The following Fedora EPEL 7 Security updates need testing:
Age URL
421 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7
183 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7
50 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-785fc9a2ea dropbear-2016.72-1.el7
10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-56e02a47c7 ansible-2.0.2.0-1.el7
10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-d398cc4c6c roundcubemail-1.1.5-1.el7
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-017aadcc97 php-getid3-1.9.12-1.el7
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-aad55a428b w3m-0.5.3-20.el7
7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-c731bc5ec0 cacti-0.8.8g-1.el7
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-af216d3233 ansible1.9-1.9.6-2.el7
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-2a74e47381 pgpdump-0.30-1.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-4f1d69369e openvas-cli-1.4.4-1.el7 openvas-gsa-6.0.10-3.el7 openvas-libraries-8.0.7-2.el7 openvas-manager-6.0.8-2.el7 openvas-scanner-5.0.5-3.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-cd0af81454 botan-1.10.13-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
ReviewBoard-2.5.4-2.el7
owncloud-8.2.3-1.el7
php-Assetic-1.3.2-3.el7
php-myclabs-deep-copy-1.5.1-1.el7
php-natxet-cssmin-3.0.4-1.el7
php-owncloud-tarstreamer-0.1.0-1.el7
php-swiftmailer-5.4.2-1.el7
php-symfony-2.7.12-2.el7
python-assimulo-2.9-1.el7
python-whoosh-2.7.4-1.el7
uget-2.1.3-2.respin2.el7
Details about builds:
================================================================================
ReviewBoard-2.5.4-2.el7 (FEDORA-EPEL-2016-2bab5ad96d)
Web-based code review tool
--------------------------------------------------------------------------------
Update Information:
Update to 2.7.4 ReviewBoard: Rebuild for dependency on python-whoosh 2.6+
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1326976 - ReviewBoard-2.5.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1326976
--------------------------------------------------------------------------------
================================================================================
owncloud-8.2.3-1.el7 (FEDORA-EPEL-2016-6ee08a77d2)
Private file sync and share server
--------------------------------------------------------------------------------
Update Information:
Update owncloud to 8.2.3, along with a couple of new dependencies. Note that
it's important the owncloud installation is already fully tested at 8.1.6 before
applying this update.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1266491 - php-natxet-cssmin-v3.0.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1266491
[ 2 ] Bug #1261011 - owncloud-9.0.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1261011
--------------------------------------------------------------------------------
================================================================================
php-Assetic-1.3.2-3.el7 (FEDORA-EPEL-2016-6ee08a77d2)
Asset Management for PHP
--------------------------------------------------------------------------------
Update Information:
Update owncloud to 8.2.3, along with a couple of new dependencies. Note that
it's important the owncloud installation is already fully tested at 8.1.6 before
applying this update.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1266491 - php-natxet-cssmin-v3.0.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1266491
[ 2 ] Bug #1261011 - owncloud-9.0.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1261011
--------------------------------------------------------------------------------
================================================================================
php-myclabs-deep-copy-1.5.1-1.el7 (FEDORA-EPEL-2016-2bc326586a)
Create deep copies (clones) of your objects
--------------------------------------------------------------------------------
Update Information:
**Version 1.5.1** * fix for exception
--------------------------------------------------------------------------------
================================================================================
php-natxet-cssmin-3.0.4-1.el7 (FEDORA-EPEL-2016-6ee08a77d2)
Configurable CSS parser and minifier
--------------------------------------------------------------------------------
Update Information:
Update owncloud to 8.2.3, along with a couple of new dependencies. Note that
it's important the owncloud installation is already fully tested at 8.1.6 before
applying this update.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1266491 - php-natxet-cssmin-v3.0.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1266491
[ 2 ] Bug #1261011 - owncloud-9.0.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1261011
--------------------------------------------------------------------------------
================================================================================
php-owncloud-tarstreamer-0.1.0-1.el7 (FEDORA-EPEL-2016-8eeb5052f6)
Streaming dynamic tar files
--------------------------------------------------------------------------------
Update Information:
**Version 0.1.0** * Use UTF-8 filenames for any browser except Internet
Explorer
