The following Fedora EPEL 5 Security updates need testing:
Age URL
656
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11893/libguestfs...
420
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-1626/puppet-2.7....
270
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3849/sblim-sfcb-...
14
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-7293/mantis-1.2....
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-7340/drupal6-cck...
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-7337/lighttpd-1....
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-7370/wordpress-4...
The following builds have been pushed to Fedora EPEL 5 updates-testing
drupal7-feeds-2.0-0.13.beta1.el5
globus-ftp-client-8.23-1.el5
globus-ftp-control-6.7-1.el5
globus-gridftp-server-8.1-1.el5
globus-gss-assist-10.15-1.el5
globus-net-manager-0.12-1.el5
globus-xio-gridftp-driver-2.11-1.el5
globus-xio-gridftp-multicast-1.6-1.el5
php53-mapi-7.1.13-1.el5
zarafa-7.1.13-1.el5
Details about builds:
================================================================================
drupal7-feeds-2.0-0.13.beta1.el5 (FEDORA-EPEL-2015-7544)
Aggregates RSS/Atom/RDF feeds, imports CSV files and more
--------------------------------------------------------------------------------
Update Information:
## 7.x-2.0-beta1
Changes since 7.x-2.0-alpha9:
* Issue #2038525 by twistor, larsdesigns, DamienMcKenna: SimplePie Plugin Installation
Documentation in README.txt
* Issue #1449464 by klausi, cbergmann: Own cache Bin for feeds
* Issue #2515196 by twistor: Only transliterate downloaded files.
* Issue #2510788 by twistor: Remove query string from path in FeedsEnclosure.
* Issue #2514300 by twistor: Fatal error when I try to import feed items
* Issue #2511738 by deminy: Incorrect File Inclusion
* Issue #2509444 by twistor: Field Feeds Presave Not Importing User Fields
* Issue #2509464 by twistor, joelpittet: Feeds module cannot find its parser module due to
filesystem restriction
* Issue #2509464 by twistor, Max1: Feeds module cannot find its parser module due to
filesystem restriction
* Issue #2364103 by Luxian, MegaChriz: Feeds error log crashes when log messages are too
long
* Issue #1953008 by MegaChriz, twistor, klausi: PHP Fatal error: Nesting level too deep -
recursive dependency? in FeedsProcessor.inc on line 199
* Issue #1107522 by MegaChriz, twistor, ditcheva, nielsonm, franz, Niklas Fiekas,
cthiebault, Uhkis, gcb, mparker17, guillaumev: Framework for expected behavior when
importing empty/blank values + text field fix
* Issue #2092895 by mikran, MegaChriz, twistor: Block users not included in feed
* Issue #2500185 by angel.h, MegaChriz: Error when having an entity without base table
* Issue #2496735 by twistor, diarmy: For PHP 5.6.0 and above, Feeds should allow the use
of cURL if open_basedir is enabled
* Issue #1848498 by twistor: Respect allowed file extensions in file mapper
* Issue #2502419 by klausi: Log messages XSS attack vector
* Issue #2495145 by twistor, cashwilliams, greggles, klausi: Possible XSS in
PuSHSubscriber.inc
* Issue #2488036 by MegaChriz, orannezelehcim: Modules that define both an importer and a
plugin can not be disabled
* Issue #2333029 by twistor, MegaChriz: Extend mapping API to allow for defaults and
multiple callbacks
* Issue #2497507 by twistor: Pass plugin definition to FeedsPlugin objects
* Add test for #2489006.
* Issue #2489006 by donquixote: Uninitialized array in taxonomy_feeds_set_target()
* Issue #2497729 by twistor: Implement all methods on FeedsMissingPlugin
* Issue #2469219 by MegaChriz, twistor: Remove the Generic Entity Processor
* Issue #1058424 by thijsvdanker: Port date mapper patch to d7 version to support dates
before 13 Dec 1901
* Remove useless libraries test dependency.
