The following Fedora EPEL 7 Security updates need testing:
Age URL
659
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
421
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f
mcollective-2.8.4-1.el7
140
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-23fa04bf1c
redis-3.2.3-1.el7
123
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8f4ff76b3
chicken-4.11.0-3.el7
66
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-ee3cc4d1b6
compat-guile18-1.8.8-14.el7
14
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-090cbd0a83
botan-1.10.14-3.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-73b4fc1c78
chromium-55.0.2883.87-1.el7.1
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-d21e337184
hdf5-1.8.12-8.el7
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-0899019edf
game-music-emu-0.6.1-1.el7
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-911ea9b639
fedfind-3.2.3-1.el7 python-wikitcms-2.1.9-1.el7
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-17165c490b
nagios-plugins-2.1.4-2.el7
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-403020225c
tor-0.2.8.12-1.el7
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-a189d9c701
js-jquery1-1.12.4-2.el7
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-11ee6fcfdf
js-jquery-2.2.4-1.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d
libbsd-0.8.3-1.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-61ae084204
seamonkey-2.46-1.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-b2e637ff5a
python-wikitcms-2.1.10-1.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-0fa3a954b0
borgbackup-1.0.9-1.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-2e4783e791
php-PHPMailer-5.2.19-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
autowrap-0.9.2-1.20161226gitee9a4e.el7
borgbackup-1.0.9-1.el7
drupal7-ctools-1.12-1.el7
drupal7-diff-3.3-1.el7
drupal7-feeds-2.0-0.16.beta3.el7
drupal7-l10n_update-2.1-1.el7
drupal7-metatag-1.18-1.el7
globus-gssapi-gsi-12.13-1.el7
guake-0.8.8-1.el7
pagure-2.10.1-1.el7
perl-Test-mysqld-0.20-1.el7
perl-Text-Fuzzy-0.25-1.el7
perl-Time-Moment-0.41-1.el7
php-PHPMailer-5.2.19-1.el7
php-akamai-open-edgegrid-auth-0.6.2-1.el7
python-fedmsg-meta-fedora-infrastructure-0.17.8-1.el7
python-wikitcms-2.1.10-1.el7
yadifa-2.2.3-1.el7
Details about builds:
================================================================================
autowrap-0.9.2-1.20161226gitee9a4e.el7 (FEDORA-EPEL-2016-81d9c5e462)
Generates Python Extension modules from [Cython] PXD files
--------------------------------------------------------------------------------
Update Information:
- Update to 0.9.2
--------------------------------------------------------------------------------
================================================================================
borgbackup-1.0.9-1.el7 (FEDORA-EPEL-2016-0fa3a954b0)
A deduplicating backup program with compression and authenticated encryption
--------------------------------------------------------------------------------
Update Information:
upstream version 1.0.9 (BZ#1406277)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1406277 - borgbackup 1.0.9 is available (includes security fixes)
https://bugzilla.redhat.com/show_bug.cgi?id=1406277
--------------------------------------------------------------------------------
================================================================================
drupal7-ctools-1.12-1.el7 (FEDORA-EPEL-2016-31e2635b41)
Primarily a set of APIs and tools to improve the developer experience
--------------------------------------------------------------------------------
Update Information:
[
7.x-1.12](https://www.drupal.org/project/ctools/releases/7.x-1.12) [Full
release
log](https://www.drupal.org/project/ctools/releases?api_version%5B%5D=103)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1397368 - drupal7-ctools-1.12 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1397368
--------------------------------------------------------------------------------
================================================================================
drupal7-diff-3.3-1.el7 (FEDORA-EPEL-2016-3e15383ce0)
Show differences between content revisions
--------------------------------------------------------------------------------
Update Information:
[
7.x-3.3](https://www.drupal.org/project/diff/releases/7.x-3.3)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1406369 - drupal7-diff-3.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1406369
--------------------------------------------------------------------------------
================================================================================
drupal7-feeds-2.0-0.16.beta3.el7 (FEDORA-EPEL-2016-981ea57884)
Aggregates RSS/Atom/RDF feeds, imports CSV files and more
--------------------------------------------------------------------------------
Update Information:
[
7.x-2.0-beta3](https://www.drupal.org/project/feeds/releases/7.x-2.0-beta3)
[Full release
log](https://www.drupal.org/project/feeds/releases?api_version%5B%5D=103)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1398472 - drupal7-feeds-2.0-beta3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1398472
--------------------------------------------------------------------------------
================================================================================
drupal7-l10n_update-2.1-1.el7 (FEDORA-EPEL-2016-fbde7e58ca)
Provides automatic downloads and updates for translations
--------------------------------------------------------------------------------
Update Information:
[
7.x-2.1](https://www.drupal.org/project/l10n_update/releases/7.x-2.1) [Full
release
log](https://www.drupal.org/project/l10n_update/releases?api_version%5B%5...
