Horde_Mime_Viewer 2.0.8
* [mms] More thorough handling of tar.gz data.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Remi Collet <remi(a)fedoraproject.org> - 2.3.3-1
- Update to 2.3.3
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Mime-Viewer-2.0.8-1.el7 (FEDORA-EPEL-2014-4155)
Horde MIME Viewer Library
--------------------------------------------------------------------------------
Update Information:
Horde_Browser 2.0.8
* [jan] Consider all user agents with 'bot' in the name as robots.
Horde_Test 2.4.6
* [jan] Add convertUsername() to Horde_Test_Stub_Registry.
Horde_Db 2.2.2
* [jan] Make Oracle's updateBlob() compatible with PHP 5.3.
Horde_History 2.3.3
* [jan] Fix migration with Oracle.
Horde_Crypt 2.5.1
* [jan] Fix using non-deprecated Content-Type for encrypted messages (Bug #13659).
Horde_Mime_Viewer 2.0.8
* [mms] More thorough handling of tar.gz data.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Remi Collet <remi(a)fedoraproject.org> - 2.0.8-1
- Update to 2.0.8
- raise dependency on Horde_Translation 2.2.0
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Test-2.4.6-1.el7 (FEDORA-EPEL-2014-4155)
Horde testing base classes
--------------------------------------------------------------------------------
Update Information:
Horde_Browser 2.0.8
* [jan] Consider all user agents with 'bot' in the name as robots.
Horde_Test 2.4.6
* [jan] Add convertUsername() to Horde_Test_Stub_Registry.
Horde_Db 2.2.2
* [jan] Make Oracle's updateBlob() compatible with PHP 5.3.
Horde_History 2.3.3
* [jan] Fix migration with Oracle.
Horde_Crypt 2.5.1
* [jan] Fix using non-deprecated Content-Type for encrypted messages (Bug #13659).
Horde_Mime_Viewer 2.0.8
* [mms] More thorough handling of tar.gz data.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Remi Collet <remi(a)fedoraproject.org> - 2.4.6-1
- Update to 2.4.6
--------------------------------------------------------------------------------
================================================================================
python-bugzilla2fedmsg-0.2.1-1.el7 (FEDORA-EPEL-2014-4156)
Consume BZ messages over STOMP and republish to fedmsg
--------------------------------------------------------------------------------
Update Information:
Accomodate rhbz#1139955.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Ralph Bean <rbean(a)redhat.com> - 0.2.1-1
- Latest upstream handles timezones for rhbz#1139955.
--------------------------------------------------------------------------------
================================================================================
python-flask-openid-1.2.4-1.el7 (FEDORA-EPEL-2014-4135)
OpenID support for Flask
--------------------------------------------------------------------------------
Update Information:
Update to 1.2.4
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Praveen Kumar <kumarpraveen.nitdgp(a)gmail.com> 1.2.4-1
- Update to 1.2.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1164465 - python-testtools-1.2.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1164465
--------------------------------------------------------------------------------
================================================================================
python-testtools-1.1.0-1.el7 (FEDORA-EPEL-2014-4142)
Extensions to the Python unit testing framework
--------------------------------------------------------------------------------
Update Information:
- support for openstack Juno testing on el7
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 19 2014 Jerry James <loganjerry(a)gmail.com> - 1.1.0-1
- Update to 1.1.0 (bz 1132881)
- Fix license handling
- Note bundling exception for jquery in -doc
--------------------------------------------------------------------------------
================================================================================
quiterss-0.17.1-1.el7 (FEDORA-EPEL-2014-4140)
RSS/Atom aggregator
--------------------------------------------------------------------------------
Update Information:
Version bump
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 TI_Eugene <ti.eugene(a)gmail.com> - 0.17.1-1
- Version bump
--------------------------------------------------------------------------------
================================================================================
subunit-0.0.21-1.el7 (FEDORA-EPEL-2014-4138)
C bindings for subunit
--------------------------------------------------------------------------------
Update Information:
- To support openstack Juno testing
--------------------------------------------------------------------------------
================================================================================
voms-2.0.12-1.el7 (FEDORA-EPEL-2014-4131)
Virtual Organization Membership Service
--------------------------------------------------------------------------------
Update Information:
VOMS update
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 2.0.12-1
- Update to version 2.0.12
- Drop patches voms-gsoap.patch, voms-sha2-proxy.patch and voms-strndup.patch
(accepted upstream)
- Add alternatives to the client package to allow parallel installation of
the java implementation of the client tools
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 2.0.11-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sun Jul 13 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 2.0.11-9
- Rebuild properly
* Sun Jul 13 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 2.0.11-8
- Rebuild for gsoap 2.8.17 (Fedora 22)
--------------------------------------------------------------------------------
================================================================================
voms-api-java-3.0.4-1.el7 (FEDORA-EPEL-2014-4131)
Virtual Organization Membership Service Java API
--------------------------------------------------------------------------------
Update Information:
VOMS update
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 3.0.4-1
- Update to version 3.0.4
- Drop patch voms-api-java-timezone-dep-test.patch (fixed upstream)
--------------------------------------------------------------------------------
The following Fedora EPEL 6 Security updates need testing:
Age URL
941 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.…
160 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.26…
31 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3434/pylint-1.3.1-…
27 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3527/asterisk-1.8.…
21 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3623/Pound-2.6-2.e…
17 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3748/tnftp-2014103…
14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3790/facter-1.6.18…
9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3851/python-reques…
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3927/drupal7-ckedi…
6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3962/oath-toolkit-…
6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4005/nginx-1.0.15-…
6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4008/cross-binutil…
6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3975/polarssl-1.3.…
6 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2069/php-channel-p…
4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4057/moodle-2.5.9-…
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4151/lsyncd-2.1.4-…
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4144/nodejs-0.10.3…
The following builds have been pushed to Fedora EPEL 6 updates-testing
abduco-0.2-1.el6
dmlite-0.7.2-1.el6
golang-github-docker-libcontainer-1.2.0-3.git28cb5f9.el6
golang-googlecode-goauth2-0-0.4.hgafe77d958c70.el6
gparted-0.19.1-1.el6
libuv-0.10.29-1.el6
lsyncd-2.1.4-4.el6.1.1
nodejs-0.10.33-1.el6
perl-Finance-Quote-1.35-1.el6
php-horde-Horde-Browser-2.0.8-1.el6
php-horde-Horde-Core-2.16.1-1.el6
php-horde-Horde-Crypt-2.5.1-1.el6
php-horde-Horde-Db-2.2.2-1.el6
php-horde-Horde-History-2.3.3-1.el6
php-horde-Horde-Mime-Viewer-2.0.8-1.el6
php-horde-Horde-Test-2.4.6-1.el6
python-bugzilla2fedmsg-0.2.1-1.el6
python-flask-openid-1.2.4-1.el6
voms-2.0.12-1.el6
Details about builds:
================================================================================
abduco-0.2-1.el6 (FEDORA-EPEL-2014-4128)
Session management in a clean and simple way
--------------------------------------------------------------------------------
Update Information:
update to 0.2 (RHBZ #1165180)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Igor Gnatenko <i.gnatenko.brain(a)gmail.com> - 0.2-1
- update to 0.2 (RHBZ #1165180)
* Fri Aug 15 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1165180 - abduco-0.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1165180
--------------------------------------------------------------------------------
================================================================================
dmlite-0.7.2-1.el6 (FEDORA-EPEL-2014-4153)
Lcgdm grid data management and storage framework
--------------------------------------------------------------------------------
Update Information:
Update to 0.7.2, BugFix for too much verbose logging
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Adrien Devresse <adevress at cern.ch> - 0.7.2-1
- Update to 0.7.2, BugFix for too much verbose logging
--------------------------------------------------------------------------------
================================================================================
golang-github-docker-libcontainer-1.2.0-3.git28cb5f9.el6 (FEDORA-EPEL-2014-4136)
Configuration options for containers
--------------------------------------------------------------------------------
Update Information:
Resolves: rhbz#1164989 - update to atleast b9c834b7
bump to v1.2.0 commit c907e406fe81320d87b58edf74953ceb08facc13
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 1.2.0-3.git28cb5f9
- Resolves: rhbz#1164989 - update to atleast b9c834b7
* Fri Oct 24 2014 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 1.2.0-1.gitc907e40
- bump to v1.2.0 commit c907e406fe81320d87b58edf74953ceb08facc13
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1164989 - update to at least version b9c834b7
https://bugzilla.redhat.com/show_bug.cgi?id=1164989
--------------------------------------------------------------------------------
================================================================================
golang-googlecode-goauth2-0-0.4.hgafe77d958c70.el6 (FEDORA-EPEL-2014-4129)
OAuth 2.0 for Go clients
--------------------------------------------------------------------------------
Update Information:
Choose the correct architecture
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1141822 - Review Request: golang-googlecode-goauth2 - OAuth 2.0 for Go clients
https://bugzilla.redhat.com/show_bug.cgi?id=1141822
--------------------------------------------------------------------------------
================================================================================
gparted-0.19.1-1.el6 (FEDORA-EPEL-2014-4145)
Gnome Partition Editor
--------------------------------------------------------------------------------
Update Information:
Update to 0.19.1
Major version update as discussed in bz#1133315
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Mukundan Ragavan <nonamedotc(a)fedoraproject.org> - 0.19.1-2
- Added BR:intltool
* Mon Nov 17 2014 Mukundan Ragavan <nonamedotc(a)fedoraproject.org> - 0.19.1-1
- Update to latest upstream version
- Major version update discussed in bug#1133315
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1133315 - Update to latest GParted in EL5 and EL6
https://bugzilla.redhat.com/show_bug.cgi?id=1133315
--------------------------------------------------------------------------------
================================================================================
libuv-0.10.29-1.el6 (FEDORA-EPEL-2014-4144)
Platform layer for node.js
--------------------------------------------------------------------------------
Update Information:
This release handles the recent POODLE vulnerability by disabling SSLv2/SSLv3
by default for the most predominate uses of TLS in Node.js.
