January 2017 - epel-devel - Fedora Mailing-Lists

by updates＠fedoraproject.org

The following Fedora EPEL 7 Security updates need testing: Age URL 692 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 454 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 172 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-23fa04bf1c redis-3.2.3-1.el7 156 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8f4ff76b3 chicken-4.11.0-3.el7 36 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6e3dadcb1d pdns-recursor-3.7.4-1.el7 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-9bcc7b6164 mingw-nsis-3.01-1.el7 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-ad7467bd9c pdns-3.4.11-1.el7 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8cb1dcd776 python-crypto-2.6.1-13.el7 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-09ddf72aaa percona-xtrabackup-2.3.6-1.el7 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-cd2af02aae rabbitmq-server-3.3.5-31.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8533f605ab bubblewrap-0.1.7-1.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-555b5847ec drupal7-title-1.0-0.7.alpha9.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7fb94fc97a exim-4.88-3.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-b498a4859e moodle-3.1.4-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-cc2d96d683 wordpress-4.7.2-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing composer-1.3.2-1.el7 euca2ools-3.4.1-1.el7 janino-2.7.8-7.el7 libidn2-0.16-1.el7 pam_mapi-0.3.1-1.el7 perl-CHI-0.56-1.el7 perl-Mail-POP3Client-2.19-5.el7 perl-String-RewritePrefix-0.007-5.el7 perl-Test-Email-0.07-1.el7 php-PsrLog-1.0.2-2.el7 portmidi-217-15.el7 python-httpretty-0.8.14-2.20161011git70af1f8.el7 python-networkmanager-1.2.1-3.el7 wordpress-4.7.2-1.el7 Details about builds: ================================================================================ composer-1.3.2-1.el7 (FEDORA-EPEL-2017-ed9cef3635) Dependency Manager for PHP -------------------------------------------------------------------------------- Update Information: **Version 1.3.2** - 2017-01-27 * Added `COMPOSER_BINARY` env var that is defined within the scope of a Composer run automatically with the path to the phar file * Fixed create-project ending in a detached HEAD when installing aliased packages * Fixed composer show not returning non-zero exit code when the package does not exist * Fixed `@composer` handling in scripts when --working-dir is used together with it * Fixed private-GitLab handling of repos with dashes in them -------------------------------------------------------------------------------- ================================================================================ euca2ools-3.4.1-1.el7 (FEDORA-EPEL-2017-52d0b822e3) Eucalyptus/AWS-compatible command line tools -------------------------------------------------------------------------------- Update Information: This update adds support for NAT gateways, CloudFormation template attributes, new AWS regions, and more. For a complete list of changes, see the [upstream release notes](https://docs.eucalyptus.com/eucalyptus/4.3.1/#euca2ools-release- notes/rn_index_3.4.0.html). -------------------------------------------------------------------------------- ================================================================================ janino-2.7.8-7.el7 (FEDORA-EPEL-2017-4260551a2e) An embedded Java compiler -------------------------------------------------------------------------------- Update Information: Package janino for EPEL7 (bz#1288319) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288319 - Branch and build janino for EPEL7 https://bugzilla.redhat.com/show_bug.cgi?id=1288319 -------------------------------------------------------------------------------- ================================================================================ libidn2-0.16-1.el7 (FEDORA-EPEL-2017-7ed806af72) Library to support IDNA2008 internationalized domain names -------------------------------------------------------------------------------- Update Information: Libidn2 0.16 (released 2017-01-16) ================================== * build: Fix idn2_cmd.h build rule * API and ABI is backwards compatible with the previous version Libidn2 0.15 (released 2017-01-14) ================================== * Fix out-of-bounds read * Fix NFC input conversion (regression) * Shrink TR46 static mapping data * API and ABI is backwards compatible with the previous version Libidn2 0.14 (released 2016-12-30) ================================== * build: Fix gentr46map build * API and ABI is backwards compatible with the previous version Libidn2 0.13 (released 2016-12-29) ================================== * build: Doesn't download external files during build * doc: Clarify license * build: Generate ChangeLog file properly * doc: API documentation related to TR46 flags * API and ABI is backwards compatible with the previous version Libidn2 0.12 (released 2016-12-26) ================================== * All changes by Tim R��hsen <tim.ruehsen(a)gmx.de> except stated otherwise * Builds/links with libunistring * Fix two possible crashes with unchecked NULL pointers * Memleak fix, reported by Hanno B��ck <hanno(a)hboeck.de> * Binary search for codepoints in tables * Do not taint output variable on error in idn2_register_u8() * Do not taint output variable on error in idn2_lookup_u8() * Update to Unicode 6.3.0 IDNA tables * Add TR46 / UTS#46 support to API and idn2 utility * Add NFC quick check * Add make target 'check-coverage' for test coverage report * Add tests to increase test code coverage * API and ABI is backwards compatible with the previous version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1416642 - libidn2-0.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=1416642 -------------------------------------------------------------------------------- ================================================================================ pam_mapi-0.3.1-1.el7 (FEDORA-EPEL-2017-0ddb3083cd) PAM module for authentication via MAPI against a Zarafa server -------------------------------------------------------------------------------- Update Information: Update to pam_mapi 0.3.1 -------------------------------------------------------------------------------- ================================================================================ perl-CHI-0.56-1.el7 (FEDORA-EPEL-2017-7f17ee4e9a) Unified cache handling interface -------------------------------------------------------------------------------- Update Information: First EPEL 7 build. -------------------------------------------------------------------------------- ================================================================================ perl-Mail-POP3Client-2.19-5.el7 (FEDORA-EPEL-2017-9d603f24bc) Perl 5 module to talk to a POP3 (RFC1939) server -------------------------------------------------------------------------------- Update Information: First EPEL 7 build. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1108389 - Build perl-Mail-POP3Client for EPEL7 https://bugzilla.redhat.com/show_bug.cgi?id=1108389 -------------------------------------------------------------------------------- ================================================================================ perl-String-RewritePrefix-0.007-5.el7 (FEDORA-EPEL-2017-b29e3e60b1) Rewrite strings based on a set of known prefixes -------------------------------------------------------------------------------- Update Information: First EPEL 7 build. -------------------------------------------------------------------------------- ================================================================================ perl-Test-Email-0.07-1.el7 (FEDORA-EPEL-2017-3aee729190) Test Email Contents -------------------------------------------------------------------------------- Update Information: First EPEL 7 build. -------------------------------------------------------------------------------- ================================================================================ php-PsrLog-1.0.2-2.el7 (FEDORA-EPEL-2017-65219506d8) Common interface for logging libraries -------------------------------------------------------------------------------- Update Information: ### 1.0.2 * Fixed test suite fix in 1.0.1 to use a more appropriate phpunit method * Fixed return types to be void instead of null -------------------------------------------------------------------------------- References: [ 1 ] Bug #1416878 - package does not require autoloader https://bugzilla.redhat.com/show_bug.cgi?id=1416878 -------------------------------------------------------------------------------- ================================================================================ portmidi-217-15.el7 (FEDORA-EPEL-2017-c4679da580) Real-time Midi I/O Library -------------------------------------------------------------------------------- Update Information: First EPEL 7 build. -------------------------------------------------------------------------------- ================================================================================ python-httpretty-0.8.14-2.20161011git70af1f8.el7 (FEDORA-EPEL-2017-c55ef90cdb) HTTP request mock tool for Python -------------------------------------------------------------------------------- Update Information: This update fixes a bug Garrett Holmstrom noticed in the previous update, whereby the `setUp` and `tearDown` methods do not call `reset`. This could cause problems for some test suites. Thanks to Garrett for the report. -------------------------------------------------------------------------------- ================================================================================ python-networkmanager-1.2.1-3.el7 (FEDORA-EPEL-2017-9c4df59192) Easy communication with NetworkManager -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1412801 - Review Request: python-networkmanager - Easy communication with NetworkManager https://bugzilla.redhat.com/show_bug.cgi?id=1412801 -------------------------------------------------------------------------------- ================================================================================ wordpress-4.7.2-1.el7 (FEDORA-EPEL-2017-cc2d96d683) Blog tool and publishing platform -------------------------------------------------------------------------------- Update Information: **WordPress 4.7.2 Security Release** WordPress 4.7.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.1 and earlier are affected by three security issues: * The user interface for assigning taxonomy terms in Press This is shown to users who do not have permissions to use it. Reported by David Herrera of Alley Interactive. * WP_Query is vulnerable to a SQL injection (SQLi) when passing unsafe data. WordPress core is not directly vulnerable to this issue, but we��ve added hardening to prevent plugins and themes from accidentally causing a vulnerability. Reported by Mo Jangda (batmoo). * A cross-site scripting (XSS) vulnerability was discovered in the posts list table. Reported by Ian Dunn of the WordPress Security Team. ---- **WordPress 4.7.1** Security and Maintenance Release This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7 and earlier are affected by eight security issues: * Remote code execution (RCE) in PHPMailer �� No specific issue appears to affect WordPress or any of the major plugins we investigated but, out of an abundance of caution, we updated PHPMailer in this release. This issue was reported to PHPMailer by Dawid Golunski and Paul Buonopane. * The REST API exposed user data for all users who had authored a post of a public post type. WordPress 4.7.1 limits this to only post types which have specified that they should be shown within the REST API. Reported by Krogsgard and Chris Jean. * Cross-site scripting (XSS) via the plugin name or version header on update-core.php. Reported by Dominik Schilling of the WordPress Security Team. * Cross-site request forgery (CSRF) bypass via uploading a Flash file. Reported by Abdullah Hussam. * Cross-site scripting (XSS) via theme name fallback. Reported by Mehmet Ince. * Post via email checks mail.example.com if default settings aren��t changed. Reported by John Blackbourn of the WordPress Security Team. * A cross-site request forgery (CSRF) was discovered in the accessibility mode of widget editing. Reported by Ronnie Skansing. * Weak cryptographic security for multisite activation key. Reported by Jack. Thank you to the reporters for practicing responsible disclosure. In addition to the security issues above, WordPress 4.7.1 fixes 62 bugs from 4.7. For more information, see the [release notes](https://codex.wordpress.org/Version_4.7.1) or consult the [list of changes](https://core.trac.wordpress.org/query?milestone=4.7.1). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1417158 - wordpress: Multiple security fixes in 4.7.2 https://bugzilla.redhat.com/show_bug.cgi?id=1417158 --------------------------------------------------------------------------------

