Fedora EPEL 7 updates-testing report
by updates@fedoraproject.org
The following Fedora EPEL 7 Security updates need testing:
Age URL
907 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7
669 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7
251 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7
149 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d241156dfe mod_cluster-1.3.3-10.el7
147 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5f9a6163b4 tnef-1.4.14-1.el7
146 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-7ecb12e378 python-XStatic-jquery-ui-1.12.0.1-1.el7
49 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-47be021843 heimdal-7.4.0-1.el7
13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5344219d81 bodhi-2.9.1-1.el7
13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-17b77b3268 botan-1.10.16-1.el7
13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-07d2039ffa redis-3.2.10-2.el7
11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-a8c25bd6d7 exim-4.89-2.el7
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-fc1436acf8 dnsdist-1.2.0-1.el7
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-9a8c22eb51 cacti-1.1.19-1.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-40114bdc74 mbedtls-2.6.0-1.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8f80d01c29 chromium-60.0.3112.113-2.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-9c2a089ab4 libidn2-2.0.4-1.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-f159ad2ec9 mingw-libidn2-2.0.4-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
aisleriot-3.22.2-1.el7
am-utils-6.2.0-27.el7
audacious-3.9-1.el7
audacious-plugins-3.9-1.el7
chromium-60.0.3112.113-2.el7
golang-github-cheggaaa-pb-1.0.12-0.1.git9a180eb.el7
gthumb-3.3.4-1.el7
libburn1-1.4.6-5.el7
libidn2-2.0.4-1.el7
libisoburn-1.4.6-7.el7
mbedtls-2.6.0-1.el7
mingw-libidn2-2.0.4-1.el7
no-more-secrets-0.3.2-3.el7
ocaml-opam-file-format-2.0.0-0.2.beta3.el7
pdc-updater-0.6.1-1.el7
perl-generators-1.08-6.el7
php-PHPMailer-5.2.25-1.el7
php-behat-gherkin-4.4.5-1.el7
php-codeception-verify-0.4.0-1.el7
php-dflydev-dot-access-data-1.1.0-2.el7
php-flow-jsonpath-0.3.4-1.el7
php-henrikbjorn-lurker-1.2.0-1.el7
php-horde-Horde-Compress-2.2.1-1.el7
php-horde-Horde-Core-2.30.2-1.el7
php-horde-Horde-Date-2.4.1-1.el7
php-horde-Horde-Imap-Client-2.29.15-1.el7
php-horde-Horde-Mime-Viewer-2.2.2-1.el7
php-jakubledl-dissect-1.0.1-1.el7
php-league-container-2.4.1-1.el7
php-pear-crypt-gpg-1.6.1-1.el7
php-symfony-polyfill-1.5.0-1.el7
php-zetacomponents-document-1.3.1-1.el7
purple-discord-0-11.20170829git9115bd2.el7
purple-facebook-0.9.5-1.9ff9acf9fa14.el7
python-ansible-tower-cli-3.1.7-1.el7
python-incremental-17.5.0-1.el7
python-iso8601-0.1.11-7.el7
python-jupyter-core-4.3.0-1.el7
python-markdown-2.4.1-2.el7
python-nbformat-4.4.0-1.el7
python-pretend-1.0.8-3.el7
python3-pyasn1-0.1.9-1.el7
python3-pytz-2017.2-1.el7
python3-virtualenv-15.1.0-1.el7
rubygem-rack-attack-5.0.1-1.el7
rubygem-yell-2.0.7-2.el7
sasutils-0.3.9-1.el7
workrave-1.10.16-1.el7
xrootd-4.7.0-1.el7
Details about builds:
================================================================================
aisleriot-3.22.2-1.el7 (FEDORA-EPEL-2017-7953c407be)
A collection of card games
--------------------------------------------------------------------------------
Update Information:
Initial aisleriot build for EPEL 7.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1319320 - /usr/bin/sol segfaults at startup
https://bugzilla.redhat.com/show_bug.cgi?id=1319320
--------------------------------------------------------------------------------
================================================================================
am-utils-6.2.0-27.el7 (FEDORA-EPEL-2017-deaaf29a53)
Automount utilities including an updated version of Amd
--------------------------------------------------------------------------------
Update Information:
- fix nfsv3 fh length in NFS_FH_DREF().