* Issue #2427497 by ttaylor249: Fetching feed via SSL through proxy doesn't work
* Issue #1978722 by klausi, ultimike: Entity property info for feeds node is broken
* Issue #1988970 by msti: FeedsCSV parser - download template should use the default
delimiter
* Issue #2468401 by jiff: HTTP fetcher does not correctly decode urlencoded basic auth
params
* Issue #1815070 by twistor, joelpittet: No more mapping for numeric (boolean, decimal,
integer, floats, and lists of them) fields
* Issue #2339383 by mikran, MegaChriz, joelpittet: Items missing from feeds do not affect
item hash even when action is taken based on that
* Issue #2333009 by MegaChriz: Add importer validator for Views
* Issue #2415283 by MegaChriz: Some tests are not executed by testbot
* Issue #1829212 by alan-io1, agupta, MegaChriz, ac: SQLSTATE[42S22]: Column not found:
1054 Unknown column 'feeds_item.entity_type' in 'on clause'
* Issue #2419111 by make77, MegaChriz: Configuration option to allow invalid SSL
certificates is not used when option "Auto detect feeds" is enabled
* Issue #2357981 by MegaChriz: hook_feeds_presave: $entity_id is missing
* Issue #2011240 by ressa, Abelito: How to import the description of a file?
* Issue #2397219 by joachim, MegaChriz: docs for my_module_mapper_unique() don't match
implementation in tests
* Issue #2397199 by joachim, MegaChriz: summary line for
hook_feeds_processor_targets_alter() docs mentions nodes & is too long
* Remove unused code from common_syndication_parser.inc.
* Issue #1982286 by AdamPS: Recoverable fatal error
* Issue #2341407 by vinmassaro, twistor: Fix missing file/image mappings caused by
#1080386-by-adding">#1080386 by adding:uri to mappings
* Issue #2379915 by hydrant-mark, twistor: Taxonomy Mapper: Assumes there will only ever
be one matching term
* Issue #2387419 by MegaChriz: Auto detect dependencies when putting Feeds importer in a
feature
* Issue #2363779 by Niremizov, MegaChriz: CSVParser Source form translation fix
* Issue #2053355 by ufku, vinmassaro: Notice: Undefined variable: file
FeedsParser.inc:388
* Issue #2390199 by GuyPaddock: Unhelpful failure upon uploading an empty CSV file
* Issue #2308343 by MegaChriz, twistor, joelpittet, kruser: File upload disappears with
Bootstrap Theme (abuse of #description in theme_feeds_upload())
* Issue #1887632 by joelpittet: Exception: Empty configuration identifier.
* Issue #2379407 by twistor, MegaChriz: Make module required if plugins are in use
* Issue #2248009 by twistor | djdevin: Fixed Remove the population of ->source_config
from FeedsPlugin.
* Issue #2218999 by fietserwin: Fixed Warning: Invalid argument supplied for foreach() in
element_children() (line 6420 of includescommon.inc).
* Issue #2349245 by Niremizov: Fixed error on importing empty csv file with no headers.
* Issue #2339983 by mikran: Fixed Unpublished nodes message has a wrong format_plural()
parameter.
* Issue #2328605 by ekes, twistor: Fixed Unique item checking:
FeedsProcessor::existingEntityId().
* Issue #2305919 by twistor: Fixed Return 404 when trying to edit a non-existent feed.
* Issue #1062178 by mansspams, MegaChriz, gmclelland, specky_rum, Dave Reid | iccle: Added
configuration option to allow invalid/unverified or (self certified) SSL certificates.
* Issue #1470530 by stefan.r, GaëlG, mikran, Cottser, gnucifer, MegaChriz, vinmassaro,
kostajh, Mithrandir, riho, jaanhoinatski, nrambeck, byronveale, dbassendine,
PsycleInteractive, imclean: Added Unpublish/Delete nodes not included in feed.
* Issue #2305929 by twistor, MegaChriz: Show message that mapping settings must be saved
after changes.
* Issue #2304247 by MegaChriz, undertext | twistor: Update included Feeds Import
Feature.
* Issue #2307379 by twistor: Fixed Add FeedsConfigurable::hasConfigForm().
* Issue #661606 by MegaChriz, twistor, Cottser, scottrigby, manojbisht_drupal, Mohammed J.
Razem, agileadam, emilyf, tmsimont, bradjones1, hairqles, ldavisrobeson, selim13, a.ross,
chromix, g089h515r806 | lunk_rat: Added Support unique targets in mappers.
* Issue #2008168 by JeroenT | scottalan: Update included Feeds News Feature.
* Issue #2224643 by hanoii, MegaChriz: Added Support for input format configuration on a
per-field basis .
* Issue #1981504 by twistor | Dale Baldwin: Fixed Status Report has a notification to
install SimplePie library when SimplePie module isn't even installed.