It took longer than expected to get this release accomplished in a way that
would provide appropriate default security settings, while minimizing the
surface area for the behavior change we were introducing. It was also important
that we validated that our changes were being applied in the variety of
configurations we support in our APIs.
With this release, we are confident that the only behavior change is that of
the default allowed protocols do not include SSLv2 or SSLv3. Though you are
still able to programatically consume those protocols if necessary.
Included is the documentation that you can find at
https://nodejs.org/api/tls.html#tls_protocol_support that describes how this
works going forward for client and server implementations.
---
Node.js is compiled with SSLv2 and SSLv3 protocol support by default, but these
protocols are **disabled**. They are considered insecure and could be easily
compromised as was shown by CVE-2014-3566. However, in some situations, it
may cause problems with legacy clients/servers (such as Internet Explorer 6).
If you wish to enable SSLv2 or SSLv3, run node with the `--enable-ssl2` or
`--enable-ssl3` flag respectively. In future versions of Node.js SSLv2 and
SSLv3 will not be compiled in by default.
There is a way to force node into using SSLv3 or SSLv2 only mode by explicitly
specifying `secureProtocol` to `'SSLv3_method'` or `'SSLv2_method'`.
The default protocol method Node.js uses is `SSLv23_method` which would be more
accurately named `AutoNegotiate_method`. This method will try and negotiate
from the highest level down to whatever the client supports. To provide a
secure default, Node.js (since v0.10.33) explicitly disables the use of SSLv3
and SSLv2 by setting the `secureOptions` to be
`SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2` (again, unless you have passed
`--enable-ssl3`, or `--enable-ssl2`, or `SSLv3_method` as `secureProtocol`).
If you have set `securityOptions` to anything, we will not override your
options.
The ramifications of this behavior change:
* If your application is behaving as a secure server, clients who are `SSLv3`
only will now not be able to appropriately negotiate a connection and will be
refused. In this case your server will emit a `clientError` event. The error
message will include `'wrong version number'`.
* If your application is behaving as a secure client and communicating with a
server that doesn't support methods more secure than SSLv3 then your connection
won't be able to negotiate and will fail. In this case your client will emit a
an `error` event. The error message will include `'wrong version number'`.
---
2014.10.20, node.js Version 0.10.33 (Stable)
* child_process: properly support optional args (cjihrig)
* crypto: Disable autonegotiation for SSLv2/3 by default (Fedor Indutny, Timothy J Fontaine, Alexis Campailla)
This is a behavior change, by default we will not allow the negotiation to
SSLv2 or SSLv3. If you want this behavior, run Node.js with either
`--enable-ssl2` or `--enable-ssl3` respectively.
This does not change the behavior for users specifically requesting
`SSLv2_method` or `SSLv3_method`. While this behavior is not advised, it is
assumed you know what you're doing since you're specifically asking to use
these methods.
---
2014.10.21, libuv Version 0.10.29 (Stable)
Relevant changes since version 0.10.28:
* linux: try epoll_pwait if epoll_wait is missing (Michael Hudson-Doyle)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 T.C. Hollingsworth <tchollingsworth(a)gmail.com> - 1:0.10.29-1
- new upstream release 0.10.29
https://github.com/joyent/libuv/blob/v0.10.29/ChangeLog
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1152789 - CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack
https://bugzilla.redhat.com/show_bug.cgi?id=1152789
--------------------------------------------------------------------------------
================================================================================
lsyncd-2.1.4-4.el6.1.1 (FEDORA-EPEL-2014-4151)
File change monitoring and synchronization daemon
--------------------------------------------------------------------------------
Update Information:
Fix bad shell argument escaping
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Lubomir Rintel <lkundrak(a)v3.sk> - 2.1.4-4.1.1
- Fix bad shell argument escaping
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1165078 - lsyncd: command injection through backticks in a filename
https://bugzilla.redhat.com/show_bug.cgi?id=1165078
--------------------------------------------------------------------------------
================================================================================
nodejs-0.10.33-1.el6 (FEDORA-EPEL-2014-4144)
JavaScript runtime
--------------------------------------------------------------------------------
Update Information:
This release handles the recent POODLE vulnerability by disabling SSLv2/SSLv3
by default for the most predominate uses of TLS in Node.js.
It took longer than expected to get this release accomplished in a way that
would provide appropriate default security settings, while minimizing the
surface area for the behavior change we were introducing. It was also important
that we validated that our changes were being applied in the variety of
configurations we support in our APIs.
With this release, we are confident that the only behavior change is that of
the default allowed protocols do not include SSLv2 or SSLv3. Though you are
still able to programatically consume those protocols if necessary.
Included is the documentation that you can find at
https://nodejs.org/api/tls.html#tls_protocol_support that describes how this
works going forward for client and server implementations.
---
Node.js is compiled with SSLv2 and SSLv3 protocol support by default, but these
protocols are **disabled**. They are considered insecure and could be easily
compromised as was shown by CVE-2014-3566. However, in some situations, it
may cause problems with legacy clients/servers (such as Internet Explorer 6).
If you wish to enable SSLv2 or SSLv3, run node with the `--enable-ssl2` or
`--enable-ssl3` flag respectively. In future versions of Node.js SSLv2 and
SSLv3 will not be compiled in by default.
There is a way to force node into using SSLv3 or SSLv2 only mode by explicitly
specifying `secureProtocol` to `'SSLv3_method'` or `'SSLv2_method'`.
The default protocol method Node.js uses is `SSLv23_method` which would be more
accurately named `AutoNegotiate_method`. This method will try and negotiate
from the highest level down to whatever the client supports. To provide a
secure default, Node.js (since v0.10.33) explicitly disables the use of SSLv3
and SSLv2 by setting the `secureOptions` to be
`SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2` (again, unless you have passed
`--enable-ssl3`, or `--enable-ssl2`, or `SSLv3_method` as `secureProtocol`).
If you have set `securityOptions` to anything, we will not override your
options.
The ramifications of this behavior change:
* If your application is behaving as a secure server, clients who are `SSLv3`
only will now not be able to appropriately negotiate a connection and will be
refused. In this case your server will emit a `clientError` event. The error
message will include `'wrong version number'`.
* If your application is behaving as a secure client and communicating with a
server that doesn't support methods more secure than SSLv3 then your connection
won't be able to negotiate and will fail. In this case your client will emit a
an `error` event. The error message will include `'wrong version number'`.
---
2014.10.20, node.js Version 0.10.33 (Stable)
* child_process: properly support optional args (cjihrig)
* crypto: Disable autonegotiation for SSLv2/3 by default (Fedor Indutny, Timothy J Fontaine, Alexis Campailla)
This is a behavior change, by default we will not allow the negotiation to
SSLv2 or SSLv3. If you want this behavior, run Node.js with either
`--enable-ssl2` or `--enable-ssl3` respectively.
This does not change the behavior for users specifically requesting
`SSLv2_method` or `SSLv3_method`. While this behavior is not advised, it is
assumed you know what you're doing since you're specifically asking to use
these methods.