--------------------------------------------------------------------------------
================================================================================
audacious-3.9-1.el7 (FEDORA-EPEL-2017-ce4699fc75)
Advanced audio player
--------------------------------------------------------------------------------
Update Information:
Audacious 3.9 ============= Qt UI enhancements ------------------ * More
configurable main window, with new View menu and additional options in Settings
(#657) * Full drag-and-drop capability for playlist entries * Configurable
playlist columns (add, remove, resize, and rearrange) * New controls for
stream recording * Improved playlist search bar, which hides until Control+F
is pressed, matches results more intelligently, and even mimics the keyboard
controls of the old 'Jump to Song' dialog * Integrated menu items and keyboard
shortcuts for the Playlist Manager and Search Tool * More detailed yet
unobtrusive reporting of errors via the status bar * Visual indication when
'Stop After This Song' is active, by making the stop button a toggle * Better
high-DPI support and many other cosmetic fixes Usability improvements
---------------------- * A Comments column can be displayed in the playlist,
and used to sort it (#560) * Bold, italics, and capitals highlight different
types of results in the GTK+ version of the Search Tool (#701) * The Record
button is hidden to prevent accidental usage until recording is enabled in
Settings (#703) * Recording settings can be changed without immediately
starting to record the currently playing stream * The unhelpful "Unknown
playback error" message has been removed Advanced features -----------------
* audtool gains better support for multiple playlists with the --select-
displayed and --select-playing commands (#609) * Recursive adding of folders
specified in M3U playlists (#731) * Direct output to ALSA devices that require
packed 24-bit audio * Automatic switching between track and album ReplayGain
modes when shuffle is enabled/disabled * Option in Speed and Pitch effect to
adjust both parameters in lockstep, thereby preventing distortion Under the
hood -------------- * Conversion of a substantial amount of C-like code to
safer C++ practices * For the Windows build, an update to the newer MinGW-w64
toolchain (still 32-bit) Bugs fixed since 3.8.2 ---------------------- *
'Critical error' message dialogs displayed by Windows are inhibited (#712) *
Scrobbler URLs are no longer presented in a useless shortened form (#716) *
album-artist was missing from the list of available custom title formats and has
been added (#722) * Error and progress dialogs were missing and have been
added in the Qt version of the skinned UI * A startup notification is now sent
when Audacious is started with only the status icon visible
--------------------------------------------------------------------------------
================================================================================
audacious-plugins-3.9-1.el7 (FEDORA-EPEL-2017-ce4699fc75)
Plugins for the Audacious audio player
--------------------------------------------------------------------------------
Update Information:
Audacious 3.9 ============= Qt UI enhancements ------------------ * More
configurable main window, with new View menu and additional options in Settings
(#657) * Full drag-and-drop capability for playlist entries * Configurable
playlist columns (add, remove, resize, and rearrange) * New controls for
stream recording * Improved playlist search bar, which hides until Control+F
is pressed, matches results more intelligently, and even mimics the keyboard
controls of the old 'Jump to Song' dialog * Integrated menu items and keyboard
shortcuts for the Playlist Manager and Search Tool * More detailed yet
unobtrusive reporting of errors via the status bar * Visual indication when
'Stop After This Song' is active, by making the stop button a toggle * Better
high-DPI support and many other cosmetic fixes Usability improvements
---------------------- * A Comments column can be displayed in the playlist,
and used to sort it (#560) * Bold, italics, and capitals highlight different
types of results in the GTK+ version of the Search Tool (#701) * The Record
button is hidden to prevent accidental usage until recording is enabled in
Settings (#703) * Recording settings can be changed without immediately
starting to record the currently playing stream * The unhelpful "Unknown
playback error" message has been removed Advanced features -----------------
* audtool gains better support for multiple playlists with the --select-
displayed and --select-playing commands (#609) * Recursive adding of folders
specified in M3U playlists (#731) * Direct output to ALSA devices that require
packed 24-bit audio * Automatic switching between track and album ReplayGain
modes when shuffle is enabled/disabled * Option in Speed and Pitch effect to
adjust both parameters in lockstep, thereby preventing distortion Under the
hood -------------- * Conversion of a substantial amount of C-like code to
safer C++ practices * For the Windows build, an update to the newer MinGW-w64
toolchain (still 32-bit) Bugs fixed since 3.8.2 ---------------------- *
'Critical error' message dialogs displayed by Windows are inhibited (#712) *
Scrobbler URLs are no longer presented in a useless shortened form (#716) *
album-artist was missing from the list of available custom title formats and has
been added (#722) * Error and progress dialogs were missing and have been
added in the Qt version of the skinned UI * A startup notification is now sent
when Audacious is started with only the status icon visible
--------------------------------------------------------------------------------
================================================================================
chromium-60.0.3112.113-2.el7 (FEDORA-EPEL-2017-8f80d01c29)
A WebKit (Blink) powered web browser
--------------------------------------------------------------------------------
Update Information:
Update to 60.0.3112.113. Added support for aarch64 (except on EPEL7). ----
Update to 60.0.3112.101. Apply upstream fix for cameras reporting 0x0 resolution
formats. ---- Chromium 60. Security fix for CVE-2017-5091, CVE-2017-5092,
CVE-2017-5093, CVE-2017-5094, CVE-2017-5095, CVE-2017-5096, CVE-2017-5097,
CVE-2017-5098, CVE-2017-5099, CVE-2017-5100, CVE-2017-5101, CVE-2017-5102,
CVE-2017-5103, CVE-2017-5104, CVE-2017-7000, CVE-2017-5105, CVE-2017-5106,
CVE-2017-5107, CVE-2017-5108, CVE-2017-5109, CVE-2017-5110. New subpackage
-headless.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1475213 - CVE-2017-5110 chromium-browser: ui spoofing in payments dialog
https://bugzilla.redhat.com/show_bug.cgi?id=1475213
[ 2 ] Bug #1475212 - CVE-2017-5109 chromium-browser: ui spoofing in browser
