The following Fedora EPEL 7 Security updates need testing:
Age URL
269 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7
165 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6813 chicken-4.9.0.1-4.el7
73 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8155 nagios-4.0.8-1.el7
61 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-925e9374c9 python-pymongo-3.0.3-1.el7
37 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-234553a060 mediawiki123-1.23.11-1.el7
37 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-ad1b660a4d php-ZendFramework-1.12.16-1.el7
31 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7
17 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-914de61c66 potrace-1.13-2.el7
13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-ed2e71927f imapsync-1.644-2.el7
7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dfc3cd3b50 knot-1.6.6-1.el7
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-ca44dee931 python-django-1.6.11-4.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-0ec0c87b3a proftpd-1.3.5a-2.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
NetworkManager-openvpn-1.0.8-1.el7
NetworkManager-vpnc-1.0.8-1.el7
clamav-0.99-1.el7
comic-neue-fonts-2.2-2.el7
flrig-1.3.23-1.el7
gnome-screensaver-3.6.1-14.el7
gstreamer1-vaapi-0.6.1-1.el7
kstart-4.1-8.el7
nodejs-file-uri-to-path-0.0.2-1.el7
nodejs-saucelabs-0.1.1-3.el7
notification-daemon-3.14.1-2.el7
perl-Judy-0.41-4.el7
perl-Log-Log4perl-Appender-Socket-UNIX-1.04-3.el7
php-nette-database-2.3.7-1.el7
php-nette-forms-2.3.6-1.el7
php-nette-reflection-2.3.1-1.el7
php-nette-robot-loader-2.3.1-2.el7
php-nette-security-2.3.1-1.el7
php-pecl-libsodium-1.0.2-1.el7
php-pecl-solr2-2.3.0-1.el7
proftpd-1.3.5a-2.el7
python-stuf-0.9.16-5.el7
qpid-cpp-0.34-5.el7
rabbitmq-server-3.3.5-13.el7
scsi-target-utils-1.0.55-3.el7
vertica-python-0.5.4-1.el7
Details about builds:
================================================================================
NetworkManager-openvpn-1.0.8-1.el7 (FEDORA-EPEL-2015-2919d6d7d9)
NetworkManager VPN plugin for OpenVPN
--------------------------------------------------------------------------------
Update Information:
VPN plugin update. ---- This update disables client renegotiation by default,
leaving the value up to the server or user override. This fixes frequent
renegotiation failures when using two-factor authentication when the client has
a much lower value than the server. This update disables client renegotiation by
default, leaving the value up to the server or user override. This fixes
frequent renegotiation failures when using two-factor authentication when the
client has a much lower value than the server.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148910 - Please Build/Release for EPEL7
https://bugzilla.redhat.com/show_bug.cgi?id=1148910
[ 2 ] Bug #969433 - OpenVPN frequently disconnects
https://bugzilla.redhat.com/show_bug.cgi?id=969433
--------------------------------------------------------------------------------
================================================================================
NetworkManager-vpnc-1.0.8-1.el7 (FEDORA-EPEL-2015-2919d6d7d9)
NetworkManager VPN plugin for vpnc
--------------------------------------------------------------------------------
Update Information:
VPN plugin update. ---- This update disables client renegotiation by default,
leaving the value up to the server or user override. This fixes frequent
renegotiation failures when using two-factor authentication when the client has
a much lower value than the server. This update disables client renegotiation by
default, leaving the value up to the server or user override. This fixes
frequent renegotiation failures when using two-factor authentication when the
client has a much lower value than the server.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148910 - Please Build/Release for EPEL7
https://bugzilla.redhat.com/show_bug.cgi?id=1148910
[ 2 ] Bug #969433 - OpenVPN frequently disconnects
https://bugzilla.redhat.com/show_bug.cgi?id=969433
--------------------------------------------------------------------------------
================================================================================
clamav-0.99-1.el7 (FEDORA-EPEL-2015-7b36c1ca5a)
End-user tools for the Clam Antivirus scanner
--------------------------------------------------------------------------------
Update Information:
ClamAV 0.99 contains major new features and changes. YARA rules, Perl Compatible
Regular Expressions, revamped on-access scanning for Linux, and other new
features join the many great features of ClamAV: - Processing of YARA rules
(some limitations - see signatures.pdf). - Support in ClamAV logical signatures
for many of the features added for YARA, such as Perl Compatible Regular
Expressions, alternate strings, and YARA string attributes. See signatures.pdf
for full details. - New and improved on-access scanning for Linux. See the
recent blog post and clamdoc.pdf for details on the new on-access capabilities.