--------------------------------------------------------------------------------
================================================================================
php-swiftmailer-5.4.2-1.el7 (FEDORA-EPEL-2016-fe4f419b68)
Free Feature-rich PHP Mailer
--------------------------------------------------------------------------------
Update Information:
**Version 5.4.2** (2016-05-01) * fixed support for IPv6 sockets * added auto-
retry when sending messages from the memory spool * fixed consecutive read
calls in Swift_ByteStream_FileByteStream * added support for iso-8859-15
encoding * fixed PHP mail extra params on missing reversePath * added methods
to set custom stream context options * fixed charset changes in
QpContentEncoderProxy * added return-path header to the ignoredHeaders list of
DKIMSigner * fixed crlf for subject using mail * fixed add soft line break
only when necessary * fixed escaping command-line args to Sendmail
--------------------------------------------------------------------------------
================================================================================
php-symfony-2.7.12-2.el7 (FEDORA-EPEL-2016-b61c00ca48)
PHP framework for web projects
--------------------------------------------------------------------------------
Update Information:
**Version 2.7.12** (2016-04-29) * bug #18180 [Form] fixed BC break with pre
selection of choices with `ChoiceType` and its children (HeahDude) * bug #18562
[WebProfilerBunde] Give an absolute url in case the request occured from another
domain (romainneutron) * bug #18603 [PropertyAccess] ->getValue() should be
read-only (nicolas-grekas) * bug #18593 [VarDumper] Fix dumping type hints for
non-existing parent classes (nicolas-grekas) * bug #18581 [Console]
[TableHelper] make it work with SymfonyStyle. (aitboudad) * bug #18280
[Routing] add query param if value is different from default (Tobion) * bug
#18496 [Console] use ANSI escape sequences in ProgressBar overwrite method
(alekitto) * bug #18491 [DependencyInjection] anonymous services are always
private (xabbuh) * bug #18515 [Filesystem] Better error handling in remove()
(nicolas-grekas) * bug #18449 [PropertyAccess] Fix regression (nicolas-grekas)
* bug #18429 [Console] Correct time formatting. (camporter) * bug #18467
[DependencyInjection] Resolve aliases before removing abstract services + add
tests (nicolas-grekas) * bug #18460 [DomCrawler] Fix select option with empty
value (Matt Wells) * bug #18425 [Security] Fixed SwitchUserListener when
exiting an impersonation with AnonymousToken (lyrixx) * bug #18317 [Form] fix
"prototype" not required when parent form is not required (HeahDude) * bug
#18439 [Logging] Add support for Firefox (43+) in ChromePhpHandler (arjenm) *
bug #18385 Detect CLI color support for Windows 10 build 10586 (mlocati) * bug
#18426 [EventDispatcher] Try first if the event is Stopped (lyrixx) * bug
#18394 [FrameworkBundle] Return the invokable service if its name is the class
name (dunglas) * bug #18265 Optimize ReplaceAliasByActualDefinitionPass (ajb-
in) * bug #18349 [Process] Fix stream_select priority when writing to stdin
(nicolas-grekas) * bug #18358 [Form] NumberToLocalizedStringTransformer should
return floats when possible (nicolas-grekas) * bug #17926 [DependencyInjection]
Enable alias for service_container (hason) * bug #18352 [Debug] Fix case
sensitivity checks (nicolas-grekas) * bug #18336 [Debug] Fix handling of php7
throwables (nicolas-grekas) * bug #18354 [FrameworkBundle][TwigBridge] fix high
deps tests (xabbuh) * bug #18312 [ClassLoader] Fix storing not-found classes in
APC cache (nicolas-grekas) * bug #18298 [Validator] do not treat payload as
callback (xabbuh)
--------------------------------------------------------------------------------
================================================================================
python-assimulo-2.9-1.el7 (FEDORA-EPEL-2016-13431dd0e0)
Ordinary differential and differential algebraic equations solver
--------------------------------------------------------------------------------
Update Information:
- Update to 2.9
--------------------------------------------------------------------------------
================================================================================
python-whoosh-2.7.4-1.el7 (FEDORA-EPEL-2016-2bab5ad96d)
Fast, pure-Python full text indexing, search, and spell checking library
--------------------------------------------------------------------------------
Update Information:
Update to 2.7.4 ReviewBoard: Rebuild for dependency on python-whoosh 2.6+
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1326976 - ReviewBoard-2.5.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1326976
--------------------------------------------------------------------------------
================================================================================
uget-2.1.3-2.respin2.el7 (FEDORA-EPEL-2016-13b071f0ea)
Download manager using GTK+ and libcurl
--------------------------------------------------------------------------------
Update Information:
rebuild for EPEL 7
--------------------------------------------------------------------------------
Nice to meet you, all!