https://bugzilla.redhat.com/show_bug.cgi?id=1475212
[ 3 ] Bug #1475211 - CVE-2017-5108 chromium-browser: type confusion in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1475211
[ 4 ] Bug #1475210 - CVE-2017-5107 chromium-browser: user information leak via svg
https://bugzilla.redhat.com/show_bug.cgi?id=1475210
[ 5 ] Bug #1475209 - CVE-2017-5106 chromium-browser: url spoofing in omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1475209
[ 6 ] Bug #1475208 - CVE-2017-5105 chromium-browser: url spoofing in omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1475208
[ 7 ] Bug #1475207 - CVE-2017-7000 chromium-browser: pointer disclosure in sqlite
https://bugzilla.redhat.com/show_bug.cgi?id=1475207
[ 8 ] Bug #1475206 - CVE-2017-5104 chromium-browser: ui spoofing in browser
https://bugzilla.redhat.com/show_bug.cgi?id=1475206
[ 9 ] Bug #1475205 - CVE-2017-5103 chromium-browser: uninitialized use in skia
https://bugzilla.redhat.com/show_bug.cgi?id=1475205
[ 10 ] Bug #1475204 - CVE-2017-5102 chromium-browser: uninitialized use in skia
https://bugzilla.redhat.com/show_bug.cgi?id=1475204
[ 11 ] Bug #1475203 - CVE-2017-5101 chromium-browser: url spoofing in omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1475203
[ 12 ] Bug #1475202 - CVE-2017-5100 chromium-browser: use after free in chrome apps
https://bugzilla.redhat.com/show_bug.cgi?id=1475202
[ 13 ] Bug #1475201 - CVE-2017-5099 chromium-browser: out-of-bounds write in ppapi
https://bugzilla.redhat.com/show_bug.cgi?id=1475201
[ 14 ] Bug #1475200 - CVE-2017-5098 chromium-browser: use after free in v8
https://bugzilla.redhat.com/show_bug.cgi?id=1475200
[ 15 ] Bug #1475199 - CVE-2017-5097 chromium-browser: out-of-bounds read in skia
https://bugzilla.redhat.com/show_bug.cgi?id=1475199
[ 16 ] Bug #1475198 - CVE-2017-5096 chromium-browser: user information leak via android intents
https://bugzilla.redhat.com/show_bug.cgi?id=1475198
[ 17 ] Bug #1475197 - CVE-2017-5095 chromium-browser: out-of-bounds write in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1475197
[ 18 ] Bug #1475196 - CVE-2017-5094 chromium-browser: type confusion in extensions
https://bugzilla.redhat.com/show_bug.cgi?id=1475196
[ 19 ] Bug #1475195 - CVE-2017-5093 chromium-browser: ui spoofing in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1475195
[ 20 ] Bug #1475194 - CVE-2017-5092 chromium-browser: use after free in ppapi
https://bugzilla.redhat.com/show_bug.cgi?id=1475194
[ 21 ] Bug #1475193 - CVE-2017-5091 chromium-browser: use after free in indexeddb
https://bugzilla.redhat.com/show_bug.cgi?id=1475193
--------------------------------------------------------------------------------
================================================================================
golang-github-cheggaaa-pb-1.0.12-0.1.git9a180eb.el7 (FEDORA-EPEL-2017-9a96f99c41)
Console progress bar for Golang
--------------------------------------------------------------------------------
Update Information:
Bump to upstream 9a180eb4617eb2112e01ca3fa25c61a6303afcaf ---- Polish the spec
file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1440773 - golang-github-cheggaaa-pb is outdated and needs to be updated to latest upstream
https://bugzilla.redhat.com/show_bug.cgi?id=1440773
[ 2 ] Bug #1405557 - Tracker for golang-github-cheggaaa-pb
https://bugzilla.redhat.com/show_bug.cgi?id=1405557
--------------------------------------------------------------------------------
================================================================================
gthumb-3.3.4-1.el7 (FEDORA-EPEL-2017-a4375b711e)
Image viewer, editor, organizer
--------------------------------------------------------------------------------
Update Information:
gthumb is an application for viewing, editing, and organizing collections of
images.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1358504 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1358504
--------------------------------------------------------------------------------
================================================================================
libburn1-1.4.6-5.el7 (FEDORA-EPEL-2017-f1a4921ad4)
Library for reading, mastering and writing optical discs
--------------------------------------------------------------------------------
Update Information:
Libburn is a library by which preformatted data get onto optical media: CD, DVD
and BD (Blu-Ray). It also offers a facility for reading data blocks from its
drives without using the normal block device I/O, which has advantages and
disadvantages. It seems appropriate, nevertheless, to do writing and reading via
same channel. On several Linux systems, the block device driver needs reloading
of the drive tray in order to make available freshly written data. The libburn
read function does not need such a reload. The code of libburn is independent of
cdrecord.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #750009 - Review Request: libburn1 - Library for reading, mastering and writing optical discs
https://bugzilla.redhat.com/show_bug.cgi?id=750009
--------------------------------------------------------------------------------
================================================================================
libidn2-2.0.4-1.el7 (FEDORA-EPEL-2017-9c2a089ab4)
Library to support IDNA2008 internationalized domain names
--------------------------------------------------------------------------------
Update Information:
Libidn2 2.0.4 (released 2017-08-30) =================================== * Fix
integer overflow in bidi.c/_isBidi() * Fix integer overflow in
puny_decode.c/decode_digit() * Improve docs * Fix idna_free() to idn_free()
* Update fuzzer corpora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1486882 - libidn2: in puny_decode.c/decode_digit
https://bugzilla.redhat.com/show_bug.cgi?id=1486882
[ 2 ] Bug #1486881 - libidn2: integer overflow in bidi.c/_isBidi()
https://bugzilla.redhat.com/show_bug.cgi?id=1486881
--------------------------------------------------------------------------------
================================================================================
libisoburn-1.4.6-7.el7 (FEDORA-EPEL-2017-8877509220)
Library to enable creation and expansion of ISO-9660 filesystems
--------------------------------------------------------------------------------
Update Information:
Libisoburn is a front-end for libraries libburn and libisofs which enables
creation and expansion of ISO-9660 filesystems on all CD/DVD/BD media supported
by libburn. This includes media like DVD+RW, which do not support multi-session
management on media level and even plain disk files or block devices. Price for
that is thorough specialization on data files in ISO-9660 filesystem images. And
so libisoburn is not suitable for audio (CD-DA) or any other CD layout which
does not entirely consist of ISO-9660 sessions.
