The following Fedora EPEL 7 Security updates need testing:
Age URL
18
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3328/zarafa-7.1....
13
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3530/phpMyAdmin-...
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3672/hostapd-2.3...
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3621/php-Smarty-...
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3642/Pound-2.7-0...
3
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3745/tnftp-20141...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3664/konversatio...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3794/polarssl-1....
The following builds have been pushed to Fedora EPEL 7 updates-testing
R-3.1.2-1.el7
SDL_image-1.2.12-11.el7
bashmount-3.2.0-2.el7
dar-2.4.15-2.el7
fts-3.2.26.2-4.el7
fts-mysql-3.2.26.2-1.el7
gr-fcdproplus-0-0.5.20140920git1edbe523.el7
konversation-1.5.1-1.el7
libgpod-0.8.3-6.el7
nodejs-collections-1.0.2-1.el7
nodejs-muffin-0.9.0-5.el7
nodejs-q-1.0.1-1.el7
nodejs-q-io-1.11.0-1.el7
octave-image-2.2.2-1.el7
pdns-3.4.1-1.el7
perl-Return-MultiLevel-0.04-1.el7
perl-Tangerine-0.10-1.el7
perl-Test-NeedsDisplay-1.07-9.el7
php-horde-Horde-Pack-1.0.5-1.el7
php-nrk-Predis-1.0.0-1.el7
php-pear-Numbers-Words-0.18.1-1.el7
php-phpunit-PHPUnit-Selenium-1.4.2-1.el7
php-phpunit-environment-1.2.0-1.el7
polarssl-1.3.9-1.el7
the_silver_searcher-0.26.0-1.el7
tlp-0.6-2.el7
wxGTK3-3.0.2-1.el7
xfce4-weather-plugin-0.8.4-1.el7
youtube-dl-2014.11.02.1-1.el7
Details about builds:
================================================================================
R-3.1.2-1.el7 (FEDORA-EPEL-2014-3792)
A language for data analysis and graphics
--------------------------------------------------------------------------------
Update Information:
Update to R 3.1.2
Change /usr/lib[64]/R/etc/Makeconf from %config(noreplace) to %config to force it to be
updated when upgrading.
Without this change, the TCL_LIBS variable can be set incorrectly. The old Makeconf file
will be preserved as Makeconf.rpmold
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 31 2014 Tom Callaway <spot(a)fedoraproject.org> - 3.1.2-1
- update to 3.1.2
* Wed Oct 29 2014 Tom Callaway <spot(a)fedoraproject.org> - 3.1.1-8
- rebuild for new tcl/tk
- mark Makeconf as config (not config(noreplace) so that we get proper updated tcl/tk
libs)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1158425 - package install fails with infinite loop
https://bugzilla.redhat.com/show_bug.cgi?id=1158425
--------------------------------------------------------------------------------
================================================================================
SDL_image-1.2.12-11.el7 (FEDORA-EPEL-2014-3793)
Image loading library for SDL
--------------------------------------------------------------------------------
Update Information:
Add global harderning flags
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 23 2014 Moez Roy <moez.roy(a)gmail.com> - 1.2.12-11
- Add global harderning flags
--------------------------------------------------------------------------------
================================================================================
bashmount-3.2.0-2.el7 (FEDORA-EPEL-2014-3783)
A menu-driven bash script for mounting removable media
--------------------------------------------------------------------------------
Update Information:
Unretire package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1089493 - Review Request: bashmount - A menu-driven bash script for mounting
removable media
https://bugzilla.redhat.com/show_bug.cgi?id=1089493
--------------------------------------------------------------------------------
================================================================================
dar-2.4.15-2.el7 (FEDORA-EPEL-2014-3796)
Software for making/restoring incremental CD/DVD backups
--------------------------------------------------------------------------------
Update Information:
libdar-devel: include pkg-config file
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 3 2014 Luis Bazan <lbazan(a)fedoraproject.org> - 2.4.15-2
- add pkgconfig
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1077403 - libdar-devel: include pkg-config file
https://bugzilla.redhat.com/show_bug.cgi?id=1077403
--------------------------------------------------------------------------------
================================================================================
fts-3.2.26.2-4.el7 (FEDORA-EPEL-2014-2574)
File Transfer Service V3
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 4 2014 Orion Poplawski <orion(a)cora.nwra.com> - 3.2.26.2-4
- Rebuild for pugixml 1.4
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
3.2.26.2-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Wed Aug 13 2014 Michal Simon <michal.simon(a)cern.ch> - 3.2.26.2-2
- Update for new upstream releas
--------------------------------------------------------------------------------
================================================================================
fts-mysql-3.2.26.2-1.el7 (FEDORA-EPEL-2014-2574)
File Transfer Service V3 mysql plug-in
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
================================================================================
gr-fcdproplus-0-0.5.20140920git1edbe523.el7 (FEDORA-EPEL-2014-3782)
GNURadio support for FUNcube Dongle Pro+
--------------------------------------------------------------------------------
Update Information:
This is new package, GNURadio support for FUNcube Dongle Pro+.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1150512 - Review Request: gr-fcdproplus - GNURadio support for FUNcube Dongle
Pro+
https://bugzilla.redhat.com/show_bug.cgi?id=1150512
--------------------------------------------------------------------------------
================================================================================
konversation-1.5.1-1.el7 (FEDORA-EPEL-2014-3664)
A user friendly IRC client
--------------------------------------------------------------------------------
Update Information:
Konversation 1.5.1 is a maintenance release containing only bug fixes. The included
changes address several minor behavioral defects and a low-risk DoS security defect in the
Blowfish ECB support.
