The following Fedora EPEL 7 Security updates need testing:
Age URL
306
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
98
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-925e9374c9
python-pymongo-3.0.3-1.el7
69
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f
mcollective-2.8.4-1.el7
32
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-f82c6fc04a
p7zip-15.09-4.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-5538691958
roundcubemail-1.1.4-2.el7
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-4181488d68
lighttpd-1.4.39-1.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-864da6c179
nghttp2-1.6.0-1.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e21e03e52f
mono-2.10.8-9.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-3e181e41ca
openvpn-2.3.10-1.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-039bf0137a
salt-2015.5.8-1.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e04c714f9d
gajim-0.16.5-1.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-ec85678f0c
nodejs-ws-1.0.1-1.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-dd35749dd3
wordpress-4.4.1-1.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e34ffdd692
prosody-0.9.9-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
MUMPS-5.0.1-10.el7
beanstalkd-1.10-1.el7
libabigail-1.0-0.rc2.1.el7
mimedefang-2.78-6.el7
orafce-3.1.2-2.el7
perl-Spreadsheet-XLSX-0.15-1.el7
php-bartlett-php-compatinfo-db-1.4.0-1.el7
prosody-0.9.9-1.el7
python-mock-1.0.1-9.el7
python-prompt_toolkit-0.57-1.el7
python-wcwidth-0.1.6-1.el7
python3-pytest-2.8.5-2.el7
tito-0.6.3-1.el7
waf-1.8.18-1.el7
Details about builds:
================================================================================
MUMPS-5.0.1-10.el7 (FEDORA-EPEL-2016-671f397550)
A MUltifrontal Massively Parallel sparse direct Solver
--------------------------------------------------------------------------------
Update Information:
- Built MPICH libraries on EPEL (bz#1296387) - Exclude OpenMPI on s390 arches -
Exclude MPICH on PPC arches - Built MPICH libraries (bz#1296387) - Removed
useless Requires packages
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1296387 - Build for mpich, drop requires environment-modules
https://bugzilla.redhat.com/show_bug.cgi?id=1296387
--------------------------------------------------------------------------------
================================================================================
beanstalkd-1.10-1.el7 (FEDORA-EPEL-2016-fc4885da26)
A simple, fast work-queue service
--------------------------------------------------------------------------------
Update Information:
New release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1139358 - EPEL 7 build of beanstalkd please
https://bugzilla.redhat.com/show_bug.cgi?id=1139358
--------------------------------------------------------------------------------
================================================================================
libabigail-1.0-0.rc2.1.el7 (FEDORA-EPEL-2016-5a48e3210a)
Set of ABI analysis tools
--------------------------------------------------------------------------------
Update Information:
Update to upstream release 1.0.rc2
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 8 2016 Dodji Seketeli <dodji(a)seketeli.org> - 1.0-0.rc2.1
- Update to upstream release 1.0.rc2
- Run make check in // if possible
* Wed Jan 6 2016 Dodji Seketeli <dodji(a)seketeli.org> - 1.0-0.rc1.2
- Add/Remove info pages to/from info pages database after install/before remove
* Wed Jan 6 2016 Dodji Seketeli <dodji(a)seketeli.org> - 1.0-0.rc1.1
- Ship man/info pages right into the main package, along with the main
programs.
- Update to upstream release 1.0.rc1
- Significant changes include:
rhtbz/1283906 - crash in abigail::dwarf_reader::build_reference_type()
libabigail/19336 - Better handle redundantly qualified reference types
libabigail/19126 - abidw segv on a dwz compressed version of r300_dri.so
libabigail/19355 - Libabigail slow on r300_dri.so
Numerous other bug fixes and cleanups
* Tue Nov 17 2015 Dodji Seketeli <dodji(a)seketeli.org> - 1.0-0.7.rc0
- Update to upstream release 1.0.rc0
- Take a tarball built using make dist now.
- Do not run autoreconf -i anymore, during the build.