--------------------------------------------------------------------------------
================================================================================
mbedtls-2.6.0-1.el7 (FEDORA-EPEL-2017-40114bdc74)
Light-weight cryptographic and SSL/TLS library
--------------------------------------------------------------------------------
Update Information:
- Update to 2.6.0 Release notes: https://tls.mbed.org/tech-
updates/releases/mbedtls-2.6.0-2.1.9-and-1.3.21-released Security Advisory:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-
advisory-2017-02
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1487120 - CVE-2017-14032 mbedtls: Bypass peer authentication
https://bugzilla.redhat.com/show_bug.cgi?id=1487120
--------------------------------------------------------------------------------
================================================================================
mingw-libidn2-2.0.4-1.el7 (FEDORA-EPEL-2017-f159ad2ec9)
MinGW Windows Internationalized Domain Name 2008 support library
--------------------------------------------------------------------------------
Update Information:
Libidn2 2.0.4 (released 2017-08-30) =================================== * Fix
integer overflow in bidi.c/_isBidi() * Fix integer overflow in
puny_decode.c/decode_digit() * Improve docs * Fix idna_free() to idn_free()
* Update fuzzer corpora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1486882 - libidn2: in puny_decode.c/decode_digit
https://bugzilla.redhat.com/show_bug.cgi?id=1486882
[ 2 ] Bug #1486881 - libidn2: integer overflow in bidi.c/_isBidi()
https://bugzilla.redhat.com/show_bug.cgi?id=1486881
--------------------------------------------------------------------------------
================================================================================
no-more-secrets-0.3.2-3.el7 (FEDORA-EPEL-2017-28aed54ff9)
A recreation of the "decrypting text" effect from the 1992 movie Sneakers
--------------------------------------------------------------------------------
Update Information:
update for chnages suggested in RHBZ#1484222
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1484222 - Review Request: no-more-secrets - A recreation of the "decrypting text" effect from the 1992 movie Sneakers
https://bugzilla.redhat.com/show_bug.cgi?id=1484222
--------------------------------------------------------------------------------
================================================================================
ocaml-opam-file-format-2.0.0-0.2.beta3.el7 (FEDORA-EPEL-2017-111faa245b)
Parser and printer for the opam file syntax
--------------------------------------------------------------------------------
Update Information:
Parser and printer for the opam file syntax
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1477362 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1477362
--------------------------------------------------------------------------------
================================================================================
pdc-updater-0.6.1-1.el7 (FEDORA-EPEL-2017-285d50998b)
Update the product definition center in response to fedmsg
--------------------------------------------------------------------------------
Update Information:
Latest upstream. ---- Latest upstream.
--------------------------------------------------------------------------------
================================================================================
perl-generators-1.08-6.el7 (FEDORA-EPEL-2017-1a9af9722f)
RPM Perl dependencies generators
--------------------------------------------------------------------------------
Update Information:
This release fixes epoch for perl-interpreter. ---- This release provides
pelr-interpreter package to support porting Fedora packages to EPEL.
--------------------------------------------------------------------------------
================================================================================
php-PHPMailer-5.2.25-1.el7 (FEDORA-EPEL-2017-edb871464f)
PHP email transport class with a lot of features
--------------------------------------------------------------------------------
Update Information:
**Version 5.2.25** (August 28th 2017) * Make obtaining SMTP transaction ID more
reliable * Add Bosnian translation * This is the last official release in the
legacy PHPMailer 5.2 series; there may be future security patches (which will be
found in the [5.2-stable
branch](https://github.com/PHPMailer/PHPMailer/tree/5.2-stable)), but no further
non-security PRs or issues will be accepted. Migrate to PHPMailer 6.0.
