The following Fedora EPEL 7 Security updates need testing: Age URL 13 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2657/python-oauth2-1.5.211-7.el7 8 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2748/nodejs-0.10.32-1.el7,v8-3.14.5.10-14.el7 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2825/nginx-1.6.2-1.el7 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2861/nodejs-qs-0.6.6-3.el7 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2870/nodejs-send-0.3.0-4.el7 1 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2992/check-mk-1.2.4p5-2.el7 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3070/phpMyAdmin-4.2.9.1-1.el7 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3062/golang-1.3.3-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing fedpkg-1.19-1.el7 ginfo-1.0.3-3.el7 golang-1.3.3-1.el7 jglobus-2.1.0-1.el7 mate-desktop-1.8.1-2.el7 mate-panel-1.8.1-1.el7 mathjax-2.4.0-1.el7 perl-Array-Unique-0.08-2.el7 php-tcpdf-6.0.094-1.el7 phpMyAdmin-4.2.9.1-1.el7 pkgwat-0.10-2.el7 python-behave-1.2.4-4.el7 python-moksha-hub-1.4.3-2.el7 python-pkgwat-api-0.12-3.el7 python-pyngus-1.1.0-1.el7 rpkg-1.28-1.el7 uid_wrapper-1.0.2-2.el7 Details about builds: ================================================================================ fedpkg-1.19-1.el7 (FEDORA-EPEL-2014-3069) Fedora utility for working with dist-git -------------------------------------------------------------------------------- Update Information: Updates to the fedpkg package: - Remove @check_newstyle_branches decorator - PEP 8 compliance changes - retire: Ask for password only when required - fedpkg: Show full exception if verbose - add new s390 and ppc only packages Updates to the rpkg package: - Compare fuller remote branch name with local branch before build - Refactor mock results dir to property - Add skip-diffs option for import_srpms - Properly remove possible .py when creating man pages - Process srpm imports to empty repositories more explicitly - Make UPLOADEXTS a class variable that can be extended - Introduce self.default_branch_remote for fresh clones - On self.path change reset properties which could used old value - Remove file names during srpm import in more extensible way - License replaced with official GPL 2.0 license from gnu.org (pbabinca) - Allow "rpkg commit -s" -------------------------------------------------------------------------------- ChangeLog: * Fri Sep 26 2014 Pavol Babincak - 1.19-1 - Explicitly define fedpkg name for man pages (pbabinca) - Remove (pbabinca) - Revert "refactor: PEP 8 compliance of __init__.py" (pbabinca) - refactor: PEP 8 compliance of __init__.py (pbabinca) - refactor: PEP 8 compliance (pbabinca) - retire: Ask for password only when required (opensource) - fedpkg: Show full exception if verbose (opensource) - add new s390 only packages (dan) - add new ppc only packages (dan) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1133165 - man page examples demonstrate use of fedpkg_man_page.py https://bugzilla.redhat.com/show_bug.cgi?id=1133165 [ 2 ] Bug #1129806 - fedpkg is defining the wrong filedigest algorithm for local builds https://bugzilla.redhat.com/show_bug.cgi?id=1129806 -------------------------------------------------------------------------------- ================================================================================ ginfo-1.0.3-3.el7 (FEDORA-EPEL-2014-3065) A versatile tool for discovering Grid services -------------------------------------------------------------------------------- Update Information: First EPEL7 Package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1140096 - Please build and epel7 version of on ginfo https://bugzilla.redhat.com/show_bug.cgi?id=1140096 -------------------------------------------------------------------------------- ================================================================================ golang-1.3.3-1.el7 (FEDORA-EPEL-2014-3062) The Go Programming Language -------------------------------------------------------------------------------- Update Information: update to go1.3.3 (bz1146882) update to go1.3.2 (bz1147324) -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 1 2014 Vincent Batts <vba...@fedoraproject.org> - 1.3.3-1 - update to go1.3.3 (bz1146882) * Mon Sep 29 2014 Vincent Batts <vba...@fedoraproject.org> - 1.3.2-1 - update to go1.3.2 (bz1147324) * Thu Sep 11 2014 Vincent Batts <vba...@fedoraproject.org> - 1.3.1-3 - patching the tzinfo failure * Sat Aug 16 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 1.3.