The following Fedora EPEL 7 Security updates need testing:
Age URL
96
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3989/cross-binut...
13
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0610/qpid-cpp-0....
12
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0626/perl-Gtk2-1...
11
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0647/roundcubema...
The following builds have been pushed to Fedora EPEL 7 updates-testing
ReviewBoard-2.0.13-1.el7
denyhosts-2.9-4.el7
firehol-2.0.1-1.el7
globus-ftp-client-8.19-1.el7
globus-xio-5.7-1.el7
nodejs-esprima-harmony-jscs-1.1.0-0.2.dev.el7
nodejs-grunt-sed-0.1.1-1.el7
nodejs-statuses-1.2.1-1.el7
nodejs-supports-color-1.2.0-2.el7
nodejs-ultron-1.0.1-3.el7
pam_radius-1.4.0-2.el7
perl-Statistics-Basic-1.6611-3.el7
php-horde-Horde-Compress-2.1.0-1.el7
python-bleach-1.4.1-2.el7
python-djblets-0.8.15-1.el7
reposurgeon-3.19-1.el7
scsi-target-utils-1.0.55-2.el7
shigofumi-0.6-1.el7
snapraid-7.1-1.el7
the_silver_searcher-0.29.1-1.el7
youtube-dl-2015.02.11-1.el7
Details about builds:
================================================================================
ReviewBoard-2.0.13-1.el7 (FEDORA-EPEL-2015-0798)
Web-based code review tool
--------------------------------------------------------------------------------
Update Information:
https://www.reviewboard.org/docs/releasenotes/reviewboard/2.0.13/
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 17 2015 Stephen Gallagher <sgallagh(a)redhat.com> 2.0.13-1
-
https://www.reviewboard.org/docs/releasenotes/reviewboard/2.0.13/
- Drop upstreamed patches for default site installation
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1192387 - ReviewBoard-2.0.13 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1192387
--------------------------------------------------------------------------------
================================================================================
denyhosts-2.9-4.el7 (FEDORA-EPEL-2015-0811)
A script to help thwart ssh server attacks
--------------------------------------------------------------------------------
Update Information:
Update to new upstream version 2.9.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 5 2015 Jason L Tibbitts III <tibbs(a)math.uh.edu> - 2.9-4
- Add patched implementing --unlock and allowing logging while running in the
foreground. Adapt the .service file to use these.
* Thu Feb 5 2015 Jason L Tibbitts III <tibbs(a)math.uh.edu> - 2.9-3
- Allow configurations without ETC_DIR.
* Thu Feb 5 2015 Jason L Tibbitts III <tibbs(a)math.uh.edu> - 2.9-2
- Oops, --unlock doesn't work with --daemon for some reason. Fix up .service file.
* Wed Feb 4 2015 Jason L Tibbitts III <tibbs(a)math.uh.edu> - 2.9-1
- Update to 2.9; drop outdated patches, use %autosetup.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1184037 - denyhosts out of date, does not catch ssh brute force attacks
against root
https://bugzilla.redhat.com/show_bug.cgi?id=1184037
--------------------------------------------------------------------------------
================================================================================
firehol-2.0.1-1.el7 (FEDORA-EPEL-2015-0801)
Simple and powerful firewall and traffic shaping languages
--------------------------------------------------------------------------------
Update Information:
== Release of version 2.0.1 ==
- Fix srcmac/dstmac with IPv6
- Stop configs embedding iptables -I statements becoming corrupted.
- Fixes #41 by deleting activation rules by spec not number.