---
2014.10.21, libuv Version 0.10.29 (Stable)
Relevant changes since version 0.10.28:
* linux: try epoll_pwait if epoll_wait is missing (Michael Hudson-Doyle)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 T.C. Hollingsworth <tchollingsworth(a)gmail.com> - 0.10.33-1
- new upstream release 0.10.33
http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/
- This release disables SSLv3 to secure Node.js services against the POODLE
attack. (CVE-2014-3566; RHBZ#1152789) For more information or to learn how
to re-enable SSLv3 in order to support legacy clients, please see the upstream
release announcement linked above.
* Tue Oct 21 2014 T.C. Hollingsworth <tchollingsworth(a)gmail.com> - 0.10.32-2
- add Provides nodejs-punycode (RHBZ#1151811)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1152789 - CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack
https://bugzilla.redhat.com/show_bug.cgi?id=1152789
--------------------------------------------------------------------------------
================================================================================
perl-Finance-Quote-1.35-1.el6 (FEDORA-EPEL-2014-4148)
A Perl module that retrieves stock and mutual fund quotes
--------------------------------------------------------------------------------
Update Information:
This update, to the current upstream release, includes some fixes for existing data sources and a number of new data sources.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Paul Howarth <paul(a)city-fan.org> - 1.35-1
- Update to 1.35
- Clean up and modernize spec somewhat
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Browser-2.0.8-1.el6 (FEDORA-EPEL-2014-4143)
Horde Browser API
--------------------------------------------------------------------------------
Update Information:
Horde_Browser 2.0.8
* [jan] Consider all user agents with 'bot' in the name as robots.
Horde_Test 2.4.6
* [jan] Add convertUsername() to Horde_Test_Stub_Registry.
Horde_Db 2.2.2
* [jan] Make Oracle's updateBlob() compatible with PHP 5.3.
Horde_History 2.3.3
* [jan] Fix migration with Oracle.
Horde_Crypt 2.5.1
* [jan] Fix using non-deprecated Content-Type for encrypted messages (Bug #13659).
Horde_Mime_Viewer 2.0.8
* [mms] More thorough handling of tar.gz data.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Remi Collet <remi(a)fedoraproject.org> - 2.0.8-1
- Update to 2.0.8
- add dependency on Horde_Translation
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Core-2.16.1-1.el6 (FEDORA-EPEL-2014-4149)
Horde Core Framework libraries
--------------------------------------------------------------------------------
Update Information:
Horde_Core 2.16.1:
* [mms] Fix file permissions of dynamically generated static CSS/JS files.
* [jan] Use correct user name as a fallback for identity full names with existing authusername hook.
Horde_Core 2.16.0:
* [mjr] Add the activesync_provisioning_check hook.
* [mjr] Fix determining multiplex settting for EAS notes (Bug #13637).
* [mjr] Fix adding new tasklists from EAS (Bug #13642).
* [jan] Update Czech translation (Michael Grafnetter).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 6 2014 Remi Collet <remi(a)fedoraproject.org> - 2.16.1-1
- Update to 2.16.1
- raise dependency on Horde_Translation >= 2.2.0
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Crypt-2.5.1-1.el6 (FEDORA-EPEL-2014-4143)
Horde Cryptography API
--------------------------------------------------------------------------------
Update Information:
Horde_Browser 2.0.8
* [jan] Consider all user agents with 'bot' in the name as robots.
Horde_Test 2.4.6
* [jan] Add convertUsername() to Horde_Test_Stub_Registry.
Horde_Db 2.2.2
* [jan] Make Oracle's updateBlob() compatible with PHP 5.3.
Horde_History 2.3.3
* [jan] Fix migration with Oracle.
Horde_Crypt 2.5.1
* [jan] Fix using non-deprecated Content-Type for encrypted messages (Bug #13659).
Horde_Mime_Viewer 2.0.8
* [mms] More thorough handling of tar.gz data.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Remi Collet <remi(a)fedoraproject.org> - 2.5.1-1
- Update to 2.5.1
- raise dependency on Horde_Translation 2.2.0
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Db-2.2.2-1.el6 (FEDORA-EPEL-2014-4143)
Horde Database Libraries
--------------------------------------------------------------------------------
Update Information:
Horde_Browser 2.0.8
* [jan] Consider all user agents with 'bot' in the name as robots.
Horde_Test 2.4.6
* [jan] Add convertUsername() to Horde_Test_Stub_Registry.
Horde_Db 2.2.2
* [jan] Make Oracle's updateBlob() compatible with PHP 5.3.
Horde_History 2.3.3
* [jan] Fix migration with Oracle.
Horde_Crypt 2.5.1
* [jan] Fix using non-deprecated Content-Type for encrypted messages (Bug #13659).
Horde_Mime_Viewer 2.0.8
* [mms] More thorough handling of tar.gz data.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Remi Collet <remi(a)fedoraproject.org> - 2.2.2-1
- Update to 2.2.2
* Thu Nov 6 2014 Remi Collet <remi(a)fedoraproject.org> - 2.2.0-1
- Update to 2.2.0
- open https://github.com/horde/horde/pull/113 for php 5.3
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-History-2.3.3-1.el6 (FEDORA-EPEL-2014-4143)
API for tracking the history of an object
--------------------------------------------------------------------------------
Update Information:
Horde_Browser 2.0.8
* [jan] Consider all user agents with 'bot' in the name as robots.
Horde_Test 2.4.6
* [jan] Add convertUsername() to Horde_Test_Stub_Registry.
Horde_Db 2.2.2
* [jan] Make Oracle's updateBlob() compatible with PHP 5.3.
Horde_History 2.3.3
* [jan] Fix migration with Oracle.
Horde_Crypt 2.5.1
* [jan] Fix using non-deprecated Content-Type for encrypted messages (Bug #13659).
Horde_Mime_Viewer 2.0.8
* [mms] More thorough handling of tar.gz data.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Remi Collet <remi(a)fedoraproject.org> - 2.3.3-1
- Update to 2.3.3
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Mime-Viewer-2.0.8-1.el6 (FEDORA-EPEL-2014-4143)
Horde MIME Viewer Library
--------------------------------------------------------------------------------
Update Information:
Horde_Browser 2.0.8
* [jan] Consider all user agents with 'bot' in the name as robots.
Horde_Test 2.4.6
* [jan] Add convertUsername() to Horde_Test_Stub_Registry.
Horde_Db 2.2.2
* [jan] Make Oracle's updateBlob() compatible with PHP 5.3.
Horde_History 2.3.3
* [jan] Fix migration with Oracle.
Horde_Crypt 2.5.1
* [jan] Fix using non-deprecated Content-Type for encrypted messages (Bug #13659).
Horde_Mime_Viewer 2.0.8
* [mms] More thorough handling of tar.gz data.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Remi Collet <remi(a)fedoraproject.org> - 2.0.8-1
- Update to 2.0.8
- raise dependency on Horde_Translation 2.2.0
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Test-2.4.6-1.el6 (FEDORA-EPEL-2014-4143)
Horde testing base classes
--------------------------------------------------------------------------------
Update Information:
Horde_Browser 2.0.8
* [jan] Consider all user agents with 'bot' in the name as robots.
Horde_Test 2.4.6
* [jan] Add convertUsername() to Horde_Test_Stub_Registry.
Horde_Db 2.2.2
* [jan] Make Oracle's updateBlob() compatible with PHP 5.3.
Horde_History 2.3.3
* [jan] Fix migration with Oracle.
Horde_Crypt 2.5.1
* [jan] Fix using non-deprecated Content-Type for encrypted messages (Bug #13659).
Horde_Mime_Viewer 2.0.8
* [mms] More thorough handling of tar.gz data.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Remi Collet <remi(a)fedoraproject.org> - 2.4.6-1
- Update to 2.4.6
--------------------------------------------------------------------------------
================================================================================
python-bugzilla2fedmsg-0.2.1-1.el6 (FEDORA-EPEL-2014-4130)
Consume BZ messages over STOMP and republish to fedmsg
--------------------------------------------------------------------------------
Update Information:
Accomodate rhbz#1139955.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Ralph Bean <rbean(a)redhat.com> - 0.2.1-1
- Latest upstream handles timezones for rhbz#1139955.
* Tue Sep 30 2014 Ralph Bean <rbean(a)redhat.com> - 0.2.0-1
- Reorganized internally to rely on fedmsg queueing.