6 years, 8 months

1
0
0 / 0

Fedora EPEL 6 updates-testing report

by updates＠fedoraproject.org

The following Fedora EPEL 6 Security updates need testing: Age URL 570 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 564 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 495 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6 454 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 426 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6 156 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8594ed3a53 chicken-4.11.0-3.el6 36 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac libbsd-0.8.3-2.el6 21 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8c6c7bf06e dbus-sharp-0.7.0-16.el6 dbus-sharp-glib-0.5.0-14.el6 mono-4.2.4-9.el6 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-663073e313 pdns-recursor-3.7.4-1.el6 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-dbfb398104 ansible-2.2.1.0-1.el6 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-947f112da5 opus-1.1.3-2.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5bc0e8fa7d drupal7-title-1.0-0.7.alpha9.el6 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-3931ee489b exim-4.88-2.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-0b96f86793 wordpress-4.7.2-1.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing euca2ools-3.4.1-1.el6 fail2ban-0.9.6-1.el6 fuse-encfs-1.7.4-25.el6 libidn2-0.16-1.el6 pam_mapi-0.3.1-1.el6 php-PsrLog-1.0.2-2.el6 python-boto-2.45.0-3.el6 python-httpretty-0.8.14-2.20161011git70af1f8.el6 wordpress-4.7.2-1.el6 Details about builds: ================================================================================ euca2ools-3.4.1-1.el6 (FEDORA-EPEL-2017-43f23133a2) Eucalyptus/AWS-compatible command line tools -------------------------------------------------------------------------------- Update Information: This update adds support for NAT gateways, CloudFormation template attributes, new AWS regions, and more. For a complete list of changes, see the [upstream release notes](https://docs.eucalyptus.com/eucalyptus/4.3.1/#euca2ools-release- notes/rn_index_3.4.0.html). -------------------------------------------------------------------------------- ================================================================================ fail2ban-0.9.6-1.el6 (FEDORA-EPEL-2017-29fc2c3aac) Ban IPs that make too many password failures -------------------------------------------------------------------------------- Update Information: Update to 0.9.6: * Misleading add resp. enable of (already available) jail in database, that induced a subsequent error: last position of log file will be never retrieved (gh-795) * Fixed a distribution related bug within testReadStockJailConfForceEnabled (e.g. test-cases faults on Fedora, see gh-1353) * Fixed pythonic filters and test scripts (running via wrong python version, uses "fail2ban-python" now); * Fixed test case "testSetupInstallRoot" for not default python version (also using direct call, out of virtualenv); * Fixed ambiguous wrong recognized date pattern resp. its optional parts (see gh-1512); * FIPS compliant, use sha1 instead of md5 if it not allowed (see gh-1540) * Monit config: scripting is not supported in path (gh-1556) * `filter.d/apache-modsecurity.conf` - Fixed for newer version (one space, gh-1626), optimized: non-greedy catch-all replaced for safer match, unneeded catch-all anchoring removed, non-capturing * `filter.d/asterisk.conf` - Fixed to match different asterisk log prefix (source file: method:) * `filter.d/dovecot.conf` - Fixed failregex ignores failures through some not relevant info (gh-1623) * `filter.d/ignorecommands/apache-fakegooglebot` - Fixed error within apache-fakegooglebot, that will be called with wrong python version (gh-1506) * `filter.d/assp.conf` - Extended failregex and test cases to handle ASSP V1 and V2 (gh-1494) * `filter.d/postfix-sasl.conf` - Allow for having no trailing space after 'failed:' (gh-1497) * `filter.d/vsftpd.conf` - Optional reason part in message after FAIL LOGIN (gh-1543) * `filter.d/sendmail-reject.conf` - removed mandatory double space (if dns-host available, gh-1579) * filter.d/sshd.conf - recognized "Failed publickey for" (gh-1477); - optimized failregex to match all of "Failed any- method for ... from <HOST>" (gh-1479) - eliminated possible complex injections (on user-name resp. auth-info, see gh-1479) - optional port part after host (see gh-1533, gh-1581) * New Actions: - `action.d/npf.conf` for NPF, the latest packet filter for NetBSD * New Filters: - `filter.d/mongodb- auth.conf` for MongoDB (document-oriented NoSQL database engine) (gh-1586, gh-1606 and gh-1607) * DateTemplate regexp extended with the word-end boundary, additionally to word-start boundary * Introduces new command "fail2ban- python", as automatically created symlink to python executable, where fail2ban currently installed (resp. its modules are located): - allows to use the same version, fail2ban currently running, e.g. in external scripts just via replace python with fail2ban-python: ```diff -#!/usr/bin/env python +#!/usr/bin/env fail2ban-python ``` - always the same pickle protocol - the same (and also guaranteed available) fail2ban modules - simplified stand-alone install, resp. stand-alone installation possibility via setup (like gh-1487) is getting closer * Several test cases rewritten using new methods assertIn, assertNotIn * New forward compatibility method assertRaisesRegexp (normally python >= 2.7). Methods assertIn, assertNotIn, assertRaisesRegexp, assertLogged, assertNotLogged are test covered now * Jail configuration extended with new syntax to pass options to the backend (see gh-1408), examples: - `backend = systemd[journalpath=/run/log/journal/machine-1]` - `backend = systemd[journalfiles="/run/log/journal/machine-1/system.journal, /run/log/journal/machine-1/user.journal"]` - `backend = systemd[journalflags=2]` ---- Update to 0.9.5 - https://github.com/fail2ban/fail2ban/releases/tag/0.9.5 -------------------------------------------------------------------------------- ================================================================================ fuse-encfs-1.7.4-25.el6 (FEDORA-EPEL-2017-d85acd2a5a) Encrypted pass-thru filesystem in userspace -------------------------------------------------------------------------------- Update Information: Unretired package for el6. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1398962 - rpm fuse-encfs is missing for el6 https://bugzilla.redhat.com/show_bug.cgi?id=1398962 -------------------------------------------------------------------------------- ================================================================================ libidn2-0.16-1.el6 (FEDORA-EPEL-2017-a0badf9d34) Library to support IDNA2008 internationalized domain names -------------------------------------------------------------------------------- Update Information: Libidn2 0.16 (released 2017-01-16) ================================== * build: Fix idn2_cmd.h build rule * API and ABI is backwards compatible with the previous version Libidn2 0.15 (released 2017-01-14) ================================== * Fix out-of-bounds read * Fix NFC input conversion (regression) * Shrink TR46 static mapping data * API and ABI is backwards compatible with the previous version Libidn2 0.14 (released 2016-12-30) ================================== * build: Fix gentr46map build * API and ABI is backwards compatible with the previous version Libidn2 0.13 (released 2016-12-29) ================================== * build: Doesn't download external files during build * doc: Clarify license * build: Generate ChangeLog file properly * doc: API documentation related to TR46 flags * API and ABI is backwards compatible with the previous version Libidn2 0.12 (released 2016-12-26) ================================== * All changes by Tim R��hsen <tim.ruehsen(a)gmx.de> except stated otherwise * Builds/links with libunistring * Fix two possible crashes with unchecked NULL pointers * Memleak fix, reported by Hanno B��ck <hanno(a)hboeck.de> * Binary search for codepoints in tables * Do not taint output variable on error in idn2_register_u8() * Do not taint output variable on error in idn2_lookup_u8() * Update to Unicode 6.3.0 IDNA tables * Add TR46 / UTS#46 support to API and idn2 utility * Add NFC quick check * Add make target 'check-coverage' for test coverage report * Add tests to increase test code coverage * API and ABI is backwards compatible with the previous version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1416642 - libidn2-0.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=1416642 -------------------------------------------------------------------------------- ================================================================================ pam_mapi-0.3.1-1.el6 (FEDORA-EPEL-2017-f8d6e0d5c2) PAM module for authentication via MAPI against a Zarafa server -------------------------------------------------------------------------------- Update Information: Update to pam_mapi 0.3.1 -------------------------------------------------------------------------------- ================================================================================ php-PsrLog-1.0.2-2.el6 (FEDORA-EPEL-2017-1bab685154) Common interface for logging libraries -------------------------------------------------------------------------------- Update Information: ### 1.0.2 * Fixed test suite fix in 1.0.1 to use a more appropriate phpunit method * Fixed return types to be void instead of null -------------------------------------------------------------------------------- References: [ 1 ] Bug #1416878 - package does not require autoloader https://bugzilla.redhat.com/show_bug.cgi?id=1416878 -------------------------------------------------------------------------------- ================================================================================ python-boto-2.45.0-3.el6 (FEDORA-EPEL-2017-ec83c9c31f) A simple, lightweight interface to Amazon Web Services -------------------------------------------------------------------------------- Update Information: This update adds support for EC2's ModifySubnetAttribute operation. -------------------------------------------------------------------------------- ================================================================================ python-httpretty-0.8.14-2.20161011git70af1f8.el6 (FEDORA-EPEL-2017-1cffc445e8) HTTP request mock tool for Python -------------------------------------------------------------------------------- Update Information: This update fixes a bug Garrett Holmstrom noticed in the previous update, whereby the `setUp` and `tearDown` methods do not call `reset`. This could cause problems for some test suites. Thanks to Garrett for the report. -------------------------------------------------------------------------------- ================================================================================ wordpress-4.7.2-1.el6 (FEDORA-EPEL-2017-0b96f86793) Blog tool and publishing platform -------------------------------------------------------------------------------- Update Information: **WordPress 4.7.2 Security Release** WordPress 4.7.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.1 and earlier are affected by three security issues: * The user interface for assigning taxonomy terms in Press This is shown to users who do not have permissions to use it. Reported by David Herrera of Alley Interactive. * WP_Query is vulnerable to a SQL injection (SQLi) when passing unsafe data. WordPress core is not directly vulnerable to this issue, but we��ve added hardening to prevent plugins and themes from accidentally causing a vulnerability. Reported by Mo Jangda (batmoo). * A cross-site scripting (XSS) vulnerability was discovered in the posts list table. Reported by Ian Dunn of the WordPress Security Team. ---- **WordPress 4.7.1** Security and Maintenance Release This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7 and earlier are affected by eight security issues: * Remote code execution (RCE) in PHPMailer �� No specific issue appears to affect WordPress or any of the major plugins we investigated but, out of an abundance of caution, we updated PHPMailer in this release. This issue was reported to PHPMailer by Dawid Golunski and Paul Buonopane. * The REST API exposed user data for all users who had authored a post of a public post type. WordPress 4.7.1 limits this to only post types which have specified that they should be shown within the REST API. Reported by Krogsgard and Chris Jean. * Cross-site scripting (XSS) via the plugin name or version header on update-core.php. Reported by Dominik Schilling of the WordPress Security Team. * Cross-site request forgery (CSRF) bypass via uploading a Flash file. Reported by Abdullah Hussam. * Cross-site scripting (XSS) via theme name fallback. Reported by Mehmet Ince. * Post via email checks mail.example.com if default settings aren��t changed. Reported by John Blackbourn of the WordPress Security Team. * A cross-site request forgery (CSRF) was discovered in the accessibility mode of widget editing. Reported by Ronnie Skansing. * Weak cryptographic security for multisite activation key. Reported by Jack. Thank you to the reporters for practicing responsible disclosure. In addition to the security issues above, WordPress 4.7.1 fixes 62 bugs from 4.7. For more information, see the [release notes](https://codex.wordpress.org/Version_4.7.1) or consult the [list of changes](https://core.trac.wordpress.org/query?milestone=4.7.1). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1417158 - wordpress: Multiple security fixes in 4.7.2 https://bugzilla.redhat.com/show_bug.cgi?id=1417158 --------------------------------------------------------------------------------

