The following Fedora EPEL 7 Security updates need testing:
Age URL
369
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
132
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f
mcollective-2.8.4-1.el7
14
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6dc46a554e
libssh-0.6.5-2.el7
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-b23b791a7e
drupal7-7.43-1.el7
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-1613bc2a80
php-htmLawed-1.1.21-1.el7
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-07b9ae23da
qpid-cpp-0.34-6.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e79091a3b8
ReviewBoard-2.5.3-1.el7 python-djblets-0.9.2-1.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-60ae263220
exim-4.84.2-1.el7
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8fd1e13dd2
python-django-1.6.11-5.el7
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-0fc6ac67c6
websvn-2.3.3-12.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-bfdc2d9e96
php-pecl-http-2.5.6-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
cmake3-3.5.0-2.1.el7
cycle-0.3.1-21.el7
dcap-2.47.10-3.el7
gen-oath-safe-0.10.0-1.el7
globus-proxy-utils-6.14-1.el7
lcgdm-dav-0.17.1-2.el7
libinput-1.2.1-4.el7
munin-2.0.25-10.el7
osbs-client-0.18-1.el7
perl-Sereal-3.003-1.el7
perl-Test-Fake-HTTPD-0.07-2.el7
php-guzzlehttp-psr7-1.2.3-1.el7
php-league-flysystem-1.0.18-1.el7
php-paragonie-random-compat-1.2.1-1.el7
php-pdepend-PHP-Depend-2.2.4-1.el7
php-pear-phing-2.14.0-1.el7
php-pecl-pq-1.0.0-2.el7
php-phpmd-PHP-PMD-2.4.2-1.el7
php-sabre-uri-1.1.0-1.el7
proftpd-1.3.5b-1.el7
python-fedmsg-meta-fedora-infrastructure-0.15.11-1.el7
python-pg8000-1.10.5-1.el7
qmmp-0.8.8-2.el7
qr_mumps-1.2-3.el7
quiterss-0.18.4-1.el7
xfce4-vala-4.10.3-12.el7
youtube-dl-2016.03.06-1.el7
Details about builds:
================================================================================
cmake3-3.5.0-2.1.el7 (FEDORA-EPEL-2016-1b4a2161de)
Cross-platform make system
--------------------------------------------------------------------------------
Update Information:
initial epel-release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1315193 - Review Request (EPEL): cmake3 - Cross-platform make system
https://bugzilla.redhat.com/show_bug.cgi?id=1315193
--------------------------------------------------------------------------------
================================================================================
cycle-0.3.1-21.el7 (FEDORA-EPEL-2016-86f2a8af1d)
Calendar program for women
--------------------------------------------------------------------------------
Update Information:
Make ladies using F22 happy as well.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1315836 - cycle crashes upon use (after wxPython 3.0 transition)
https://bugzilla.redhat.com/show_bug.cgi?id=1315836
--------------------------------------------------------------------------------
================================================================================
dcap-2.47.10-3.el7 (FEDORA-EPEL-2016-0acc6607f9)
Client Tools for dCache
--------------------------------------------------------------------------------
Update Information:
Fix broken postun scriptlet in dcap-libs.
--------------------------------------------------------------------------------
================================================================================
gen-oath-safe-0.10.0-1.el7 (FEDORA-EPEL-2016-9c0cfeb6ca)
Script for generating HOTP/TOTP keys (and QR code)
--------------------------------------------------------------------------------
Update Information:
New upstream update.
--------------------------------------------------------------------------------
================================================================================
globus-proxy-utils-6.14-1.el7 (FEDORA-EPEL-2016-b20fa6d243)
Globus Toolkit - Globus GSI Proxy Utility Programs
--------------------------------------------------------------------------------
Update Information:
Better support for checking cert names.
