The following Fedora EPEL 7 Security updates need testing:
Age URL
21
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3621/php-Smarty-...
21
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3642/Pound-2.7-0...
17
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3745/tnftp-20141...
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3886/python-requ...
8
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3794/polarssl-1....
6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3989/cross-binut...
6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3995/oath-toolki...
5
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4045/libvncserve...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4152/lsyncd-2.1....
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4154/nodejs-0.10...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4113/kwebkitpart...
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4100/erlang-R16B...
The following builds have been pushed to Fedora EPEL 7 updates-testing
abduco-0.2-1.el7
dmlite-0.7.2-1.el7
libuv-0.10.29-1.el7
lsyncd-2.1.5-6.el7
mock-1.2.2-1.el7
nodejs-0.10.33-1.el7
perl-DateTime-Format-Pg-0.16010-6.el7
perl-qpid_proton-0.8-1.el7
php-horde-Horde-Browser-2.0.8-1.el7
php-horde-Horde-Core-2.16.1-1.el7
php-horde-Horde-Crypt-2.5.1-1.el7
php-horde-Horde-Db-2.2.2-1.el7
php-horde-Horde-History-2.3.3-1.el7
php-horde-Horde-Mime-Viewer-2.0.8-1.el7
php-horde-Horde-Test-2.4.6-1.el7
python-bugzilla2fedmsg-0.2.1-1.el7
python-flask-openid-1.2.4-1.el7
python-testtools-1.1.0-1.el7
quiterss-0.17.1-1.el7
subunit-0.0.21-1.el7
voms-2.0.12-1.el7
voms-api-java-3.0.4-1.el7
Details about builds:
================================================================================
abduco-0.2-1.el7 (FEDORA-EPEL-2014-4137)
Session management in a clean and simple way
--------------------------------------------------------------------------------
Update Information:
update to 0.2 (RHBZ #1165180)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Igor Gnatenko <i.gnatenko.brain(a)gmail.com> - 0.2-1
- update to 0.2 (RHBZ #1165180)
* Fri Aug 15 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1165180 - abduco-0.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1165180
--------------------------------------------------------------------------------
================================================================================
dmlite-0.7.2-1.el7 (FEDORA-EPEL-2014-4150)
Lcgdm grid data management and storage framework
--------------------------------------------------------------------------------
Update Information:
Update to 0.7.2, BugFix for too much verbose logging
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Adrien Devresse <adevress at cern.ch> - 0.7.2-1
- Update to 0.7.2, BugFix for too much verbose logging
--------------------------------------------------------------------------------
================================================================================
libuv-0.10.29-1.el7 (FEDORA-EPEL-2014-4154)
Platform layer for node.js
--------------------------------------------------------------------------------
Update Information:
This release handles the recent POODLE vulnerability by disabling SSLv2/SSLv3
by default for the most predominate uses of TLS in Node.js.
It took longer than expected to get this release accomplished in a way that
would provide appropriate default security settings, while minimizing the
surface area for the behavior change we were introducing. It was also important
that we validated that our changes were being applied in the variety of
configurations we support in our APIs.
With this release, we are confident that the only behavior change is that of
the default allowed protocols do not include SSLv2 or SSLv3. Though you are
still able to programatically consume those protocols if necessary.
Included is the documentation that you can find at
https://nodejs.org/api/tls.html#tls_protocol_support that describes how this
works going forward for client and server implementations.
---
Node.js is compiled with SSLv2 and SSLv3 protocol support by default, but these
protocols are **disabled**. They are considered insecure and could be easily
compromised as was shown by CVE-2014-3566. However, in some situations, it
may cause problems with legacy clients/servers (such as Internet Explorer 6).
If you wish to enable SSLv2 or SSLv3, run node with the `--enable-ssl2` or
`--enable-ssl3` flag respectively. In future versions of Node.js SSLv2 and
SSLv3 will not be compiled in by default.
There is a way to force node into using SSLv3 or SSLv2 only mode by explicitly
specifying `secureProtocol` to `'SSLv3_method'` or `'SSLv2_method'`.