* Wed Sep 9 2015 Dodji Seketeli <dodji(a)seketeli.org> - 1.0-0.6.20150909git164d17e
- Update to upstream git commit hash 164d17e
Bug 18791 - libabigail fails to read the output of abidw
Bug 18818 - abidw aborts on a class with a non-complete base class
Bug 18828 - Handle force-resolving of multiple declarations-only of the same type
Bug 18844 - assert failure in abidw at abg-dwarf-reader.cc:6537
Bug 18894 - Fix representation of enumerators in abixml format
Bug 18893 - type degradation from dwarf to abixml on libGLU.so
Bug 18892 - type degradation from DWARF to abixml on libtsan.so
Bug 18904 - Fix support for C++ rvalue references
Numerous additional bug fixes
Added .deb, tarball and directory support to abipkgdiff
Several improvements to abidw, abidiff and abilint
- Added dpkg build dependency to activate support of .deb archives
- cat tests/test-suite.log when check fails
- Update description to add abipkgdiff
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1283906 - [abrt] libabigail: abigail::dwarf_reader::build_reference_type():
abipkgdiff killed by SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=1283906
--------------------------------------------------------------------------------
================================================================================
mimedefang-2.78-6.el7 (FEDORA-EPEL-2016-897f9d80ed)
E-Mail filtering framework using Sendmail's Milter interface
--------------------------------------------------------------------------------
Update Information:
Provide native systemd service (#789768, #1279452) to avoid initscript errors
when NETWORKING variable is not set (e.g. with NetworkManager or future systemd-
networkd).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1279452 - mimedefang init script produces error when NETWORKING variable not
set
https://bugzilla.redhat.com/show_bug.cgi?id=1279452
--------------------------------------------------------------------------------
================================================================================
orafce-3.1.2-2.el7 (FEDORA-EPEL-2016-66856d7ca3)
Implementation of some Oracle functions into PostgreSQL
--------------------------------------------------------------------------------
Update Information:
Rebuild for PostgreSQL 9.5 (rhbz#1296584)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1296584 - New PostgreSQL major release 9.5
https://bugzilla.redhat.com/show_bug.cgi?id=1296584
--------------------------------------------------------------------------------
================================================================================
perl-Spreadsheet-XLSX-0.15-1.el7 (FEDORA-EPEL-2016-e7a1786e9e)
Perl extension for reading Microsoft Excel 2007 files
--------------------------------------------------------------------------------
Update Information:
Spreadsheet::XLSX 0.15 ====================== * Revert a numeric formatting
change which caused isssues with Spreadsheet::Read. Spreadsheet::XLSX 0.14
====================== * Change default date format to yyyy-mm-dd. This
matches Spreadsheet::ParseExcel. * Handle xml tag attributes in varying order
(RT #86667, et.al.)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1285437 - Upgrade perl-Spreadsheet-XLSX to 0.15
https://bugzilla.redhat.com/show_bug.cgi?id=1285437
--------------------------------------------------------------------------------
================================================================================
php-bartlett-php-compatinfo-db-1.4.0-1.el7 (FEDORA-EPEL-2016-c09550852a)
Reference Database to be used with php-compatinfo library
--------------------------------------------------------------------------------
Update Information:
**Version 1.4.0** - 2016-01-09 Added * Support to PHP 7.0.2 * Support to
PHP 5.6.17 * Support to PHP 5.5.31 Changed * Stomp reference updated to
version 1.0.9 (stable) Fixed * Issue 3 : Json Failed test
--------------------------------------------------------------------------------
================================================================================
prosody-0.9.9-1.el7 (FEDORA-EPEL-2016-e34ffdd692)
Flexible communications server for Jabber/XMPP
--------------------------------------------------------------------------------
Update Information:
Prosody 0.9.9 ============= A summary of changes: Security fixes
-------------- * Fix path traversal vulnerability in mod_http_files
(CVE-2016-1231) * Fix use of weak PRNG in generation of dialback secrets
(CVE-2016-1232) Bugs ---- * Improve handling of CNAME records in DNS * Fix
traceback when deleting a user in some configurations (issue #496) * MUC:
restrict_room_creation could prevent users from joining rooms (issue #458) *
MUC: fix occasional dropping of iq stanzas sent privately between occupants *
Fix a potential memory leak in mod_pep Additions --------- * Add http:list()