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.1.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-flask-openid-1.2.4-1.el6 (FEDORA-EPEL-2014-4146)
OpenID support for Flask
--------------------------------------------------------------------------------
Update Information:
Update to 1.2.4
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Praveen Kumar <kumarpraveen.nitdgp(a)gmail.com> 1.2.4-1
- Update to 1.2.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1164867 - Please update to the latest upstream for epel7 and epel6
https://bugzilla.redhat.com/show_bug.cgi?id=1164867
--------------------------------------------------------------------------------
================================================================================
voms-2.0.12-1.el6 (FEDORA-EPEL-2014-4133)
Virtual Organization Membership Service
--------------------------------------------------------------------------------
Update Information:
VOMS update
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 2.0.12-1
- Update to version 2.0.12
- Drop patches voms-gsoap.patch, voms-sha2-proxy.patch and voms-strndup.patch
(accepted upstream)
- Add alternatives to the client package to allow parallel installation of
the java implementation of the client tools
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 2.0.11-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sun Jul 13 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 2.0.11-9
- Rebuild properly
* Sun Jul 13 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 2.0.11-8
- Rebuild for gsoap 2.8.17 (Fedora 22)
--------------------------------------------------------------------------------
#25: Automated dependency testing
----------------------------+------------------
Reporter: avij | Owner: avij
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: Policy problem | Version:
Keywords: QA |
----------------------------+------------------
It has happened way too often that packages are pushed to testing, then
they spend the next 14 days in testing but nobody bothers testing them,
and then finally the package owner pushes them to stable. At this point
people notice that the package would need some dependant packages and
chaos ensues.
To combat this, I have written a script that does nightly dependency
testing for packages in epel and epel-testing, and mails me the diff from
previous night's run. The script is basically just a "repoclosure -r base
-r updates -r epel -r epel-testing" for each of EPEL 5,6,7. My plan is to
give bad karma to those packages in epel-testing that have dependency
problems. This should alert the package owner to not push the package to
stable before the dep problems have been resolved. When the dependency
problem has been resolved (one way or another), this will show up on the
next list and I can give good karma to that package to clear the previous
bad karma. Eventually giving this good/bad karma would need to be fully
automated, but this is a start.
--
Ticket URL: <https://fedorahosted.org/epel/ticket/25>
EPEL <https://fedoraproject.org/wiki/EPEL>
Extra Packages for Enterprise Linux
The following Fedora EPEL 6 Security updates need testing:
Age URL
940 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5620/bugzilla-3.4.…
159 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1616/puppet-2.7.26…
30 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3434/pylint-1.3.1-…
26 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3527/asterisk-1.8.…
20 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3623/Pound-2.6-2.e…
16 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3748/tnftp-2014103…
13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3790/facter-1.6.18…
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3851/python-reques…
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3927/drupal7-ckedi…
5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3962/oath-toolkit-…
5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4005/nginx-1.0.15-…
5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4008/cross-binutil…
5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3975/polarssl-1.3.…
5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2069/php-channel-p…
3 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4057/moodle-2.5.9-…
The following builds have been pushed to Fedora EPEL 6 updates-testing
Zim-0.62-2.el6
celestia-1.6.1-18.el6
gfal2-2.7.8-1.el6
id3lib-3.8.3-28.el6
labiryntowy-fonts-1.53-2.el6
mock-1.2.1-1.el6
ntfs-3g-2014.2.15-7.el6
perl-Crypt-Rijndael-1.12-1.el6
protobuf-2.3.0-8.el6
python-cltk-0.0.0.47-1.el6
Details about builds:
================================================================================
Zim-0.62-2.el6 (FEDORA-EPEL-2014-4122)
Desktop wiki & notekeeper
--------------------------------------------------------------------------------
Update Information:
Backport upstream bzr755 to fix mis-matched gtk and pygtk in Fedora/RHEL
New upstream stable release
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 16 2014 Robin Lee <cheeselee(a)fedoraproject.org> - 0.62-2
- Backport upstream bzr755 to fix mis-matched gtk and pygtk in Fedora/RHEL
* Fri Oct 3 2014 Robin Lee <cheeselee(a)fedoraproject.org> - 0.62-1
- Update to 0.62
* Thu Oct 2 2014 Rex Dieter <rdieter(a)fedoraproject.org> 0.61-2
- update mime scriptlets
* Sat Aug 2 2014 Robin Lee <cheeselee(a)fedoraproject.org> - 0.61-1
- Update to 0.61
* Fri Jun 6 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.60-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.60-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1163667 - zim crashing at startup after applying RHEL security fixes for gtk and gdk
https://bugzilla.redhat.com/show_bug.cgi?id=1163667
[ 2 ] Bug #1148354 - Zim-0.62 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1148354
--------------------------------------------------------------------------------
================================================================================
celestia-1.6.1-18.el6 (FEDORA-EPEL-2014-4112)
OpenGL real-time visual space simulation
--------------------------------------------------------------------------------
Update Information:
Repackaged source with .tar.xz
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 16 2014 Matias Kreder <mkreder(a)gmail.com> - 1.6.1-18
- Repackaged source with .tar.xz
* Fri Aug 15 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.6.1-17
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Thu Jul 3 2014 Richard Hughes <richard(a)hughsie.com> - 1.6.1-16
- Fix startup, thanks to a patch from Chris Rankin
- Resolves: #1045632
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.6.1-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Thu Aug 22 2013 Ralf Corsépius <corsepiu(a)fedoraproject.org> - 1.6.1-14
- FTBS, RHBZ#992048:
- celestia-1.6.1-lua-5.2.patch: Add autoconf-2.67 generated snippets.
Avoid running autotools (package config is incompatible to modern autotools).
- Add celestia-1.6.1-gcc4.8.patch: Tweaks for building with gcc-4.8.x.
- Address docdir changes (RHBZ#993693).
- Fix permissons on source files.
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.6.1-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Tue May 14 2013 Tom Callaway <spot(a)fedoraproject.org> - 1.6.1-12
- rebuild for lua 5.2
* Thu Feb 14 2013 Rahul Sundaram <sundaram(a)fedoraproject.org> - 1.6.1-11
- remove vendor tag from desktop file. https://fedorahosted.org/fpc/ticket/247
- clean up spec to follow current guidelines
- fix desktop file to follow specification
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.6.1-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Fri Jan 18 2013 Adam Tkac <atkac redhat com> - 1.6.1-9
- rebuild due to "jpeg8-ABI" feature drop
* Mon Jan 14 2013 Tom Callaway <spot(a)fedoraproject.org> - 1.6.1-8
- remove non-free (or unlicensed) files (bz 888210)
* Fri Dec 21 2012 Adam Tkac <atkac redhat com> - 1.6.1-7
- rebuild against new libjpeg
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.6.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Thu Mar 22 2012 Tom Callaway <spot(a)fedoraproject.org> - 1.6.1-5
- fix compile issues (gcc 4.7, zlib)
* Tue Feb 28 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.6.1-4
- Rebuilt for c++ ABI breakage
* Thu Jan 12 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.6.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Dec 6 2011 Adam Jackson <ajax(a)redhat.com> - 1.6.1-2
- Rebuild for new libpng
* Mon Nov 14 2011 Peter Robinson <pbrobinson(a)fedoraproject.org> - 1.6.1-1
- Update to 1.6.1
* Wed Feb 9 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.6.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Dec 15 2010 Hans de Goede <hdegoede(a)redhat.com> - 1.6.0-2
- Fix the license button in the about dialog not working
* Wed Dec 8 2010 Hans de Goede <hdegoede(a)redhat.com> - 1.6.0-1
- New upstream release 1.6.0 (#655565)
- Fix building with gcc-4.5 (#631077)
--------------------------------------------------------------------------------
================================================================================
gfal2-2.7.8-1.el6 (FEDORA-EPEL-2014-3896)
Grid file access library 2.0
--------------------------------------------------------------------------------
Update Information:
Update for gfal2 2.7.8 release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2014 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 2.7.8-1
- Upstream backported fix for protocol honoring on SRM GET and PUT
* Mon Nov 10 2014 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 2.7.7-1
- Upgraded to upstream release 2.7.7
* Fri Nov 7 2014 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 2.7.6-1
- New upstream release
* Mon Sep 8 2014 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 2.6.8-6
- Patch to use lseek64 instead of lseek in the http plugin
* Thu Sep 4 2014 Orion Poplawski <orion(a)cora.nwra.com> - 2.6.8-5
- Rebuild for pugixml 1.4
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 2.6.8-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
id3lib-3.8.3-28.el6 (FEDORA-EPEL-2014-4097)
Library for manipulating ID3v1 and ID3v2 tags
--------------------------------------------------------------------------------
Update Information:
Apply several fixes from the Debian package
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 15 2014 David King <amigadave(a)amigadave.com> - 3.8.3-28
- Fix typos in man page patch
- Add UTF-16 string lists patch, adapted from Debian
- Add NULL pointer check patch from Debian
- Enable check, using make check
* Thu Mar 6 2014 David King <amigadave(a)amigadave.com> - 3.8.3-27
- Use autoreconf patch from mingw-id3lib package
* Wed Aug 7 2013 Adrian Reber <adrian(a)lisas.de> - 3.8.3-26
- Remove unneeded parts (clean, defattr, buildroot)
- Added man pages from Debian
- Fixed bogus dates
--------------------------------------------------------------------------------
================================================================================
labiryntowy-fonts-1.53-2.el6 (FEDORA-EPEL-2014-4102)
Artificial font consisting of vertical and horizontal bars
--------------------------------------------------------------------------------
Update Information:
Add font licence file, delete info.