The default protocol method Node.js uses is `SSLv23_method` which would be more
accurately named `AutoNegotiate_method`. This method will try and negotiate
from the highest level down to whatever the client supports. To provide a
secure default, Node.js (since v0.10.33) explicitly disables the use of SSLv3
and SSLv2 by setting the `secureOptions` to be
`SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2` (again, unless you have passed
`--enable-ssl3`, or `--enable-ssl2`, or `SSLv3_method` as `secureProtocol`).
If you have set `securityOptions` to anything, we will not override your
options.
The ramifications of this behavior change:
* If your application is behaving as a secure server, clients who are `SSLv3`
only will now not be able to appropriately negotiate a connection and will be
refused. In this case your server will emit a `clientError` event. The error
message will include `'wrong version number'`.
* If your application is behaving as a secure client and communicating with a
server that doesn't support methods more secure than SSLv3 then your connection
won't be able to negotiate and will fail. In this case your client will emit a
an `error` event. The error message will include `'wrong version number'`.
---
2014.10.20, node.js Version 0.10.33 (Stable)
* child_process: properly support optional args (cjihrig)
* crypto: Disable autonegotiation for SSLv2/3 by default (Fedor Indutny, Timothy J
Fontaine, Alexis Campailla)
This is a behavior change, by default we will not allow the negotiation to
SSLv2 or SSLv3. If you want this behavior, run Node.js with either
`--enable-ssl2` or `--enable-ssl3` respectively.
This does not change the behavior for users specifically requesting
`SSLv2_method` or `SSLv3_method`. While this behavior is not advised, it is
assumed you know what you're doing since you're specifically asking to use
these methods.
---
2014.10.21, libuv Version 0.10.29 (Stable)
Relevant changes since version 0.10.28:
* linux: try epoll_pwait if epoll_wait is missing (Michael Hudson-Doyle)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 T.C. Hollingsworth <tchollingsworth(a)gmail.com> - 1:0.10.29-1
- new upstream release 0.10.29
https://github.com/joyent/libuv/blob/v0.10.29/ChangeLog
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1152789 - CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy
Encryption attack
https://bugzilla.redhat.com/show_bug.cgi?id=1152789
--------------------------------------------------------------------------------
================================================================================
lsyncd-2.1.5-6.el7 (FEDORA-EPEL-2014-4152)
File change monitoring and synchronization daemon
--------------------------------------------------------------------------------
Update Information:
Fix bad shell argument escaping
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Lubomir Rintel <lkundrak(a)v3.sk> - 2.1.5-6
- Fix bad shell argument escaping
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.1.5-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Wed Jun 18 2014 Peter Robinson <pbrobinson(a)fedoraproject.org> 2.1.5-4
- No prelink on aarch64/ppc64le
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.1.5-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1165078 - lsyncd: command injection through backticks in a filename
https://bugzilla.redhat.com/show_bug.cgi?id=1165078
--------------------------------------------------------------------------------
================================================================================
mock-1.2.2-1.el7 (FEDORA-EPEL-2014-4123)
Builds packages inside chroots
--------------------------------------------------------------------------------
Update Information:
Bump in plugin ABI.
New LVM plugin.
Nosync for better IO performance.
DNF support.
Printing more useful output on terminal.
Concurrent shell acces to buildroot.
Executing package management commands.
--enablerepo and --disablerepo options
Short circuit options.
Automatic initialization.
Python 3 support.
Experimental support for building using systemd-nspawn.
Accept path as config.
New compress_logs plugin.