--------------------------------------------------------------------------------
================================================================================
lcgdm-dav-0.17.1-2.el7 (FEDORA-EPEL-2016-96e5e66655)
HTTP/DAV front end to the DPM/LFC services
--------------------------------------------------------------------------------
Update Information:
New upstream release 0.17.1
--------------------------------------------------------------------------------
================================================================================
libinput-1.2.1-4.el7 (FEDORA-EPEL-2016-9ea009c7c4)
Input device library
--------------------------------------------------------------------------------
Update Information:
Fix jerky pointer motion on the Lenovo T450/T460/X1 3rd hardware
--------------------------------------------------------------------------------
================================================================================
munin-2.0.25-10.el7 (FEDORA-EPEL-2016-d682ef1123)
Network-wide graphing framework (grapher/gatherer)
--------------------------------------------------------------------------------
Update Information:
EL5/6 do not need to install firewalld files BZ# 1315810 - postgresql plugin
default configuration (contrib) BZ# 1315990 - Please remove unnecessary
requirements for munin-node BZ# 1315951 - move /etc/tmpfiles.d/munin.conf to
/usr/lib/tmpfiles.d Remove firewalld Require and associated script. EPEL7 does
not have them. BZ# 1300379 - Please include firewalld service file for munin-
node in RPM package BZ# 1262751 - munin-common should be requires(pre) shadow-
utils package Brought forward munin-2.0.26-406c67e ---- BZ# 1262751 - munin-
common should be requires(pre) shadow-utils package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1315810 - postgresql plugin default configuration
https://bugzilla.redhat.com/show_bug.cgi?id=1315810
[ 2 ] Bug #1315990 - Please remove unnecessary requirements for munin-node
https://bugzilla.redhat.com/show_bug.cgi?id=1315990
[ 3 ] Bug #1315951 - move /etc/tmpfiles.d/munin.conf to /usr/lib/tmpfiles.d
https://bugzilla.redhat.com/show_bug.cgi?id=1315951
[ 4 ] Bug #1300379 - Please include firewalld service file for munin-node in RPM
package
https://bugzilla.redhat.com/show_bug.cgi?id=1300379
[ 5 ] Bug #1262751 - munin-common should be requires(pre) shadow-utils package
https://bugzilla.redhat.com/show_bug.cgi?id=1262751
--------------------------------------------------------------------------------
================================================================================
osbs-client-0.18-1.el7 (FEDORA-EPEL-2016-70aee67dc0)
Python command line client for OpenShift Build Service
--------------------------------------------------------------------------------
Update Information:
New upstream release.
--------------------------------------------------------------------------------
================================================================================
perl-Sereal-3.003-1.el7 (FEDORA-EPEL-2016-b62e983e59)
Fast, compact, powerful binary (de-)serialization
--------------------------------------------------------------------------------
Update Information:
perl-Sereal 3.003 release provision.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1305261 - Review Request: perl-Sereal - Fast, compact, powerful binary
(de-)serialization
https://bugzilla.redhat.com/show_bug.cgi?id=1305261
--------------------------------------------------------------------------------
================================================================================
perl-Test-Fake-HTTPD-0.07-2.el7 (FEDORA-EPEL-2016-035c3b864e)
Fake HTTP server module for testing
--------------------------------------------------------------------------------
Update Information:
0.07 2015-01-25T16:33:49Z - Add an explicit dependency on Test::SharedFork to
avoid issues with the new Test::Builder. (Reported by dolmen++) 0.06 - add
unexported enable_ssl() helper 0.05 - check if SSL is enable 0.04 -
support HTTPS server 0.03 - added inc/ to package 0.02 - added host_port()
and endpoint() accessors - memory tests are moved to xt/ 0.01 - original
version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1307459 - Review Request: perl-Test-Fake-HTTPD - Fake HTTP server module for
testing
https://bugzilla.redhat.com/show_bug.cgi?id=1307459
--------------------------------------------------------------------------------
================================================================================
php-guzzlehttp-psr7-1.2.3-1.el7 (FEDORA-EPEL-2016-5c3a5b0a0e)
PSR-7 message implementation
--------------------------------------------------------------------------------
Update Information:
### 1.2.3 - 2016-02-18 * Fixed support in `GuzzleHttp\Psr7\CachingStream` for
seeking forward on remote streams, which can sometimes return fewer bytes than
requested with `fread`. * Fixed handling of gzipped responses with FNAME
headers. ### 1.2.2 - 2016-01-22 * Added support for URIs without any
authority. * Added support for HTTP 451 'Unavailable For Legal Reasons.' * Added
support for using '0' as a filename. * Added support for including non-standard
ports in Host headers.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1301276 - php-guzzlehttp-psr7-1.2.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1301276
--------------------------------------------------------------------------------
================================================================================
php-league-flysystem-1.0.18-1.el7 (FEDORA-EPEL-2016-e28a4a8142)
Filesystem abstraction: Many filesystems, one API
--------------------------------------------------------------------------------
Update Information:
**Version 1.0.18** * Revert "Simplified Util::pathinfo, dirname key always
exists."