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Wed Aug 13 2014 Vincent Batts <vba...@fedoraproject.org> - 1.3.1-1 - update to go1.3.1 * Wed Aug 13 2014 Vincent Batts <vba...@fedoraproject.org> - 1.3-11 - merged a line wrong * Wed Aug 13 2014 Vincent Batts <vba...@fedoraproject.org> - 1.3-10 - more work to get cgo.a timestamps to line up, due to build-env - explicitly list all the files and directories for the source and packages trees - touch all the built archives to be the same * Mon Aug 11 2014 Vincent Batts <vba...@fedoraproject.org> - 1.3-9 - make golang-src 'noarch' again, since that was not a fix, and takes up more space * Mon Aug 11 2014 Vincent Batts <vba...@fedoraproject.org> - 1.3-8 - update timestamps of source files during %install bz1099206 * Fri Aug 8 2014 Vincent Batts <vba...@fedoraproject.org> - 1.3-7 - update timestamps of source during %install bz1099206 * Wed Aug 6 2014 Vincent Batts <vba...@fedoraproject.org> - 1.3-6 - make the source subpackage arch'ed, instead of noarch * Mon Jul 21 2014 Vincent Batts <vba...@fedoraproject.org> - 1.3-5 - fix the writing of pax headers * Tue Jul 15 2014 Vincent Batts <vba...@fedoraproject.org> - 1.3-4 - fix the loading of gdb safe-path. bz981356 * Tue Jul 8 2014 Vincent Batts <vba...@fedoraproject.org> - 1.3-3 - `go install std` requires gcc, to build cgo. bz1105901, bz1101508 * Mon Jul 7 2014 Vincent Batts <vba...@fedoraproject.org> - 1.3-2 - archive/tar memory allocation improvements * Thu Jun 19 2014 Vincent Batts <vba...@fedoraproject.org> - 1.3-1 - update to go1.3 * Fri Jun 13 2014 Vincent Batts <vba...@fedoraproject.org> - 1.3rc2-1 - update to go1.3rc2 * Sat Jun 7 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 1.3rc1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Tue Jun 3 2014 Vincent Batts <vba...@redhat.com> 1.3rc1-1 - update to go1.3rc1 - new arch file shuffling -------------------------------------------------------------------------------- References: [ 1 ] Bug #1147324 - CVE-2014-7189 golang: TLS client authentication issue fixed in version 1.3.2 https://bugzilla.redhat.com/show_bug.cgi?id=1147324 -------------------------------------------------------------------------------- ================================================================================ jglobus-2.1.0-1.el7 (FEDORA-EPEL-2014-3087) Globus Java client libraries -------------------------------------------------------------------------------- Update Information: JGlobus 2.1.0. -------------------------------------------------------------------------------- ================================================================================ mate-desktop-1.8.1-2.el7 (FEDORA-EPEL-2014-3079) Shared code for mate-panel, mate-session, mate-file-manager, etc -------------------------------------------------------------------------------- Update Information: mate-desktop - rename gschema overrride file for epel7 and include panel-layout - default settings mate-panel - update to 1.8.1 release -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 1 2014 Wolfgang Ulbrich <chat-to...@raveit.de> - 1.8.1-2 - rename gschema overrride file for epel7 and include panel-layout - default settings -------------------------------------------------------------------------------- ================================================================================ mate-panel-1.8.1-1.el7 (FEDORA-EPEL-2014-3079) MATE Desktop panel and applets -------------------------------------------------------------------------------- Update Information: mate-desktop - rename gschema overrride file for epel7 and include panel-layout - default settings mate-panel - update to 1.8.1 release -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 1 2014 Wolfgang Ulbrich <chat-to...@raveit.de> - 1.8.1-1 - update to 1.8.1 release -------------------------------------------------------------------------------- ================================================================================ mathjax-2.4.0-1.el7 (FEDORA-EPEL-2014-3077) JavaScript library to render math in the browser -------------------------------------------------------------------------------- Update Information: Update and add epel7 branch. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1138534 - Please branch mathjax for EPEL 7 https://bugzilla.redhat.com/show_bug.cgi?id=1138534 -------------------------------------------------------------------------------- ================================================================================ perl-Array-Unique-0.08-2.el7 (FEDORA-EPEL-2014-3074) Tie-able array that allows only unique values -------------------------------------------------------------------------------- Update Information: perl-Array-Unique: initial submission -------------------------------------------------------------------------------- References: [ 1 ] Bug #1139043 - Review Request: perl-Array-Unique - Tie-able array that allows only unique values https://bugzilla.redhat.com/show_bug.cgi?id=1139043 -------------------------------------------------------------------------------- ================================================================================ php-tcpdf-6.0.094-1.el7 (FEDORA-EPEL-2014-3071) PHP class for generating PDF documents and barcodes -------------------------------------------------------------------------------- Update Information: 6.0.094 (2014-09-30) * Bug item #978 "Variable Undefined: $cborder" was fixed. 6.0.093 (2014-09-02) * Security fix: some serialize/unserialize methods were replaced with json_encode/json_decode to avoid a potential object injection with user supplied content. Thanks to ownCloud Inc. for reporting this issue. * K_TIMEZONE constant was added to the default configuration to supress date-time warnings. 6.0.092 (2014-09-01) * Bug item #956 "Monospaced fonts are not alignd at the baseline" was fixed. * Bug item #964 "Problem when changing font size" was fixed. * Bug item #969 "ImageSVG with radialGradient problem" was fixed. * sRGB.icc file was replaced with the one from the Debian package icc-profiles-free (2.0.1+dfsg-1) -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 2 2014 Remi Collet <r...@fedoraproject.org> - 6.0.094-1 - update to 6.0.094 * Wed Sep 17 2014 Robert Scheck <rob...@fedoraproject.org> - 6.0.091-2 - buildrequire php-cli >= 5.3 (#1121745) - added provides for php-* if package is used on EL-5 (#1121745) - corrected inter-package dependencies (Remi Collet) -------------------------------------------------------------------------------- ================================================================================ phpMyAdmin-4.2.9.1-1.el7 (FEDORA-EPEL-2014-3070) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information: phpMyAdmin 4.2.9.1 (2014-10-01) =============================== - [security] XSS vulnerabilities in table search and table structure pages -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 2 2014 Robert Scheck <rob...@fedoraproject.org> 4.2.9.1-1 - Upgrade to 4.2.9.1 (#1148664) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148664 - CVE-2014-7217 phpmyadmin: cross-site scripting (XSS) flaw fixed in versions 4.0.10.4, 4.1.14.5, and 4.2.9.1 (PMASA-2014-11) https://bugzilla.redhat.com/show_bug.cgi?id=1148664 -------------------------------------------------------------------------------- ================================================================================ pkgwat-0.10-2.el7 (FEDORA-EPEL-2014-3088) CLI tool for querying the fedora packages webapp -------------------------------------------------------------------------------- Update Information: Branch for epel -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148215 - Please package pkgwat for EL6 and EPEL7 https://bugzilla.redhat.com/show_bug.cgi?id=1148215 -------------------------------------------------------------------------------- ================================================================================ python-behave-1.2.4-4.el7 (FEDORA-EPEL-2014-3066) Tools for the behavior-driven development, Python style -------------------------------------------------------------------------------- Update Information: Add another patch to fix an Unicode error (thanks to vbenes for help) Add another patch to fix an Unicode error -------------------------------------------------------------------------------- ChangeLog: * Fri Sep 12 2014 Matěj Cepl <mc...@redhat.com> - 1.2.4-4 - Add another patch to fix an Unicode error (thanks for vbenes for fixing my earlier proposal). -------------------------------------------------------------------------------- ================================================================================ python-moksha-hub-1.4.3-2.el7 (FEDORA-EPEL-2014-3086) Hub components for Moksha -------------------------------------------------------------------------------- Update Information: PollingProducers now advertise the last time that they ran (monitoring) Enhancements to STOMP support. Support for STOMP-1.1. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 1 2014 Ralph Bean <rb...@redhat.com> - 1.4.3-2 - Patch to make polling producers advertise the last time they ran. * Thu Sep 25 2014 Ralph Bean <rb...