== Release of version 2.0.0 ==
No changes compared to rc.3
== Release of version 2.0.0-rc.3 ==
- Fix chain lengths and ensure both IPv4/IPv6 ones created for "with limit",
"with knock" and "with recent" (issues #38 and #40)
- Silently disable IPv6 where the kernel has no IPv6 support (#39)
== Release of version 2.0.0-rc.2 ==
FireHOL fixes/enhancements
- Create functional firehol helpme output (issue #35)
- Remove long-redundant firehol_wget and wget_cmd helpers
- Use mktemp for temporary directories during RPC enumeration
- Don't delete and recreate the main temporary directory
- Treat mktemp like other required commands
- Silence module detection warning when not loading modules
FireQOS fixes/enhancements
- Added srcmac dstmac matches to FireQOS
Packaging
- Clean up some intermediate files before packing
--------------------------------------------------------------------------------
ChangeLog:
* Sun Feb 15 2015 Christopher Meng <cickumqt(a)gmail.com> - 2.0.1-1
- Update to 2.0.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1187661 - firehol generates names that are too long for iptables
https://bugzilla.redhat.com/show_bug.cgi?id=1187661
--------------------------------------------------------------------------------
================================================================================
globus-ftp-client-8.19-1.el7 (FEDORA-EPEL-2015-0810)
Globus Toolkit - GridFTP Client Library
--------------------------------------------------------------------------------
Update Information:
Fix for GGUS 105158 and 109576.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 17 2015 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 8.19-1
- GT6 update (GGUS 105158 and 109576)
--------------------------------------------------------------------------------
================================================================================
globus-xio-5.7-1.el7 (FEDORA-EPEL-2015-0810)
Globus Toolkit - Globus XIO Framework
--------------------------------------------------------------------------------
Update Information:
Fix for GGUS 105158 and 109576.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 17 2015 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 5.7-1
- GT6 update (Prefer IPv6 address)
--------------------------------------------------------------------------------
================================================================================
nodejs-esprima-harmony-jscs-1.1.0-0.2.dev.el7 (FEDORA-EPEL-2015-0809)
ECMAScript parsing infrastructure for multipurpose analysis
--------------------------------------------------------------------------------
Update Information:
Initial packaging.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1169925 - Review Request: nodejs-esprima-harmony-jscs - ECMAScript parsing
infrastructure for multipurpose analysis
https://bugzilla.redhat.com/show_bug.cgi?id=1169925
--------------------------------------------------------------------------------
================================================================================
nodejs-grunt-sed-0.1.1-1.el7 (FEDORA-EPEL-2015-0807)
Grunt task for search and replace
--------------------------------------------------------------------------------
Update Information:
Built on top of replace, grunt-sed is a Grunt plugin for performing search and replace on
files.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1151817 - Review Request: nodejs-grunt-sed - Grunt task for search and
replace
https://bugzilla.redhat.com/show_bug.cgi?id=1151817
--------------------------------------------------------------------------------
================================================================================
nodejs-statuses-1.2.1-1.el7 (FEDORA-EPEL-2015-0786)
HTTP status utility
--------------------------------------------------------------------------------
Update Information:
Initial packaging
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1191803 - Review Request: nodejs-statuses - HTTP status utility
https://bugzilla.redhat.com/show_bug.cgi?id=1191803
--------------------------------------------------------------------------------
================================================================================
nodejs-supports-color-1.2.0-2.el7 (FEDORA-EPEL-2015-0803)
Detect whether a terminal supports color
--------------------------------------------------------------------------------
Update Information:
Initial packaging.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1169924 - Review Request: nodejs-supports-color - Detect whether a terminal
supports color
https://bugzilla.redhat.com/show_bug.cgi?id=1169924
--------------------------------------------------------------------------------
================================================================================
nodejs-ultron-1.0.1-3.el7 (FEDORA-EPEL-2015-0795)
Ultron is a high-intelligence robot
--------------------------------------------------------------------------------
Update Information:
Newpackage
--------------------------------------------------------------------------------
================================================================================
pam_radius-1.4.0-2.el7 (FEDORA-EPEL-2015-0806)
PAM Module for RADIUS Authentication
--------------------------------------------------------------------------------
Update Information:
Fixes bugzilla #1169877 - pam_radius does not respect linux
ephemeral port range and is blocked by SELinux
New Features:
prompt=string - Specifies the prompt, without the ': ', that
PAM should display when prompting for the
password. This is useful when using hardware
tokens as part of multi-factor authentication
and presenting the same prompt twice would
confuse users. Use prompt=TokenCode (or some
other relevant string different from Password)
in this situation.
