The following Fedora EPEL 7 Security updates need testing:
Age URL
326
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
88
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f
mcollective-2.8.4-1.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-043f77342d
cgit-0.12-1.el7
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-418a480529
gsi-openssh-6.6.1p1-3.el7
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-fb26e5cd3c
privoxy-3.0.23-3.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-fca17abc84
p7zip-15.09-9.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-f17c082f00
nginx-1.6.3-8.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-69b4d0e57c
prosody-0.9.10-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
R-3.2.3-4.el7
abduco-0.5-1.el7
abi-dumper-0.99.14-1.el7
cherrytree-0.36.4-2.el7
cmake-fedora-2.5.1-1.el7
cmark-0.23.0-3.el7
cmark-0.23.0-4.el7
drbdlinks-1.27-3.el7
globus-gssapi-gsi-11.26-1.el7
hitch-1.1.1-1.el7
letsencrypt-0.3.0-1.el7
libinput-1.1.5-1.el7
libsidplayfp-1.8.3-2.el7
nginx-1.6.3-8.el7
pdns-3.4.7-2.el7
perl-Email-Valid-1.198-1.el7
pki-usgov-dod-cacerts-0.0.6-4.el7
prosody-0.9.10-1.el7
python-acme-0.3.0-1.el7
python-elfdata-0.6-1.el7
python-polib-1.0.7-2.el7
python-productmd-1.0-9.el7
python-raven-5.10.2-1.el7
python-requests-toolbelt-0.6.0-1.el7
rpmorphan-1.15-1.el7
rubygem-activerecord-deprecated_finders-1.0.3-6.el7
rubygem-minitest5-5.8.4-1.el7
tito-0.6.4-1.el7
wildmidi-0.3.8-3.el7
yadifa-2.1.5-1.el7
Details about builds:
================================================================================
R-3.2.3-4.el7 (FEDORA-EPEL-2016-17ae3a01b5)
A language for data analysis and graphics
--------------------------------------------------------------------------------
Update Information:
Add pre-built copies of the R HTML manuals to the packages which cannot build
them due to an ancient texi2any (RHEL 5 & 6). RHEL 7 was updated to ensure clean
upgrade path. ---- Add Requires: redhat-rpm-config on targets that are
hardened, because R inherits the compiler flags that it was built with and
passes them to all modules built for it later.
--------------------------------------------------------------------------------
================================================================================
abduco-0.5-1.el7 (FEDORA-EPEL-2016-bab758e61a)
Session management in a clean and simple way
--------------------------------------------------------------------------------
Update Information:
Abduco 0.5 stable release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1298907 - abduco-0.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1298907
--------------------------------------------------------------------------------
================================================================================
abi-dumper-0.99.14-1.el7 (FEDORA-EPEL-2016-51c0ff0edf)
Tool to dump ABI of an ELF object containing DWARF debug info
--------------------------------------------------------------------------------
Update Information:
Detect private data types in the ABI, i.e. not defined in public header files.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1301789 - abi-dumper-0.99.14 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1301789
--------------------------------------------------------------------------------
================================================================================
cherrytree-0.36.4-2.el7 (FEDORA-EPEL-2016-b49173f74f)
Hierarchical note taking application
--------------------------------------------------------------------------------
Update Information:
Update to 0.36.4 ---- update to cherrytree 0.36.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1160249 - cherrytree-0.36.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1160249
[ 2 ] Bug #1301941 - cherrytree-0.36.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1301941
--------------------------------------------------------------------------------
================================================================================
cmake-fedora-2.5.1-1.el7 (FEDORA-EPEL-2016-571c25a5ff)
CMake helper modules for fedora developers
--------------------------------------------------------------------------------
Update Information:
- Fixed: * Out-of-the-source build for ibus-chewing
--------------------------------------------------------------------------------
================================================================================
cmark-0.23.0-3.el7 (FEDORA-EPEL-2016-65d6af6d87)
CommonMark parsing and rendering
--------------------------------------------------------------------------------
Update Information:
CommonMark parsing and rendering
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1266429 - Review Request: cmark - CommonMark parsing and rendering
https://bugzilla.redhat.com/show_bug.cgi?id=1266429
--------------------------------------------------------------------------------
================================================================================
cmark-0.23.0-4.el7 (FEDORA-EPEL-2016-b3f7cd8978)
CommonMark parsing and rendering
--------------------------------------------------------------------------------
Update Information:
CommonMark parsing and rendering (
http://commonmark.org/)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1266429 - Review Request: cmark - CommonMark parsing and rendering
https://bugzilla.redhat.com/show_bug.cgi?id=1266429
--------------------------------------------------------------------------------
================================================================================
drbdlinks-1.27-3.el7 (FEDORA-EPEL-2016-8b5788b3e9)
A program for managing links into a DRBD shared partition
--------------------------------------------------------------------------------
Update Information:
Provide native systemd service
--------------------------------------------------------------------------------
================================================================================
globus-gssapi-gsi-11.26-1.el7 (FEDORA-EPEL-2016-f2e8fc5635)
Globus Toolkit - GSSAPI library
--------------------------------------------------------------------------------
Update Information:
ix FORCE_TLS setting to allow TLSv1.1 and TLS1.2, not just TLSv1.0
--------------------------------------------------------------------------------
================================================================================