My name is Tomohiro Ichikawa.
I am a DevOps engineer in Japan.
I have posted a review request of python-jinja2-27 for EPEL6.
(https://bugzilla.redhat.com/show_bug.cgi?id=1331923)
Jinja2 is used by "Ansible". and Jinja-2.7 have many useful function
to write Ansible Playbooks. e.g. map filter, select filter and more.
Now, in EL7, Jinja2 version is 2.7, but it is 2.6 in
EL6(python-jinja2-26 in EPEL6).
This mean that runnable playbooks on EL7 may not be able to run on EL6.
Therefore, I thought that I want to provide Jinja-2.7 via EPEL6. and I
have built python-jinja2-27.
If it is realized, many ansible users can write runnable playbooks on
both EL6 and EL7.
I'm waiting for my sponsor.
Tomohiro Ichikawa
The following Fedora EPEL 6 Security updates need testing:
Age URL
316 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828 chicken-4.9.0.1-4.el6
298 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6
292 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6
224 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6
182 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6
154 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6
47 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8fbd838843 dropbear-2016.72-1.el6
47 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-7640e3144a proftpd-1.3.3g-9.el6
40 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-30a8346813 vtun-3.0.1-10.el6
14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e912272569 asterisk-1.8.32.3-2.el6 libsrtp-1.5.4-3.el6 pjproject-2.3-7.el6
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-09ad0ba4a5 ansible-2.0.2.0-1.el6
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-522ecc9bb5 roundcubemail-1.0.9-1.el6
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-9ead85c2cf php-getid3-1.9.12-1.el6
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-45e9f8440b cacti-0.8.8g-2.el6
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-5c482c7c47 ansible1.9-1.9.6-2.el6
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-3a058562a6 pgpdump-0.30-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
libisofs1-1.4.2-3.el6
php-ZendFramework-1.12.18-1.el6
qt5-qtbase-5.6.0-13.el6
Details about builds:
================================================================================
libisofs1-1.4.2-3.el6 (FEDORA-EPEL-2016-88e31bd2ae)
Library to create ISO 9660 disk images
--------------------------------------------------------------------------------
Update Information:
Libisofs is a library to create an ISO-9660 filesystem and supports extensions
like RockRidge or Joliet. It is also a full featured ISO-9660 editor, allowing
you to modify an ISO image or multisession disc, including file addition or
removal, change of file names and attributes etc. It supports the extension AAIP
which allows to store ACLs and xattr in ISO-9660 filesystems as well. As it is
linked with zlib, it supports zisofs compression, too.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #744416 - Review Request: libisofs1 - Library to create ISO 9660 disk images
https://bugzilla.redhat.com/show_bug.cgi?id=744416
--------------------------------------------------------------------------------
================================================================================
php-ZendFramework-1.12.18-1.el6 (FEDORA-EPEL-2016-5594062c3b)
Leading open-source PHP framework
--------------------------------------------------------------------------------
Update Information:
Zend Framework 1.12.18 (2016-04-13) =================================== *
Please Remove YouTube Zend GData Page * PHP7 debug_backtrace BC break *
Solve problem with subqueries in SELECT block * List-separator attribute is
not being unset for MultiCheckboxes due to a typo. * Wrong regex pattern in
Zend_Validate_Iban class * VERSION constant incorrect for 1.12.17 release tag.