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1401189 - drupal7-l10n_update-2.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1401189
--------------------------------------------------------------------------------
================================================================================
drupal7-metatag-1.18-1.el7 (FEDORA-EPEL-2016-7695ad2058)
Adds support and an API to implement meta tags
--------------------------------------------------------------------------------
Update Information:
[
7.x-1.18](https://www.drupal.org/project/metatag/releases/7.x-1.18) [Full
release
log](https://www.drupal.org/project/metatag/releases?api_version%5B%5D=103)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1400352 - drupal7-metatag-1.18 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1400352
--------------------------------------------------------------------------------
================================================================================
globus-gssapi-gsi-12.13-1.el7 (FEDORA-EPEL-2016-c62fc4cffd)
Globus Toolkit - GSSAPI library
--------------------------------------------------------------------------------
Update Information:
Test fixes.
--------------------------------------------------------------------------------
================================================================================
guake-0.8.8-1.el7 (FEDORA-EPEL-2016-f082cc8c34)
Drop-down terminal for GNOME
--------------------------------------------------------------------------------
Update Information:
Features: - Close a tab with the middle button of the mouse Bug Fixes: - Fix
error when toggle key was disabled - Update change news - Uppercase pallete name
- Fix pylint errors - Convert README badge to SVG - Update Japanese translation
- Update Russian translation - Updated CS translation - Update zh_CN translation
Changelog at:
https://github.com/Guake/guake/releases/tag/0.8.8
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1397684 - Temporarily visible on the wrong monitor
https://bugzilla.redhat.com/show_bug.cgi?id=1397684
--------------------------------------------------------------------------------
================================================================================
pagure-2.10.1-1.el7 (FEDORA-EPEL-2016-cadc32892e)
A git-centered forge
--------------------------------------------------------------------------------
Update Information:
Update to 2.10.1 Changelog: - Update to 2.10.1 - Clean up the JS code in the
settings page (Lubom��r Sedl����) - Fix the URLs in the `My Issues` and `My Pull-
request` pages
--------------------------------------------------------------------------------
================================================================================
perl-Test-mysqld-0.20-1.el7 (FEDORA-EPEL-2016-cf4dabaa85)
Mysqld runner for tests
--------------------------------------------------------------------------------
Update Information:
0.20 2016-12-20T07:30:45Z --- - fix dist name 0.18 2016-12-20T06:28:12Z
--- - add impl of Test::mysqld::Multi (shogo82148) - support MySQL 5.7.6 or
later (karupanerura ywatase)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1406379 - perl-Test-mysqld-0.20 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1406379
--------------------------------------------------------------------------------
================================================================================
perl-Text-Fuzzy-0.25-1.el7 (FEDORA-EPEL-2016-11970d798c)
Partial string matching using edit distances
--------------------------------------------------------------------------------
Update Information:
0.25 2016-12-07 * Documentation changes only
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1402386 - perl-Text-Fuzzy-0.25 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1402386
--------------------------------------------------------------------------------
================================================================================
perl-Time-Moment-0.41-1.el7 (FEDORA-EPEL-2016-02b890f26e)
Represents a date and time of day with an offset from UTC
--------------------------------------------------------------------------------
Update Information:
0.41 2016-12-10 --- - Time::Moment - Documented the precision value
returned by ->precision() - Documented the optional precision value in
->compare() - Time::Moment::Adjusters - Corrected the NearestMinuteInterval
example - Increased and documented the accepted values for
NearestMinuteInterval 0.40 2016-11-26 --- - Correct forward function
declaration to include interpreter context. Bug fix for #22, compilation with
threaded perls. Reported by Slaven Rezi�� (eserte). 0.39 2016-11-25 --- -
Added following methods to Time::Moment: - precision - with_precision -
Added following adjusters to Time::Moment::Adjusters: -
WesternEasterSunday() - OthodoxEasterSunday() -
NearestMinuteInterval($interval) - Added following examples to eg/ -