6 years, 8 months

1
0
0 / 0

Fedora EPEL 5 updates-testing report

by updates＠fedoraproject.org

The following Fedora EPEL 5 Security updates need testing: Age URL 811 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-3849 sblim-sfcb-1.3.8-2.el5 454 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-edbea40516 mcollective-2.8.4-1.el5 426 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-582c8075e6 thttpd-2.25b-24.el5 36 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-ce45574ab6 libbsd-0.8.3-2.el5 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-cfdd99a20e opus-1.0.3-2.el5 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-9ec4289f01 python-crypto-2.0.1-6.el5 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6060d622d3 irssi-0.8.21-1.el5 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-58347aa9ad libesmtp-1.0.4-8.el5 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-52eae70b76 wordpress-4.7.2-1.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing pam_mapi-0.3.1-1.el5 wordpress-4.7.2-1.el5 Details about builds: ================================================================================ pam_mapi-0.3.1-1.el5 (FEDORA-EPEL-2017-082fff39ce) PAM module for authentication via MAPI against a Zarafa server -------------------------------------------------------------------------------- Update Information: Update to pam_mapi 0.3.1 -------------------------------------------------------------------------------- ================================================================================ wordpress-4.7.2-1.el5 (FEDORA-EPEL-2017-52eae70b76) Blog tool and publishing platform -------------------------------------------------------------------------------- Update Information: **WordPress 4.7.2 Security Release** WordPress 4.7.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.1 and earlier are affected by three security issues: * The user interface for assigning taxonomy terms in Press This is shown to users who do not have permissions to use it. Reported by David Herrera of Alley Interactive. * WP_Query is vulnerable to a SQL injection (SQLi) when passing unsafe data. WordPress core is not directly vulnerable to this issue, but we��ve added hardening to prevent plugins and themes from accidentally causing a vulnerability. Reported by Mo Jangda (batmoo). * A cross-site scripting (XSS) vulnerability was discovered in the posts list table. Reported by Ian Dunn of the WordPress Security Team. ---- **WordPress 4.7.1** Security and Maintenance Release This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7 and earlier are affected by eight security issues: * Remote code execution (RCE) in PHPMailer �� No specific issue appears to affect WordPress or any of the major plugins we investigated but, out of an abundance of caution, we updated PHPMailer in this release. This issue was reported to PHPMailer by Dawid Golunski and Paul Buonopane. * The REST API exposed user data for all users who had authored a post of a public post type. WordPress 4.7.1 limits this to only post types which have specified that they should be shown within the REST API. Reported by Krogsgard and Chris Jean. * Cross-site scripting (XSS) via the plugin name or version header on update-core.php. Reported by Dominik Schilling of the WordPress Security Team. * Cross-site request forgery (CSRF) bypass via uploading a Flash file. Reported by Abdullah Hussam. * Cross-site scripting (XSS) via theme name fallback. Reported by Mehmet Ince. * Post via email checks mail.example.com if default settings aren��t changed. Reported by John Blackbourn of the WordPress Security Team. * A cross-site request forgery (CSRF) was discovered in the accessibility mode of widget editing. Reported by Ronnie Skansing. * Weak cryptographic security for multisite activation key. Reported by Jack. Thank you to the reporters for practicing responsible disclosure. In addition to the security issues above, WordPress 4.7.1 fixes 62 bugs from 4.7. For more information, see the [release notes](https://codex.wordpress.org/Version_4.7.1) or consult the [list of changes](https://core.trac.wordpress.org/query?milestone=4.7.1). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1417158 - wordpress: Multiple security fixes in 4.7.2 https://bugzilla.redhat.com/show_bug.cgi?id=1417158 --------------------------------------------------------------------------------