force_prompt - Request a new password and not using the
previously entered password. This useful for
multi-factor authentication when used with a
Token.
max_challenge=# - configure maximum number of challenges that
a server may request. This is a workaround
for broken servers and disabled by default.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1136474 - pam_radius isn't in epel7
https://bugzilla.redhat.com/show_bug.cgi?id=1136474
--------------------------------------------------------------------------------
================================================================================
perl-Statistics-Basic-1.6611-3.el7 (FEDORA-EPEL-2015-0791)
A collection of very basic statistics modules
--------------------------------------------------------------------------------
Update Information:
Fixes for EPEL6 and EPEL7 branches
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #672246 - Review Request: perl-Statistics-Basic - A collection of very basic
statistics modules
https://bugzilla.redhat.com/show_bug.cgi?id=672246
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Compress-2.1.0-1.el7 (FEDORA-EPEL-2015-0799)
Horde Compression API
--------------------------------------------------------------------------------
Update Information:
Horde_Compress 2.1.0
* [mms] Fix decoding of Unicode Strings in TNEF MAPI attributes.
* [mjr] Fix possible fatal error when parsing certain types of Vtodo files.
* [mjr] Add support for generating vTodo from TNEF embedded MAPI TASK objects.
* [mjr] Add option to inject a logger object.
* [mjr] Improve support for decompressing TNEF data.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 16 2015 Remi Collet <remi(a)fedoraproject.org> - 2.1.0-1
- Update to 2.1.0
- add dependency on Horde_Mime
- raise dependency on Horde_Translation >= 2.2.0
- add provides php-composer(horde/horde-mime)
--------------------------------------------------------------------------------
================================================================================
python-bleach-1.4.1-2.el7 (FEDORA-EPEL-2015-0787)
An easy whitelist-based HTML-sanitizing tool
--------------------------------------------------------------------------------
Update Information:
Initial import
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1190378 - Review Request: python-bleach - An easy whitelist-based
HTML-sanitizing tool
https://bugzilla.redhat.com/show_bug.cgi?id=1190378
--------------------------------------------------------------------------------
================================================================================
python-djblets-0.8.15-1.el7 (FEDORA-EPEL-2015-0798)
A collection of useful classes and functions for Django
--------------------------------------------------------------------------------
Update Information:
https://www.reviewboard.org/docs/releasenotes/reviewboard/2.0.13/
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 13 2015 Stephen Gallagher <sgallagh(a)redhat.com> 0.8.15-1
-
https://www.reviewboard.org/docs/releasenotes/djblets/0.8.15/
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1192387 - ReviewBoard-2.0.13 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1192387
--------------------------------------------------------------------------------
================================================================================
reposurgeon-3.19-1.el7 (FEDORA-EPEL-2015-0793)
SCM Repository Manipulation Tool
--------------------------------------------------------------------------------
Update Information:
== 3.19 ==
* Minor bugfix for handling of indexed action stamps.
== 3.18 ==
* The graft command now has a --prune option like unite.
== 3.17 ==
* Export support for SRC and RCS.
* Bug fix for automated preservation under hg.
* Bug fix for reparenting and checkout of commits with inline data.
== 3.16 ==
* Import support for SRC.
== 3.15 ==
* New 'add' command to insert new fileops in commits.
== 3.14 ==
* Assignments are preserved across squashes (including deletions).
* Name lookups are, after the first one, significantly faster.
== 3.13 ==
* Read/write support for the Fossil system.