And lots of bugfixes.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Miroslav Suchý <msuchy(a)redhat.com> - 1.2.2-1
- add missing import [RHBZ#1165061]
* Sat Nov 15 2014 Miroslav Suchý <msuchy(a)redhat.com> - 1.2.1-1
- allow mockchain to accept path as config
- end yum's installroot path with a slash [RHBZ#1160428]
- add --mount option [RHBZ#1162637]
- add some missing bash completation strings
- run --shell as root with --new-chroot
- Don't fail scrub when there's no pool [RHBZ#1162631]
- Globbing and tilde expansion
- move restoring priviledges to finally [RHBZ#1162720]
- Remove "Buildroot must be already initialized" note
- Add missing --print-root-path to manpage
- Do not print ANSI escape characters into log [RHBZ#1163037]
- in site-defaults.cfg initialize dictionary of plugins [RHBZ#1162595]
- Disable empty names and values in config_opts[macros] [RHBZ#1160765]
- Disable single macros in -D cmd option [RHBZ#1160765]
- rpmbuild is in /usr/bin [RHBZ#1161112]
- man page for --macro-file [RHBZ#1160326]
- Added option [--macro-file] to support external rpm macros file [RHBZ#1160326]
- Don't output installation/build output when redirected
- Better log message for intial buildroot installation
- Be more specific when installing configs
- Install into correct sitelib when using Python 3
- Fix nosync on aarch64
- wrap all remaining getcwd() [RHBZ#1159300]
- do not use rpm in %post scriptlet [RHBZ#1131279]
- Fix unclear legal host output [RHBZ#1159794]
- allow running from directory, which is deleted [RHBZ#1159300]
- create compress_logs plugin [RHBZ#1100923]
- when default.cfg exists create default.cfg.rpmnew [RHBZ#1085308]
- accept paths to target definition files [RHBZ#1126117]
- set title bar in xterm [RHBZ#1126235]
- pass --enablerepo/--disablerepo to yum in the same order as provided to mock
[RHBZ#1154604]
- Fix incorrect printing of binary strings on py3
- Add missing Requires rpm-python3
- Don't print Yum and build output when quiet
- Prevent output being printed twice with --verbose (rhbz#1152971)
- Fix printing non-ascii characters with output redirected (rhbz#1152952)
- replace urlgrabber by python-requests
- use python3 for Fedora22+
- Don't print we're doing rpmbuild -bb, when it may not be true
- 'prep' choice missing in short-circuit option parser
- Don't execute prebuild in short-circuit mode
* Thu Oct 9 2014 Miroslav Suchý <msuchy(a)redhat.com> - 1.2.0-1
- update configs for secondary architecture (Dan Horák)
- caching of buildroots using LVM (Michael Simacek)
- add support for DNF (Michael Simacek)
- initial porting to python3 (Michael Simacek)
- new config option nosync (Michael Simacek)
- add CentOS extra repository [BZ# 1108402]
- correctly create default.cfg on arm [BZ# 1033786]
- postpone loading of rpm after chroot is set [BZ# 1111147]
- use systemd-nspawn instead of chroot [RHBZ# 1132762]
- in --copyout do not fail on symlinks [BZ# 971474]
- allow to short circuit to prep phase [BZ# 966985]
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1165061 - update to mock-1.2.1-1.fc21 breaks existing mock profiles
https://bugzilla.redhat.com/show_bug.cgi?id=1165061
[ 2 ] Bug #1160428 - mock 1.2.0 tries to install f21 packages in f19 chroot
https://bugzilla.redhat.com/show_bug.cgi?id=1160428
[ 3 ] Bug #1162637 - Provide --umount counterpart for LVM plugin
https://bugzilla.redhat.com/show_bug.cgi?id=1162637
[ 4 ] Bug #1162631 - With LVM plugin enabled, I can't scrub traditional directories
https://bugzilla.redhat.com/show_bug.cgi?id=1162631
[ 5 ] Bug #1162720 - --copyout prints confusing errors when the copied file doesn't
exist
https://bugzilla.redhat.com/show_bug.cgi?id=1162720
[ 6 ] Bug #1163037 - Do not print ANSI escape characters into log
https://bugzilla.redhat.com/show_bug.cgi?id=1163037
[ 7 ] Bug #1162595 - lvm_root_opts options in site-defaults.cfg don't work
https://bugzilla.redhat.com/show_bug.cgi?id=1162595
[ 8 ] Bug #1160765 - empty and single values for rpm macros in mock cfg file and cmd
option
https://bugzilla.redhat.com/show_bug.cgi?id=1160765
[ 9 ] Bug #1161112 - pre-UsrMove profiles stopped working after update of mock
https://bugzilla.redhat.com/show_bug.cgi?id=1161112
[ 10 ] Bug #1160326 - mock new command line option --macro-file for defining rpm macros