--------------------------------------------------------------------------------
================================================================================
php-paragonie-random-compat-1.2.1-1.el7 (FEDORA-EPEL-2016-188345a394)
PHP 5.x polyfill for random_bytes() and random_int() from PHP 7
--------------------------------------------------------------------------------
Update Information:
### Version 1.2.1 - 2016-02-29 * PHP 5.6.10 - 5.6.12 will hang when mcrypt is
used on Unix-based operating systems ([PHP bug
69833](https://bugs.php.net/bug.php?id=69833)). If you are running one of
these versions, please upgrade (or make sure `/dev/urandom` is readable)
otherwise you're relying on OpenSSL. ### Version 1.2.0 - 2016-02-05 *
Whitespace and other cosmetic changes * Added a changelog. ### Version 1.1.6 -
2016-01-29 * Eliminate `open_basedir` warnings by detecting this configuration
setting. (Thanks [@oucil](https://github.com/oucil) for reporting this.) *
Added install instructions to the README. * Documentation cleanup (there is, in
fact, no `MCRYPT_CREATE_IV` constant, I meant to write `MCRYPT_DEV_URANDOM`)
### Version 1.1.5 - 2016-01-06 * Prevent fatal errors on platforms with older
versions of libsodium.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1296738 - php-paragonie-random-compat-1.2.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1296738
--------------------------------------------------------------------------------
================================================================================
php-pdepend-PHP-Depend-2.2.4-1.el7 (FEDORA-EPEL-2016-9f4f540d65)
PHP_Depend design quality metrics for PHP package
--------------------------------------------------------------------------------
Update Information:
**Version 2.2.4** * Fixed: Cannot create new nodes, when internal state is
frozen. #328
--------------------------------------------------------------------------------
================================================================================
php-pear-phing-2.14.0-1.el7 (FEDORA-EPEL-2016-b2f9c19512)
A project build system based on Apache Ant
--------------------------------------------------------------------------------
Update Information:
Mar. 10, 2016 - **Phing 2.14** This release contains the following new or
improved functionality: * Phing can now emit a specific status code on exit
after failing * Added IsPropertyTrue/IsPropertyFalse conditions * Added
IsWritable / IsReadable selectors * Added GitDescribe task * Added CutDirs
mapper * Line breaks in property files on Windows machines fixed * FileSync
task now supports excluding multiple files/directories * Various typo and bug
fixes, documentation updates The following tickets were closed in this release:
* [1245] ExecTask documentation has incorrect escape attribute default value *
[1244] phpunit task -- problem when listener depends on bootstrap * [1242]
symfonyConsoleTask does not quote path to console * [1241] SymfonyConsoleTask's
checkreturn / propertyname are not documented * [1239] ResolvePath just
concatenates if "dir" attribute is present * [1237] HttpGetTask should catch
HTTP_Request2_Exception, throw BuildException * [1236] version-compare
condition typo in documentation * [1235] misworded sentence in documentation *
[1234] IsFailure condition always evaluates to TRUE * [1231] JsHintTask fails
when filename contains double quotes * [1198] PropertyTask resolving UTF-8
special chars in file attribute * [1194] Update relax-ng schema * [1132]
Provide SHA512 sum of all generated archives for a release * [1131]
Verification of changelog file fails when your file is in a directory added in
your classpathref * [1046] ReplaceTokensWithFile doesn't support
begintoken/endtokens with / in them
--------------------------------------------------------------------------------
================================================================================
php-pecl-pq-1.0.0-2.el7 (FEDORA-EPEL-2016-87b1373ab1)
PostgreSQL client library (libpq) binding
--------------------------------------------------------------------------------
Update Information:
PostgreSQL client library (libpq) binding. Documents:
http://devel-
m6w6.rhcloud.com/mdref/pq Highlights: * Nearly complete support for
asynchronous usage * Extended type support by pg_type * Fetching simple multi-
dimensional array maps * Working Gateway implementation
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1299907 - Review Request: php-pecl-pq - PostgreSQL client library (libpq)
binding
https://bugzilla.redhat.com/show_bug.cgi?id=1299907
--------------------------------------------------------------------------------
================================================================================
php-phpmd-PHP-PMD-2.4.2-1.el7 (FEDORA-EPEL-2016-a307c259be)
PHPMD - PHP Mess Detector
--------------------------------------------------------------------------------
Update Information:
**Version 2.4.2** Features * Implemented #343: Trim exceptions for
StaticAccess Bugfixes * Fixed #261: Prove Issue 261 and added tests for
CamelCaseVariableName. * Fixed #328: Cannot create new nodes, when internal
state is frozen. * Fixed #354: Replace plus by a dot as concat operator in
filename creation. ---- This release adds a new helper method to access the