* Fixes for timezone handling.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 22 2015 Christopher Meng <rpm(a)cicku.me> - 3.19-1
- Update to 3.19
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1166407 - reposurgeon-3.19 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1166407
--------------------------------------------------------------------------------
================================================================================
scsi-target-utils-1.0.55-2.el7 (FEDORA-EPEL-2015-0797)
The SCSI target daemon and utility programs
--------------------------------------------------------------------------------
Update Information:
fix build issue on s390x
update to latest upstream for bug fixes.
update to latest upstream for bug fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 16 2015 Andy Grover <agrover(a)redhat.com> - 1.0.55-2
- Fix for #1193043, make BuildDep on systemd-devel unconditional
* Tue Feb 10 2015 Andy Grover <agrover(a)redhat.com> - 1.0.55-1
- New upstream version
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.0.48-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.0.48-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Mon Jun 2 2014 Andy Grover <agrover(a)redhat.com> - 1.0.48-1
- New upstream version
- Add systemd sd_notify support
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1193043 - scsi-target-utils fails to build on s390(x)
https://bugzilla.redhat.com/show_bug.cgi?id=1193043
--------------------------------------------------------------------------------
================================================================================
shigofumi-0.6-1.el7 (FEDORA-EPEL-2015-0802)
Command line client for accessing the Czech Data Boxes
--------------------------------------------------------------------------------
Update Information:
This release adds a new command "searchbox" which allows to search for a box by
a full-text query. It internationalizes postal address header in command output.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Petr Pisar <ppisar(a)redhat.com> - 0.6-1
- 0.6 bump
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.5-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1181561 - shigofumi-0.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1181561
--------------------------------------------------------------------------------
================================================================================
snapraid-7.1-1.el7 (FEDORA-EPEL-2015-0785)
Disk array backup for many large rarely-changed files
--------------------------------------------------------------------------------
Update Information:
Updated to latest upstream. Scrub and sync commands detect and report I/O errors.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 14 2015 Eric Smith <spacewar(a)gmail.com> - 7.1-1
- Updated to latest upstream.
--------------------------------------------------------------------------------
================================================================================
the_silver_searcher-0.29.1-1.el7 (FEDORA-EPEL-2015-0790)
Super-fast text searching tool (ag)
--------------------------------------------------------------------------------
Update Information:
update to 0.29.1
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 16 2015 Kenjiro Nakayama <nakayamakenjiro(a)gmail.com> - 0.29.1-1
- update to 0.29.1
--------------------------------------------------------------------------------
================================================================================
youtube-dl-2015.02.11-1.el7 (FEDORA-EPEL-2015-0789)
A small command-line program to download online videos
--------------------------------------------------------------------------------
Update Information:
Show must go on!
- Update to latest release
- Improve error messages
- fix various other bugs
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 16 2015 Matej Cepl <mcepl(a)redhat.com> - 2015.02.11-1
- Show must go on!
* Tue Feb 10 2015 Till Maas <opensource(a)till.name> - 2015.02.10.4-1
- Update to latest release
* Tue Feb 10 2015 Till Maas <opensource(a)till.name> - 2015.02.10.2-1
- Update to latest release
- remove pre-built file in %setup
* Sat Jan 31 2015 Till Maas <opensource(a)till.name> - 2015.01.30.1-1
- Update to new release
- Use %license
* Tue Jan 27 2015 Till Maas <opensource(a)till.name> - 2015.01.25-1
- Update to new release
* Tue Jan 27 2015 Alexey Kurov <nucleo(a)fedoraproject.org> - 2015.01.25.1-1
- Python 2.7 byte compile
* Fri Jan 16 2015 Matej Cepl <mcepl(a)redhat.com> - 2015.01.15.1-1
- Update to new release.
* Wed Jan 14 2015 Till Maas <opensource(a)till.name> - 2015.01.11-1
- Update to new release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1135594 - [abrt] youtube-dl: httplib.py:660:_safe_read:IncompleteRead:
IncompleteRead(7669 bytes read, 523 more expected)
https://bugzilla.redhat.com/show_bug.cgi?id=1135594
[ 2 ] Bug #1191520 - youtube-dl-2015.02.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1191520
[ 3 ] Bug #1093517 - [abrt] youtube-dl: httplib.py:953:putheader:UnicodeEncodeError:
'ascii' codec can't encode character u'\\ufeff' in position 0: ordinal
not in range(128)
https://bugzilla.redhat.com/show_bug.cgi?id=1093517
--------------------------------------------------------------------------------