See also:
https://konversation.kde.org/
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 4 2014 Rex Dieter <rdieter(a)fedoraproject.org> 1.5.1-1
- 1.5.1
* Mon Nov 3 2014 Rex Dieter <rdieter(a)fedoraproject.org> 1.5-8
- Connection to TLS-only server does not work (kde#340396)
* Wed Oct 29 2014 Rex Dieter <rdieter(a)fedoraproject.org> 1.5-7
- add update-desktop-database scriptlets
* Mon Oct 27 2014 Rex Dieter <rdieter(a)fedoraproject.org> 1.5-6
- pull in 1.5 branch fixes, including... out-of-bounds read flaw (#1157342,1156418)
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.5-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1156418 - CVE-2014-8483 quassel, konversation: out-of-bounds read on a
heap-allocated array
https://bugzilla.redhat.com/show_bug.cgi?id=1156418
--------------------------------------------------------------------------------
================================================================================
libgpod-0.8.3-6.el7 (FEDORA-EPEL-2014-3785)
Library to access the contents of an iPod
--------------------------------------------------------------------------------
Update Information:
libgpod-sharp for EPEL7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1147296 - Please package libgpod for EL6 and EPEL7
https://bugzilla.redhat.com/show_bug.cgi?id=1147296
--------------------------------------------------------------------------------
================================================================================
nodejs-collections-1.0.2-1.el7 (FEDORA-EPEL-2014-3797)
Data structures with idiomatic JavaScript collection interfaces
--------------------------------------------------------------------------------
Update Information:
Update to latest releases.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 3 2014 Jamie Nguyen <jamielinux(a)fedoraproject.org> - 1.0.2-1
- update to upstream release 1.0.2
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.1.21-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.1.21-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
nodejs-muffin-0.9.0-5.el7 (FEDORA-EPEL-2014-3797)
Node.js module with handy helpers for building Cakefiles
--------------------------------------------------------------------------------
Update Information:
Update to latest releases.
--------------------------------------------------------------------------------
================================================================================
nodejs-q-1.0.1-1.el7 (FEDORA-EPEL-2014-3797)
A tool for making and composing asynchronous promises in JavaScript
--------------------------------------------------------------------------------
Update Information:
Update to latest releases.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 3 2014 Jamie Nguyen <jamielinux(a)fedoraproject.org> - 1.0.1-1
- update to upstream release 1.0.1
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.9.6-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
nodejs-q-io-1.11.0-1.el7 (FEDORA-EPEL-2014-3797)
Interfaces for IO using Q promises in JavaScript on Node.js
--------------------------------------------------------------------------------
Update Information:
Update to latest releases.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 3 2014 Jamie Nguyen <jamielinux(a)fedoraproject.org> - 1.11.0-1
- update to upstream release 1.11.0
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.9.4-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
octave-image-2.2.2-1.el7 (FEDORA-EPEL-2014-3807)
Image processing for Octave
--------------------------------------------------------------------------------
Update Information:
The Octave-forge Image package provides functions for processing images.
The package also provides functions for feature extraction, image
statistics, spatial and geometric transformations, morphological
operations, linear filtering, and much more.