full qualified name of an analyzed node. Upstream announcements: * [Version
2.4.1](https://phpmd.org/download/release/2.4.1/changelog.html) * [Version
2.4.0](https://phpmd.org/download/release/2.4.0/changelog.html) * [Version
2.3.3](https://phpmd.org/download/release/2.3.3/changelog.html)
--------------------------------------------------------------------------------
================================================================================
php-sabre-uri-1.1.0-1.el7 (FEDORA-EPEL-2016-e85d3dcbdc)
Functions for making sense out of URIs
--------------------------------------------------------------------------------
Update Information:
sabre/uri is a lightweight library that provides several functions for working
with URIs, staying true to the rules of RFC3986. Partially inspired by Node.js
URL library, and created to solve real problems in PHP applications. 100%
unitested and many tests are based on examples from RFC3986. The library
provides the following functions: * resolve to resolve relative urls. *
normalize to aid in comparing urls. * parse, which works like PHP's parse_url. *
build to do the exact opposite of parse. * split to easily get the 'dirname' and
'basename' of a URL without all the problems those two functions have.
Autoloader: /usr/share/php/Sabre/Uri/autoload.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1316906 - Review Request: php-sabre-uri - Functions for making sense out of
URIs
https://bugzilla.redhat.com/show_bug.cgi?id=1316906
--------------------------------------------------------------------------------
================================================================================
proftpd-1.3.5b-1.el7 (FEDORA-EPEL-2016-3c6d565eff)
Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:
Cumulative maintenance release from upstream. Highlights are: * SSH RSA
hostkeys smaller than 2048 bits now work properly. * MLSD response lines are now
properly CRLF terminated. Various other bug fixes are also included.
--------------------------------------------------------------------------------
================================================================================
python-fedmsg-meta-fedora-infrastructure-0.15.11-1.el7 (FEDORA-EPEL-2016-f8eab2390f)
Metadata providers for Fedora Infrastructure's fedmsg deployment
--------------------------------------------------------------------------------
Update Information:
Handle a new pagure message format. Fix COPR links in long_form representation.
---- Fix a bug in handling of pagure messages. ---- Handle new mdapi format.
Also, a bugfix for handling copr messages.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1316958 - python-fedmsg-meta-fedora-infrastructure-0.15.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1316958
--------------------------------------------------------------------------------
================================================================================
python-pg8000-1.10.5-1.el7 (FEDORA-EPEL-2016-93ec18f329)
Pure Python PostgreSQL Driver
--------------------------------------------------------------------------------
Update Information:
Update to v1.10.5 ---- Update to 1.10.4
--------------------------------------------------------------------------------
================================================================================
qmmp-0.8.8-2.el7 (FEDORA-EPEL-2016-72714735af)
Qt-based multimedia player
--------------------------------------------------------------------------------
Update Information:
enabled support for libsidplay and WildMIDI as these got imported into epel7
--------------------------------------------------------------------------------
================================================================================
qr_mumps-1.2-3.el7 (FEDORA-EPEL-2016-c0aacbfe69)
A multithreaded multifrontal QR solver
--------------------------------------------------------------------------------
Update Information:
- Fixed ln commands
--------------------------------------------------------------------------------
================================================================================
quiterss-0.18.4-1.el7 (FEDORA-EPEL-2016-dd44ecce16)
RSS/Atom aggregator
--------------------------------------------------------------------------------
Update Information:
Version bump
--------------------------------------------------------------------------------
================================================================================
xfce4-vala-4.10.3-12.el7 (FEDORA-EPEL-2016-5648c0c7e3)
Vala bindings for the Xfce framework
--------------------------------------------------------------------------------
Update Information:
- improve check of vala API version ---- bump vala version to 0.26
--------------------------------------------------------------------------------
================================================================================
youtube-dl-2016.03.06-1.el7 (FEDORA-EPEL-2016-df0c961210)
A small command-line program to download online videos
--------------------------------------------------------------------------------
Update Information:
Update to latest release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1310644 - youtube-dl-2016.03.06 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1310644
--------------------------------------------------------------------------------