6 years, 8 months

1
0
0 / 0

Fedora EPEL 6 updates-testing report

by updates＠fedoraproject.org

The following Fedora EPEL 6 Security updates need testing: Age URL 569 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 563 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 495 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6 453 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 425 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6 155 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8594ed3a53 chicken-4.11.0-3.el6 35 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac libbsd-0.8.3-2.el6 20 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8c6c7bf06e dbus-sharp-0.7.0-16.el6 dbus-sharp-glib-0.5.0-14.el6 mono-4.2.4-9.el6 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-663073e313 pdns-recursor-3.7.4-1.el6 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-dbfb398104 ansible-2.2.1.0-1.el6 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-947f112da5 opus-1.1.3-2.el6 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5bc0e8fa7d drupal7-title-1.0-0.7.alpha9.el6 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-3931ee489b exim-4.88-2.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing beakerlib-1.15-1.el6 configsnap-0.11-2.el6 fedfind-3.4.0-1.el6 Details about builds: ================================================================================ beakerlib-1.15-1.el6 (FEDORA-EPEL-2017-626305b886) A shell-level integration testing library -------------------------------------------------------------------------------- Update Information: added rlIsCentOS similar to rlIsRHEL, bz1214190; added missing dependencies, bz1391969; make rlRun use internal variables with more unique name, bz1285804; fix rlRun exitcodes while using various switches, bz1303900; rlFileRestore now better distinquish betwwen various errorneous situations, bz1370453; rlService* won't be blocked be less(1) while systemctl redirection is in place, bz1383303; variable <libPrefix\>LibraryDir variable is created for all imported libraries, holding the path to the library source, bz1074487; all logging messages are now printed to stderr, bz1171881; wildcard %doc inclusion in spec, bz1206173; prevent unbound variables, bz1228264; new functions rlServiceEnabled/rlServiceDisable for enabling/disabling services, bz1234804; updated documentation for rlImport -all, bz1246061; rlAssertNotEquals now accept empty argument, bz1303618; rlRun now uses better filename for output log, bz1314700; fixed cosmetic discrepancy in log output, bz1374256; added documentation reference for bkrdoc, bz843823; added documentation of the testwatcher feature, bz1218169; rlServiceRestore can restore all saved services in no parameter provided, bz494318; rlCheckMount take mount options (ro/rw) into consideration, bz1191627; added documentation for LOG_LEVEL variable, bz581816 -------------------------------------------------------------------------------- ================================================================================ configsnap-0.11-2.el6 (FEDORA-EPEL-2017-33ef43756a) Record and compare system state -------------------------------------------------------------------------------- Update Information: Updated spec according to Fedora Guidelines -------------------------------------------------------------------------------- References: [ 1 ] Bug #1406786 - Review Request: configsnap - Record and compare system state https://bugzilla.redhat.com/show_bug.cgi?id=1406786 -------------------------------------------------------------------------------- ================================================================================ fedfind-3.4.0-1.el6 (FEDORA-EPEL-2017-ea65e1aeec) Fedora Finder finds Fedora -------------------------------------------------------------------------------- Update Information: This update provides a new version of fedfind with support for the new stable nightly Docker composes (they contain only Docker base images for a couple of arches), a new `get_current_stables` helper that returns a list of current stable Fedora release numbers, `url` and `direct_url` entries in the image dicts provided by `all_images`, and a couple of fixes for the live respin release handling. --------------------------------------------------------------------------------

6 years, 8 months

1
0
0 / 0

Orphaned Packages in epel5 (2017-01-27)

by Till Maas

The following packages are orphaned and will be retired when they are orphaned for six weeks, unless someone adopts them. If you know for sure that the package should be retired, please do so now with a proper reason: https://fedoraproject.org/wiki/How_to_remove_a_package_at_end_of_life Note: If you received this mail directly you (co)maintain one of the affected packages or a package that depends on one. Please adopt the affected package or retire your depending package to avoid broken dependencies, otherwise your package will be retired when the affected package gets retired. Package (co)maintainers Status Change =========================================================================== cssparser orphan, akurtakov, gil 5 weeks ago deltacloud-core orphan, clalance, mfojtik 2 weeks ago django-authopenid orphan, affix 0 weeks ago hadoop orphan, besser82, coolsvap, 1 weeks ago denisarnaud, moceap, rrati ircd-hybrid orphan, affix, mmahut 0 weeks ago kompose orphan 8 weeks ago libsodium orphan 6 weeks ago nntpgrab orphan, epienbro 3 weeks ago par2cmdline orphan, epienbro 3 weeks ago perl-RT-Extension- orphan, ke4qqq 2 weeks ago CommandByMail php-IDNA_Convert orphan, ke4qqq 2 weeks ago php-channel-htmlpurifier orphan, ke4qqq 2 weeks ago php-fpdf orphan, ke4qqq 2 weeks ago php-gettext orphan, ke4qqq, robert 2 weeks ago php-nusoap orphan, ke4qqq 2 weeks ago php-pear-File-Bittorrent2 orphan, ke4qqq 2 weeks ago php-pear-Spreadsheet-Excel- orphan, ke4qqq 2 weeks ago Writer php-simplepie orphan, ke4qqq, nb, trasher 2 weeks ago phpFlickr orphan, ke4qqq 2 weeks ago phpesp orphan, ke4qqq 2 weeks ago postal orphan, ke4qqq 2 weeks ago python-keyring orphan, rtnpro 9 weeks ago python-logilab-astng orphan, bcl 5 weeks ago python-logilab-common orphan, bcl 5 weeks ago pywbem orphan, ke4qqq, miminar 2 weeks ago rubygem-gherkin orphan, jstribny, mfojtik 2 weeks ago rubygem-http_connection orphan, mfojtik 2 weeks ago rubygem-net-ssh orphan, mfojtik 2 weeks ago rubygem-rack-test orphan 2 weeks ago rubygem-rbvmomi orphan, mfojtik 2 weeks ago rubygem-rerun orphan, jstribny, mfojtik 2 weeks ago rubygem-will_paginate orphan, mfojtik 2 weeks ago sahana orphan, ke4qqq 2 weeks ago spew orphan, ke4qqq 2 weeks ago zikula orphan, ke4qqq 2 weeks ago zikula-module-News orphan, ke4qqq 2 weeks ago The following packages require above mentioned packages: Depending on: par2cmdline (2), status change: 2017-01-05 (3 weeks ago) dar (maintained by: lbazan) dar-2.4.18-1.el5.x86_64 requires par2cmdline = 0.4-12.el5 backup-manager (maintained by: llaumgui) backup-manager-0.7.10-1.el5.noarch requires dar = 2.4.18-1.el5 Depending on: php-IDNA_Convert (4), status change: 2017-01-06 (2 weeks ago) php53-simplepie (maintained by: remi) php53-simplepie-1.3.1-5.el5.noarch requires php-IDNA_Convert = 0.8.0-1.el5 wordpress (maintained by: remi) wordpress-4.7-1.el5.noarch requires php53-simplepie = 1.3.1-5.el5 wordpress-plugin-bad-behavior (maintained by: nb) wordpress-plugin-bad-behavior-2.2.13-1.el5.noarch requires wordpress = 4.7-1.el5 wordpress-plugin-defaults (maintained by: herlo, nb) wordpress-plugin-defaults-2.1-1.el5.noarch requires wordpress = 4.7-1.el5 Depending on: python-logilab-astng (3), status change: 2016-12-16 (5 weeks ago) pylint (maintained by: lupinix, bcl) pylint-0.21.1-3.el5.noarch requires python-logilab-astng = 0.20.1-3.el5 nordugrid-arc (maintained by: ellert, jonkni) nordugrid-arc-5.2.1-1.el5.src requires pylint = 0.21.1-3.el5 spacewalk-pylint (maintained by: msuchy) spacewalk-pylint-0.5-1.el5.noarch requires pylint = 0.21.1-3.el5 Affected (co)maintainers affix: ircd-hybrid, django-authopenid akurtakov: cssparser bcl: python-logilab-common, python-logilab-astng besser82: hadoop clalance: deltacloud-core coolsvap: hadoop denisarnaud: hadoop ellert: python-logilab-astng epienbro: par2cmdline, nntpgrab gil: cssparser herlo: php-IDNA_Convert jonkni: python-logilab-astng jstribny: rubygem-rerun, rubygem-gherkin ke4qqq: sahana, php-fpdf, postal, php-pear-Spreadsheet-Excel-Writer, zikula, php-IDNA_Convert, php-channel-htmlpurifier, spew, phpesp, phpFlickr, pywbem, php-pear-File-Bittorrent2, php-gettext, php-simplepie, perl-RT-Extension-CommandByMail, zikula-module-News, php-nusoap lbazan: par2cmdline llaumgui: par2cmdline lupinix: python-logilab-astng mfojtik: deltacloud-core, rubygem-will_paginate, rubygem-rbvmomi, rubygem-rerun, rubygem-http_connection, rubygem-net-ssh, rubygem-gherkin miminar: pywbem mmahut: ircd-hybrid moceap: hadoop msuchy: python-logilab-astng nb: php-simplepie, php-IDNA_Convert remi: php-IDNA_Convert robert: php-gettext rrati: hadoop rtnpro: python-keyring trasher: php-simplepie Orphans (36): cssparser deltacloud-core django-authopenid hadoop ircd-hybrid kompose libsodium nntpgrab par2cmdline perl-RT-Extension-CommandByMail php-IDNA_Convert php-channel-htmlpurifier php-fpdf php-gettext php-nusoap php-pear-File-Bittorrent2 php-pear-Spreadsheet-Excel-Writer php-simplepie phpFlickr phpesp postal python-keyring python-logilab-astng python-logilab-common pywbem rubygem-gherkin rubygem-http_connection rubygem-net-ssh rubygem-rack-test rubygem-rbvmomi rubygem-rerun rubygem-will_paginate sahana spew zikula zikula-module-News Orphans (dependend on) (3): par2cmdline php-IDNA_Convert python-logilab-astng Orphans (epel5) for at least 6 weeks (dependend on) (0): Orphans (epel5)(not depended on) (33): cssparser deltacloud-core django-authopenid hadoop ircd-hybrid kompose libsodium nntpgrab perl-RT-Extension-CommandByMail php-channel-htmlpurifier php-fpdf php-gettext php-nusoap php-pear-File-Bittorrent2 php-pear-Spreadsheet-Excel-Writer php-simplepie phpFlickr phpesp postal python-keyring python-logilab-common pywbem rubygem-gherkin rubygem-http_connection rubygem-net-ssh rubygem-rack-test rubygem-rbvmomi rubygem-rerun rubygem-will_paginate sahana spew zikula zikula-module-News Orphans (epel5) for at least 6 weeks (not dependend on) (3): kompose libsodium python-keyring Depending packages (epel5) (9): backup-manager dar nordugrid-arc php53-simplepie pylint spacewalk-pylint wordpress wordpress-plugin-bad-behavior wordpress-plugin-defaults Packages depending on packages orphaned (epel5) for more than 6 weeks (0): Not found in repo (epel5) (16): cssparser deltacloud-core hadoop kompose perl-RT-Extension-CommandByMail php-gettext php-pear-File-Bittorrent2 phpesp postal python-keyring rubygem-http_connection rubygem-net-ssh rubygem-rbvmomi rubygem-rerun rubygem-will_paginate spew -- The script creating this output is run and developed by Fedora Release Engineering. Please report issues at its trac instance: https://fedorahosted.org/rel-eng/ The sources of this script can be found at: https://pagure.io/releng/blob/master/f/scripts/find_unblocked_orphans.py

