The following Fedora EPEL 7 Security updates need testing:
Age URL
166
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3989/cross-binutils-2.23.88.0.1-2.el7.1
61
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0862/nodejs-0.10.36-3.el7,libuv-0.10.34-1.el7,v8-3.14.5.10-17.el7
50
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1087/dokuwiki-0-0.24.20140929c.el7
50
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0952/qpid-qmf-0.28-27.el7,qpid-cpp-0.30-12.el7
33
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1421/quassel-0.11.0-2.el7
27
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1545/strongswan-5.3.0-1.el7
22
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1596/postgis-2.0.7-1.el7
13
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5811/qt5-qtbase-5.4.1-9.el7
13
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5703/php-pecl-zendopcache-7.0.5-1.el7
11
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5832/mingw-gnutls-3.3.14-1.el7,mingw-libtasn1-4.4-1.el7,mingw-p11-kit-0.20.7-1.el7
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5973/mingw-libtiff-4.0.3-6.el7
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5991/mingw-libgcrypt-1.6.3-1.el7
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5995/mingw-qt-4.8.6-8.el7
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5960/testdisk-7.0-3.el7
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5987/mingw-openssl-1.0.2a-1.el7
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5994/mingw-qt5-qtbase-5.4.1-2.el7
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5971/mingw-curl-7.42.0-1.el7
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6006/dpkg-1.16.16-5.el7
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6018/pdns-3.4.4-1.el7
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6023/pdns-recursor-3.7.2-1.el7
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6030/proftpd-1.3.5-5.el7
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5937/wordpress-4.2.1-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
flxmlrpc-0.1.3-1.el7
hylafax+-5.5.6-1.el7
lnst-8-1.el7
nx-libs-3.5.0.31-1.el7
perl-Excel-Writer-XLSX-0.84-1.el7
php-horde-Horde-Imap-Client-2.28.0-1.el7
proftpd-1.3.5-5.el7
python-email_reply_parser-0.3.0-20140523git76e9481.el7
python-fedimg-0.6-1.el7
python-fedmsg-meta-fedora-infrastructure-0.5.2-1.el7
python-myghty-1.2-5.el7
python-waitress-0.8.9-5.el7
supybot-fedora-0.3.2-1.el7
wordpress-4.2.1-1.el7
x2goserver-4.0.1.19-3.el7
Details about builds:
================================================================================
flxmlrpc-0.1.3-1.el7 (FEDORA-EPEL-2015-6044)
An xmlrpc library for the NBEMS suite of programs
--------------------------------------------------------------------------------
Update Information:
Initial import (#1214467).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1214467 - Review Request: flxmlrpc - An xmlrpc library for the
NBEMS suite of programs
https://bugzilla.redhat.com/show_bug.cgi?id=1214467
--------------------------------------------------------------------------------
================================================================================
hylafax+-5.5.6-1.el7 (FEDORA-EPEL-2015-6042)
An enterprise-strength fax server
--------------------------------------------------------------------------------
Update Information:
update to 5.5.6
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 27 2015 Lee Howard <fax...@howardsilvan.com> 5.5.6-1
- update to 5.5.6
--------------------------------------------------------------------------------
================================================================================
lnst-8-1.el7 (FEDORA-EPEL-2015-6048)
Common code for lnst-ctl and lnst-slave
--------------------------------------------------------------------------------
Update Information:
- Updating to stable release 8
- Fixed subpackages dependencies
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 27 2015 Jiri Pirko <jpi...@redhat.com> - 8-1
- Updating to stable release 8
- Fixed subpackages dependencies
--------------------------------------------------------------------------------
================================================================================
nx-libs-3.5.0.31-1.el7 (FEDORA-EPEL-2015-6043)
NX X11 protocol compression libraries
--------------------------------------------------------------------------------
Update Information:
- Install applications symlink by default so that "Published Applications" is
populated (bug #1215474)
- Update to nx-libs 3.5.0.31 (mostly OSX and other non-Fedora changes)
- Have x2goagent own /etc/x2go to ensure proper cleanup
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 27 2015 Orion Poplawski <or...@cora.nwra.com> - 3.5.0.31-1
- Update to 3.5.0.31
- Own /etc/x2go to ensure proper cleanup
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1215474 - X2Go "Published Applications" list is empty
https://bugzilla.redhat.com/show_bug.cgi?id=1215474
--------------------------------------------------------------------------------
================================================================================
perl-Excel-Writer-XLSX-0.84-1.el7 (FEDORA-EPEL-2015-6034)
Create a new file in the Excel 2007+ XLSX format
--------------------------------------------------------------------------------
Update Information:
Update to 0.84
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 28 2015 David Dick <dd...@cpan.org> - 0.84-1
- Update to 0.84
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1214711 - perl-Excel-Writer-XLSX-0.84 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1214711
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Imap-Client-2.28.0-1.el7 (FEDORA-EPEL-2015-6032)
Horde IMAP abstraction interface
--------------------------------------------------------------------------------
Update Information:
**Horde_Imap_Client 2.28.0**
* [mms] Fix parsing mailbox name from STATUS response on servers that have the
UTF8 extension enabled.
* [jan] Fix searching with non-ASCII strings in AND/OR-combined searches.
* [jan] Fix issues with certain locales like Turkish.