- A new ClamAV API callback function that is invoked when a virus is found. This
is intended primarily for applications running in all-match mode. Any
applications using all-match mode must use the new callback function to record
and report detected viruses. - Configurable default password list to attempt
zip file decryption. - TIFF file support. - A new signature target type for
designating signatures to run against files with unknown file types. - Improved
fidelity of the "data loss prevention" heuristic algorithm. Code supplied by
Bill Parker. - Support for LZMA decompression within Adobe Flash files. -
Support for MSO attachments within Microsoft Office 2003 XML files. - A new
sigtool option(--ascii-normalize) allowing signature authors to more easily
generate normalized versions of ascii files. Please note: If you are using
clamd on-access scanning or have applications using all-match mode, you will
want to review the changes and make any necessary adjustments before using
ClamAV 0.99.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1287327 - clamav-0.99 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1287327
--------------------------------------------------------------------------------
================================================================================
comic-neue-fonts-2.2-2.el7 (FEDORA-EPEL-2015-dc5560cd58)
A typeface family inspired by Comic Sans
--------------------------------------------------------------------------------
Update Information:
initial build for epel7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1271787 - Review Request: comic-neue-fonts - A typeface family inspired by Comic Sans
https://bugzilla.redhat.com/show_bug.cgi?id=1271787
--------------------------------------------------------------------------------
================================================================================
flrig-1.3.23-1.el7 (FEDORA-EPEL-2015-68b60b736c)
Transceiver control program
--------------------------------------------------------------------------------
Update Information:
Version 1.3.23 - maintenance release - FT817 FT857D FT897D * Added read
ACK after every write * Added up to 10 retries if ACK not received after
write. - xmlrpc server * Added new get's - rig.get_info,
transfers all controls data in a single string - rig.get_update,
transfers all changed controls data in a single string, "NIL" if no
changes - FT900 * Added FT900 backend, contributed by Ernst Schroeder,
DJ7HS * Correct split behavior for have_splitAB designated xcvrs like the
FT950 and FT900 - TS590SG * add back end for 590SG - MXE update
- FT990a * simple blind control of FT990 with very early ROM version -
Set Mode/BW controls * change ordering of set when mode change read from
transceiver - KENWOOD mods * change read SWR / ALC command strings and
interpretation for TS990 * correct various errors in Shift/Width, Lo/Hi cut
tables. Reorder use of SL and SH variables - TS480 - TS590
- TS870 - TS990 - TS2000 - IC7800 * Added IC-7800 class
- fldigi BW interface * Add missing bw_vals_ to various xcvr backends -
restore xml client * allow flrig to act as either a multi-client xmlrcp
server or a single client to fldigi server - BUILD_{DATE,USER,HOST}
* Externally overridable BUILD_DATE, BUILD_USER, and BUILD_HOST to allow
distros to generate reproducible builds.
--------------------------------------------------------------------------------
================================================================================
gnome-screensaver-3.6.1-14.el7 (FEDORA-EPEL-2015-b455ab6de3)
GNOME Screensaver
--------------------------------------------------------------------------------
Update Information:
Adding gnome-screensaver for EL 7.2
--------------------------------------------------------------------------------
================================================================================
gstreamer1-vaapi-0.6.1-1.el7 (FEDORA-EPEL-2015-cf1220cabc)
GStreamer plugins to use VA API video acceleration
--------------------------------------------------------------------------------
Update Information:
rebase to master
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1285128 - Cannot update to 7.2 because packages aren't found
https://bugzilla.redhat.com/show_bug.cgi?id=1285128
--------------------------------------------------------------------------------
================================================================================
kstart-4.1-8.el7 (FEDORA-EPEL-2015-0bc1161afd)
Daemon version of kinit for Kerberos v5
--------------------------------------------------------------------------------
Update Information:
Remove obsolete --disable-k4start configure option and add --with-aklog option.