@redhat.com> - 1.4.3-1 - Latest upstream with stomp improvements. * Mon Sep 15 2014 Ralph Bean <rb...@redhat.com> - 1.4.2-1 - Latest upstream with support for STOMP-1.1. -------------------------------------------------------------------------------- ================================================================================ python-pkgwat-api-0.12-3.el7 (FEDORA-EPEL-2014-3090) Python API for querying the fedora packages webapp -------------------------------------------------------------------------------- Update Information: Branch for epel -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148215 - Please package pkgwat for EL6 and EPEL7 https://bugzilla.redhat.com/show_bug.cgi?id=1148215 -------------------------------------------------------------------------------- ================================================================================ python-pyngus-1.1.0-1.el7 (FEDORA-EPEL-2014-3073) Callback API implemented over Proton -------------------------------------------------------------------------------- Update Information: First official build. -------------------------------------------------------------------------------- ================================================================================ rpkg-1.28-1.el7 (FEDORA-EPEL-2014-3069) Utility for interacting with rpm+git packaging systems -------------------------------------------------------------------------------- Update Information: Updates to the fedpkg package: - Remove @check_newstyle_branches decorator - PEP 8 compliance changes - retire: Ask for password only when required - fedpkg: Show full exception if verbose - add new s390 and ppc only packages Updates to the rpkg package: - Compare fuller remote branch name with local branch before build - Refactor mock results dir to property - Add skip-diffs option for import_srpms - Properly remove possible .py when creating man pages - Process srpm imports to empty repositories more explicitly - Make UPLOADEXTS a class variable that can be extended - Introduce self.default_branch_remote for fresh clones - On self.path change reset properties which could used old value - Remove file names during srpm import in more extensible way - License replaced with official GPL 2.0 license from gnu.org (pbabinca) - Allow "rpkg commit -s" -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 30 2014 Pavol Babincak <pbabi...@redhat.com> - 1.28-1 - Compare fuller remote branch name with local branch before build * Fri Sep 26 2014 Pavol Babincak <pbabi...@redhat.com> - 1.27-1 - Explicitly define pyrpkg's client name for man pages (pbabinca) - Refactor mock results dir to property (pbabinca) - Add skip-diffs option for import_srpms (lars) - Properly remove possible .py when creating man pages (lars) - Process srpm imports to empty repositories more explicitly (pbabinca) - Make UPLOADEXTS a class variable that can be extended (lars) - Introduce self.default_branch_remote for fresh clones (pbabinca) - On self.path change reset properties which could used old value (pbabinca) - Remove empty entry from git ls-files to not confuse following code (pbabinca) - Remove file names during srpm import in more extensible way (pbabinca) - Fix issue causing all current local builds via fedpkg to use md5 rather than sha256 (spot) - License replaced with official GPL 2.0 license from gnu.org (pbabinca) - Allow "rpkg commit -s" (pjones) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1133165 - man page examples demonstrate use of fedpkg_man_page.py https://bugzilla.redhat.com/show_bug.cgi?id=1133165 [ 2 ] Bug #1129806 - fedpkg is defining the wrong filedigest algorithm for local builds https://bugzilla.redhat.com/show_bug.cgi?id=1129806 -------------------------------------------------------------------------------- ================================================================================ uid_wrapper-1.0.2-2.el7 (FEDORA-EPEL-2014-3067) A wrapper for privilege separation -------------------------------------------------------------------------------- Update Information: Do not own /usr/lib64/cmake. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 2 2014 - Andreas Schneider <a...@redhat.com> - 1.0.2-4 - resolves: #1146410 - Do not own /usr/lib64/cmake. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1146410 - uid_wrapper owns /usr/lib64/cmake https://bugzilla.redhat.com/show_bug.cgi?id=1146410 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list epel-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/epel-devel