6 years, 8 months

1
0
0 / 0

Orphaned Packages in epel7 (2017-01-27)

by Till Maas

The following packages are orphaned and will be retired when they are orphaned for six weeks, unless someone adopts them. If you know for sure that the package should be retired, please do so now with a proper reason: https://fedoraproject.org/wiki/How_to_remove_a_package_at_end_of_life Note: If you received this mail directly you (co)maintain one of the affected packages or a package that depends on one. Please adopt the affected package or retire your depending package to avoid broken dependencies, otherwise your package will be retired when the affected package gets retired. Package (co)maintainers Status Change =========================================================================== amarok orphan, affix, group::kde-sig, 0 weeks ago rdieter budgie orphan, williamjmorenor, zsun 1 weeks ago caml-crush orphan, nmav 6 weeks ago clipit orphan 3 weeks ago jtoaster orphan, tstclair 2 weeks ago mingw-winstorecompat orphan, epienbro, ktietz 3 weeks ago nntpgrab orphan, epienbro 3 weeks ago ocaml-config-file orphan, nmav 6 weeks ago php-IDNA_Convert orphan, ke4qqq 2 weeks ago python-logilab-common orphan, bcl, mrunge 5 weeks ago rubygem-rb-inotify orphan, humaton, mfojtik 2 weeks ago rubygem-sinatra orphan, domcleal, jstribny, mfojtik 2 weeks ago uispec4j orphan 6 weeks ago xfce-bluetooth orphan 7 weeks ago zukitwo orphan 7 weeks ago The following packages require above mentioned packages: Depending on: php-IDNA_Convert (4), status change: 2017-01-06 (2 weeks ago) php-simplepie (maintained by: trasher, ke4qqq, nb) php-simplepie-1.3.1-4.el7.noarch requires php-IDNA_Convert = 0.8.0-2.el7 glpi (maintained by: remi, trasher) glpi-0.90.5-1.el7.noarch requires php-simplepie = 1.3.1-4.el7 moodle (maintained by: limb) moodle-3.1.3-1.el7.noarch requires php-simplepie = 1.3.1-4.el7 wordpress (maintained by: remi) wordpress-4.7-1.el7.noarch requires php-simplepie = 1.3.1-4.el7 Depending on: python-logilab-common (5), status change: 2016-12-16 (5 weeks ago) python-astroid (maintained by: lupinix, bcl, mrunge) python-astroid-1.2.1-2.el7.noarch requires python-logilab-common = 0.62.1-1.el7 python-astroid-1.2.1-2.el7.src requires python-logilab-common = 0.62.1-1.el7 pylint (maintained by: lupinix, bcl, mrunge) pylint-1.3.1-1.el7.noarch requires python-astroid = 1.2.1-2.el7 pylint-1.3.1-1.el7.src requires python-astroid = 1.2.1-2.el7 nordugrid-arc (maintained by: ellert, jonkni) nordugrid-arc-5.2.1-1.el7.src requires pylint = 1.3.1-1.el7 spacewalk-pylint (maintained by: msuchy) spacewalk-pylint-2.2.10-1.el7.noarch requires pylint = 1.3.1-1.el7 arc-gui-clients (maintained by: ellert) arc-gui-clients-0.4.6-9.el7.x86_64 requires libarccommon.so.3()(64bit), libarccommunication.so.3()(64bit), libarccompute.so.3()(64bit), libarccredential.so.3()(64bit), libarccredentialstore.so.3()(64bit), libarccrypto.so.3()(64bit), libarcdata.so.3()(64bit), libarcloader.so.3()(64bit), libarcmessage.so.3()(64bit) Depending on: zukitwo (1), status change: 2016-12-07 (7 weeks ago) cinnamon (maintained by: leigh123linux, besser82, mtwebster, raveit65) cinnamon-2.8.8-2.el7.x86_64 requires zukitwo-gtk2-theme = 20141022-10.el7, zukitwo-gtk3-theme = 20141022-10.el7, zukitwo-metacity-theme = 20141022-10.el7 Affected (co)maintainers affix: amarok bcl: python-logilab-common besser82: zukitwo domcleal: rubygem-sinatra ellert: python-logilab-common epienbro: mingw-winstorecompat, nntpgrab group::kde-sig: amarok humaton: rubygem-rb-inotify jonkni: python-logilab-common jstribny: rubygem-sinatra ke4qqq: php-IDNA_Convert ktietz: mingw-winstorecompat leigh123linux: zukitwo limb: php-IDNA_Convert lupinix: python-logilab-common mfojtik: rubygem-rb-inotify, rubygem-sinatra mrunge: python-logilab-common msuchy: python-logilab-common mtwebster: zukitwo nb: php-IDNA_Convert nmav: ocaml-config-file, caml-crush raveit65: zukitwo rdieter: amarok remi: php-IDNA_Convert trasher: php-IDNA_Convert tstclair: jtoaster williamjmorenor: budgie zsun: budgie Orphans (15): amarok budgie caml-crush clipit jtoaster mingw-winstorecompat nntpgrab ocaml-config-file php-IDNA_Convert python-logilab-common rubygem-rb-inotify rubygem-sinatra uispec4j xfce-bluetooth zukitwo Orphans (dependend on) (3): php-IDNA_Convert python-logilab-common zukitwo Orphans (epel7) for at least 6 weeks (dependend on) (1): zukitwo Orphans (epel7)(not depended on) (12): amarok budgie caml-crush clipit jtoaster mingw-winstorecompat nntpgrab ocaml-config-file rubygem-rb-inotify rubygem-sinatra uispec4j xfce-bluetooth Orphans (epel7) for at least 6 weeks (not dependend on) (4): caml-crush ocaml-config-file uispec4j xfce-bluetooth Depending packages (epel7) (10): arc-gui-clients cinnamon glpi moodle nordugrid-arc php-simplepie pylint python-astroid spacewalk-pylint wordpress Packages depending on packages orphaned (epel7) for more than 6 weeks (1): cinnamon Not found in repo (epel7) (7): budgie caml-crush clipit jtoaster rubygem-rb-inotify rubygem-sinatra uispec4j -- The script creating this output is run and developed by Fedora Release Engineering. Please report issues at its trac instance: https://fedorahosted.org/rel-eng/ The sources of this script can be found at: https://pagure.io/releng/blob/master/f/scripts/find_unblocked_orphans.py

6 years, 8 months

1
0
0 / 0

Orphaned Packages in epel6 (2017-01-27)