* Issue #962912 by twistor, MegaChriz, Peacog, Niklas Fiekas | willmoy: Added Mapping to
node summary.
* Backport assertFieldByXPath fix from 8.x
* Issue #2175525 by MegaChriz | Max2505: Added User admin is not authorized to create
content type.
* Issue #2275893 by twistor, dagomar: Fixed Process in background doesn't work on
non-periodic imports.
* Issue #2275893 Add tests for import in background.
* Add a long csv file where the guids are ordered.
* Fix FeedsWebTestCase::removeMappings.
* Issue #1561200 by szt, osopolar: Added Use machine names for better identification of
similar field names.
* Issue #2192819 by twistor, klausi: FeedsHTTPFetcherResult should store the result
between batches.
* Issue #1231332 by klausi, twistor | nyl auster: Periodic import imports only one file
per cron.
* Issue #2192851 by klausi: Hook_feeds_after_import() should have access to exceptions.
* Issue #2190551 by twistor: Hook_feeds_before_import only executes during form
submission.
* Issue #1852048 by ianthomas_uk: Comments suggest exceptions are ignore, when in fact
they are rethrown.
* Issue #1722180 by pcambra: Clear plugins cache on feeds_cache_clear.
* Issue #2093651 by twistor: Simplify target callbacks.
* Issue #1305698 by dman: Additional validation when creating terms - assert the
Vocabulary is valid.
* Issue #1113312 by Niklas Fiekas: Show import page in admin overlay.
* Issue #2053355 by osopolar: Notice: Undefined variable: file FeedsParser.inc:388.
* Issue #1537776 by David_Rothstein | RyFo18: Importing a single 21st century year
defaults to the current year.
* Issue #1333266 by dastagg | webchick: Link to feed importers broken when no feed
importers exist.
* Issue #1951736 by twistor, John Morahan: Discovery sometimes fails.
* Issue #1996240 by msti, MegaChriz: Duplicate fields in CSV template.
* Issue #930652 by twistor, tristanoneil | alex_b: Expiry batching broken.
* Issue #1884516 by aaronbauman: Import with taxonomy term mapping fails if term name
exceeds db size.
* Issue #2046335 by twistor, j0rd: Http:// prefix and error 1002.
* Issue #1485870 by brad.bulger, twistor: Remove custom error reporting for SimplePie.
* Issue #2178563 by twistor | alibama: Entityform does not seem to work.
* Issue #2174303 by twistor | bdanin: Feeds importer importer -- context and mapping not
working.
* Issue #1107522 by ditcheva, Uhkis, cthiebault, franz, nielsonm, Niklas Fiekas, twistor,
mparker17, Lasac, guillaumev | jptl: Framework for expected behavior when importing
empty/blank values + text field fix.
* Issue #1033202 by jamesdixon, jamsilver, twistor, james.williams, Steven Jones, vordude,
j0rd, mErilainen, gmario, rickmanelius, imclean, dasjo, guillaumev, jlyon, gilgabar,
elliotttf, mukesh.agarwal17, patcon, wesnick, Bevan, kreynen, Grayside, fago, spotzero:
[Meta] Generic entity processor.
* Issue #2149829 by chilic: Import/Update 0 value to text field.
* Issue #2150989 by chilic | osopolar: SimpleTest fails: Undefined index: content-type,
Notice file: http_request.inc Line: 57.
* Issue #1984962 by mvd81NL, redsd, twistor: Fixed Use a 0 as mapping source.
* Issue #1159806 by VladimirAus, bigjim | Slim Pickens: Added proxy support.
* Issue #1989196 by beeradb: Fixed Never Pass FeedsDateTime objects into date_create().
* Issue #1222750 by Brandonian, twistor, lyricnz: Added SimplePie 1.3 support.
* Issue #1080386 by elizzle, twistor, rhouse, AndyF, chadmkidner, retiredpro, slefevre1,
moonray, asgorobets, jwmeyerson: Added How to get title and alt fields into your image
import for drupal 7 feeds.
* Use user-supplied id if available on import.
* Issue #777888 by WorldFallz, liquidcms, firfin, tmsimont | timwood: Followup to
importing importers.