Initial packaging.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1162148 - Review Request: labiryntowy-fonts - Conscript (artifical font) letters consist of vertical and horizontal bars. No matter their thickness.
https://bugzilla.redhat.com/show_bug.cgi?id=1162148
--------------------------------------------------------------------------------
================================================================================
mock-1.2.1-1.el6 (FEDORA-EPEL-2014-4101)
Builds packages inside chroots
--------------------------------------------------------------------------------
Update Information:
Bump in plugin ABI.
New LVM plugin.
Nosync for better IO performance.
DNF support.
Printing more useful output on terminal.
Concurrent shell acces to buildroot.
Executing package management commands.
--enablerepo and --disablerepo options
Short circuit options.
Automatic initialization.
Python 3 support.
Experimental support for building using systemd-nspawn.
Accept path as config.
New compress_logs plugin.
And lots of bugfixes.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 15 2014 Miroslav Suchý <msuchy(a)redhat.com> - 1.2.1-1
- allow mockchain to accept path as config
- end yum's installroot path with a slash [RHBZ#1160428]
- add --mount option [RHBZ#1162637]
- add some missing bash completation strings
- run --shell as root with --new-chroot
- Don't fail scrub when there's no pool [RHBZ#1162631]
- Globbing and tilde expansion
- move restoring priviledges to finally [RHBZ#1162720]
- Remove "Buildroot must be already initialized" note
- Add missing --print-root-path to manpage
- Do not print ANSI escape characters into log [RHBZ#1163037]
- in site-defaults.cfg initialize dictionary of plugins [RHBZ#1162595]
- Disable empty names and values in config_opts[macros] [RHBZ#1160765]
- Disable single macros in -D cmd option [RHBZ#1160765]
- rpmbuild is in /usr/bin [RHBZ#1161112]
- man page for --macro-file [RHBZ#1160326]
- Added option [--macro-file] to support external rpm macros file [RHBZ#1160326]
- Don't output installation/build output when redirected
- Better log message for intial buildroot installation
- Be more specific when installing configs
- Install into correct sitelib when using Python 3
- Fix nosync on aarch64
- wrap all remaining getcwd() [RHBZ#1159300]
- do not use rpm in %post scriptlet [RHBZ#1131279]
- Fix unclear legal host output [RHBZ#1159794]
- allow running from directory, which is deleted [RHBZ#1159300]
- create compress_logs plugin [RHBZ#1100923]
- when default.cfg exists create default.cfg.rpmnew [RHBZ#1085308]
- accept paths to target definition files [RHBZ#1126117]
- set title bar in xterm [RHBZ#1126235]
- pass --enablerepo/--disablerepo to yum in the same order as provided to mock [RHBZ#1154604]
- Fix incorrect printing of binary strings on py3
- Add missing Requires rpm-python3
- Don't print Yum and build output when quiet
- Prevent output being printed twice with --verbose (rhbz#1152971)
- Fix printing non-ascii characters with output redirected (rhbz#1152952)
- replace urlgrabber by python-requests
- use python3 for Fedora22+
- Don't print we're doing rpmbuild -bb, when it may not be true
- 'prep' choice missing in short-circuit option parser
- Don't execute prebuild in short-circuit mode
* Thu Oct 9 2014 Miroslav Suchý <msuchy(a)redhat.com> - 1.2.0-1
- update configs for secondary architecture (Dan Horák)
- caching of buildroots using LVM (Michael Simacek)
- add support for DNF (Michael Simacek)
- initial porting to python3 (Michael Simacek)
- new config option nosync (Michael Simacek)
- add CentOS extra repository [BZ# 1108402]
- correctly create default.cfg on arm [BZ# 1033786]
- postpone loading of rpm after chroot is set [BZ# 1111147]
- use systemd-nspawn instead of chroot [RHBZ# 1132762]
- in --copyout do not fail on symlinks [BZ# 971474]
- allow to short circuit to prep phase [BZ# 966985]
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1160428 - mock 1.2.0 tries to install f21 packages in f19 chroot
https://bugzilla.redhat.com/show_bug.cgi?id=1160428
[ 2 ] Bug #1162637 - Provide --umount counterpart for LVM plugin
https://bugzilla.redhat.com/show_bug.cgi?id=1162637
[ 3 ] Bug #1162631 - With LVM plugin enabled, I can't scrub traditional directories
https://bugzilla.redhat.com/show_bug.cgi?id=1162631
[ 4 ] Bug #1162720 - --copyout prints confusing errors when the copied file doesn't exist
https://bugzilla.redhat.com/show_bug.cgi?id=1162720
[ 5 ] Bug #1163037 - Do not print ANSI escape characters into log
https://bugzilla.redhat.com/show_bug.cgi?id=1163037
[ 6 ] Bug #1162595 - lvm_root_opts options in site-defaults.cfg don't work
https://bugzilla.redhat.com/show_bug.cgi?id=1162595
[ 7 ] Bug #1160765 - empty and single values for rpm macros in mock cfg file and cmd option
https://bugzilla.redhat.com/show_bug.cgi?id=1160765
[ 8 ] Bug #1161112 - pre-UsrMove profiles stopped working after update of mock
https://bugzilla.redhat.com/show_bug.cgi?id=1161112
[ 9 ] Bug #1160326 - mock new command line option --macro-file for defining rpm macros file
https://bugzilla.redhat.com/show_bug.cgi?id=1160326
[ 10 ] Bug #1159300 - running mock from chroot path directory produces "error retrieving current directory: getcwd"
https://bugzilla.redhat.com/show_bug.cgi?id=1159300
[ 11 ] Bug #1131279 - mock package has a questionable scriptlet, leading to errors about rpm db version mismatch
https://bugzilla.redhat.com/show_bug.cgi?id=1131279
[ 12 ] Bug #1159794 - invalid legal_host_arches option can cause unclear output
https://bugzilla.redhat.com/show_bug.cgi?id=1159794
[ 13 ] Bug #1100923 - RFE: compress mock build logs when done building
https://bugzilla.redhat.com/show_bug.cgi?id=1100923
[ 14 ] Bug #1085308 - mock: User configuration is lost during update
https://bugzilla.redhat.com/show_bug.cgi?id=1085308
[ 15 ] Bug #1126117 - Mock should accept paths to target definition files
https://bugzilla.redhat.com/show_bug.cgi?id=1126117
[ 16 ] Bug #1126235 - PROMPT_COMMAND does not include required escape codes
https://bugzilla.redhat.com/show_bug.cgi?id=1126235
[ 17 ] Bug #1154604 - mock: enablerepo doesn't work if used after disablerepo
https://bugzilla.redhat.com/show_bug.cgi?id=1154604
[ 18 ] Bug #1152971 - Verbose mode is repeating lines
https://bugzilla.redhat.com/show_bug.cgi?id=1152971
[ 19 ] Bug #1152952 - [mock] UnicodeEncodeError: 'ascii' codec can't encode characters in position 6-7: ordinal not in range(128)
https://bugzilla.redhat.com/show_bug.cgi?id=1152952
--------------------------------------------------------------------------------
================================================================================
ntfs-3g-2014.2.15-7.el6 (FEDORA-EPEL-2014-4099)
Linux NTFS userspace driver
--------------------------------------------------------------------------------
Update Information:
Fix ntfs-3g/ntfsprogs builds for EL-6 (and older, should we ever be so brave as to go into that snake pit). Add back hal file for ancient nautilus support.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2014 Tom Callaway <spot(a)fedoraproject.org> - 2:2014.2.15-7
- old rhel (< 7) needs old pathing and hal file. CONDITIONALIZE ALL THE THINGS!