* ZF2015-09: The Zend_Crypt_MathTest should run on PHP 5.2/5.3 * Update
Vagrantfile to use Rasmus' php7 box * ZF2015-08 breaks binary data *
zf1-extra is missing in release-1.12.17 * Fix for 655 issue * Wrong PHPDoc
in Zend_Mail * Non-existing method getRequired() in Zend_Form-Elements docs
* Zend_Form_Element_Button::isChecked has wrong documentation Zend Framework
1.12.17 (2015-11-23) =================================== * Fixes null byte
tests in `Zend_Db_Adapter_Pdo` * Updates the TLD list for
`Zend_Validate_Hostname` to version 2015102801.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1328032 - ZF2015-08 breaks binary data
https://bugzilla.redhat.com/show_bug.cgi?id=1328032
--------------------------------------------------------------------------------
================================================================================
qt5-qtbase-5.6.0-13.el6 (FEDORA-EPEL-2016-18eff5e442)
Qt5 - QtBase components
--------------------------------------------------------------------------------
Update Information:
-devel: Provides: qt5-qtbase-private-devel
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1233829 - Qt5: private headers/interfaces
https://bugzilla.redhat.com/show_bug.cgi?id=1233829
--------------------------------------------------------------------------------
The following Fedora EPEL 5 Security updates need testing:
Age URL
690 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-1626 puppet-2.7.26-1.el5
539 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-3849 sblim-sfcb-1.3.8-2.el5
182 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-edbea40516 mcollective-2.8.4-1.el5
154 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-582c8075e6 thttpd-2.25b-24.el5
47 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-bafacd5846 proftpd-1.3.3g-5.el5
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-5a99f2af94 git-1.8.2.3-1.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
php-ZendFramework-1.12.18-1.el5
Details about builds:
================================================================================
php-ZendFramework-1.12.18-1.el5 (FEDORA-EPEL-2016-6d2eb8549d)
Leading open-source PHP framework
--------------------------------------------------------------------------------
Update Information:
Zend Framework 1.12.18 (2016-04-13) =================================== *
Please Remove YouTube Zend GData Page * PHP7 debug_backtrace BC break *
Solve problem with subqueries in SELECT block * List-separator attribute is
not being unset for MultiCheckboxes due to a typo. * Wrong regex pattern in
Zend_Validate_Iban class * VERSION constant incorrect for 1.12.17 release tag.
* ZF2015-09: The Zend_Crypt_MathTest should run on PHP 5.2/5.3 * Update
Vagrantfile to use Rasmus' php7 box * ZF2015-08 breaks binary data *
zf1-extra is missing in release-1.12.17 * Fix for 655 issue * Wrong PHPDoc
in Zend_Mail * Non-existing method getRequired() in Zend_Form-Elements docs
* Zend_Form_Element_Button::isChecked has wrong documentation Zend Framework
1.12.17 (2015-11-23) =================================== * Fixes null byte
tests in `Zend_Db_Adapter_Pdo` * Updates the TLD list for
`Zend_Validate_Hostname` to version 2015102801.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1328032 - ZF2015-08 breaks binary data
https://bugzilla.redhat.com/show_bug.cgi?id=1328032
--------------------------------------------------------------------------------
The following Fedora EPEL 7 Security updates need testing:
Age URL
420 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7
182 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7
48 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-785fc9a2ea dropbear-2016.72-1.el7
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-56e02a47c7 ansible-2.0.2.0-1.el7
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-d398cc4c6c roundcubemail-1.1.5-1.el7
7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-017aadcc97 php-getid3-1.9.12-1.el7
7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-aad55a428b w3m-0.5.3-20.el7
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-c731bc5ec0 cacti-0.8.8g-1.el7
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-af216d3233 ansible1.9-1.9.6-2.el7
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-2a74e47381 pgpdump-0.30-1.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-4f1d69369e openvas-cli-1.4.4-1.el7 openvas-gsa-6.0.10-3.el7 openvas-libraries-8.0.7-2.el7 openvas-manager-6.0.8-2.el7 openvas-scanner-5.0.5-3.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-cd0af81454 botan-1.10.13-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
arp-scan-1.8.4-7.el7
botan-1.10.13-1.el7
libisofs1-1.4.2-3.el7
libraqm-0.1.1-1.el7
php-ZendFramework-1.12.18-1.el7
qt5-qtbase-5.6.0-13.el7
tinc-1.0.28-1.el7
yad-0.36.2-1.el7
Details about builds:
================================================================================
arp-scan-1.8.4-7.el7 (FEDORA-EPEL-2016-e1e1d439e4)
Scanning and fingerprinting tool
--------------------------------------------------------------------------------
Update Information:
Porting to EPEL7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1292219 - epel7 tuxcut Requires unavailable arp-scan
https://bugzilla.redhat.com/show_bug.cgi?id=1292219
[ 2 ] Bug #1145290 - Please build an EPEL7 build of arp-scan