file
https://bugzilla.redhat.com/show_bug.cgi?id=1160326
[ 11 ] Bug #1159300 - running mock from chroot path directory produces "error
retrieving current directory: getcwd"
https://bugzilla.redhat.com/show_bug.cgi?id=1159300
[ 12 ] Bug #1131279 - mock package has a questionable scriptlet, leading to errors about
rpm db version mismatch
https://bugzilla.redhat.com/show_bug.cgi?id=1131279
[ 13 ] Bug #1159794 - invalid legal_host_arches option can cause unclear output
https://bugzilla.redhat.com/show_bug.cgi?id=1159794
[ 14 ] Bug #1100923 - RFE: compress mock build logs when done building
https://bugzilla.redhat.com/show_bug.cgi?id=1100923
[ 15 ] Bug #1085308 - mock: User configuration is lost during update
https://bugzilla.redhat.com/show_bug.cgi?id=1085308
[ 16 ] Bug #1126117 - Mock should accept paths to target definition files
https://bugzilla.redhat.com/show_bug.cgi?id=1126117
[ 17 ] Bug #1126235 - PROMPT_COMMAND does not include required escape codes
https://bugzilla.redhat.com/show_bug.cgi?id=1126235
[ 18 ] Bug #1154604 - mock: enablerepo doesn't work if used after disablerepo
https://bugzilla.redhat.com/show_bug.cgi?id=1154604
[ 19 ] Bug #1152971 - Verbose mode is repeating lines
https://bugzilla.redhat.com/show_bug.cgi?id=1152971
[ 20 ] Bug #1152952 - [mock] UnicodeEncodeError: 'ascii' codec can't encode
characters in position 6-7: ordinal not in range(128)
https://bugzilla.redhat.com/show_bug.cgi?id=1152952
--------------------------------------------------------------------------------
================================================================================
nodejs-0.10.33-1.el7 (FEDORA-EPEL-2014-4154)
JavaScript runtime
--------------------------------------------------------------------------------
Update Information:
This release handles the recent POODLE vulnerability by disabling SSLv2/SSLv3
by default for the most predominate uses of TLS in Node.js.
It took longer than expected to get this release accomplished in a way that
would provide appropriate default security settings, while minimizing the
surface area for the behavior change we were introducing. It was also important
that we validated that our changes were being applied in the variety of
configurations we support in our APIs.
With this release, we are confident that the only behavior change is that of
the default allowed protocols do not include SSLv2 or SSLv3. Though you are
still able to programatically consume those protocols if necessary.
Included is the documentation that you can find at
https://nodejs.org/api/tls.html#tls_protocol_support that describes how this
works going forward for client and server implementations.
---
Node.js is compiled with SSLv2 and SSLv3 protocol support by default, but these
protocols are **disabled**. They are considered insecure and could be easily
compromised as was shown by CVE-2014-3566. However, in some situations, it
may cause problems with legacy clients/servers (such as Internet Explorer 6).
If you wish to enable SSLv2 or SSLv3, run node with the `--enable-ssl2` or
`--enable-ssl3` flag respectively. In future versions of Node.js SSLv2 and
SSLv3 will not be compiled in by default.
There is a way to force node into using SSLv3 or SSLv2 only mode by explicitly
specifying `secureProtocol` to `'SSLv3_method'` or `'SSLv2_method'`.
The default protocol method Node.js uses is `SSLv23_method` which would be more
accurately named `AutoNegotiate_method`. This method will try and negotiate
from the highest level down to whatever the client supports. To provide a
secure default, Node.js (since v0.10.33) explicitly disables the use of SSLv3
and SSLv2 by setting the `secureOptions` to be
`SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2` (again, unless you have passed
`--enable-ssl3`, or `--enable-ssl2`, or `SSLv3_method` as `secureProtocol`).
If you have set `securityOptions` to anything, we will not override your
options.
The ramifications of this behavior change:
* If your application is behaving as a secure server, clients who are `SSLv3`
only will now not be able to appropriately negotiate a connection and will be
refused. In this case your server will emit a `clientError` event. The error
message will include `'wrong version number'`.