eg/se_bank_holidays.pl
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1398627 - perl-Time-Moment-0.41 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1398627
--------------------------------------------------------------------------------
================================================================================
php-PHPMailer-5.2.19-1.el7 (FEDORA-EPEL-2016-2e4783e791)
PHP email transport class with a lot of features
--------------------------------------------------------------------------------
Update Information:
** Version 5.2.19** (December 26th 2016) * Minor cleanup ** Version 5.2.18**
(December 24th 2016) * **SECURITY** Critical security update for CVE-2016-10033
please update now! Thanks to [Dawid Golunski](https://legalhackers.com). * Add
ability to extract the SMTP transaction ID from some common SMTP success
messages * Minor documentation tweaks ** Version 5.2.17** (December 9th 2016)
* This is officially the last feature release of 5.2. Security fixes only from
now on; use PHPMailer 6.0! * Allow DKIM private key to be provided as a string *
Provide mechanism to allow overriding of boundary and message ID creation *
Improve Brazilian Portuguese, Spanish, Swedish, Romanian, and German
translations * PHP 7.1 support for Travis-CI * Fix some language codes * Add
security notices * Improve DKIM compatibility in older PHP versions * Improve
trapping and capture of SMTP connection errors * Improve passthrough of error
levels for debug output * PHPDoc cleanup
--------------------------------------------------------------------------------
================================================================================
php-akamai-open-edgegrid-auth-0.6.2-1.el7 (FEDORA-EPEL-2016-98702ab5ed)
Implements the Akamai {OPEN} EdgeGrid Authentication
--------------------------------------------------------------------------------
Update Information:
### 0.6.2 [24 Dec, 2016] * Add support for using environment variables for
credentials * General cleanup ### 0.6.1 [17 Dec, 2016] * Fix PHP 7.1
compatibility (@remicollet)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1405779 - php-akamai-open-edgegrid-auth-0.6.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1405779
[ 2 ] Bug #1408684 - php-akamai-open-edgegrid-auth-0.6.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1408684
--------------------------------------------------------------------------------
================================================================================
python-fedmsg-meta-fedora-infrastructure-0.17.8-1.el7 (FEDORA-EPEL-2016-828d082be6)
Metadata providers for Fedora Infrastructure's fedmsg deployment
--------------------------------------------------------------------------------
Update Information:
Update to 0.17.8 ------------------ Pull Requests - (@puiterwijk) #410,
All kojis now use https
https://github.com/fedora-
infra/fedmsg_meta_fedora_infrastructure/pull/410 Commits - 682032986 All kojis
now use https
https://github.com/fedora-
infra/fedmsg_meta_fedora_infrastructure/commit/682032986 - 96957a490 Fix distgit
URLs (#411)
https://github.com/fedora-
infra/fedmsg_meta_fedora_infrastructure/commit/96957a490
--------------------------------------------------------------------------------
================================================================================
python-wikitcms-2.1.10-1.el7 (FEDORA-EPEL-2016-b2e637ff5a)
Fedora QA wiki test management Python library
--------------------------------------------------------------------------------
Update Information:
This update contains a SECURITY fix for an issue with potentially serious
consequences but very limited scope. If an administrator of a wiki you talked to
using python-wikitcms were malicious, they could cause arbitrary code execution
as the user running wikitcms. No-one besides a wiki administrator could do this,
as it requires crafting the wiki's response to an edit request to include a
malicious payload. It also drops some now useless or unneeded code (due to
changes in mediawiki and mwclient).
--------------------------------------------------------------------------------
================================================================================
yadifa-2.2.3-1.el7 (FEDORA-EPEL-2016-8cebd55c99)
Lightweight authoritative Name Server with DNSSEC capabilities
--------------------------------------------------------------------------------
Update Information:
20161215: YADIFA 2.2.3 - Removed code triggering an ICE on ppc64le - Fixes an
issue with the policies where the key size would not be matched - Fixes an issue
with the generation of RSA keys that would be rejected by the policies -
Included patches from the community about typos and gcc ICE on ppc64le.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1392892 - yadifa-2.2.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1392892
--------------------------------------------------------------------------------