https://bugzilla.redhat.com/show_bug.cgi?id=1145290
--------------------------------------------------------------------------------
================================================================================
botan-1.10.13-1.el7 (FEDORA-EPEL-2016-cd0af81454)
Crypto library written in C++
--------------------------------------------------------------------------------
Update Information:
From the upstream release notes: Botan 1.10.13 has been released backporting
some side channel protections for ECDSA signatures (CVE-2016-2849) and PKCS #1
RSA decryption (CVE-2015-7827).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1330875 - CVE-2016-2849 CVE-2016-2850 botan: two issues fixed in 1.11.29
https://bugzilla.redhat.com/show_bug.cgi?id=1330875
[ 2 ] Bug #1311989 - CVE-2015-7827 botan: PKCS #1 decoding not in constant time
https://bugzilla.redhat.com/show_bug.cgi?id=1311989
--------------------------------------------------------------------------------
================================================================================
libisofs1-1.4.2-3.el7 (FEDORA-EPEL-2016-872f0b825c)
Library to create ISO 9660 disk images
--------------------------------------------------------------------------------
Update Information:
Libisofs is a library to create an ISO-9660 filesystem and supports extensions
like RockRidge or Joliet. It is also a full featured ISO-9660 editor, allowing
you to modify an ISO image or multisession disc, including file addition or
removal, change of file names and attributes etc. It supports the extension AAIP
which allows to store ACLs and xattr in ISO-9660 filesystems as well. As it is
linked with zlib, it supports zisofs compression, too.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #744416 - Review Request: libisofs1 - Library to create ISO 9660 disk images
https://bugzilla.redhat.com/show_bug.cgi?id=744416
--------------------------------------------------------------------------------
================================================================================
libraqm-0.1.1-1.el7 (FEDORA-EPEL-2016-31501b1f76)
Complex Textlayout Library
--------------------------------------------------------------------------------
Update Information:
Raqm is a small library that encapsulates the logic for complex text layout
and provide a convenient API. It currently provides bidirectional text support
(using FriBiDi), shaping (using HarfBuzz), and proper script itemization. As a
result, Raqm can support most writing systems covered by Unicode. The
documentation can be accessed on the web at: http://host-
oman.github.io/libraqm/ Raqm (Arabic: ����������) is writing, also number or digit
and the Arabic word for digital (����������������) shares the same root, so it is a play
on ���digital writing���.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1329807 - Review Request: libraqm - Complex Textlayout Library
https://bugzilla.redhat.com/show_bug.cgi?id=1329807
--------------------------------------------------------------------------------
================================================================================
php-ZendFramework-1.12.18-1.el7 (FEDORA-EPEL-2016-b5e1f4e4b7)
Leading open-source PHP framework
--------------------------------------------------------------------------------
Update Information:
Zend Framework 1.12.18 (2016-04-13) =================================== *
Please Remove YouTube Zend GData Page * PHP7 debug_backtrace BC break *
Solve problem with subqueries in SELECT block * List-separator attribute is
not being unset for MultiCheckboxes due to a typo. * Wrong regex pattern in
Zend_Validate_Iban class * VERSION constant incorrect for 1.12.17 release tag.
* ZF2015-09: The Zend_Crypt_MathTest should run on PHP 5.2/5.3 * Update
Vagrantfile to use Rasmus' php7 box * ZF2015-08 breaks binary data *
zf1-extra is missing in release-1.12.17 * Fix for 655 issue * Wrong PHPDoc
in Zend_Mail * Non-existing method getRequired() in Zend_Form-Elements docs
* Zend_Form_Element_Button::isChecked has wrong documentation Zend Framework
1.12.17 (2015-11-23) =================================== * Fixes null byte
tests in `Zend_Db_Adapter_Pdo` * Updates the TLD list for
`Zend_Validate_Hostname` to version 2015102801.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1328032 - ZF2015-08 breaks binary data
https://bugzilla.redhat.com/show_bug.cgi?id=1328032
--------------------------------------------------------------------------------
================================================================================
qt5-qtbase-5.6.0-13.el7 (FEDORA-EPEL-2016-d542a893b1)
Qt5 - QtBase components
--------------------------------------------------------------------------------
Update Information:
-devel: Provides: qt5-qtbase-private-devel
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1233829 - Qt5: private headers/interfaces
https://bugzilla.redhat.com/show_bug.cgi?id=1233829
--------------------------------------------------------------------------------
================================================================================
tinc-1.0.28-1.el7 (FEDORA-EPEL-2016-74c0c91ef9)
A virtual private network daemon
--------------------------------------------------------------------------------
Update Information:
Use upstream service units
