The following Fedora EPEL 7 Security updates need testing:
Age URL
539
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
302
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f
mcollective-2.8.4-1.el7
64
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e0c08a1414
php-PHPMailer-5.2.16-2.el7
20
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-23fa04bf1c
redis-3.2.3-1.el7
19
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-4b8dd3488d
knot-1.6.8-1.el7
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-f0e09b5124
borgbackup-1.0.7-1.el7
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-df8a00854a
openvpn-2.3.12-1.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8f4ff76b3
chicken-4.11.0-3.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-4316d954e8
canl-c-2.1.7-1.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-62fd4a9900
phpMyAdmin-4.4.15.8-2.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
cherrytree-0.37.4-2.el7
duplicity-0.7.10-1.el7
engauge-digitizer-9.2-1.el7
guake-0.8.7-1.el7
hitch-1.3.1-1.el7
libbson-1.3.5-2.el7
lxqt-wallet-3.0.0-1.el7
pcre2-10.21-6.el7
phpMyAdmin-4.4.15.8-2.el7
privoxy-3.0.26-1.el7
shinken-2.4.3-2.el7
tlp-0.9-1.el7
zulucrypt-5.0.0-3.20160802git064e9db.el7
Details about builds:
================================================================================
cherrytree-0.37.4-2.el7 (FEDORA-EPEL-2016-3c96264dfd)
Hierarchical note taking application
--------------------------------------------------------------------------------
Update Information:
update to 0.37.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1365098 - cherrytree-0.37.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1365098
[ 2 ] Bug #1370698 - cherrytree-0.37.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1370698
--------------------------------------------------------------------------------
================================================================================
duplicity-0.7.10-1.el7 (FEDORA-EPEL-2016-ebc5285cef)
Encrypted bandwidth-efficient backup using rsync algorithm
--------------------------------------------------------------------------------
Update Information:
https://launchpad.net/duplicity/+milestone/0.7.10
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1370670 - duplicity-0.7.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1370670
--------------------------------------------------------------------------------
================================================================================
engauge-digitizer-9.2-1.el7 (FEDORA-EPEL-2016-0f5faf840c)
Convert graphs or map files into numbers
--------------------------------------------------------------------------------
Update Information:
- Update to 9.2
--------------------------------------------------------------------------------
================================================================================
guake-0.8.7-1.el7 (FEDORA-EPEL-2016-904d016ed5)
Drop-down terminal for GNOME
--------------------------------------------------------------------------------
Update Information:
update to 0.8.7 ---- update to guake-0.8.5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1355731 - [abrt] guake: common.py:53:test_gconf:GError: Configuration server
couldn't be contacted: D-BUS error: Did not receive a reply. Possible causes include:
the remote application did not send a reply, the message bus security policy blocked the
reply, ...
https://bugzilla.redhat.com/show_bug.cgi?id=1355731
[ 2 ] Bug #1353542 - guake config "appears on the display with focus"
doesn't works
https://bugzilla.redhat.com/show_bug.cgi?id=1353542
[ 3 ] Bug #1348460 - Arbitrary code execution due to insecure loading of Python
module(s) from CWD
https://bugzilla.redhat.com/show_bug.cgi?id=1348460
[ 4 ] Bug #1279169 - Guake vertical scrollbar
https://bugzilla.redhat.com/show_bug.cgi?id=1279169
[ 5 ] Bug #1370730 - guake-0.8.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1370730
[ 6 ] Bug #1343054 - guake-0.8.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1343054
--------------------------------------------------------------------------------
================================================================================
hitch-1.3.1-1.el7 (FEDORA-EPEL-2016-9563b74eb3)
Network proxy that terminates TLS/SSL connections
--------------------------------------------------------------------------------
Update Information:
New upstream release; a feature and bugfix release. New feature: Support for
OCSP. For fixed bugs, see the changelog included in the package, or online at
https://github.com/varnish/hitch/blob/master/CHANGES.rst
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1335334 - hitch-1.3.0~beta1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1335334
--------------------------------------------------------------------------------
================================================================================
libbson-1.3.5-2.el7 (FEDORA-EPEL-2016-342eadd1c3)
Building, parsing, and iterating BSON documents
--------------------------------------------------------------------------------
Update Information:
Fix buffer overrun in bson_strndup() function.
--------------------------------------------------------------------------------
================================================================================
lxqt-wallet-3.0.0-1.el7 (FEDORA-EPEL-2016-f08257b92c)
Create a kwallet like functionality for LXQt
--------------------------------------------------------------------------------
Update Information:
initial packages, rhbz#1356657 rhbz#1356739
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1356657 - Review Request: lxqt-wallet - Create a kwallet like functionality
for LXQt
https://bugzilla.redhat.com/show_bug.cgi?id=1356657
[ 2 ] Bug #1362317 - lxqt-wallet-3.0.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1362317
[ 3 ] Bug #1356739 - Review Request: zulucrypt - Qt GUI front end to cryptsetup
https://bugzilla.redhat.com/show_bug.cgi?id=1356739
--------------------------------------------------------------------------------
================================================================================
pcre2-10.21-6.el7 (FEDORA-EPEL-2016-0cc1bc6c60)
Perl-compatible regular expression library
--------------------------------------------------------------------------------
Update Information:
This release fixes matching characters above 255 when a negative character type
was used without enabled UCP in a positive class.
--------------------------------------------------------------------------------
================================================================================
phpMyAdmin-4.4.15.8-2.el7 (FEDORA-EPEL-2016-62fd4a9900)
Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:
phpMyAdmin 4.4.15.8 (2016-08-16) ================================ This release
includes many security fixes of various levels of severity. Upstream recommends
all users of the 4.4 branch upgrade to this release immediately. For full
information on the vulnerabilities fixed and mitigation factors for users who
are unable to upgrade, refer to the ChangeLog file included with this release
and the security announcements at
https://www.phpmyadmin.net/security/
--------------------------------------------------------------------------------
================================================================================
privoxy-3.0.26-1.el7 (FEDORA-EPEL-2016-88a3e09813)
Privacy enhancing proxy
--------------------------------------------------------------------------------
Update Information:
3.0.26
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1371151 - privoxy-3.0.26 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1371151
--------------------------------------------------------------------------------
================================================================================
shinken-2.4.3-2.el7 (FEDORA-EPEL-2016-5b1a5dc5b5)
Python Monitoring tool
--------------------------------------------------------------------------------
Update Information:
https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_...
s
--------------------------------------------------------------------------------
================================================================================
tlp-0.9-1.el7 (FEDORA-EPEL-2016-643732c481)
Advanced power management tool for Linux
--------------------------------------------------------------------------------
Update Information:
Update to 0.9 ---- Update to 0.8
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1242380 - Update Request: update TLP to the latest version
https://bugzilla.redhat.com/show_bug.cgi?id=1242380
--------------------------------------------------------------------------------
================================================================================
zulucrypt-5.0.0-3.20160802git064e9db.el7 (FEDORA-EPEL-2016-f08257b92c)
Qt GUI front end to cryptsetup
--------------------------------------------------------------------------------
Update Information:
initial packages, rhbz#1356657 rhbz#1356739
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1356657 - Review Request: lxqt-wallet - Create a kwallet like functionality
for LXQt
https://bugzilla.redhat.com/show_bug.cgi?id=1356657
[ 2 ] Bug #1362317 - lxqt-wallet-3.0.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1362317
[ 3 ] Bug #1356739 - Review Request: zulucrypt - Qt GUI front end to cryptsetup
https://bugzilla.redhat.com/show_bug.cgi?id=1356739
--------------------------------------------------------------------------------