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1164757 - cannot mount ntfs partitions from Nautilus
https://bugzilla.redhat.com/show_bug.cgi?id=1164757
[ 2 ] Bug #1043236 - Update ntfs-3g/ntfsprogs packages in EPEL
https://bugzilla.redhat.com/show_bug.cgi?id=1043236
[ 3 ] Bug #1164565 - Can not mount external USB HDD
https://bugzilla.redhat.com/show_bug.cgi?id=1164565
--------------------------------------------------------------------------------
================================================================================
perl-Crypt-Rijndael-1.12-1.el6 (FEDORA-EPEL-2014-4105)
Crypt::CBC compliant Rijndael encryption module
--------------------------------------------------------------------------------
Update Information:
Updated to 1.12
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 16 2014 Matias Kreder <mkreder(a)gmail.com> - 1.12-1
- Updated to 1.12
* Thu Aug 28 2014 Jitka Plesnikova <jplesnik(a)redhat.com> - 1.11-7
- Perl 5.20 rebuild
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.11-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.11-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.11-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sun Jul 21 2013 Petr Pisar <ppisar(a)redhat.com> - 1.11-3
- Perl 5.18 rebuild
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.11-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Fri Aug 3 2012 Iain Arnell <iarnell(a)gmail.com> 1.11-1
- update to latest upstream version
- license change from LGPLv2+ to LGPLv3
* Sat Jul 21 2012 Iain Arnell <iarnell(a)gmail.com> 1.10-1
- update to latest upstream version
- clean up spec for modern rpmbuild
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.09-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Wed Jun 13 2012 Petr Pisar <ppisar(a)redhat.com> - 1.09-8
- Perl 5.16 rebuild
* Sat Jan 14 2012 Iain Arnell <iarnell(a)gmail.com> 1.09-7
- BuildRequires perl(Digest::MD5)
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.09-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Jun 21 2011 Marcela Mašláňová <mmaslano(a)redhat.com> - 1.09-5
- Perl mass rebuild
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.09-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Thu Dec 16 2010 Marcela Maslanova <mmaslano(a)redhat.com> - 1.09-3
- 661697 rebuild for fixing problems with vendorach/lib
--------------------------------------------------------------------------------
================================================================================
protobuf-2.3.0-8.el6 (FEDORA-EPEL-2014-4114)
Protocol Buffers - Google's data interchange format
--------------------------------------------------------------------------------
Update Information:
* Build with zlib-devel
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 27 2013 Ian Burrell <ianburrell(a)gmail.com> - 2.3.0-8
- Adding zlib-devel as BR (rhbz: #815587)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #815587 - Missing gzip_stream.h in protobuf-devel in EPEL, fixed in Fedora
https://bugzilla.redhat.com/show_bug.cgi?id=815587
--------------------------------------------------------------------------------
================================================================================
python-cltk-0.0.0.47-1.el6 (FEDORA-EPEL-2014-4126)
NLP support for Ancient Greek and Latin
--------------------------------------------------------------------------------
Update Information:
update to 0.0.0.47 release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2014 Parag Nemade <pnemade AT redhat DOT com> - 0.0.0.47-1
- update to 0.0.0.47 release
--------------------------------------------------------------------------------
The following Fedora EPEL 7 Security updates need testing:
Age URL
20 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3621/php-Smarty-3.…
20 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3642/Pound-2.7-0.4…
16 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3745/tnftp-2014103…
13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3664/konversation-…
8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3886/python-reques…
7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3794/polarssl-1.3.…
5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3989/cross-binutil…
5 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3995/oath-toolkit-…
4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4045/libvncserver-…
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4113/kwebkitpart-1…
0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4100/erlang-R16B-0…
The following builds have been pushed to Fedora EPEL 7 updates-testing
Zim-0.62-2.el7
erlang-R16B-03.9.el7
faience-icon-theme-0.5-3.el7
gfal2-2.7.8-1.el7
ibus-anthy-1.5.6-2.el7
kwebkitpart-1.3.4-5.el7
labiryntowy-fonts-1.53-2.el7
mMass-5.5.0-10.el7
mate-themes-1.9.2-0.2.git20141117.9b7d8c3.el7
mate-themes-extras-3.8.1-1.el7
mock-1.2.1-1.el7
perl-Crypt-Rijndael-1.12-1.el7
perl-Finance-Quote-1.35-1.el7
perl-Fsdb-2.52-2.el7
perl-Net-CIDR-0.17-6.el7
perl-Test-Reporter-1.60-3.el7
php-pecl-xdebug-2.2.6-1.el7
python-cltk-0.0.0.47-1.el7
python-django-piston-0.2.3-7.el7
python-testscenarios-0.4-4.el7
tlp-0.6-3.el7
xa-2.3.6-1.el7
Details about builds:
================================================================================
Zim-0.62-2.el7 (FEDORA-EPEL-2014-4125)
Desktop wiki & notekeeper
--------------------------------------------------------------------------------
Update Information:
Backport upstream bzr755 to fix mis-matched gtk and pygtk in Fedora/RHEL
Zim is a WYSIWYG text editor written in PyGTK which aims to bring the concept of a wiki to your desktop. Every page is saved as a text file with wiki markup. Pages can contain links to other pages, and are saved automatically. Creating a new page is as easy as linking to a non-existing page. Pages are ordered in a hierarchical structure that gives it the look and feel of an outliner. This tool is intended to keep track of TODO lists or to serve as a personal scratch book. Zim is a WYSIWYG text editor written in PyGTK which aims to bring the concept of a wiki to your desktop. Every page is saved as a text file with wiki markup. Pages can contain links to other pages, and are saved automatically. Creating a new page is as easy as linking to a non-existing page. Pages are ordered in a hierarchical structure that gives it the look and feel of an outliner. This tool is intended to keep track of TODO lists or to serve as a personal scratch book.
--------------------------------------------------------------------------------
================================================================================
erlang-R16B-03.9.el7 (FEDORA-EPEL-2014-4100)
General-purpose programming language and runtime environment
--------------------------------------------------------------------------------
Update Information:
* Fixed CVE-2014-1693 (backported fix from ver. 17.x.x, see patch no. 17)
* Trimmed dependency chain
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2014 Peter Lemenkov <lemenkov(a)gmail.com> - R16B-03.9
- Fixed CVE-2014-1693 (backported fix from ver. 17.x.x, see patch no. 17)
* Tue Nov 11 2014 Peter Lemenkov <lemenkov(a)gmail.com> - R16B-03.8
- Trimmed dependency chain
- Cleaned up spec-file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1059331 - CVE-2014-1693 erlang-inets: command injection flaw in FTP module
https://bugzilla.redhat.com/show_bug.cgi?id=1059331
--------------------------------------------------------------------------------
================================================================================
faience-icon-theme-0.5-3.el7 (FEDORA-EPEL-2014-4121)
Faience icon theme
--------------------------------------------------------------------------------
Update Information:
- initial package for epel7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1005718 - Review Request: faience-icon-theme - Faience icon theme
https://bugzilla.redhat.com/show_bug.cgi?id=1005718
--------------------------------------------------------------------------------
================================================================================
gfal2-2.7.8-1.el7 (FEDORA-EPEL-2014-3863)
Grid file access library 2.0
--------------------------------------------------------------------------------
Update Information:
Update for gfal2 2.7.8 release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2014 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 2.7.8-1
- Upstream backported fix for protocol honoring on SRM GET and PUT
* Mon Nov 10 2014 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 2.7.7-1
- Upgraded to upstream release 2.7.7
* Fri Nov 7 2014 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 2.7.6-1
- New upstream release
* Mon Sep 8 2014 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 2.6.8-6
- Patch to use lseek64 instead of lseek in the http plugin
* Thu Sep 4 2014 Orion Poplawski <orion(a)cora.nwra.com> - 2.6.8-5
- Rebuild for pugixml 1.4
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 2.6.8-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
ibus-anthy-1.5.6-2.el7 (FEDORA-EPEL-2014-4120)
The Anthy engine for IBus input platform
--------------------------------------------------------------------------------
Update Information:
ibus-anthy is for RHEL7.