--------------------------------------------------------------------------------
================================================================================
yad-0.36.2-1.el7 (FEDORA-EPEL-2016-973b6e33bf)
Display graphical dialogs from shell scripts or command line
--------------------------------------------------------------------------------
Update Information:
update to 0.36.2 ---- Yad update to 0.36.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1331995 - yad-0.36.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1331995
[ 2 ] Bug #1330795 - yad-0.36.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1330795
--------------------------------------------------------------------------------
The following Fedora EPEL 7 Security updates need testing:
Age URL
419 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7
181 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7
48 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-785fc9a2ea dropbear-2016.72-1.el7
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-56e02a47c7 ansible-2.0.2.0-1.el7
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-d398cc4c6c roundcubemail-1.1.5-1.el7
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-017aadcc97 php-getid3-1.9.12-1.el7
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-aad55a428b w3m-0.5.3-20.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-c731bc5ec0 cacti-0.8.8g-1.el7
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-af216d3233 ansible1.9-1.9.6-2.el7
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-2a74e47381 pgpdump-0.30-1.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-4f1d69369e openvas-cli-1.4.4-1.el7 openvas-gsa-6.0.10-3.el7 openvas-libraries-8.0.7-2.el7 openvas-manager-6.0.8-2.el7 openvas-scanner-5.0.5-3.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
389-ds-1.2.2-6.el7
composer-1.0.3-1.el7
gimpfx-foundry-2.6.1-5.el7
openvas-cli-1.4.4-1.el7
openvas-gsa-6.0.10-3.el7
openvas-libraries-8.0.7-2.el7
openvas-manager-6.0.8-2.el7
openvas-scanner-5.0.5-3.el7
re2-20160401-2.el7
Details about builds:
================================================================================
389-ds-1.2.2-6.el7 (FEDORA-EPEL-2016-db6741b498)
389 Directory, Administration, and Console Suite
--------------------------------------------------------------------------------
Update Information:
Rebuilt for epel7
--------------------------------------------------------------------------------
================================================================================
composer-1.0.3-1.el7 (FEDORA-EPEL-2016-ee5a85b9be)
Dependency Manager for PHP
--------------------------------------------------------------------------------
Update Information:
**Version 1.0.3** - 2016-04-29 * Security: Fixed possible command injection
from the env vars into our sudo detection * Fixed interactive authentication
with gitlab * Fixed class name replacement in plugins * Fixed classmap
generation mistakenly detecting anonymous classes * Fixed auto-detection of
stability flags in complex constraints like `2.0-dev || ^1.5` * Fixed content-
length handling when redirecting to very small responses ---- **Version
1.0.2** * Fixed regression in 1.0.1 on systems with mbstring.func_overload
enabled * Fixed regression in 1.0.1 that made dev packages update to the
latest reference even if not whitelisted in a partial update * Fixed init
command ignoring the COMPOSER env var for choosing the json file name * Fixed
error reporting bug when the dependency resolution fails * Fixed handling of
$ sign in composer config command in some cases it could corrupt the json file
---- **Version 1.0.1** * Fixed URL updating when a package's URL changes,
composer.lock now contains the right URL including correct reference * Fixed URL
updating of the origin git remote as well for packages installed as git clone *
Fixed binary .bat files generated from linux being incompatible with windows cmd
* Fixed handling of paths with trailing slashes in path repository * Fixed
create-project not using platform config when selecting a package * Fixed self-
update not showing the channel it uses to perform the update * Fixed file
downloads not failing loudly when the content does not match the Content-Length
header * Fixed secure-http detecting some malformed URLs as insecure * Updated
CA bundle Notice system CA is always preferred, bundled copy is only used as a
last chance fallback. ---- **Version 1.0.0** * Added support for
bitbucket-oauth configuration * Added warning when running composer as super
user, set COMPOSER_ALLOW_SUPERUSER=1 to hide the warning if you really must *
Added PluginManager::getGlobalComposer getter to retrieve the global instance
(which can be null!) * Fixed dependency solver error reporting in many cases
it now shows you proper errors instead of just saying a package does not exist *
Fixed output of failed downloads appearing as 100% done instead of Failed *
Fixed handling of empty directories when archiving, they are not skipped anymore
* Fixed installation of broken plugins corrupting the vendor state when
combined with symlinked path repositories ---- **Version 1.0.0-beta2** *
Break: The install command now turns into an update command automatically if you
have no composer.lock. This was done only half-way before which caused
inconsistencies * Break: By default the remove command now removes