by Till Maas

The following packages are orphaned and will be retired when they are orphaned for six weeks, unless someone adopts them. If you know for sure that the package should be retired, please do so now with a proper reason: https://fedoraproject.org/wiki/How_to_remove_a_package_at_end_of_life Note: If you received this mail directly you (co)maintain one of the affected packages or a package that depends on one. Please adopt the affected package or retire your depending package to avoid broken dependencies, otherwise your package will be retired when the affected package gets retired. Package (co)maintainers Status Change =========================================================================== amarok orphan, affix, group::kde- 0 weeks ago sig, rdieter blktap orphan, ke4qqq 2 weeks ago clipit orphan 3 weeks ago deltacloud-core orphan, clalance, mfojtik 2 weeks ago django-authopenid orphan, affix 0 weeks ago ehcache-sizeof-agent orphan, arg, ke4qqq 2 weeks ago hadoop orphan, besser82, coolsvap, 1 weeks ago denisarnaud, matt, moceap, rrati ircd-hybrid orphan, affix, mmahut 0 weeks ago mingw32-gdk-pixbuf orphan, epienbro, rjones, 3 weeks ago sailer mx orphan, bcl, pfj 5 weeks ago nntpgrab orphan, epienbro 3 weeks ago par2cmdline orphan, epienbro 3 weeks ago perl-RT-Extension- orphan, ke4qqq 2 weeks ago CommandByMail php-IDNA_Convert orphan, ke4qqq 2 weeks ago php-channel-htmlpurifier orphan, ke4qqq 2 weeks ago php-fpdf orphan, ke4qqq 2 weeks ago php-gettext orphan, ke4qqq, robert 2 weeks ago php-htmlpurifier- orphan, ke4qqq 2 weeks ago htmlpurifier php-nusoap orphan, ke4qqq 2 weeks ago php-pear-File-Bittorrent2 orphan, ke4qqq 2 weeks ago php-pear-Spreadsheet-Excel- orphan, ke4qqq 2 weeks ago Writer phpFlickr orphan, ke4qqq 2 weeks ago phpesp orphan, ke4qqq 2 weeks ago postal orphan, ke4qqq 2 weeks ago python-logilab-astng orphan, bcl 5 weeks ago python-logilab-common orphan, bcl 5 weeks ago python-pygooglechart orphan, affix 0 weeks ago pywbem orphan, ke4qqq, miminar 2 weeks ago rubygem-gherkin orphan, jstribny, mfojtik 2 weeks ago rubygem-http_connection orphan, mfojtik 2 weeks ago rubygem-json_pure orphan, mfojtik, tdawson 2 weeks ago rubygem-net-ssh orphan, gomix, maxamillion, 2 weeks ago mfojtik rubygem-openstack orphan, mfojtik, 2 weeks ago stevetraylen rubygem-rack-protection orphan, mfojtik 2 weeks ago rubygem-rbvmomi orphan, mfojtik 2 weeks ago rubygem-rerun orphan, jstribny, mfojtik 2 weeks ago sahana orphan, ke4qqq 2 weeks ago spew orphan, ke4qqq 2 weeks ago tint2 orphan 7 weeks ago xenserverjava orphan, ke4qqq 2 weeks ago zikula orphan, ke4qqq 2 weeks ago zikula-module-News orphan, ke4qqq 2 weeks ago The following packages require above mentioned packages: Depending on: mx (53), status change: 2016-12-16 (5 weeks ago) smolt (maintained by: wwoods) smolt-server-1.4.2.2-8.el6.noarch requires mx = 3.1.3-1.el6 tryton (maintained by: sharkcz) tryton-1.8.8-1.el6.noarch requires mx = 3.1.3-1.el6 trytond (maintained by: sharkcz) trytond-1.8.10-1.el6.noarch requires mx = 3.1.3-1.el6 neso (maintained by: sharkcz) neso-1.8.1-1.el6.noarch requires tryton = 1.8.8-1.el6 python-proteus (maintained by: sharkcz) python-proteus-1.8.4-1.el6.noarch requires tryton(kernel) = 1.8 trytond-account (maintained by: sharkcz, heffer) trytond-account-1.8.7-1.el6.noarch requires tryton(kernel) = 1.8 trytond-account-be (maintained by: sharkcz, heffer) trytond-account-be-1.8.0-3.el6.noarch requires tryton(kernel) = 1.8 trytond-account-de-skr03 (maintained by: sharkcz, heffer) trytond-account-de-skr03-1.8.0-3.el6.noarch requires tryton(kernel) = 1.8 trytond-account-invoice (maintained by: sharkcz, heffer) trytond-account-invoice-1.8.1-1.el6.noarch requires tryton(kernel) = 1.8 trytond-account-invoice-history (maintained by: sharkcz, heffer) trytond-account-invoice-history-1.8.0-3.el6.noarch requires tryton(kernel) = 1.8 trytond-account-invoice-line-standalone (maintained by: sharkcz, heffer) trytond-account-invoice-line-standalone-1.8.0-3.el6.noarch requires tryton(kernel) = 1.8 trytond-account-product (maintained by: sharkcz, heffer) trytond-account-product-1.8.0-3.el6.noarch requires tryton(kernel) = 1.8 trytond-account-statement (maintained by: sharkcz, heffer) trytond-account-statement-1.8.2-1.el6.noarch requires tryton(kernel) = 1.8 trytond-analytic-account (maintained by: sharkcz, heffer) trytond-analytic-account-1.8.0-3.el6.noarch requires tryton(kernel) = 1.8 trytond-analytic-invoice (maintained by: sharkcz, heffer) trytond-analytic-invoice-1.8.2-1.el6.noarch requires tryton(kernel) = 1.8 trytond-analytic-purchase (maintained by: sharkcz, heffer) trytond-analytic-purchase-1.8.1-1.el6.noarch requires tryton(kernel) = 1.8 trytond-analytic-sale (maintained by: sharkcz, heffer) trytond-analytic-sale-1.8.1-1.el6.noarch requires tryton(kernel) = 1.8 trytond-calendar (maintained by: sharkcz, heffer) trytond-calendar-1.8.4-1.el6.noarch requires tryton(kernel) = 1.8 trytond-calendar-classification (maintained by: sharkcz, heffer) trytond-calendar-classification-1.8.0-3.el6.noarch requires tryton(kernel) = 1.8 trytond-calendar-scheduling (maintained by: sharkcz, heffer) trytond-calendar-scheduling-1.8.3-1.el6.noarch requires tryton(kernel) = 1.8 trytond-calendar-todo (maintained by: sharkcz, heffer) trytond-calendar-todo-1.8.2-1.el6.noarch requires tryton(kernel) = 1.8 trytond-company (maintained by: sharkcz, heffer) trytond-company-1.8.2-1.el6.noarch requires tryton(kernel) = 1.8 trytond-company-work-time (maintained by: sharkcz, heffer) trytond-company-work-time-1.8.0-3.el6.noarch requires tryton(kernel) = 1.8 trytond-country (maintained by: sharkcz, heffer) trytond-country-1.8.0-3.el6.noarch requires tryton(kernel) = 1.8 trytond-currency (maintained by: sharkcz, heffer) trytond-currency-1.8.0-3.el6.noarch requires tryton(kernel) = 1.8 trytond-dashboard (maintained by: sharkcz, heffer) trytond-dashboard-1.8.0-3.el6.noarch requires tryton(kernel) = 1.8 trytond-google-maps (maintained by: sharkcz, heffer) trytond-google-maps-1.8.0-3.el6.noarch requires tryton(kernel) = 1.8 trytond-google-translate (maintained by: sharkcz, heffer) trytond-google-translate-1.8.0-3.el6.noarch requires tryton(kernel) = 1.8 trytond-ldap-authentication (maintained by: sharkcz, heffer) trytond-ldap-authentication-1.8.1-1.el6.noarch requires tryton(kernel) = 1.8 trytond-ldap-connection (maintained by: sharkcz, heffer) trytond-ldap-connection-1.8.0-3.el6.noarch requires tryton(kernel) = 1.8 trytond-party (maintained by: sharkcz, heffer) trytond-party-1.8.2-1.el6.noarch requires tryton(kernel) = 1.8 trytond-party-siret (maintained by: sharkcz, heffer) trytond-party-siret-1.8.1-1.el6.noarch requires tryton(kernel) = 1.8 trytond-party-vcarddav (maintained by: sharkcz, heffer) trytond-party-vcarddav-1.8.2-1.el6.noarch requires tryton(kernel) = 1.8 trytond-product (maintained by: sharkcz, heffer) trytond-product-1.8.1-1.el6.noarch requires tryton(kernel) = 1.8 trytond-product-cost-fifo (maintained by: sharkcz, heffer) trytond-product-cost-fifo-1.8.2-1.el6.noarch requires tryton(kernel) = 1.8 trytond-product-cost-history (maintained by: sharkcz, heffer) trytond-product-cost-history-1.8.1-1.el6.noarch requires tryton(kernel) = 1.8 trytond-product-price-list (maintained by: sharkcz, heffer) trytond-product-price-list-1.8.1-1.el6.noarch requires tryton(kernel) = 1.8 trytond-project (maintained by: sharkcz, heffer) trytond-project-1.8.3-1.el6.noarch requires tryton(kernel) = 1.8 trytond-project-plan (maintained by: sharkcz, heffer) trytond-project-plan-1.8.3-1.el6.noarch requires tryton(kernel) = 1.8 trytond-project-revenue (maintained by: sharkcz, heffer) trytond-project-revenue-1.8.3-1.el6.noarch requires tryton(kernel) = 1.8 trytond-purchase (maintained by: sharkcz, heffer) trytond-purchase-1.8.6-1.el6.noarch requires tryton(kernel) = 1.8 trytond-purchase-invoice-line-standalone (maintained by: sharkcz, heffer) trytond-purchase-invoice-line-standalone-1.8.0-3.el6.noarch requires tryton(kernel) = 1.8 trytond-sale (maintained by: sharkcz, heffer) trytond-sale-1.8.5-1.el6.noarch requires tryton(kernel) = 1.8 trytond-sale-opportunity (maintained by: sharkcz, heffer) trytond-sale-opportunity-1.8.4-1.el6.noarch requires tryton(kernel) = 1.8 trytond-sale-price-list (maintained by: sharkcz, heffer) trytond-sale-price-list-1.8.0-3.el6.noarch