hitch-1.1.1-1.el7 (FEDORA-EPEL-2016-41a21534e9)
Network proxy that terminates TLS/SSL connections
--------------------------------------------------------------------------------
Update Information:
New upstream release. A bugfix relase.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1302474 - hitch-1.1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1302474
--------------------------------------------------------------------------------
================================================================================
letsencrypt-0.3.0-1.el7 (FEDORA-EPEL-2016-e38556f243)
A free, automated certificate authority client
--------------------------------------------------------------------------------
Update Information:
Updated to 0.3.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1302701 - letsencrypt-0.3.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1302701
--------------------------------------------------------------------------------
================================================================================
libinput-1.1.5-1.el7 (FEDORA-EPEL-2016-c64c3afa71)
Input device library
--------------------------------------------------------------------------------
Update Information:
Upstream update to 1.1.5
--------------------------------------------------------------------------------
================================================================================
libsidplayfp-1.8.3-2.el7 (FEDORA-EPEL-2016-386eead9f4)
SID chip music module playing library
--------------------------------------------------------------------------------
Update Information:
Import to EPEL to satisfy QMMP dependency (rhbz#1242361#c3)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1242361 - [RFE] Please provide qmmp EPEL7 build
https://bugzilla.redhat.com/show_bug.cgi?id=1242361
--------------------------------------------------------------------------------
================================================================================
nginx-1.6.3-8.el7 (FEDORA-EPEL-2016-f17c082f00)
A high performance web server and reverse proxy server
--------------------------------------------------------------------------------
Update Information:
- CVE-2016-0747: Insufficient limits of CNAME resolution in resolver -
CVE-2016-0746: Use-after-free during CNAME response processing in resolver -
CVE-2016-0742: Invalid pointer dereference in resolver
--------------------------------------------------------------------------------
================================================================================
pdns-3.4.7-2.el7 (FEDORA-EPEL-2016-c3fc50614c)
A modern, advanced and high performance authoritative-only nameserver
--------------------------------------------------------------------------------
Update Information:
- Remove old PolarSSL dependency
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1302464 - Update to mbedtls causes a dependency issue with pdns
https://bugzilla.redhat.com/show_bug.cgi?id=1302464
--------------------------------------------------------------------------------
================================================================================
perl-Email-Valid-1.198-1.el7 (FEDORA-EPEL-2016-efed433f78)
Check validity of internet email address
--------------------------------------------------------------------------------
Update Information:
Update to 1.198 to fix "multiple MX detection errors".
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1301214 - perl-Email-Valid: please update in epel7
https://bugzilla.redhat.com/show_bug.cgi?id=1301214
--------------------------------------------------------------------------------
================================================================================
pki-usgov-dod-cacerts-0.0.6-4.el7 (FEDORA-EPEL-2016-9eb4a82253)
A collection of U.S. Government CA Certs that the DOD uses
--------------------------------------------------------------------------------
Update Information:
A collection of U.S. Government CA Certs that the DOD uses
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1a87db5f8e recently added to
fc23
https://bugzilla.redhat.com/show_bug.cgi?id=1274948
--------------------------------------------------------------------------------
================================================================================
prosody-0.9.10-1.el7 (FEDORA-EPEL-2016-69b4d0e57c)
Flexible communications server for Jabber/XMPP
--------------------------------------------------------------------------------
Update Information:
Prosody 0.9.10 ============== A summary of changes in this release: Security
-------- * mod_dialback: Adopt key generation algorithm from XEP-0185, to
prevent impersonation attacks (CVE-2016-0756) Fixes and improvements
---------------------- * Startup: Open /dev/urandom read-only, to fix a
failure to start on some systems (fixes #585) * Networking: Improve handling of
the 'select' network backend running out of file descriptors Minor changes
------------- * Networking: Increase default internal read size to prevent
connections stalling with LuaEvent (see #583) * DNS: Discard queries that
failed to send due to connection errors (fixes #598) * c2s, s2s: Lower priority
of shutdown handler, so that modules such as MUC can always send shutdown
notifications to (remote) users (fixes #601)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1302463 - CVE-2016-0756 prosody: mod_dialback allows impersonation attacks
https://bugzilla.redhat.com/show_bug.cgi?id=1302463
--------------------------------------------------------------------------------
================================================================================
python-acme-0.3.0-1.el7 (FEDORA-EPEL-2016-e38556f243)
Python library for the ACME protocol
--------------------------------------------------------------------------------
Update Information:
Updated to 0.3.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1302701 - letsencrypt-0.3.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1302701
--------------------------------------------------------------------------------
================================================================================
python-elfdata-0.6-1.el7 (FEDORA-EPEL-2016-4bf0014108)
Python wrapper to get ELF data
--------------------------------------------------------------------------------
Update Information:
Updated elfdata module which can extract GNU_BUILD_ID from the ELF files.