command to telnet to view active HTTP services * Simplify IPv4/v6 address
selection code for outgoing s2s * Add support for importing SCRAM hashes from
ejabberd
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1296984 - CVE-2016-1232 prosody: Use of weak PRNG in generation of dialback
secrets
https://bugzilla.redhat.com/show_bug.cgi?id=1296984
[ 2 ] Bug #1296983 - CVE-2016-1231 prosody: Path traversal vulnerability in
mod_http_files
https://bugzilla.redhat.com/show_bug.cgi?id=1296983
--------------------------------------------------------------------------------
================================================================================
python-mock-1.0.1-9.el7 (FEDORA-EPEL-2016-4fae947e69)
A Python Mocking and Patching Library for Testing
--------------------------------------------------------------------------------
Update Information:
python34 build for EPEL7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1294713 - Build python-mock for python3 in EPEL7
https://bugzilla.redhat.com/show_bug.cgi?id=1294713
--------------------------------------------------------------------------------
================================================================================
python-prompt_toolkit-0.57-1.el7 (FEDORA-EPEL-2016-5f48cdcb92)
Library for building powerful interactive command lines in Python
--------------------------------------------------------------------------------
Update Information:
Align to upstream ---- New package!
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1295154 - Review Request: python-prompt_toolkit - Library for building
powerful interactive command lines in Python
https://bugzilla.redhat.com/show_bug.cgi?id=1295154
--------------------------------------------------------------------------------
================================================================================
python-wcwidth-0.1.6-1.el7 (FEDORA-EPEL-2016-fca79c0f1b)
Measures number of Terminal column cells of wide-character codes
--------------------------------------------------------------------------------
Update Information:
Upstream update ---- New package to enjoy :)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1295152 - Review Request: python-wcwidth - Measures number of Terminal column
cells of wide-character codes
https://bugzilla.redhat.com/show_bug.cgi?id=1295152
--------------------------------------------------------------------------------
================================================================================
python3-pytest-2.8.5-2.el7 (FEDORA-EPEL-2016-27a0a9c2cb)
Simple powerful testing with Python
--------------------------------------------------------------------------------
Update Information:
py.test provides simple, yet powerful testing for Python.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1294856 - Review Request: python3-pytest - Simple powerful testing with
Python
https://bugzilla.redhat.com/show_bug.cgi?id=1294856
--------------------------------------------------------------------------------
================================================================================
tito-0.6.3-1.el7 (FEDORA-EPEL-2016-49847df6b5)
A tool for managing rpm based git projects
--------------------------------------------------------------------------------
Update Information:
Added ability to pass extra copr-cli build options to the copr releaser.
(twiest(a)redhat.com) Fix changelog format function name (araszka(a)redhat.com)
fix mock link (glen(a)delfi.ee) Set non-zero exit code when copr-cli fails
(frostyx(a)email.cz) Add possibility to upload SRPM directly to Copr
(frostyx(a)email.cz) Determine correct package manager DNF is now prefered on
Fedora, but it is not installed on EL6 or EL7 (frostyx(a)email.cz) Ask user to
run DNF instead of YUM (frostyx(a)email.cz) Add tito tag --use-version argument
to man page (dcleal(a)redhat.com) Fix upstream/distribution builder failure to
copy spec. (dgoodwin(a)redhat.com) Allow a user specific Copr remote SRPM URL.
(awood(a)redhat.com)
--------------------------------------------------------------------------------
================================================================================
waf-1.8.18-1.el7 (FEDORA-EPEL-2016-b5fb0dcccf)
A Python-based build system
--------------------------------------------------------------------------------
Update Information:
Update to the latest release. New in WAF 1.8.17: * Fixed a regression in
exec_cfg() introduced in 1fbac66 #1670 * Added a new option --clear-failed to
unit test builds #1678 * Added support for scriptlet expressions of the form
${FOO:SRC[0].abspath()} * Added define comments to configuration headers:
conf.define(.., commment='') * Added experimental Wix and Satellizer tools #1666
* Added backslash replacement to resx processing
--------------------------------------------------------------------------------