Thanks shawn(a)eth0.net.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1287213 - Housekeeping: Remove obsolete --disable-k4start configure option
https://bugzilla.redhat.com/show_bug.cgi?id=1287213
[ 2 ] Bug #1287210 - Provide compile-time default for AFS Login program
https://bugzilla.redhat.com/show_bug.cgi?id=1287210
--------------------------------------------------------------------------------
================================================================================
nodejs-file-uri-to-path-0.0.2-1.el7 (FEDORA-EPEL-2015-44ab76f625)
Convert a file: URI to a file path
--------------------------------------------------------------------------------
Update Information:
Initial packaging for Fedora.
--------------------------------------------------------------------------------
================================================================================
nodejs-saucelabs-0.1.1-3.el7 (FEDORA-EPEL-2015-9e054fbb17)
A wrapper around Sauce Labs REST API
--------------------------------------------------------------------------------
Update Information:
Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
notification-daemon-3.14.1-2.el7 (FEDORA-EPEL-2015-0844b613bb)
Desktop Notification Daemon
--------------------------------------------------------------------------------
Update Information:
Adding notification-daemon for EL 7.2
--------------------------------------------------------------------------------
================================================================================
perl-Judy-0.41-4.el7 (FEDORA-EPEL-2015-bcf7cbbe0e)
Library for creating and accessing dynamic arrays
--------------------------------------------------------------------------------
Update Information:
Bumped release to push an update (#751119)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #751119 - Review Request: perl-Judy - Perl wrapper for Judy
https://bugzilla.redhat.com/show_bug.cgi?id=751119
--------------------------------------------------------------------------------
================================================================================
perl-Log-Log4perl-Appender-Socket-UNIX-1.04-3.el7 (FEDORA-EPEL-2015-f871afba8b)
Log4perl appender for writing to UNIX domain sockets
--------------------------------------------------------------------------------
Update Information:
Bumped release to push an update.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1263600 - Review Request: perl-Log-Log4perl-Appender-Socket-UNIX - Log4perl appender for writing to UNIX domain sockets
https://bugzilla.redhat.com/show_bug.cgi?id=1263600
--------------------------------------------------------------------------------
================================================================================
php-nette-database-2.3.7-1.el7 (FEDORA-EPEL-2015-6e042cb284)
Nette Database Component
--------------------------------------------------------------------------------
Update Information:
Nette provides a powerful layer for accessing your database easily. - composes
SQL queries with ease - easily fetches data - uses efficient queries and does
not transmit unnecessary data The Nette\Database\Connection class is a wrapper
around the PDO and represents a connection to the database. The core
functionality is provided by Nette\Database\Context. Nette\Database\Table layer
provides an enhanced layer for table querying. To use this library, you just
have to add, in your project: require_once
'/usr/share/php/Nette/Database/autoload.php';
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1277474 - Review Request: php-nette-database - Nette Database Component
https://bugzilla.redhat.com/show_bug.cgi?id=1277474
--------------------------------------------------------------------------------
================================================================================
php-nette-forms-2.3.6-1.el7 (FEDORA-EPEL-2015-97916dc9c1)
Nette Forms: greatly facilitates web forms
--------------------------------------------------------------------------------
Update Information:
Nette\Forms greatly facilitates creating and processing web forms. What it can
really do? - validate sent data both client-side (JavaScript) and server-side -
provide high level of security - multiple render modes - translations, i18n To
use this library, you just have to add, in your project: require_once
'/usr/share/php/Nette/Forms/autoload.php';
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1277465 - Review Request: php-nette-forms - Nette Forms: greatly facilitates web forms
https://bugzilla.redhat.com/show_bug.cgi?id=1277465
--------------------------------------------------------------------------------
================================================================================
php-nette-reflection-2.3.1-1.el7 (FEDORA-EPEL-2015-ec065d1f29)
Nette PHP Reflection Component
--------------------------------------------------------------------------------
Update Information:
If you need to find every information about any class, reflection is the right
tool to do it. You can easily find out which methods does any class have, what
parameters do those methods accept, etc. Nette\Object simplifies access to
class' self-reflection with method getReflection(), returning a
Nette\Reflection\ClassType object. To use this library, you just have to add,
in your project: require_once
'/usr/share/php/Nette/Reflection/autoload.php';
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1277413 - Review Request: php-nette-reflection - Nette PHP Reflection Component