--------------------------------------------------------------------------------
================================================================================
php-behat-gherkin-4.4.5-1.el7 (FEDORA-EPEL-2017-9d0580b182)
Gherkin DSL parser for PHP
--------------------------------------------------------------------------------
Update Information:
Gherkin DSL parser for PHP. Autoloader:
`/usr/share/php/Behat/Gherkin/autoload.php`
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1483372 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1483372
--------------------------------------------------------------------------------
================================================================================
php-codeception-verify-0.4.0-1.el7 (FEDORA-EPEL-2017-0c872fc141)
BDD assertion library for PHPUnit
--------------------------------------------------------------------------------
Update Information:
BDD Assertions for PHPUnit and Codeception This is very tiny wrapper for
PHPUnit assertions, that are aimed to make tests a bit more readable. With BDD
assertions influenced by Chai, Jasmine, and RSpec your assertions would be a bit
closer to natural language. Autoloader: `/usr/share/php/Codeception/autoload-
verify.php`
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1483374 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1483374
--------------------------------------------------------------------------------
================================================================================
php-dflydev-dot-access-data-1.1.0-2.el7 (FEDORA-EPEL-2017-1c39f9818a)
Given a deep data structure, access data by dot notation
--------------------------------------------------------------------------------
Update Information:
Given a deep data structure, access data by dot notation. Autoloader:
`/usr/share/php/Dflydev/DotAccessData/autoload.php`
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1483376 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1483376
--------------------------------------------------------------------------------
================================================================================
php-flow-jsonpath-0.3.4-1.el7 (FEDORA-EPEL-2017-08650b0280)
JSONPath implementation for parsing, searching and flattening arrays
--------------------------------------------------------------------------------
Update Information:
This is a JSONPath [1] implementation for PHP based on Stefan Goessner's
JSONPath script. JSONPath is an XPath-like expression language for filtering,
flattening and extracting data. I believe that is improves on the original
script (which was last updated in 2007) by doing a few things: * Object-
oriented code (should be easier to manage or extend in future) * Expressions are
parsed into tokens using some code cribbed from Doctrine Lexer and cached *
There is no eval() in use * Performance is pretty much the same * Any
combination of objects/arrays/ArrayAccess-objects can be used as the data
input which is great if you're de-serializing JSON in to objects or if you
want to process your own data structures. Autoloader:
`/usr/share/php/Flow/JSONPath/autoload.php` [1]
http://goessner.net/articles/JsonPath/
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1483381 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1483381
--------------------------------------------------------------------------------
================================================================================
php-henrikbjorn-lurker-1.2.0-1.el7 (FEDORA-EPEL-2017-5e4ab8fffd)
Resource watcher
--------------------------------------------------------------------------------
Update Information:
Resource tracking for PHP. Watch files and/or directories. Autoloader:
`/usr/share/php/Lurker/autoload.php`
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1483382 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1483382
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Compress-2.2.1-1.el7 (FEDORA-EPEL-2017-94326edc81)
Horde Compression API
--------------------------------------------------------------------------------
Update Information:
**Horde_Compress 2.2.1** * [jan] Fix RAR compressed file names with unicode
characters.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Core-2.30.2-1.el7 (FEDORA-EPEL-2017-613bd0c56a)
Horde Core Framework libraries
--------------------------------------------------------------------------------
Update Information:
**Horde_Core 2.30.2** * [jan] Fix double line breaks in task description
tooltips (Bug #14684). ---- **Horde_Core 2.30.1** * [mjr] Fix issue that
could break ActiveSync sync if object not found.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Date-2.4.1-1.el7 (FEDORA-EPEL-2017-216b04aaaa)
Horde Date package
--------------------------------------------------------------------------------
Update Information:
**Horde_Date 2.4.1** * [jan] Fix translating the string representation of a
recurrence rule.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Imap-Client-2.29.15-1.el7 (FEDORA-EPEL-2017-53896b2225)
Horde IMAP abstraction interface
--------------------------------------------------------------------------------
Update Information:
**Horde_Imap_Client 2.29.15** * [jan] Fix expunging cache entries of a certain
lifetime from the DB backend.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Mime-Viewer-2.2.2-1.el7 (FEDORA-EPEL-2017-f22a47f9e7)
Horde MIME Viewer Library
--------------------------------------------------------------------------------
Update Information:
**Horde_Mime_Viewer 2.2.2** * [jan] Fix bottom table line length of RAR archive
summaries.
--------------------------------------------------------------------------------
================================================================================
php-jakubledl-dissect-1.0.1-1.el7 (FEDORA-EPEL-2017-f9186b0734)
Lexing and parsing in pure PHP
--------------------------------------------------------------------------------
Update Information:
Dissect is a set of tools for lexical and syntactical analysis written in pure
PHP. Autoloader: `/usr/share/php/Dissect/autoload.php`
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1483383 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1483383
--------------------------------------------------------------------------------
================================================================================
php-league-container-2.4.1-1.el7 (FEDORA-EPEL-2017-3c4d4f00a0)
A fast and intuitive dependency injection container
--------------------------------------------------------------------------------
Update Information:
A small but powerful dependency injection container that allows you to decouple
components in your application in order to write clean and testable code.
Autoloader: `/usr/share/php/League/Container/autoload.php`
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1483384 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1483384
--------------------------------------------------------------------------------
================================================================================
php-pear-crypt-gpg-1.6.1-1.el7 (FEDORA-EPEL-2017-5281039a1f)
GNU Privacy Guard (GnuPG)
--------------------------------------------------------------------------------
Update Information:
**Version 1.6.1** * Fix Bug pear#21237: Use --skip-verify in decrypt() method *
Update list of hash algorithm names * Add option to ignore signature
verification errors on decrypt.