* If your application is behaving as a secure client and communicating with a
server that doesn't support methods more secure than SSLv3 then your connection
won't be able to negotiate and will fail. In this case your client will emit a
an `error` event. The error message will include `'wrong version number'`.
---
2014.10.20, node.js Version 0.10.33 (Stable)
* child_process: properly support optional args (cjihrig)
* crypto: Disable autonegotiation for SSLv2/3 by default (Fedor Indutny, Timothy J
Fontaine, Alexis Campailla)
This is a behavior change, by default we will not allow the negotiation to
SSLv2 or SSLv3. If you want this behavior, run Node.js with either
`--enable-ssl2` or `--enable-ssl3` respectively.
This does not change the behavior for users specifically requesting
`SSLv2_method` or `SSLv3_method`. While this behavior is not advised, it is
assumed you know what you're doing since you're specifically asking to use
these methods.
---
2014.10.21, libuv Version 0.10.29 (Stable)
Relevant changes since version 0.10.28:
* linux: try epoll_pwait if epoll_wait is missing (Michael Hudson-Doyle)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 T.C. Hollingsworth <tchollingsworth(a)gmail.com> - 0.10.33-1
- new upstream release 0.10.33
http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/
- This release disables SSLv3 to secure Node.js services against the POODLE
attack. (CVE-2014-3566; RHBZ#1152789) For more information or to learn how
to re-enable SSLv3 in order to support legacy clients, please see the upstream
release announcement linked above.
* Tue Oct 21 2014 T.C. Hollingsworth <tchollingsworth(a)gmail.com> - 0.10.32-2
- add Provides nodejs-punycode (RHBZ#1151811)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1152789 - CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy
Encryption attack
https://bugzilla.redhat.com/show_bug.cgi?id=1152789
--------------------------------------------------------------------------------
================================================================================
perl-DateTime-Format-Pg-0.16010-6.el7 (FEDORA-EPEL-2014-4141)
Parse and format PostgreSQL dates and times
--------------------------------------------------------------------------------
Update Information:
add perl-DateTime-Format-Pg to epel7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #459934 - Review Request: perl-DateTime-Format-Pg - Parse and format
PostgreSQL dates and times
https://bugzilla.redhat.com/show_bug.cgi?id=459934
--------------------------------------------------------------------------------
================================================================================
perl-qpid_proton-0.8-1.el7 (FEDORA-EPEL-2014-4139)
Perl language bindings for Qpid Proton
--------------------------------------------------------------------------------
Update Information:
Rebased on Proton 0.8.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Darryl L. Pierce <dpierce(a)redhat.com> - 0.8-1
- Rebased on Proton 0.8.
* Thu Aug 28 2014 Jitka Plesnikova <jplesnik(a)redhat.com> - 0.7-4
- Perl 5.20 rebuild
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.7-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.7-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Browser-2.0.8-1.el7 (FEDORA-EPEL-2014-4155)
Horde Browser API
--------------------------------------------------------------------------------
Update Information:
Horde_Browser 2.0.8
* [jan] Consider all user agents with 'bot' in the name as robots.
Horde_Test 2.4.6
* [jan] Add convertUsername() to Horde_Test_Stub_Registry.
Horde_Db 2.2.2
* [jan] Make Oracle's updateBlob() compatible with PHP 5.3.
Horde_History 2.3.3
* [jan] Fix migration with Oracle.
Horde_Crypt 2.5.1
* [jan] Fix using non-deprecated Content-Type for encrypted messages (Bug #13659).
Horde_Mime_Viewer 2.0.8
* [mms] More thorough handling of tar.gz data.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Remi Collet <remi(a)fedoraproject.org> - 2.0.8-1
- Update to 2.0.8
- add dependency on Horde_Translation
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Core-2.16.1-1.el7 (FEDORA-EPEL-2014-4127)
Horde Core Framework libraries
--------------------------------------------------------------------------------
Update Information:
Horde_Core 2.16.1:
* [mms] Fix file permissions of dynamically generated static CSS/JS files.
* [jan] Use correct user name as a fallback for identity full names with existing
authusername hook.