https://bugzilla.redhat.com/show_bug.cgi?id=1277413
--------------------------------------------------------------------------------
================================================================================
php-nette-robot-loader-2.3.1-2.el7 (FEDORA-EPEL-2015-a143e3b7a9)
Nette RobotLoader: comfortable autoloading
--------------------------------------------------------------------------------
Update Information:
RobotLoader is a tool that gives you comfort of automated class loading for your
entire application including third-party libraries. - get rid of all require -
only necessary scripts are loaded - requires no strict file naming conventions -
allows more classes in single file To use this library, you just have to add,
in your project: require_once
'/usr/share/php/Nette/RobotLoader/autoload.php';
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1277437 - Review Request: php-nette-robot-loader - Nette RobotLoader: comfortable autoloading
https://bugzilla.redhat.com/show_bug.cgi?id=1277437
--------------------------------------------------------------------------------
================================================================================
php-nette-security-2.3.1-1.el7 (FEDORA-EPEL-2015-4509a1f056)
Nette Security: Access Control Component
--------------------------------------------------------------------------------
Update Information:
Nette Security: Access Control - user login and logout - verifying user
privileges - securing against vulnerabilities - how to create custom
authenticators and authorizators - Access Control List To use this library, you
just have to add, in your project: require_once
'/usr/share/php/Nette/Security/autoload.php';
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1277418 - Review Request: php-nette-security - Nette Security: Access Control Component
https://bugzilla.redhat.com/show_bug.cgi?id=1277418
--------------------------------------------------------------------------------
================================================================================
php-pecl-libsodium-1.0.2-1.el7 (FEDORA-EPEL-2015-f1835271bf)
Wrapper for the Sodium cryptographic library
--------------------------------------------------------------------------------
Update Information:
A simple, low-level PHP extension for libsodium.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1286768 - Review Request: php-pecl-libsodium - Wrapper for the Sodium cryptographic library
https://bugzilla.redhat.com/show_bug.cgi?id=1286768
--------------------------------------------------------------------------------
================================================================================
php-pecl-solr2-2.3.0-1.el7 (FEDORA-EPEL-2015-afd952fffe)
Object oriented API to Apache Solr
--------------------------------------------------------------------------------
Update Information:
**Version 2.3.0** release notes - Support indexing child/nested documents
[Request #70739] - Support nested documents parsing SolrObject [Request #70953]
- Support nested documents parsing SolrDocument [Request #70974] - Added
maxScore to SolrResponse [Request #68610] - Fixed issues on big endean
processors (Remi Collet) - Enhancements on method parameter naming (reflections)
--------------------------------------------------------------------------------
================================================================================
proftpd-1.3.5a-2.el7 (FEDORA-EPEL-2015-0ec0c87b3a)
Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:
Part of the SFTP handshake involves "extensions", which are key/value pairs,
comprised of strings. In SSH, strings are encoded for network transport as a
32-bit length, followed by the bytes. The mod_sftp module currently places no
bounds/length limitations when reading these SFTP extension key/value data from
the network. A malicious attacker might attempt to encode large values, and
allocate more memory than is necessary, causing excessive resource usage or the
FTP daemon to crash. This update limits the amount of memory allocated to
handle these extensions.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1286977 - proftpd: unbounded SFTP extended attribute key/values
https://bugzilla.redhat.com/show_bug.cgi?id=1286977
--------------------------------------------------------------------------------
================================================================================
python-stuf-0.9.16-5.el7 (FEDORA-EPEL-2015-549e8d253e)
Fancy python dictionary types
--------------------------------------------------------------------------------
Update Information:
Initial packaging.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1281998 - Review Request: python-stuf - Fancy python dictionary types
https://bugzilla.redhat.com/show_bug.cgi?id=1281998
--------------------------------------------------------------------------------
================================================================================
qpid-cpp-0.34-5.el7 (FEDORA-EPEL-2015-40795af09d)
Libraries for Qpid C++ client applications
--------------------------------------------------------------------------------
Update Information:
Resolved bz 1286881.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1286881 - qpidd does not start
https://bugzilla.redhat.com/show_bug.cgi?id=1286881
--------------------------------------------------------------------------------
================================================================================