dependencies as well, and --update-with-dependencies is deprecated. Use --no-
update-with-dependencies to get old behavior * Added support for SSL_CERT_DIR
env var and openssl.capath ini value * Added some conflict detection in why-
not command * Added suggestion of root package's suggests in create-project
command * Fixed create-project ignoring --ignore-platform-reqs when choosing
a version of the package * Fixed search command in a directory without
composer.json * Fixed path repository handling of symlinks on windows *
Fixed PEAR repo handling to prefer HTTPS mirrors over HTTP ones * Fixed
handling of Path env var on Windows, only PATH was accepted before * Small
error reporting and docs improvements
--------------------------------------------------------------------------------
================================================================================
gimpfx-foundry-2.6.1-5.el7 (FEDORA-EPEL-2016-6103c4ed2e)
Additional GIMP plugins
--------------------------------------------------------------------------------
Update Information:
gimpfx-foundry plugin for GIMP returns in the repository
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1327929 - Review Request: gimpfx-foundry - Additional plugins for GIMP
https://bugzilla.redhat.com/show_bug.cgi?id=1327929
--------------------------------------------------------------------------------
================================================================================
openvas-cli-1.4.4-1.el7 (FEDORA-EPEL-2016-4f1d69369e)
Command-line tool to drive OpenVAS Manager
--------------------------------------------------------------------------------
Update Information:
Bump to latest upstream bugfix releases. Security fix for CVE-2016-1926
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1300683 - CVE-2016-1926 openvas-gsa: XSS vulnerability due to improper handling of the parameters of get_aggregate command
https://bugzilla.redhat.com/show_bug.cgi?id=1300683
--------------------------------------------------------------------------------
================================================================================
openvas-gsa-6.0.10-3.el7 (FEDORA-EPEL-2016-4f1d69369e)
Greenbone Security Assistant (GSA) is GUI to the OpenVAS
--------------------------------------------------------------------------------
Update Information:
Bump to latest upstream bugfix releases. Security fix for CVE-2016-1926
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1300683 - CVE-2016-1926 openvas-gsa: XSS vulnerability due to improper handling of the parameters of get_aggregate command
https://bugzilla.redhat.com/show_bug.cgi?id=1300683
--------------------------------------------------------------------------------
================================================================================
openvas-libraries-8.0.7-2.el7 (FEDORA-EPEL-2016-4f1d69369e)
Support libraries for Open Vulnerability Assessment (OpenVAS) Scanner
--------------------------------------------------------------------------------
Update Information:
Bump to latest upstream bugfix releases. Security fix for CVE-2016-1926
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1300683 - CVE-2016-1926 openvas-gsa: XSS vulnerability due to improper handling of the parameters of get_aggregate command
https://bugzilla.redhat.com/show_bug.cgi?id=1300683
--------------------------------------------------------------------------------
================================================================================
openvas-manager-6.0.8-2.el7 (FEDORA-EPEL-2016-4f1d69369e)
Manager Module for the Open Vulnerability Assessment System (OpenVAS)
--------------------------------------------------------------------------------
Update Information:
Bump to latest upstream bugfix releases. Security fix for CVE-2016-1926
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1300683 - CVE-2016-1926 openvas-gsa: XSS vulnerability due to improper handling of the parameters of get_aggregate command
https://bugzilla.redhat.com/show_bug.cgi?id=1300683
--------------------------------------------------------------------------------
================================================================================
openvas-scanner-5.0.5-3.el7 (FEDORA-EPEL-2016-4f1d69369e)
Open Vulnerability Assessment (OpenVAS) Scanner
--------------------------------------------------------------------------------
Update Information:
Bump to latest upstream bugfix releases. Security fix for CVE-2016-1926
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1300683 - CVE-2016-1926 openvas-gsa: XSS vulnerability due to improper handling of the parameters of get_aggregate command
https://bugzilla.redhat.com/show_bug.cgi?id=1300683
--------------------------------------------------------------------------------
================================================================================
re2-20160401-2.el7 (FEDORA-EPEL-2016-d8f84c6912)
C++ fast alternative to backtracking RE engines
--------------------------------------------------------------------------------
Update Information:
Update to 20160401, primarily for chromium.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1307988 - re2: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1307988
--------------------------------------------------------------------------------