Horde_Core 2.16.0:
* [mjr] Add the activesync_provisioning_check hook.
* [mjr] Fix determining multiplex settting for EAS notes (Bug #13637).
* [mjr] Fix adding new tasklists from EAS (Bug #13642).
* [jan] Update Czech translation (Michael Grafnetter).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 6 2014 Remi Collet <remi(a)fedoraproject.org> - 2.16.1-1
- Update to 2.16.1
- raise dependency on Horde_Translation >= 2.2.0
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Crypt-2.5.1-1.el7 (FEDORA-EPEL-2014-4155)
Horde Cryptography API
--------------------------------------------------------------------------------
Update Information:
Horde_Browser 2.0.8
* [jan] Consider all user agents with 'bot' in the name as robots.
Horde_Test 2.4.6
* [jan] Add convertUsername() to Horde_Test_Stub_Registry.
Horde_Db 2.2.2
* [jan] Make Oracle's updateBlob() compatible with PHP 5.3.
Horde_History 2.3.3
* [jan] Fix migration with Oracle.
Horde_Crypt 2.5.1
* [jan] Fix using non-deprecated Content-Type for encrypted messages (Bug #13659).
Horde_Mime_Viewer 2.0.8
* [mms] More thorough handling of tar.gz data.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Remi Collet <remi(a)fedoraproject.org> - 2.5.1-1
- Update to 2.5.1
- raise dependency on Horde_Translation 2.2.0
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Db-2.2.2-1.el7 (FEDORA-EPEL-2014-4155)
Horde Database Libraries
--------------------------------------------------------------------------------
Update Information:
Horde_Browser 2.0.8
* [jan] Consider all user agents with 'bot' in the name as robots.
Horde_Test 2.4.6
* [jan] Add convertUsername() to Horde_Test_Stub_Registry.
Horde_Db 2.2.2
* [jan] Make Oracle's updateBlob() compatible with PHP 5.3.
Horde_History 2.3.3
* [jan] Fix migration with Oracle.
Horde_Crypt 2.5.1
* [jan] Fix using non-deprecated Content-Type for encrypted messages (Bug #13659).
Horde_Mime_Viewer 2.0.8
* [mms] More thorough handling of tar.gz data.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Remi Collet <remi(a)fedoraproject.org> - 2.2.2-1
- Update to 2.2.2
* Thu Nov 6 2014 Remi Collet <remi(a)fedoraproject.org> - 2.2.0-1
- Update to 2.2.0
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-History-2.3.3-1.el7 (FEDORA-EPEL-2014-4155)
API for tracking the history of an object
--------------------------------------------------------------------------------
Update Information:
Horde_Browser 2.0.8
* [jan] Consider all user agents with 'bot' in the name as robots.
Horde_Test 2.4.6
* [jan] Add convertUsername() to Horde_Test_Stub_Registry.
Horde_Db 2.2.2
* [jan] Make Oracle's updateBlob() compatible with PHP 5.3.
Horde_History 2.3.3
* [jan] Fix migration with Oracle.
Horde_Crypt 2.5.1
* [jan] Fix using non-deprecated Content-Type for encrypted messages (Bug #13659).
Horde_Mime_Viewer 2.0.8
* [mms] More thorough handling of tar.gz data.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Remi Collet <remi(a)fedoraproject.org> - 2.3.3-1
- Update to 2.3.3
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Mime-Viewer-2.0.8-1.el7 (FEDORA-EPEL-2014-4155)
Horde MIME Viewer Library
--------------------------------------------------------------------------------
Update Information:
Horde_Browser 2.0.8
* [jan] Consider all user agents with 'bot' in the name as robots.
Horde_Test 2.4.6
* [jan] Add convertUsername() to Horde_Test_Stub_Registry.
Horde_Db 2.2.2
* [jan] Make Oracle's updateBlob() compatible with PHP 5.3.
Horde_History 2.3.3
* [jan] Fix migration with Oracle.
Horde_Crypt 2.5.1
* [jan] Fix using non-deprecated Content-Type for encrypted messages (Bug #13659).