rabbitmq-server-3.3.5-13.el7 (FEDORA-EPEL-2015-1bf26150cd)
The RabbitMQ server
--------------------------------------------------------------------------------
Update Information:
Fix for node failing to start after the network split. Backported from
rabbitmq-management 3.5.7 (patch no. 9). See also: *
https://github.com/rabbitmq/rabbitmq-management/issues/81
--------------------------------------------------------------------------------
================================================================================
scsi-target-utils-1.0.55-3.el7 (FEDORA-EPEL-2015-ecd70ea01e)
The SCSI target daemon and utility programs
--------------------------------------------------------------------------------
Update Information:
change spec to fix 1209472 ---- fix build issue on s390x update to latest
upstream for bug fixes. update to latest upstream for bug fixes.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1209472 - scsi-target-utils needs to disable glusterfs support for epel7 ppc64le/aarch64
https://bugzilla.redhat.com/show_bug.cgi?id=1209472
[ 2 ] Bug #1193043 - scsi-target-utils fails to build on s390(x)
https://bugzilla.redhat.com/show_bug.cgi?id=1193043
--------------------------------------------------------------------------------
================================================================================
vertica-python-0.5.4-1.el7 (FEDORA-EPEL-2015-e5625be3f6)
A native Python adapter for the Vertica database
--------------------------------------------------------------------------------
Update Information:
update to version 0.5.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1285768 - vertica-python-0.5.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1285768
--------------------------------------------------------------------------------
The following Fedora EPEL 5 Security updates need testing:
Age URL
774 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2013-11893 libguestfs-1.20.12-1.el5
539 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-1626 puppet-2.7.26-1.el5
388 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-3849 sblim-sfcb-1.3.8-2.el5
31 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-edbea40516 mcollective-2.8.4-1.el5
30 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-10d919912b git-1.8.2.1-2.el5
17 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1a2127e75f potrace-1.13-2.el5
13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-80b3d70677 imapsync-1.644-2.el5
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-582c8075e6 thttpd-2.25b-24.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
clamav-0.99-1.el5
kstart-4.1-8.el5
Details about builds:
================================================================================
clamav-0.99-1.el5 (FEDORA-EPEL-2015-b68b5dff17)
Anti-virus software
--------------------------------------------------------------------------------
Update Information:
ClamAV 0.99 contains major new features and changes. YARA rules, Perl Compatible
Regular Expressions, revamped on-access scanning for Linux, and other new
features join the many great features of ClamAV: - Processing of YARA rules
(some limitations - see signatures.pdf). - Support in ClamAV logical signatures
for many of the features added for YARA, such as Perl Compatible Regular
Expressions, alternate strings, and YARA string attributes. See signatures.pdf
for full details. - New and improved on-access scanning for Linux. See the
recent blog post and clamdoc.pdf for details on the new on-access capabilities.
- A new ClamAV API callback function that is invoked when a virus is found. This
is intended primarily for applications running in all-match mode. Any
applications using all-match mode must use the new callback function to record
and report detected viruses. - Configurable default password list to attempt
zip file decryption. - TIFF file support. - A new signature target type for
designating signatures to run against files with unknown file types. - Improved
fidelity of the "data loss prevention" heuristic algorithm. Code supplied by
Bill Parker. - Support for LZMA decompression within Adobe Flash files. -
Support for MSO attachments within Microsoft Office 2003 XML files. - A new
sigtool option(--ascii-normalize) allowing signature authors to more easily
generate normalized versions of ascii files. Please note: If you are using
clamd on-access scanning or have applications using all-match mode, you will
want to review the changes and make any necessary adjustments before using
ClamAV 0.99.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1287327 - clamav-0.99 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1287327
--------------------------------------------------------------------------------
================================================================================
kstart-4.1-8.el5 (FEDORA-EPEL-2015-8f7b599498)
Daemon version of kinit for Kerberos v5
--------------------------------------------------------------------------------
Update Information:
Remove obsolete --disable-k4start configure option and add --with-aklog option.
Thanks shawn(a)eth0.net.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1287213 - Housekeeping: Remove obsolete --disable-k4start configure option
https://bugzilla.redhat.com/show_bug.cgi?id=1287213
[ 2 ] Bug #1287210 - Provide compile-time default for AFS Login program
https://bugzilla.redhat.com/show_bug.cgi?id=1287210
--------------------------------------------------------------------------------