--------------------------------------------------------------------------------
================================================================================
php-symfony-polyfill-1.5.0-1.el7 (FEDORA-EPEL-2017-3c7f55d3f4)
Symfony polyfills backporting features to lower PHP versions
--------------------------------------------------------------------------------
Update Information:
## v1.5.0 * added polyfill for spl_object_id() * fixed apcu function when apc
ones are polyfilled with Zend Server's Data Cache * added `PHP_OS_FAMILY`
polyfill
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1482156 - php-symfony-polyfill-1.5.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1482156
--------------------------------------------------------------------------------
================================================================================
php-zetacomponents-document-1.3.1-1.el7 (FEDORA-EPEL-2017-050e2fa388)
Provides a general conversion framework for different documents
--------------------------------------------------------------------------------
Update Information:
The document component offers transformations between different semantic markup
languages, like: * ReStructured text [1] * XHTML [2] * Docbook [3] * eZ Publish
XML markup [4] * Wiki markup languages, like: Creole [5], Dokuwiki [6] and
Confluence [7] * Open Document Text [8] as used by OpenOffice.org [9] and other
office suites Each format supports conversions from and to docbook as a central
intermediate format and may implement additional shortcuts for conversions from
and to other formats. Not each format can express the same semantics, so there
may be some information lost. Autoloader:
`/usr/share/php/ezc/Document/autoload.php` [1]
http://docutils.sourceforge.net/rst.html [2] http://www.w3.org/TR/xhtml1/ [3]
http://www.docbook.org/ [4] http://doc.ez.no/eZ-Publish/Technical-
manual/4.x/Reference/XML-tags [5] http://www.wikicreole.org/ [6]
http://www.dokuwiki.org/dokuwiki [7]
http://confluence.atlassian.com/renderer/notationhelp.action?section=all [8]
http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=office [9]
http://www.openoffice.org/
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1470355 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1470355
--------------------------------------------------------------------------------
================================================================================
purple-discord-0-11.20170829git9115bd2.el7 (FEDORA-EPEL-2017-265a228706)
Discord plugin for libpurple
--------------------------------------------------------------------------------
Update Information:
Updated to latest snapshot. ---- Updated to latest snapshot.
--------------------------------------------------------------------------------
================================================================================
purple-facebook-0.9.5-1.9ff9acf9fa14.el7 (FEDORA-EPEL-2017-3b867539b7)
Facebook protocol plugin for purple2
--------------------------------------------------------------------------------
Update Information:
- New upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1487200 - purple-facebook-0.9.5-9ff9acf9fa14 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1487200
--------------------------------------------------------------------------------
================================================================================
python-ansible-tower-cli-3.1.7-1.el7 (FEDORA-EPEL-2017-921140a4c6)
A CLI tool for Ansible Tower
--------------------------------------------------------------------------------
Update Information:
bugfix
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1470429 - python-ansible-tower-cli-v3.1.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1470429
--------------------------------------------------------------------------------
================================================================================
python-incremental-17.5.0-1.el7 (FEDORA-EPEL-2017-14d16e378b)
It versions your Python projects
--------------------------------------------------------------------------------
Update Information:
Initial package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1484331 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1484331
--------------------------------------------------------------------------------
================================================================================
python-iso8601-0.1.11-7.el7 (FEDORA-EPEL-2017-ec99b2f34b)
Simple module to parse ISO 8601 dates
--------------------------------------------------------------------------------
Update Information:
Build for Python3 on EPEL
--------------------------------------------------------------------------------
================================================================================
python-jupyter-core-4.3.0-1.el7 (FEDORA-EPEL-2017-93f446723c)
The base package for Jupyter projects
--------------------------------------------------------------------------------
Update Information:
Core common functionality of Jupyter projects. This package contains base
application classes and configuration inherited by other projects.
--------------------------------------------------------------------------------
================================================================================
python-markdown-2.4.1-2.el7 (FEDORA-EPEL-2017-edcffc40fe)
Markdown implementation in Python
--------------------------------------------------------------------------------
Update Information:
Enable Python3 subpackage.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1389877 - Enable Python3 build
https://bugzilla.redhat.com/show_bug.cgi?id=1389877
--------------------------------------------------------------------------------
================================================================================
python-nbformat-4.4.0-1.el7 (FEDORA-EPEL-2017-0087ca6cf6)
The Jupyter Notebook format
--------------------------------------------------------------------------------
Update Information:
This package contains the base implementation of the Jupyter Notebook format,
and Python APIs for working with notebooks.
--------------------------------------------------------------------------------
================================================================================
python-pretend-1.0.8-3.el7 (FEDORA-EPEL-2017-c3daea6406)
A library for stubbing in Python
--------------------------------------------------------------------------------
Update Information:
Build for Python3 in EPEL
--------------------------------------------------------------------------------
================================================================================
python3-pyasn1-0.1.9-1.el7 (FEDORA-EPEL-2017-b4df9f5c22)
ASN.1 tools for Python
--------------------------------------------------------------------------------
Update Information:
Build for Python3-only on EPEL from the Fedora spec.