--------------------------------------------------------------------------------
================================================================================
kwebkitpart-1.3.4-5.el7 (FEDORA-EPEL-2014-4113)
A KPart based on QtWebKit
--------------------------------------------------------------------------------
Update Information:
Sanitize input to disallow javascript being executed in the context of the referenced hostname. See also https://www.kde.org/info/security/advisory-20141113-1.txt
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 14 2014 Rex Dieter <rdieter(a)fedoraproject.org> 1.3.4-5
- CVE-2014-8600 Insufficient Input Validation (#1164293)
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.3.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1164293 - CVE-2014-8600 kwebkitpart, kde-runtime: Insufficient Input Validation By IO Slaves and Webkit Part
https://bugzilla.redhat.com/show_bug.cgi?id=1164293
--------------------------------------------------------------------------------
================================================================================
labiryntowy-fonts-1.53-2.el7 (FEDORA-EPEL-2014-4106)
Artificial font consisting of vertical and horizontal bars
--------------------------------------------------------------------------------
Update Information:
Add font licence file, delete info.
Initial packaging.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1162148 - Review Request: labiryntowy-fonts - Conscript (artifical font) letters consist of vertical and horizontal bars. No matter their thickness.
https://bugzilla.redhat.com/show_bug.cgi?id=1162148
--------------------------------------------------------------------------------
================================================================================
mMass-5.5.0-10.el7 (FEDORA-EPEL-2014-4118)
Open Source Mass Spectrometry Tool
--------------------------------------------------------------------------------
Update Information:
- **Epel7 build.**
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1159639 - EPEL-7 branch: mMass
https://bugzilla.redhat.com/show_bug.cgi?id=1159639
--------------------------------------------------------------------------------
================================================================================
mate-themes-1.9.2-0.2.git20141117.9b7d8c3.el7 (FEDORA-EPEL-2014-4091)
MATE Desktop themes
--------------------------------------------------------------------------------
Update Information:
mate-themes
- update to latest git snapshot from 2014-11-15
- build fog icon theme, needed for mate-themes-extras
- re-work of contrasthigh icon theme
- drop low contrast themes
- ContrastHighInverse: add gtk3 part
- a lot of improvements for all other themes
mate-themes-extras
- update to 3.8.1-1 release
- Blue-Submarine: re-write of GTK2 theme
- Green-Submarine: re-write of GTK2 theme
- Smoothly-Black GTK3: latest changes from upstream from 2014-10-02
- Smoothly GTK3: latest changes from upstream from 2014-10-02
- much improvements for GTK2/3, see git log
- drop cupertino themes, they don't work witk with GTK3-3.8
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2014 Wolfgang Ulbrich <chat-to-me(a)raveit.de> - 1.9.2-0.2.git20141117.9b7d8c3
- update to latest git snapshot from 2014-11-17
- fix menus in ContrastHigh GTK3
- disable fog icon theme, faience-icon-theme is in epel7 now
* Sun Nov 16 2014 Wolfgang Ulbrich <chat-to-me(a)raveit.de> - 1.9.2-0.1.git20141115.f88336e
- update to latest git snapshot from 2014-11-15
- build fog icon theme, needed for mate-themes-extras
- re-work of contrasthigh icon theme
- drop low contrast themes
- ContrastHighInverse: add gtk3 part
- a lot of improvements for all other themes
--------------------------------------------------------------------------------
================================================================================
mate-themes-extras-3.8.1-1.el7 (FEDORA-EPEL-2014-4091)
Extra gtk-2/3 themes for gtk based desktops
--------------------------------------------------------------------------------
Update Information:
mate-themes
- update to latest git snapshot from 2014-11-15
- build fog icon theme, needed for mate-themes-extras
- re-work of contrasthigh icon theme
- drop low contrast themes
- ContrastHighInverse: add gtk3 part
- a lot of improvements for all other themes
mate-themes-extras
- update to 3.8.1-1 release
- Blue-Submarine: re-write of GTK2 theme
- Green-Submarine: re-write of GTK2 theme
- Smoothly-Black GTK3: latest changes from upstream from 2014-10-02
- Smoothly GTK3: latest changes from upstream from 2014-10-02
- much improvements for GTK2/3, see git log
- drop cupertino themes, they don't work witk with GTK3-3.8
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2014 Wolfgang Ulbrich <chat-to-me(a)raveit.de> - 3.8.1-1
- update to 3.8.1-1 release
- Blue-Submarine: re-write of GTK2 theme
- Green-Submarine: re-write of GTK2 theme
- Smoothly-Black GTK3: latest changes from upstream from 2014-10-02
- Smoothly GTK3: latest changes from upstream from 2014-10-02
- much improvements for GTK2/3, see git log
- drop cupertino themes, they don't work witk with GTK3-3.8
--------------------------------------------------------------------------------
================================================================================
mock-1.2.1-1.el7 (FEDORA-EPEL-2014-4123)
Builds packages inside chroots
--------------------------------------------------------------------------------
Update Information:
Bump in plugin ABI.
New LVM plugin.
Nosync for better IO performance.
DNF support.
Printing more useful output on terminal.
Concurrent shell acces to buildroot.
Executing package management commands.
--enablerepo and --disablerepo options
Short circuit options.
Automatic initialization.
Python 3 support.
Experimental support for building using systemd-nspawn.
Accept path as config.
New compress_logs plugin.
And lots of bugfixes.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 15 2014 Miroslav Suchý <msuchy(a)redhat.com> - 1.2.1-1
- allow mockchain to accept path as config
- end yum's installroot path with a slash [RHBZ#1160428]
- add --mount option [RHBZ#1162637]
- add some missing bash completation strings
- run --shell as root with --new-chroot
- Don't fail scrub when there's no pool [RHBZ#1162631]
- Globbing and tilde expansion
- move restoring priviledges to finally [RHBZ#1162720]
- Remove "Buildroot must be already initialized" note
- Add missing --print-root-path to manpage
- Do not print ANSI escape characters into log [RHBZ#1163037]
- in site-defaults.cfg initialize dictionary of plugins [RHBZ#1162595]
- Disable empty names and values in config_opts[macros] [RHBZ#1160765]
- Disable single macros in -D cmd option [RHBZ#1160765]
- rpmbuild is in /usr/bin [RHBZ#1161112]
- man page for --macro-file [RHBZ#1160326]
- Added option [--macro-file] to support external rpm macros file [RHBZ#1160326]
- Don't output installation/build output when redirected
- Better log message for intial buildroot installation
- Be more specific when installing configs
- Install into correct sitelib when using Python 3
- Fix nosync on aarch64
- wrap all remaining getcwd() [RHBZ#1159300]
- do not use rpm in %post scriptlet [RHBZ#1131279]
- Fix unclear legal host output [RHBZ#1159794]
- allow running from directory, which is deleted [RHBZ#1159300]
- create compress_logs plugin [RHBZ#1100923]
- when default.cfg exists create default.cfg.rpmnew [RHBZ#1085308]
- accept paths to target definition files [RHBZ#1126117]
- set title bar in xterm [RHBZ#1126235]
- pass --enablerepo/--disablerepo to yum in the same order as provided to mock [RHBZ#1154604]
- Fix incorrect printing of binary strings on py3
- Add missing Requires rpm-python3
- Don't print Yum and build output when quiet
- Prevent output being printed twice with --verbose (rhbz#1152971)
- Fix printing non-ascii characters with output redirected (rhbz#1152952)
- replace urlgrabber by python-requests
- use python3 for Fedora22+
- Don't print we're doing rpmbuild -bb, when it may not be true
- 'prep' choice missing in short-circuit option parser
- Don't execute prebuild in short-circuit mode
* Thu Oct 9 2014 Miroslav Suchý <msuchy(a)redhat.com> - 1.2.0-1
- update configs for secondary architecture (Dan Horák)
- caching of buildroots using LVM (Michael Simacek)
- add support for DNF (Michael Simacek)
- initial porting to python3 (Michael Simacek)
- new config option nosync (Michael Simacek)
- add CentOS extra repository [BZ# 1108402]
- correctly create default.cfg on arm [BZ# 1033786]
- postpone loading of rpm after chroot is set [BZ# 1111147]
- use systemd-nspawn instead of chroot [RHBZ# 1132762]
- in --copyout do not fail on symlinks [BZ# 971474]
- allow to short circuit to prep phase [BZ# 966985]
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1160428 - mock 1.2.0 tries to install f21 packages in f19 chroot
https://bugzilla.redhat.com/show_bug.cgi?id=1160428
[ 2 ] Bug #1162637 - Provide --umount counterpart for LVM plugin
https://bugzilla.redhat.com/show_bug.cgi?id=1162637
[ 3 ] Bug #1162631 - With LVM plugin enabled, I can't scrub traditional directories
https://bugzilla.redhat.com/show_bug.cgi?id=1162631