* [mms] Pipeline ID command with other commands, if possible.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 28 2015 Remi Collet <r...@fedoraproject.org> - 2.28.0-1
- Update to 2.28.0
--------------------------------------------------------------------------------
================================================================================
proftpd-1.3.5-5.el7 (FEDORA-EPEL-2015-6030)
Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:
Vadim Melihow reported a critical issue with proftpd installations that use the
mod_copy module's SITE CPFR/SITE CPTO commands; mod_copy allows these commands
to be used by unauthenticated clients
Upstream report: http://bugs.proftpd.org/show_bug.cgi?id=4169
Note that mod_copy is not loaded/enabled by default in the EPEL-7 package.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 28 2015 Paul Howarth <p...@city-fan.org> - 1.3.5-5
- Unauthenticated copying of files via SITE CPFR/CPTO was allowed by mod_copy
(CVE-2015-3306, http://bugs.proftpd.org/show_bug.cgi?id=4169)
* Tue Feb 10 2015 Paul Howarth <p...@city-fan.org> - 1.3.5-4
- Anonymous upload directory specification needs to be slightly different if
mod_vroot is in use (#1045922)
http://sourceforge.net/p/proftp/mailman/message/31728570/
- Use %license where possible
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1212386 - CVE-2015-3306 proftpd: unauthenticated copying of files
via SITE CPFR/CPTO allowed by mod_copy
https://bugzilla.redhat.com/show_bug.cgi?id=1212386
--------------------------------------------------------------------------------
================================================================================
python-email_reply_parser-0.3.0-20140523git76e9481.el7 (FEDORA-EPEL-2015-6037)
Email reply parser library for Python 2
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
================================================================================
python-fedimg-0.6-1.el7 (FEDORA-EPEL-2015-6046)
Automatically upload Fedora Cloud images to cloud providers
--------------------------------------------------------------------------------
Update Information:
performance increases and bug fixes
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 24 2015 David Gay <d...@redhat.com> - 0.6.0-1
- new release
--------------------------------------------------------------------------------
================================================================================
python-fedmsg-meta-fedora-infrastructure-0.5.2-1.el7 (FEDORA-EPEL-2015-6033)
Metadata providers for Fedora Infrastructure's fedmsg deployment
--------------------------------------------------------------------------------
Update Information:
New FAF processor \(thanks @mbrysa!\) and a bugfix to the planet processor.
New zanata processor. Fixes to anitya processor.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 28 2015 Ralph Bean <rb...@redhat.com> - 0.5.2-1
- new version
* Thu Apr 23 2015 Ralph Bean <rb...@redhat.com> - 0.5.1-1
- new version
* Thu Apr 23 2015 Ralph Bean <rb...@redhat.com> - 0.5.0-1
- new version
--------------------------------------------------------------------------------
================================================================================
python-myghty-1.2-5.el7 (FEDORA-EPEL-2015-6038)
Python-based templating system derived from HTML::Mason
--------------------------------------------------------------------------------
Update Information:
Initial package for epel7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1175527 - python-myghty: Build for EPEL 7
https://bugzilla.redhat.com/show_bug.cgi?id=1175527
--------------------------------------------------------------------------------
================================================================================
python-waitress-0.8.9-5.el7 (FEDORA-EPEL-2015-6031)
Waitress WSGI server
--------------------------------------------------------------------------------
Update Information:
Initial packaging for el7.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1213981 - Please branch and build for epel7
https://bugzilla.redhat.com/show_bug.cgi?id=1213981
--------------------------------------------------------------------------------
================================================================================
supybot-fedora-0.3.2-1.el7 (FEDORA-EPEL-2015-6047)
Plugin for Supybot to interact with Fedora services
--------------------------------------------------------------------------------
Update Information:
Nag people about naked pings. Adjust karma responses in channel.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 27 2015 Ralph Bean <rb...@redhat.com> - 0.3.2-1
- new version
--------------------------------------------------------------------------------
================================================================================
wordpress-4.2.1-1.el7 (FEDORA-EPEL-2015-5937)
Blog tool and publishing platform
--------------------------------------------------------------------------------
Update Information:
**WordPress 4.2 “Powell” **
* Upstream announcement https://wordpress.org/news/2015/04/powell/
**WordPress 4.2.1 Security Release**
* Upstream announcement https://wordpress.org/news/2015/04/wordpress-4-2-1/
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 28 2015 Remi Collet <r...@fedoraproject.org> - 4.2.1-1
- WordPress 4.2.1 Security Release
- WordPress 4.2 “Powell”
* Fri Apr 24 2015 Remi Collet <r...@fedoraproject.org> - 4.1.3-1
- WordPress 4.1.3 Maintenance Release
* Thu Apr 23 2015 Remi Collet <r...@fedoraproject.org> - 4.1.2-1
- WordPress 4.1.2 Security Release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1214650 - wordpress: several vulnerabilities fixed in Wordpress
4.1.2
https://bugzilla.redhat.com/show_bug.cgi?id=1214650
[ 2 ] Bug #1216069 - wordpress: stored XSS via long comments
https://bugzilla.redhat.com/show_bug.cgi?id=1216069
--------------------------------------------------------------------------------
================================================================================
x2goserver-4.0.1.19-3.el7 (FEDORA-EPEL-2015-6043)
X2Go Server
--------------------------------------------------------------------------------
Update Information:
- Install applications symlink by default so that "Published Applications" is
populated (bug #1215474)
- Update to nx-libs 3.5.0.31 (mostly OSX and other non-Fedora changes)
- Have x2goagent own /etc/x2go to ensure proper cleanup
--------------------------------------------------------------------------------
ChangeLog:
* Sun Apr 26 2015 Orion Poplawski <or...@cora.nwra.com> - 4.0.1.19-3
- Install applications symlink by default so that "Published
Applications" is populated (bug #1215474)
* Wed Mar 18 2015 Orion Poplawski <or...@cora.nwra.com> - 4.0.1.19-2
- Provide x2goserver-extensions for upstream compatibility
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1215474 - X2Go "Published Applications" list is empty
https://bugzilla.redhat.com/show_bug.cgi?id=1215474
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
epel-devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/epel-devel