* Fix validation for importing importers.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 20 2015 Shawn Iwinski <shawn.iwinski(a)gmail.com> - 2.0-0.13.beta1
- Update to 2.0-beta1 (RHBZ #1242139)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1242139 - drupal7-feeds-2.0-beta1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1242139
--------------------------------------------------------------------------------
================================================================================
globus-ftp-client-8.23-1.el5 (FEDORA-EPEL-2015-7357)
Globus Toolkit - GridFTP Client Library
--------------------------------------------------------------------------------
Update Information:
Globus Toolkit updates from upstream developers:
* globus-ftp-client 8.23
* globus-ftp-control 6.7
* globus-gridftp-server 8.1
* globus-gss-assist 10.15
* globus-net-manager 0.12
* globus-xio-gridftp-driver 2.11
* globus-xio-gridftp-multicast 1.6
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 27 2015 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 8.23-1
- GT6 update (Fix crash in error handling)
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
8.22-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
globus-ftp-control-6.7-1.el5 (FEDORA-EPEL-2015-7357)
Globus Toolkit - GridFTP Control Library
--------------------------------------------------------------------------------
Update Information:
Globus Toolkit updates from upstream developers:
* globus-ftp-client 8.23
* globus-ftp-control 6.7
* globus-gridftp-server 8.1
* globus-gss-assist 10.15
* globus-net-manager 0.12
* globus-xio-gridftp-driver 2.11
* globus-xio-gridftp-multicast 1.6
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 27 2015 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 6.7-1
- GT6 update (Fix old-style function definitions, Fix variable scope)
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
6.6-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
globus-gridftp-server-8.1-1.el5 (FEDORA-EPEL-2015-7357)
Globus Toolkit - Globus GridFTP Server
--------------------------------------------------------------------------------
Update Information:
Globus Toolkit updates from upstream developers:
* globus-ftp-client 8.23
* globus-ftp-control 6.7
* globus-gridftp-server 8.1
* globus-gss-assist 10.15
* globus-net-manager 0.12
* globus-xio-gridftp-driver 2.11
* globus-xio-gridftp-multicast 1.6
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 6 2015 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 8.1-1
- GT6 update (GT-622: GridFTP server crash with sharing group permissions)
- Enable checks
* Mon Jul 27 2015 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 8.0-1
- GT6 update
- Add update_bytes api that sets byte counters and range markers separately
--------------------------------------------------------------------------------
================================================================================
globus-gss-assist-10.15-1.el5 (FEDORA-EPEL-2015-7357)
Globus Toolkit - GSSAPI Assist library
--------------------------------------------------------------------------------
Update Information:
Globus Toolkit updates from upstream developers:
* globus-ftp-client 8.23
* globus-ftp-control 6.7
* globus-gridftp-server 8.1
* globus-gss-assist 10.15
* globus-net-manager 0.12
* globus-xio-gridftp-driver 2.11
* globus-xio-gridftp-multicast 1.6
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 27 2015 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 10.15-1
- GT6 update (Fix gridmap parsing error)
--------------------------------------------------------------------------------
================================================================================
globus-net-manager-0.12-1.el5 (FEDORA-EPEL-2015-7357)
Globus Toolkit - Network Manager
--------------------------------------------------------------------------------
Update Information:
Globus Toolkit updates from upstream developers:
* globus-ftp-client 8.23
* globus-ftp-control 6.7
* globus-gridftp-server 8.1
* globus-gss-assist 10.15
* globus-net-manager 0.12
* globus-xio-gridftp-driver 2.11
* globus-xio-gridftp-multicast 1.6
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 27 2015 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 0.12-1
- GT6 update (Fix memory leaks, NULL pointer derefs, and dead assignments)
--------------------------------------------------------------------------------
================================================================================
globus-xio-gridftp-driver-2.11-1.el5 (FEDORA-EPEL-2015-7357)
Globus Toolkit - Globus XIO GridFTP Driver
--------------------------------------------------------------------------------
Update Information:
Globus Toolkit updates from upstream developers:
* globus-ftp-client 8.23
* globus-ftp-control 6.7
* globus-gridftp-server 8.1
* globus-gss-assist 10.15
* globus-net-manager 0.12
* globus-xio-gridftp-driver 2.11
* globus-xio-gridftp-multicast 1.6
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 27 2015 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 2.11-1
- GT6 update (Fix missing va_arg in attr_cntl, Fix memory leak)
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.10-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
globus-xio-gridftp-multicast-1.6-1.el5 (FEDORA-EPEL-2015-7357)
Globus Toolkit - Globus XIO GridFTP Multicast Driver
--------------------------------------------------------------------------------
Update Information:
Globus Toolkit updates from upstream developers:
* globus-ftp-client 8.23
* globus-ftp-control 6.7
* globus-gridftp-server 8.1
* globus-gss-assist 10.15
* globus-net-manager 0.12
* globus-xio-gridftp-driver 2.11
* globus-xio-gridftp-multicast 1.6
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 27 2015 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.6-1
- GT6 update (Remove dead code, uninitialized variables, string parsing error)
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.5-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
php53-mapi-7.1.13-1.el5 (FEDORA-EPEL-2015-7551)
The PHP MAPI extension by Zarafa
--------------------------------------------------------------------------------
Update Information:
Zarafa Collaboration Platform 7.1.13 final [51032]
==================================================
Downstream changes
------------------
* Added patch to fix a possible XSS situation in WebAccess
* Added patch to avoid non-working default font in WebAccess
* Added patch to implement DHE/EDH support (aside of ECDHE)
Upstream changes
----------------
* ZCP-12956: Auto-accept meeting request does not work after update to ZCP 7.2 and
7.1.12
* ZCP-13401: Attachment handler closes file descriptor twice
* ZCP-13405: Segmentation fault in ldap plugin
* ZCP-13175: Mail from Mac OSX 10.10 sends broken umlauts
* ZCP-13374: SIGABRT (6), out of memory or unhandled exception on RHEL 6 Zarafa 7.1.12
* ZCP-13222: Missing /etc/zarafa/php-mapi.cfg leads to segfault in Apache
* ZCP-13439: umlauts broken with 7.1.13 RC1
* ZCP-13424: zarafa-server freezes afterECFileAttachment::LoadAttachmentInstance
* ZCP-13473: zarafa-dagent cannot deliver all mails
* ZCP-13493: zarafa-webaccess.conf is not available for Ubuntu 14.04
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 5 2015 Robert Scheck <robert(a)fedoraproject.org> 7.1.13-1
- Upgrade to 7.1.13
- Added patch to fix a possible XSS situation in WebAccess
- Added patch to avoid non-working default font in WebAccess
- Added patch to implement DHE/EDH support (aside of ECDHE)
* Wed Jul 1 2015 Robert Scheck <robert(a)fedoraproject.org> 7.1.12-3
- Added patch to build using GCC 5.x
--------------------------------------------------------------------------------
================================================================================
zarafa-7.1.13-1.el5 (FEDORA-EPEL-2015-7551)
Open Source Edition of the Zarafa Collaboration Platform
--------------------------------------------------------------------------------
Update Information:
Zarafa Collaboration Platform 7.1.13 final [51032]
==================================================
Downstream changes
------------------
* Added patch to fix a possible XSS situation in WebAccess
* Added patch to avoid non-working default font in WebAccess
* Added patch to implement DHE/EDH support (aside of ECDHE)
Upstream changes
----------------
* ZCP-12956: Auto-accept meeting request does not work after update to ZCP 7.2 and
7.1.12
* ZCP-13401: Attachment handler closes file descriptor twice
* ZCP-13405: Segmentation fault in ldap plugin
* ZCP-13175: Mail from Mac OSX 10.10 sends broken umlauts
* ZCP-13374: SIGABRT (6), out of memory or unhandled exception on RHEL 6 Zarafa 7.1.12
* ZCP-13222: Missing /etc/zarafa/php-mapi.cfg leads to segfault in Apache
* ZCP-13439: umlauts broken with 7.1.13 RC1
* ZCP-13424: zarafa-server freezes afterECFileAttachment::LoadAttachmentInstance
* ZCP-13473: zarafa-dagent cannot deliver all mails
* ZCP-13493: zarafa-webaccess.conf is not available for Ubuntu 14.04
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 5 2015 Robert Scheck <robert(a)fedoraproject.org> 7.1.13-1
- Upgrade to 7.1.13
- Added patch to fix a possible XSS situation in WebAccess
- Added patch to avoid non-working default font in WebAccess
- Added patch to implement DHE/EDH support (aside of ECDHE)
* Wed Jul 1 2015 Robert Scheck <robert(a)fedoraproject.org> 7.1.12-3
- Added patch to build using GCC 5.x
--------------------------------------------------------------------------------