--------------------------------------------------------------------------------
================================================================================
python3-pytz-2017.2-1.el7 (FEDORA-EPEL-2017-2a21f9fdb7)
World Timezone Definitions for Python
--------------------------------------------------------------------------------
Update Information:
Update to 2017.2
--------------------------------------------------------------------------------
================================================================================
python3-virtualenv-15.1.0-1.el7 (FEDORA-EPEL-2017-91ae9b6e7e)
Tool to create isolated Python environments
--------------------------------------------------------------------------------
Update Information:
virtualenv is a tool to create isolated Python environments. virtualenv is a
successor to workingenv, and an extension of virtual-python. It is written by
Ian Bicking, and sponsored by the Open Planning Project. It is licensed under an
MIT-style permissive license.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1431235 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1431235
--------------------------------------------------------------------------------
================================================================================
rubygem-rack-attack-5.0.1-1.el7 (FEDORA-EPEL-2017-626407a24d)
Block & throttle abusive requests
--------------------------------------------------------------------------------
Update Information:
A rack middleware for throttling and blocking abusive requests.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1485907 - Review Request: rubygem-rack-attack - Block & throttle abusive requests
https://bugzilla.redhat.com/show_bug.cgi?id=1485907
--------------------------------------------------------------------------------
================================================================================
rubygem-yell-2.0.7-2.el7 (FEDORA-EPEL-2017-cf8a47a2e8)
Yell - Your Extensible Logging Library
--------------------------------------------------------------------------------
Update Information:
Yell - Your Extensible Logging Library. Define multiple adapters, various log
level combinations or message formatting options like you've never done before.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1450144 - Review Request: rubygem-yell - Yell - Your Extensible Logging Library
https://bugzilla.redhat.com/show_bug.cgi?id=1450144
--------------------------------------------------------------------------------
================================================================================
sasutils-0.3.9-1.el7 (FEDORA-EPEL-2017-4cd42b72a4)
Serial Attached SCSI (SAS) utilities
--------------------------------------------------------------------------------
Update Information:
First release of sasutils package in Fedora EPEL 7.
--------------------------------------------------------------------------------
================================================================================
workrave-1.10.16-1.el7 (FEDORA-EPEL-2017-7f09c4bdc3)
Program that assists in the recovery and prevention of RSI
--------------------------------------------------------------------------------
Update Information:
Update to latest version for compatibility with RHEL 7.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1486359 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1486359
--------------------------------------------------------------------------------
================================================================================
xrootd-4.7.0-1.el7 (FEDORA-EPEL-2017-8cfc8d8a06)
Extended ROOT file server
--------------------------------------------------------------------------------
Update Information:
XRootD 4.7.0. * Bindings for python 3 added (Fedora) *
https://github.com/xrootd/xrootd/blob/v4.7.0/docs/ReleaseNotes.txt
--------------------------------------------------------------------------------
6 years, 7 months
Fedora EPEL 6 updates-testing report
by updates@fedoraproject.org
The following Fedora EPEL 6 Security updates need testing:
Age URL
785 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6
779 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6
669 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6
641 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6
251 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e3e50897ac libbsd-0.8.3-2.el6
147 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-c0d33ae70f tnef-1.4.14-1.el6
49 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e8124f23c8 heimdal-7.4.0-1.el6
16 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-035ed8efb3 qpdf-5.1.1-5.el6
13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-3f527c60d9 firebird-2.5.7.27050.0-1.el6
13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-0ad4c424f0 redis-3.2.10-2.el6
11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-01dbc69547 exim-4.89-2.el6
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-f14c660f60 tomcat-7.0.81-1.el6
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-c28c0c3e0c cacti-1.1.19-1.el6
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-dc232b17d0 mbedtls-2.6.0-1.el6
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-63bdf1b0d8 libidn2-2.0.4-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
golang-github-cheggaaa-pb-1.0.12-0.1.git9a180eb.el6
libidn2-2.0.4-1.el6
no-more-secrets-0.3.2-3.el6
php-behat-gherkin-4.4.5-1.el6
php-codeception-verify-0.4.0-1.el6
php-dflydev-dot-access-data-1.1.0-2.el6
php-henrikbjorn-lurker-1.2.0-1.el6
php-jakubledl-dissect-1.0.1-1.el6
php-symfony-polyfill-1.5.0-1.el6
purple-facebook-0.9.5-1.9ff9acf9fa14.el6
python-ansible-tower-cli-3.1.7-1.el6
python-polib-1.0.7-9.el6
Details about builds:
================================================================================
golang-github-cheggaaa-pb-1.0.12-0.1.git9a180eb.el6 (FEDORA-EPEL-2017-b543523519)
Console progress bar for Golang
--------------------------------------------------------------------------------
Update Information:
Bump to upstream 9a180eb4617eb2112e01ca3fa25c61a6303afcaf
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1440773 - golang-github-cheggaaa-pb is outdated and needs to be updated to latest upstream
https://bugzilla.redhat.com/show_bug.cgi?id=1440773
--------------------------------------------------------------------------------
================================================================================
libidn2-2.0.4-1.el6 (FEDORA-EPEL-2017-63bdf1b0d8)
Library to support IDNA2008 internationalized domain names
--------------------------------------------------------------------------------