requires tryton(kernel) = 1.8 trytond-stock (maintained by: sharkcz, heffer) trytond-stock-1.8.5-1.el6.noarch requires tryton(kernel) = 1.8 trytond-stock-forecast (maintained by: sharkcz, heffer) trytond-stock-forecast-1.8.1-1.el6.noarch requires tryton(kernel) = 1.8 trytond-stock-inventory-location (maintained by: sharkcz, heffer) trytond-stock-inventory-location-1.8.0-3.el6.noarch requires tryton(kernel) = 1.8 trytond-stock-location-sequence (maintained by: sharkcz, heffer) trytond-stock-location-sequence-1.8.0-3.el6.noarch requires tryton(kernel) = 1.8 trytond-stock-product-location (maintained by: sharkcz, heffer) trytond-stock-product-location-1.8.0-3.el6.noarch requires tryton(kernel) = 1.8 trytond-stock-supply (maintained by: sharkcz, heffer) trytond-stock-supply-1.8.4-1.el6.noarch requires tryton(kernel) = 1.8 trytond-stock-supply-day (maintained by: sharkcz, heffer) trytond-stock-supply-day-1.8.2-1.el6.noarch requires tryton(kernel) = 1.8 trytond-timesheet (maintained by: sharkcz, heffer) trytond-timesheet-1.8.2-1.el6.noarch requires tryton(kernel) = 1.8 Too many dependencies for mx, not all listed here Depending on: par2cmdline (1), status change: 2017-01-05 (3 weeks ago) dar (maintained by: lbazan) dar-2.4.18-1.el6.x86_64 requires par2cmdline = 0.4.tbb.20100203-3.el6 Depending on: php-IDNA_Convert (3), status change: 2017-01-06 (2 weeks ago) php-simplepie (maintained by: trasher, ke4qqq, nb) php-simplepie-1.3.1-3.el6.noarch requires php-IDNA_Convert = 0.8.0-1.el6 wordpress (maintained by: remi) wordpress-4.7-1.el6.noarch requires php-simplepie = 1.3.1-3.el6 wordpress-plugin-bad-behavior (maintained by: nb) wordpress-plugin-bad-behavior-2.2.13-1.el6.noarch requires wordpress = 4.7-1.el6 Depending on: php-fpdf (1), status change: 2017-01-06 (2 weeks ago) phoronix-test-suite (maintained by: lotharlutz) phoronix-test-suite-6.6.0-1.el6.noarch requires php-fpdf = 1.6-4.el6 Depending on: python-logilab-common (6), status change: 2016-12-16 (5 weeks ago) python-astroid (maintained by: lupinix, bcl, mrunge) python-astroid-1.2.1-2.el6.noarch requires python-logilab-common = 0.62.1-2.el6 python-astroid-1.2.1-2.el6.src requires python-logilab-common = 0.62.1-2.el6 pylint (maintained by: lupinix, bcl) pylint-1.3.1-1.el6.noarch requires python-astroid = 1.2.1-2.el6 pylint-1.3.1-1.el6.src requires python-astroid = 1.2.1-2.el6 django-lint (maintained by: mrunge) django-lint-0.13-5.el6.noarch requires pylint = 1.3.1-1.el6 nordugrid-arc (maintained by: ellert, jonkni) nordugrid-arc-5.2.1-1.el6.src requires pylint = 1.3.1-1.el6 spacewalk-pylint (maintained by: msuchy) spacewalk-pylint-0.5-1.el6.noarch requires pylint = 1.3.1-1.el6 arc-gui-clients (maintained by: ellert) arc-gui-clients-0.4.6-9.el6.x86_64 requires libarccommon.so.3()(64bit), libarccommunication.so.3()(64bit), libarccompute.so.3()(64bit), libarccredential.so.3()(64bit), libarccredentialstore.so.3()(64bit), libarccrypto.so.3()(64bit), libarcdata.so.3()(64bit), libarcloader.so.3()(64bit), libarcmessage.so.3()(64bit) Depending on: rubygem-json_pure (1), status change: 2017-01-12 (2 weeks ago) rubygem-jgrep (maintained by: domcleal, lkundrak) rubygem-jgrep-1.4.1-1.el6.noarch requires rubygem(json_pure) = 1.6.3 Affected (co)maintainers affix: ircd-hybrid, python-pygooglechart, django-authopenid, amarok arg: ehcache-sizeof-agent bcl: python-logilab-common, mx, python-logilab-astng besser82: hadoop clalance: deltacloud-core coolsvap: hadoop denisarnaud: hadoop domcleal: rubygem-json_pure ellert: python-logilab-common epienbro: par2cmdline, mingw32-gdk-pixbuf, nntpgrab gomix: rubygem-net-ssh group::kde-sig: amarok heffer: mx jonkni: python-logilab-common jstribny: rubygem-rerun, rubygem-gherkin ke4qqq: sahana, php-fpdf, postal, php-pear-Spreadsheet-Excel-Writer, zikula, php-IDNA_Convert, php-channel-htmlpurifier, spew, phpesp, phpFlickr, xenserverjava, pywbem, php-htmlpurifier-htmlpurifier, php-pear-File-Bittorrent2, ehcache-sizeof-agent, php-gettext, blktap, perl-RT-Extension-CommandByMail, zikula-module-News, php-nusoap lbazan: par2cmdline lkundrak: rubygem-json_pure lotharlutz: php-fpdf lupinix: python-logilab-common matt: hadoop maxamillion: rubygem-net-ssh mfojtik: deltacloud-core, rubygem-openstack, rubygem-rbvmomi, rubygem-rack-protection, rubygem-rerun, rubygem-http_connection, rubygem-json_pure, rubygem-net-ssh, rubygem-gherkin miminar: pywbem mmahut: ircd-hybrid moceap: hadoop mrunge: python-logilab-common msuchy: python-logilab-common nb: php-IDNA_Convert pfj: mx rdieter: amarok remi: php-IDNA_Convert rjones: mingw32-gdk-pixbuf robert: php-gettext rrati: hadoop sailer: mingw32-gdk-pixbuf sharkcz: mx stevetraylen: rubygem-openstack tdawson: rubygem-json_pure trasher: php-IDNA_Convert wwoods: mx Orphans (42): amarok blktap clipit deltacloud-core django-authopenid ehcache-sizeof-agent hadoop ircd-hybrid mingw32-gdk-pixbuf mx nntpgrab par2cmdline perl-RT-Extension-CommandByMail php-IDNA_Convert php-channel-htmlpurifier php-fpdf php-gettext php-htmlpurifier-htmlpurifier php-nusoap php-pear-File-Bittorrent2 php-pear-Spreadsheet-Excel-Writer phpFlickr phpesp postal python-logilab-astng python-logilab-common python-pygooglechart pywbem rubygem-gherkin rubygem-http_connection rubygem-json_pure rubygem-net-ssh rubygem-openstack rubygem-rack-protection rubygem-rbvmomi rubygem-rerun sahana spew tint2 xenserverjava zikula zikula-module-News Orphans (dependend on) (6): mx par2cmdline php-IDNA_Convert php-fpdf python-logilab-common rubygem-json_pure Orphans (epel6) for at least 6 weeks (dependend on) (0): Orphans (epel6)(not depended on) (36): amarok blktap clipit deltacloud-core django-authopenid ehcache-sizeof-agent hadoop ircd-hybrid mingw32-gdk-pixbuf nntpgrab perl-RT-Extension-CommandByMail php-channel-htmlpurifier php-gettext php-htmlpurifier-htmlpurifier php-nusoap php-pear-File-Bittorrent2 php-pear-Spreadsheet-Excel-Writer phpFlickr phpesp postal python-logilab-astng python-pygooglechart pywbem rubygem-gherkin rubygem-http_connection rubygem-net-ssh rubygem-openstack rubygem-rack-protection rubygem-rbvmomi rubygem-rerun sahana spew tint2 xenserverjava zikula zikula-module-News Orphans (epel6) for at least 6 weeks (not dependend on) (1): tint2 Depending packages (epel6) (65): arc-gui-clients dar django-lint neso nordugrid-arc phoronix-test-suite php-simplepie pylint python-astroid python-proteus rubygem-jgrep smolt spacewalk-pylint tryton trytond trytond-account trytond-account-be trytond-account-de-skr03 trytond-account-invoice trytond-account-invoice-history trytond-account-invoice-line-standalone trytond-account-product trytond-account-statement trytond-analytic-account trytond-analytic-invoice trytond-analytic-purchase trytond-analytic-sale trytond-calendar trytond-calendar-classification trytond-calendar-scheduling trytond-calendar-todo trytond-company trytond-company-work-time trytond-country trytond-currency trytond-dashboard trytond-google-maps trytond-google-translate trytond-ldap-authentication trytond-ldap-connection trytond-party trytond-party-siret trytond-party-vcarddav trytond-product trytond-product-cost-fifo trytond-product-cost-history trytond-product-price-list trytond-project trytond-project-plan trytond-project-revenue trytond-purchase trytond-purchase-invoice-line-standalone trytond-sale trytond-sale-opportunity trytond-sale-price-list trytond-stock trytond-stock-forecast trytond-stock-inventory-location trytond-stock-location-sequence trytond-stock-product-location trytond-stock-supply trytond-stock-supply-day trytond-timesheet wordpress wordpress-plugin-bad-behavior Packages depending on packages orphaned (epel6) for more than 6 weeks (0): Not found in repo (epel6) (24): amarok blktap deltacloud-core ehcache-sizeof-agent hadoop mingw32-gdk-pixbuf php-gettext php-htmlpurifier-htmlpurifier php-nusoap php-pear-File-Bittorrent2 php-pear-Spreadsheet-Excel-Writer phpFlickr phpesp postal python-pygooglechart pywbem rubygem-gherkin rubygem-net-ssh rubygem-openstack rubygem-rack-protection rubygem-rbvmomi rubygem-rerun sahana zikula-module-News -- The script creating this output is run and developed by Fedora Release Engineering. Please report issues at its trac instance: https://fedorahosted.org/rel-eng/ The sources of this script can be found at: https://pagure.io/releng/blob/master/f/scripts/find_unblocked_orphans.py