--------------------------------------------------------------------------------
================================================================================
pdns-3.4.1-1.el7 (FEDORA-EPEL-2014-3818)
A modern, advanced and high performance authoritative-only nameserver
--------------------------------------------------------------------------------
Update Information:
- Update to 3.4.1
- Enable security status polling
This is a bugfix update to 3.4.0 and any earlier version.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 3 2014 Morten Stevens <mstevens(a)imt-systems.com> - 3.4.1-1
- Update to 3.4.1
- Enable security status polling
- Remove unused build dependency
- Run the unit tests during check
--------------------------------------------------------------------------------
================================================================================
perl-Return-MultiLevel-0.04-1.el7 (FEDORA-EPEL-2014-3788)
Return across multiple call levels
--------------------------------------------------------------------------------
Update Information:
Initial release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1151415 - Review Request: perl-Return-MultiLevel - Return across multiple
call levels
https://bugzilla.redhat.com/show_bug.cgi?id=1151415
--------------------------------------------------------------------------------
================================================================================
perl-Tangerine-0.10-1.el7 (FEDORA-EPEL-2014-3799)
Analyse perl files and report module-related information
--------------------------------------------------------------------------------
Update Information:
Tangerine statically analyses perl files and reports various information about provided,
used (compile-time dependencies) and required (runtime dependencies) modules.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1139232 - Review Request: perl-Tangerine - Analyse perl files and report
module-related information
https://bugzilla.redhat.com/show_bug.cgi?id=1139232
--------------------------------------------------------------------------------
================================================================================
perl-Test-NeedsDisplay-1.07-9.el7 (FEDORA-EPEL-2014-3819)
Ensure that tests needing a display have one
--------------------------------------------------------------------------------
Update Information:
Perl 5.20 rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #476623 - Review Request: perl-Test-NeedsDisplay - Ensure that tests needing a
display have one
https://bugzilla.redhat.com/show_bug.cgi?id=476623
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Pack-1.0.5-1.el7 (FEDORA-EPEL-2014-3787)
Horde Pack Utility
--------------------------------------------------------------------------------
Update Information:
Horde_Pack 1.0.5
* [mms] Catch unknown errors when unpacking data.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 4 2014 Remi Collet <remi(a)fedoraproject.org> - 1.0.5-1
- Update to 1.0.5
--------------------------------------------------------------------------------
================================================================================
php-nrk-Predis-1.0.0-1.el7 (FEDORA-EPEL-2014-3795)
PHP client library for Redis
--------------------------------------------------------------------------------
Update Information:
Upstream announcement
https://github.com/nrk/predis/releases/tag/v1.0.0
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 3 2014 Remi Collet <remi(a)fedoraproject.org> - 1.0.0-1
- Update to 1.0.0
- upstream patch for tests
- open
https://github.com/nrk/predis/issues/220 - failed tests
on slow / 32bits computer
--------------------------------------------------------------------------------
================================================================================
php-pear-Numbers-Words-0.18.1-1.el7 (FEDORA-EPEL-2014-3817)
Methods for spelling numerals in words
--------------------------------------------------------------------------------
Update Information:
Version 0.18.1
* Fixed bug #20435: Missing files in PEAR archive [kouber]
* Fixed French plural handling for "million" and suffixes above [Olivier
Brunel]
Version 0.18.0
* Fixed bug #19453: Incorrect spelling of Hungarian numbers [kouber]
* Fixed bug #19543: Better handling of decimal mark and thousands separators [kouber]
* Fixed bug #19855: Do not emit E_NOTICE when calling toWords() statically [cweiske]
* Fixed pl unicode [Jakub Roszkiewicz]
* Fixed ru_RU currency codes [Vital Leshchyk]
* Fixed tr_TR unicode [Shahriyar Imanov]
* Added en_IN - Indian English [Abhinav Nayak]
* Added lv - Latvian [Andrius]
* Added ro_RO - Romanian [Bogdan Stancescu]
* Added ua - Ukrainian [Vital Leshchyk]
* Unify locale loading code [cweiske]
* Use PEAR class-to-filename convention [cweiske]
This release changes class names and locations of locale files.