[ 4 ] Bug #1162720 - --copyout prints confusing errors when the copied file doesn't exist
https://bugzilla.redhat.com/show_bug.cgi?id=1162720
[ 5 ] Bug #1163037 - Do not print ANSI escape characters into log
https://bugzilla.redhat.com/show_bug.cgi?id=1163037
[ 6 ] Bug #1162595 - lvm_root_opts options in site-defaults.cfg don't work
https://bugzilla.redhat.com/show_bug.cgi?id=1162595
[ 7 ] Bug #1160765 - empty and single values for rpm macros in mock cfg file and cmd option
https://bugzilla.redhat.com/show_bug.cgi?id=1160765
[ 8 ] Bug #1161112 - pre-UsrMove profiles stopped working after update of mock
https://bugzilla.redhat.com/show_bug.cgi?id=1161112
[ 9 ] Bug #1160326 - mock new command line option --macro-file for defining rpm macros file
https://bugzilla.redhat.com/show_bug.cgi?id=1160326
[ 10 ] Bug #1159300 - running mock from chroot path directory produces "error retrieving current directory: getcwd"
https://bugzilla.redhat.com/show_bug.cgi?id=1159300
[ 11 ] Bug #1131279 - mock package has a questionable scriptlet, leading to errors about rpm db version mismatch
https://bugzilla.redhat.com/show_bug.cgi?id=1131279
[ 12 ] Bug #1159794 - invalid legal_host_arches option can cause unclear output
https://bugzilla.redhat.com/show_bug.cgi?id=1159794
[ 13 ] Bug #1100923 - RFE: compress mock build logs when done building
https://bugzilla.redhat.com/show_bug.cgi?id=1100923
[ 14 ] Bug #1085308 - mock: User configuration is lost during update
https://bugzilla.redhat.com/show_bug.cgi?id=1085308
[ 15 ] Bug #1126117 - Mock should accept paths to target definition files
https://bugzilla.redhat.com/show_bug.cgi?id=1126117
[ 16 ] Bug #1126235 - PROMPT_COMMAND does not include required escape codes
https://bugzilla.redhat.com/show_bug.cgi?id=1126235
[ 17 ] Bug #1154604 - mock: enablerepo doesn't work if used after disablerepo
https://bugzilla.redhat.com/show_bug.cgi?id=1154604
[ 18 ] Bug #1152971 - Verbose mode is repeating lines
https://bugzilla.redhat.com/show_bug.cgi?id=1152971
[ 19 ] Bug #1152952 - [mock] UnicodeEncodeError: 'ascii' codec can't encode characters in position 6-7: ordinal not in range(128)
https://bugzilla.redhat.com/show_bug.cgi?id=1152952
--------------------------------------------------------------------------------
================================================================================
perl-Crypt-Rijndael-1.12-1.el7 (FEDORA-EPEL-2014-4124)
Crypt::CBC compliant Rijndael encryption module
--------------------------------------------------------------------------------
Update Information:
Updated to 1.12
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 16 2014 Matias Kreder <mkreder(a)gmail.com> - 1.12-1
- Updated to 1.12
* Thu Aug 28 2014 Jitka Plesnikova <jplesnik(a)redhat.com> - 1.11-7
- Perl 5.20 rebuild
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.11-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
perl-Finance-Quote-1.35-1.el7 (FEDORA-EPEL-2014-4115)
A Perl module that retrieves stock and mutual fund quotes
--------------------------------------------------------------------------------
Update Information:
This update, to the current upstream release, includes some fixes for existing data sources and a number of new data sources.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 14 2014 Paul Howarth <paul(a)city-fan.org> - 1.35-1
- Update to 1.35
- Clean up and modernize spec somewhat (can't build for EL < 7 as the module
requires Mozilla::CA)
* Fri Aug 29 2014 Jitka Plesnikova <jplesnik(a)redhat.com> - 1.20-4
- Perl 5.20 rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.20-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
perl-Fsdb-2.52-2.el7 (FEDORA-EPEL-2014-4108)
A set of commands for manipulating flat-text databases from the shell
--------------------------------------------------------------------------------
Update Information:
address https://bugzilla.redhat.com/show_bug.cgi?id=1163149
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2014 John Heidemann <johnh(a)isi.edu> 2.52-2
- address https://bugzilla.redhat.com/show_bug.cgi?id=1163149
* Mon Nov 3 2014 John Heidemann <johnh(a)isi.edu> 2.52-1
- See http://www.isi.edu/~johnh/SOFTWARE/FSDB/
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1163149 - perl-Fsdb-2.52-1.fc22 FTBFS on Perl bootstrap: groff: command not found
https://bugzilla.redhat.com/show_bug.cgi?id=1163149
--------------------------------------------------------------------------------
================================================================================
perl-Net-CIDR-0.17-6.el7 (FEDORA-EPEL-2014-4107)
Manipulate IPv4/IPv6 netblocks in CIDR notation
--------------------------------------------------------------------------------
Update Information:
This is the first EPEL-7 build of perl-Net-CIDR.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #533721 - Review Request: perl-Net-CIDR - Manipulate IPv4/IPv6 netblocks in CIDR notation
https://bugzilla.redhat.com/show_bug.cgi?id=533721
[ 2 ] Bug #1163610 - Please package perl-Net-CIDR (full) into EL7
https://bugzilla.redhat.com/show_bug.cgi?id=1163610
--------------------------------------------------------------------------------
================================================================================
perl-Test-Reporter-1.60-3.el7 (FEDORA-EPEL-2014-4109)
Sends test results to cpan-testers(a)perl.org
--------------------------------------------------------------------------------
Update Information:
Perl 5.20 rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #809843 - Review Request: perl-Test-Reporter - Sends test results to cpan-testers(a)perl.org
https://bugzilla.redhat.com/show_bug.cgi?id=809843
--------------------------------------------------------------------------------
================================================================================
php-pecl-xdebug-2.2.6-1.el7 (FEDORA-EPEL-2014-4117)
PECL package for debugging PHP scripts
--------------------------------------------------------------------------------
Update Information:
Fri, Nov 14, 2014 - xdebug 2.2.6
Fixed bugs:
* Fixed bug #1048: Can not get $GLOBAL variable by property_value on function context.
* Fixed bug #1073 and #1075: Segmentation fault with internal functions calling internal functions.
* Fixed bug #1085: Fixed the tracefile analyser as the format version had been bumbed.
* Fixed memory leaks
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 16 2014 Remi Collet <remi(a)fedoraproject.org> - 2.2.6-1
- Update to 2.2.6 (stable)
--------------------------------------------------------------------------------
================================================================================
python-cltk-0.0.0.47-1.el7 (FEDORA-EPEL-2014-4098)
NLP support for Ancient Greek and Latin
--------------------------------------------------------------------------------
Update Information:
update to 0.0.0.47 release
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 5 2014 Parag Nemade <pnemade AT redhat DOT com> - 0.0.0.47-1
- update to 0.0.0.47 release
* Sat Nov 1 2014 Parag Nemade <pnemade AT redhat DOT com> - 0.0.0.44-1
- update to 0.0.0.44 release
--------------------------------------------------------------------------------
================================================================================
python-django-piston-0.2.3-7.el7 (FEDORA-EPEL-2014-4103)
A mini-framework for Django for creating RESTful APIs
--------------------------------------------------------------------------------
Update Information:
Build request
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1086865 - epel7 build request - python-django-piston
https://bugzilla.redhat.com/show_bug.cgi?id=1086865
--------------------------------------------------------------------------------
================================================================================
python-testscenarios-0.4-4.el7 (FEDORA-EPEL-2014-4111)
Testscenarios, a pyunit extension for dependency injection
--------------------------------------------------------------------------------
Update Information:
- for openstack el7 testing support
--------------------------------------------------------------------------------
================================================================================
tlp-0.6-3.el7 (FEDORA-EPEL-2014-4104)
Advanced power management tool for Linux
--------------------------------------------------------------------------------
Update Information:
Update to new upstream version 0.6, added and removed some dependencies
Missing Dependancy
New Upstream Version
--------------------------------------------------------------------------------
================================================================================
xa-2.3.6-1.el7 (FEDORA-EPEL-2014-4110)
6502/65816 cross-assembler
--------------------------------------------------------------------------------
Update Information:
update to version 2.3.6
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2014 Dan Horák <dan[at]danny.cz> - 2.3.6-1
- updated to version 2.3.6
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 2.3.5-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 2.3.5-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------