6 years, 8 months

1
0
0 / 0

Fedora EPEL 7 updates-testing report

by updates＠fedoraproject.org

The following Fedora EPEL 7 Security updates need testing: Age URL 690 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 452 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 171 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-23fa04bf1c redis-3.2.3-1.el7 154 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8f4ff76b3 chicken-4.11.0-3.el7 34 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-f1acebb58b wordpress-4.7.1-1.el7 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6ee140a6d3 fedmsg-0.18.2-1.el7 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6e3dadcb1d pdns-recursor-3.7.4-1.el7 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-9bcc7b6164 mingw-nsis-3.01-1.el7 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-ad7467bd9c pdns-3.4.11-1.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8cb1dcd776 python-crypto-2.6.1-13.el7 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-09ddf72aaa percona-xtrabackup-2.3.6-1.el7 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-cd2af02aae rabbitmq-server-3.3.5-31.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8533f605ab bubblewrap-0.1.7-1.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-555b5847ec drupal7-title-1.0-0.7.alpha9.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7fb94fc97a exim-4.88-3.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-b498a4859e moodle-3.1.4-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing beakerlib-1.15-1.el7 configsnap-0.11-2.el7 fedfind-3.4.0-1.el7 jetbrains-annotations-15.0-3.el7 python-webpy-0.37-8.el7 rkhunter-1.4.2-8.el7 Details about builds: ================================================================================ beakerlib-1.15-1.el7 (FEDORA-EPEL-2017-75dc7aea30) A shell-level integration testing library -------------------------------------------------------------------------------- Update Information: added rlIsCentOS similar to rlIsRHEL, bz1214190; added missing dependencies, bz1391969; make rlRun use internal variables with more unique name, bz1285804; fix rlRun exitcodes while using various switches, bz1303900; rlFileRestore now better distinquish betwwen various errorneous situations, bz1370453; rlService* won't be blocked be less(1) while systemctl redirection is in place, bz1383303; variable <libPrefix\>LibraryDir variable is created for all imported libraries, holding the path to the library source, bz1074487; all logging messages are now printed to stderr, bz1171881; wildcard %doc inclusion in spec, bz1206173; prevent unbound variables, bz1228264; new functions rlServiceEnabled/rlServiceDisable for enabling/disabling services, bz1234804; updated documentation for rlImport -all, bz1246061; rlAssertNotEquals now accept empty argument, bz1303618; rlRun now uses better filename for output log, bz1314700; fixed cosmetic discrepancy in log output, bz1374256; added documentation reference for bkrdoc, bz843823; added documentation of the testwatcher feature, bz1218169; rlServiceRestore can restore all saved services in no parameter provided, bz494318; rlCheckMount take mount options (ro/rw) into consideration, bz1191627; added documentation for LOG_LEVEL variable, bz581816 -------------------------------------------------------------------------------- ================================================================================ configsnap-0.11-2.el7 (FEDORA-EPEL-2017-454e58d905) Record and compare system state -------------------------------------------------------------------------------- Update Information: Updated spec according to Fedora Guidelines -------------------------------------------------------------------------------- References: [ 1 ] Bug #1406786 - Review Request: configsnap - Record and compare system state https://bugzilla.redhat.com/show_bug.cgi?id=1406786 -------------------------------------------------------------------------------- ================================================================================ fedfind-3.4.0-1.el7 (FEDORA-EPEL-2017-46580dcf29) Fedora Finder finds Fedora -------------------------------------------------------------------------------- Update Information: This update provides a new version of fedfind with support for the new stable nightly Docker composes (they contain only Docker base images for a couple of arches), a new `get_current_stables` helper that returns a list of current stable Fedora release numbers, `url` and `direct_url` entries in the image dicts provided by `all_images`, and a couple of fixes for the live respin release handling. -------------------------------------------------------------------------------- ================================================================================ jetbrains-annotations-15.0-3.el7 (FEDORA-EPEL-2017-0dfa52c8f6) IntelliJ IDEA Annotations -------------------------------------------------------------------------------- Update Information: regenerate build-requires -------------------------------------------------------------------------------- ================================================================================ python-webpy-0.37-8.el7 (FEDORA-EPEL-2017-0ee0706ff9) A simple web framework for Python -------------------------------------------------------------------------------- Update Information: https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_... s -------------------------------------------------------------------------------- References: [ 1 ] Bug #1416370 - python-webpy on epel7 https://bugzilla.redhat.com/show_bug.cgi?id=1416370 -------------------------------------------------------------------------------- ================================================================================ rkhunter-1.4.2-8.el7 (FEDORA-EPEL-2017-a9679aec00) A host-based tool to scan for rootkits, backdoors and local exploits -------------------------------------------------------------------------------- Update Information: - Add /dev/shm/qb* files to whitelist (bug #1403602 ) - Add /dev/shm/squid- ssl_session_cache.shm to whitelist (bug #1411130). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1403602 - rkhunter should not report pcsd/pacemaker/corosync in files /dev/shm/qb-* as suspicious https://bugzilla.redhat.com/show_bug.cgi?id=1403602 [ 2 ] Bug #1411130 - suspicious warnings on fresh installed system https://bugzilla.redhat.com/show_bug.cgi?id=1411130 --------------------------------------------------------------------------------

6 years, 8 months

1
0
0 / 0

Fedora EPEL 5 updates-testing report

by updates＠fedoraproject.org

The following Fedora EPEL 5 Security updates need testing: Age URL 809 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-3849 sblim-sfcb-1.3.8-2.el5 452 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-edbea40516 mcollective-2.8.4-1.el5 424 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-582c8075e6 thttpd-2.25b-24.el5 34 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-ce45574ab6 libbsd-0.8.3-2.el5 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e541856e99 wordpress-4.7.1-1.el5 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-cfdd99a20e opus-1.0.3-2.el5 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-9ec4289f01 python-crypto-2.0.1-6.el5 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6060d622d3 irssi-0.8.21-1.el5 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-58347aa9ad libesmtp-1.0.4-8.el5 The following builds have been pushed to Fedora EPEL 5 updates-testing beakerlib-1.15-1.el5 Details about builds: ================================================================================ beakerlib-1.15-1.el5 (FEDORA-EPEL-2017-ceddd1e30c) A shell-level integration testing library -------------------------------------------------------------------------------- Update Information: added rlIsCentOS similar to rlIsRHEL, bz1214190; added missing dependencies, bz1391969; make rlRun use internal variables with more unique name, bz1285804; fix rlRun exitcodes while using various switches, bz1303900; rlFileRestore now better distinquish betwwen various errorneous situations, bz1370453; rlService* won't be blocked be less(1) while systemctl redirection is in place, bz1383303; variable <libPrefix\>LibraryDir variable is created for all imported libraries, holding the path to the library source, bz1074487; all logging messages are now printed to stderr, bz1171881; wildcard %doc inclusion in spec, bz1206173; prevent unbound variables, bz1228264; new functions rlServiceEnabled/rlServiceDisable for enabling/disabling services, bz1234804; updated documentation for rlImport -all, bz1246061; rlAssertNotEquals now accept empty argument, bz1303618; rlRun now uses better filename for output log, bz1314700; fixed cosmetic discrepancy in log output, bz1374256; added documentation reference for bkrdoc, bz843823; added documentation of the testwatcher feature, bz1218169; rlServiceRestore can restore all saved services in no parameter provided, bz494318; rlCheckMount take mount options (ro/rw) into consideration, bz1191627; added documentation for LOG_LEVEL variable, bz581816 --------------------------------------------------------------------------------

6 years, 8 months

1
0
0 / 0

EPEL-ANNOUNCE ansible1.9 retirement

by Kevin Fenzi

Greetings. When ansible 2.0 was released there were some changes in playbook handling made. For this reason, we created a backwards compatible package with ansible 1.9 to ease the transition for those that needed more time to adjust their playbooks. Late last year it looked like there would be a final release in the 1.9 series addressing some security issues. However, the most recent round of security issues found in 2.x are difficult to impossible to backport to 1.9 so there will not be a final 1.9 release. Since it has now been 1 year since ansible 2.0 was released, and since ansible 1.9 has known security vulnerabilities, backporting fixes is impossible, we will be retiring the ansible1.9 package from EPEL. All ansible 1.9 users are urged to update to 2.x as soon as possible. kevin _______________________________________________ epel-announce mailing list -- epel-announce(a)lists.fedoraproject.org To unsubscribe send an email to epel-announce-leave(a)lists.fedoraproject.org

6 years, 8 months

4
5
0 / 0

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

epel-devel January 2017