This is a backwards compatibility break.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 3 2014 Remi Collet <remi(a)fedoraproject.org> - 0.18.1-1
- update to 0.18.1
- add provide php-composer(pear/numbers_words)
- add dependency on
php-pear(phpseclib.sourceforge.net/Math_BigInteger)
--------------------------------------------------------------------------------
================================================================================
php-phpunit-PHPUnit-Selenium-1.4.2-1.el7 (FEDORA-EPEL-2014-3815)
Selenium RC integration for PHPUnit
--------------------------------------------------------------------------------
Update Information:
Bugfix release (no upstream changelog)
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 2 2014 Remi Collet <remi(a)fedoraproject.org> - 1.4.2-1
- Update to 1.4.2
- fix license handling
--------------------------------------------------------------------------------
================================================================================
php-phpunit-environment-1.2.0-1.el7 (FEDORA-EPEL-2014-3809)
Handle HHVM/PHP environments
--------------------------------------------------------------------------------
Update Information:
* Add Console::getNumberOfColumns()
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 3 2014 Remi Collet <remi(a)fedoraproject.org> - 1.2.0-1
- update to 1.2.0
- upstream patch to avoid error in mock (no tty)
--------------------------------------------------------------------------------
================================================================================
polarssl-1.3.9-1.el7 (FEDORA-EPEL-2014-3794)
Light-weight cryptographic and SSL/TLS library
--------------------------------------------------------------------------------
Update Information:
- Update to 1.3.9
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 3 2014 Morten Stevens <mstevens(a)imt-systems.com> - 1.3.9-1
- Update to 1.3.9 (#1159848)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1159845 - polarssl: servers negotiating a weaker signature algorithm than
available
https://bugzilla.redhat.com/show_bug.cgi?id=1159845
--------------------------------------------------------------------------------
================================================================================
the_silver_searcher-0.26.0-1.el7 (FEDORA-EPEL-2014-3801)
Super-fast text searching tool (ag)
--------------------------------------------------------------------------------
Update Information:
update to 0.26.0
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 3 2014 Kenjiro Nakayama <nakayamakenjiro(a)gmail.com> - 0.26.0-1
- update to 0.26.0
--------------------------------------------------------------------------------
================================================================================
tlp-0.6-2.el7 (FEDORA-EPEL-2014-3813)
Advanced power management tool for Linux
--------------------------------------------------------------------------------
Update Information:
Missing Dependancy
New Upstream Version
--------------------------------------------------------------------------------
================================================================================
wxGTK3-3.0.2-1.el7 (FEDORA-EPEL-2014-3781)
GTK port of the wxWidgets GUI library
--------------------------------------------------------------------------------
Update Information:
Update to 3.0.2
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 4 2014 Jeremy Newton <alexjnewt(a)hotmail.com> - 3.0.2-1
- Update to 3.0.2
* Mon Nov 3 2014 Marcin Juszkiewicz <mjuszkiewicz(a)redhat.com> - 3.0.1-5
- Add aarch64 and ppc64le to list of 64-bit architectures
* Tue Sep 30 2014 Jeremy Newton <alexjnewt(a)hotmail.com> - 3.0.1-4
- Add conflict with wxgtk-devel again, temporary fix until it can be resolved
* Tue Sep 30 2014 Jeremy Newton <alexjnewt(a)hotmail.com> - 3.0.1-3
- Avoid gtk warnings, fixes RH#1147995
- Moving wxrc and wx-config to libexec instead of renaming
- Misc changes and spec error fixes, fixes RH#1124402
* Sat Jul 5 2014 Jeremy Newton <alexjnewt(a)hotmail.com> - 3.0.1-1
- Bump to 3.0.1 RH#1076617
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1150567 - wxGTK3-3.0.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1150567
--------------------------------------------------------------------------------
================================================================================
xfce4-weather-plugin-0.8.4-1.el7 (FEDORA-EPEL-2014-3806)
Weather plugin for the Xfce panel
--------------------------------------------------------------------------------
Update Information:
Update to 0.8.4
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 4 2014 Kevin Fenzi <kevin(a)scrye.com> 0.8.4-1
- Update to 0.8.4
* Fri Oct 17 2014 Kevin Fenzi <kevin(a)scrye.com> 0.8.3-8
- Add patch to fix color typo that prevented colors from being saved.
- Fixes bug #983194
--------------------------------------------------------------------------------
================================================================================
youtube-dl-2014.11.02.1-1.el7 (FEDORA-EPEL-2014-3808)
A small command-line program to download online videos
--------------------------------------------------------------------------------
Update Information:
- Update to latest upstream release
- add zsh completion
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 3 2014 Till Maas <opensource(a)till.name> - 2014.11.02.1-1
- Update to latest release
- Add zsh completion file
- Add GPG key verification
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1146499 - youtube-dl-2014.11.02.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1146499
--------------------------------------------------------------------------------