Update Information:
Libidn2 2.0.4 (released 2017-08-30) =================================== * Fix
integer overflow in bidi.c/_isBidi() * Fix integer overflow in
puny_decode.c/decode_digit() * Improve docs * Fix idna_free() to idn_free()
* Update fuzzer corpora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1486882 - libidn2: in puny_decode.c/decode_digit
https://bugzilla.redhat.com/show_bug.cgi?id=1486882
[ 2 ] Bug #1486881 - libidn2: integer overflow in bidi.c/_isBidi()
https://bugzilla.redhat.com/show_bug.cgi?id=1486881
--------------------------------------------------------------------------------
================================================================================
no-more-secrets-0.3.2-3.el6 (FEDORA-EPEL-2017-c837033fe0)
A recreation of the "decrypting text" effect from the 1992 movie Sneakers
--------------------------------------------------------------------------------
Update Information:
update for chnages suggested in RHBZ#1484222
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1484222 - Review Request: no-more-secrets - A recreation of the "decrypting text" effect from the 1992 movie Sneakers
https://bugzilla.redhat.com/show_bug.cgi?id=1484222
--------------------------------------------------------------------------------
================================================================================
php-behat-gherkin-4.4.5-1.el6 (FEDORA-EPEL-2017-77eca1c9f3)
Gherkin DSL parser for PHP
--------------------------------------------------------------------------------
Update Information:
Gherkin DSL parser for PHP. Autoloader:
`/usr/share/php/Behat/Gherkin/autoload.php`
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1483372 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1483372
--------------------------------------------------------------------------------
================================================================================
php-codeception-verify-0.4.0-1.el6 (FEDORA-EPEL-2017-9c4a9ba6ce)
BDD assertion library for PHPUnit
--------------------------------------------------------------------------------
Update Information:
BDD Assertions for PHPUnit and Codeception This is very tiny wrapper for
PHPUnit assertions, that are aimed to make tests a bit more readable. With BDD
assertions influenced by Chai, Jasmine, and RSpec your assertions would be a bit
closer to natural language. Autoloader: `/usr/share/php/Codeception/autoload-
verify.php`
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1483374 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1483374
--------------------------------------------------------------------------------
================================================================================
php-dflydev-dot-access-data-1.1.0-2.el6 (FEDORA-EPEL-2017-fc9a75bc9d)
Given a deep data structure, access data by dot notation
--------------------------------------------------------------------------------
Update Information:
Given a deep data structure, access data by dot notation. Autoloader:
`/usr/share/php/Dflydev/DotAccessData/autoload.php`
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1483376 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1483376
--------------------------------------------------------------------------------
================================================================================
php-henrikbjorn-lurker-1.2.0-1.el6 (FEDORA-EPEL-2017-5250122d5c)
Resource watcher
--------------------------------------------------------------------------------
Update Information:
Resource tracking for PHP. Watch files and/or directories. Autoloader:
`/usr/share/php/Lurker/autoload.php`
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1483382 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1483382
--------------------------------------------------------------------------------
================================================================================
php-jakubledl-dissect-1.0.1-1.el6 (FEDORA-EPEL-2017-3158ddd683)
Lexing and parsing in pure PHP
--------------------------------------------------------------------------------
Update Information:
Dissect is a set of tools for lexical and syntactical analysis written in pure
PHP. Autoloader: `/usr/share/php/Dissect/autoload.php`
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1483383 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1483383
--------------------------------------------------------------------------------
================================================================================
php-symfony-polyfill-1.5.0-1.el6 (FEDORA-EPEL-2017-b9b586ca19)
Symfony polyfills backporting features to lower PHP versions
--------------------------------------------------------------------------------
Update Information:
## v1.5.0 * added polyfill for spl_object_id() * fixed apcu function when apc
ones are polyfilled with Zend Server's Data Cache * added `PHP_OS_FAMILY`
polyfill
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1482156 - php-symfony-polyfill-1.5.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1482156
--------------------------------------------------------------------------------
================================================================================
purple-facebook-0.9.5-1.9ff9acf9fa14.el6 (FEDORA-EPEL-2017-7ceba4077b)
Facebook protocol plugin for purple2
--------------------------------------------------------------------------------
Update Information:
- New upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1487200 - purple-facebook-0.9.5-9ff9acf9fa14 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1487200
--------------------------------------------------------------------------------
================================================================================
python-ansible-tower-cli-3.1.7-1.el6 (FEDORA-EPEL-2017-25579352fc)
A CLI tool for Ansible Tower
--------------------------------------------------------------------------------
Update Information:
bugfix
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1470429 - python-ansible-tower-cli-v3.1.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1470429
--------------------------------------------------------------------------------
================================================================================
python-polib-1.0.7-9.el6 (FEDORA-EPEL-2017-1f6541c04c)
A library to parse and manage gettext catalogs
--------------------------------------------------------------------------------
Update Information:
- Several improvements for Fedora and EPEL - Package must be noarch
--------------------------------------------------------------------------------
6 years, 7 months