--------------------------------------------------------------------------------
================================================================================
python-polib-1.0.7-2.el7 (FEDORA-EPEL-2016-8ec371628d)
A library to parse and manage gettext catalogs
--------------------------------------------------------------------------------
Update Information:
Upstream update to 1.0.7
--------------------------------------------------------------------------------
================================================================================
python-productmd-1.0-9.el7 (FEDORA-EPEL-2016-090ce4d02f)
Library providing parsers for metadata related to OS installation
--------------------------------------------------------------------------------
Update Information:
add python-productmd to epel7 ---- adding python-productmd to epel
--------------------------------------------------------------------------------
================================================================================
python-raven-5.10.2-1.el7 (FEDORA-EPEL-2016-536e3ccb2c)
Python client for Sentry
--------------------------------------------------------------------------------
Update Information:
Update to python-raven-5.10.2 ---- First EPEL release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1234950 - Package python-raven in EPEL
https://bugzilla.redhat.com/show_bug.cgi?id=1234950
[ 2 ] Bug #1298402 - python-raven-5.10.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1298402
--------------------------------------------------------------------------------
================================================================================
python-requests-toolbelt-0.6.0-1.el7 (FEDORA-EPEL-2016-2c85206fce)
A utility belt for advanced users of python-requests
--------------------------------------------------------------------------------
Update Information:
update to 0.6.0 release
--------------------------------------------------------------------------------
================================================================================
rpmorphan-1.15-1.el7 (FEDORA-EPEL-2016-6410427984)
List packages that have no dependencies (like deborphan)
--------------------------------------------------------------------------------
Update Information:
Adding rpmorphan to EPEL
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #860433 - RFE - please maintain rpmorphan for EPEL
https://bugzilla.redhat.com/show_bug.cgi?id=860433
--------------------------------------------------------------------------------
================================================================================
rubygem-activerecord-deprecated_finders-1.0.3-6.el7 (FEDORA-EPEL-2016-e52a4ce8de)
This gem contains deprecated finder APIs extracted from Active Record
--------------------------------------------------------------------------------
Update Information:
Bring package to EPEL7
--------------------------------------------------------------------------------
================================================================================
rubygem-minitest5-5.8.4-1.el7 (FEDORA-EPEL-2016-e9edb7ff2c)
minitest provides a complete suite of testing facilities
--------------------------------------------------------------------------------
Update Information:
Updated to new upstream
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1298622 - Review Request: rubygem-minitest5 - minitest provides a complete
suite of testing facilities
https://bugzilla.redhat.com/show_bug.cgi?id=1298622
--------------------------------------------------------------------------------
================================================================================
tito-0.6.4-1.el7 (FEDORA-EPEL-2016-ed4568b9bf)
A tool for managing rpm based git projects
--------------------------------------------------------------------------------
Update Information:
Fix tagging with --use-version on MEAD projects. Fix git annex builder cleanup
returning to proper directory. Fix issue with .spec file basename in some
situations.
--------------------------------------------------------------------------------
================================================================================
wildmidi-0.3.8-3.el7 (FEDORA-EPEL-2016-3f3fffda5a)
Softsynth midi player
--------------------------------------------------------------------------------
Update Information:
Import to EPEL to satisfy QMMP dependency (rhbz#1242361#c3)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1242361 - [RFE] Please provide qmmp EPEL7 build
https://bugzilla.redhat.com/show_bug.cgi?id=1242361
--------------------------------------------------------------------------------
================================================================================
yadifa-2.1.5-1.el7 (FEDORA-EPEL-2016-42474ec730)
Lightweight authoritative Name Server with DNSSEC capabilities
--------------------------------------------------------------------------------
Update Information:
20160108: YADIFA 2.1.5 - Dynamic updates do not use temporary files anymore
which improves their general performance. - The statistics now shows the
referrals. Fixes: - fixed an issue where getting a huge incremental transfer
would prevent the server from answering queries while applying the changes. -
fixed an issue serving IXFR that would occur when a incremental change step was
bigger than 64KB - fixed an issue for Solaris with the memory aligment fix not
active everywhere - fixed an issue on the Solaris build settings - fixed an
issue where sometimes yadifad would not find a configuration file given as a
parameter with a relative path - fixed an issue where a wild-card would not be
properly returned with an AXFR - fixed an issue where dynamically updating a
zone at a speed such that the zone file would need to be written multiple times
on disk before finishing the previous write could lead to a deadlock 20151026:
YADIFA 2.1.4 - The zone reader error reporting has been improved. - Stacktrace
support added for Solaris. Known issue: - Adding and or removing NSEC3PARAM
dynamically is not properly handled. Fixes: - fixed an issue where an NSEC3
answer proving a * query would lead to a crash - fixed an issue where a private
key may be not recognised as such - fixed an issue where dynamic update
prerequisite check would fail a valid match - fixed an issue where zone
signature maintenance would only start if all private keys were available.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1302113 - yadifa: 2.1.5 release available
https://bugzilla.redhat.com/show_bug.cgi?id=1302113
--------------------------------------------------------------------------------