Horde_Mime_Viewer 2.0.8
* [mms] More thorough handling of tar.gz data.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Remi Collet <remi(a)fedoraproject.org> - 2.0.8-1
- Update to 2.0.8
- raise dependency on Horde_Translation 2.2.0
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Test-2.4.6-1.el7 (FEDORA-EPEL-2014-4155)
Horde testing base classes
--------------------------------------------------------------------------------
Update Information:
Horde_Browser 2.0.8
* [jan] Consider all user agents with 'bot' in the name as robots.
Horde_Test 2.4.6
* [jan] Add convertUsername() to Horde_Test_Stub_Registry.
Horde_Db 2.2.2
* [jan] Make Oracle's updateBlob() compatible with PHP 5.3.
Horde_History 2.3.3
* [jan] Fix migration with Oracle.
Horde_Crypt 2.5.1
* [jan] Fix using non-deprecated Content-Type for encrypted messages (Bug #13659).
Horde_Mime_Viewer 2.0.8
* [mms] More thorough handling of tar.gz data.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Remi Collet <remi(a)fedoraproject.org> - 2.4.6-1
- Update to 2.4.6
--------------------------------------------------------------------------------
================================================================================
python-bugzilla2fedmsg-0.2.1-1.el7 (FEDORA-EPEL-2014-4156)
Consume BZ messages over STOMP and republish to fedmsg
--------------------------------------------------------------------------------
Update Information:
Accomodate rhbz#1139955.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Ralph Bean <rbean(a)redhat.com> - 0.2.1-1
- Latest upstream handles timezones for rhbz#1139955.
--------------------------------------------------------------------------------
================================================================================
python-flask-openid-1.2.4-1.el7 (FEDORA-EPEL-2014-4135)
OpenID support for Flask
--------------------------------------------------------------------------------
Update Information:
Update to 1.2.4
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Praveen Kumar <kumarpraveen.nitdgp(a)gmail.com> 1.2.4-1
- Update to 1.2.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1164465 - python-testtools-1.2.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1164465
--------------------------------------------------------------------------------
================================================================================
python-testtools-1.1.0-1.el7 (FEDORA-EPEL-2014-4142)
Extensions to the Python unit testing framework
--------------------------------------------------------------------------------
Update Information:
- support for openstack Juno testing on el7
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 19 2014 Jerry James <loganjerry(a)gmail.com> - 1.1.0-1
- Update to 1.1.0 (bz 1132881)
- Fix license handling
- Note bundling exception for jquery in -doc
--------------------------------------------------------------------------------
================================================================================
quiterss-0.17.1-1.el7 (FEDORA-EPEL-2014-4140)
RSS/Atom aggregator
--------------------------------------------------------------------------------
Update Information:
Version bump
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 TI_Eugene <ti.eugene(a)gmail.com> - 0.17.1-1
- Version bump
--------------------------------------------------------------------------------
================================================================================
subunit-0.0.21-1.el7 (FEDORA-EPEL-2014-4138)
C bindings for subunit
--------------------------------------------------------------------------------
Update Information:
- To support openstack Juno testing
--------------------------------------------------------------------------------
================================================================================
voms-2.0.12-1.el7 (FEDORA-EPEL-2014-4131)
Virtual Organization Membership Service
--------------------------------------------------------------------------------
Update Information:
VOMS update
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 2.0.12-1
- Update to version 2.0.12
- Drop patches voms-gsoap.patch, voms-sha2-proxy.patch and voms-strndup.patch
(accepted upstream)
- Add alternatives to the client package to allow parallel installation of
the java implementation of the client tools
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.0.11-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sun Jul 13 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 2.0.11-9
- Rebuild properly
* Sun Jul 13 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 2.0.11-8
- Rebuild for gsoap 2.8.17 (Fedora 22)
--------------------------------------------------------------------------------
================================================================================
voms-api-java-3.0.4-1.el7 (FEDORA-EPEL-2014-4131)
Virtual Organization Membership Service Java API
--------------------------------------------------------------------------------
Update Information:
VOMS update
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 3.0.4-1
- Update to version 3.0.4
- Drop patch voms-api-java-timezone-dep-test.patch (fixed upstream)
--------------------------------------------------------------------------------