The following Fedora EPEL 7 Security updates need testing: Age URL 269 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 165 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6813 chicken-4.9.0.1-4.el7 73 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8155 nagios-4.0.8-1.el7 61 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-925e9374c9 python-pymongo-3.0.3-1.el7 37 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-234553a060 mediawiki123-1.23.11-1.el7 37 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-ad1b660a4d php-ZendFramework-1.12.16-1.el7 31 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 17 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-914de61c66 potrace-1.13-2.el7 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-ed2e71927f imapsync-1.644-2.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dfc3cd3b50 knot-1.6.6-1.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-ca44dee931 python-django-1.6.11-4.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-0ec0c87b3a proftpd-1.3.5a-2.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing NetworkManager-openvpn-1.0.8-1.el7 NetworkManager-vpnc-1.0.8-1.el7 clamav-0.99-1.el7 comic-neue-fonts-2.2-2.el7 flrig-1.3.23-1.el7 gnome-screensaver-3.6.1-14.el7 gstreamer1-vaapi-0.6.1-1.el7 kstart-4.1-8.el7 nodejs-file-uri-to-path-0.0.2-1.el7 nodejs-saucelabs-0.1.1-3.el7 notification-daemon-3.14.1-2.el7 perl-Judy-0.41-4.el7 perl-Log-Log4perl-Appender-Socket-UNIX-1.04-3.el7 php-nette-database-2.3.7-1.el7 php-nette-forms-2.3.6-1.el7 php-nette-reflection-2.3.1-1.el7 php-nette-robot-loader-2.3.1-2.el7 php-nette-security-2.3.1-1.el7 php-pecl-libsodium-1.0.2-1.el7 php-pecl-solr2-2.3.0-1.el7 proftpd-1.3.5a-2.el7 python-stuf-0.9.16-5.el7 qpid-cpp-0.34-5.el7 rabbitmq-server-3.3.5-13.el7 scsi-target-utils-1.0.55-3.el7 vertica-python-0.5.4-1.el7 Details about builds: ================================================================================ NetworkManager-openvpn-1.0.8-1.el7 (FEDORA-EPEL-2015-2919d6d7d9) NetworkManager VPN plugin for OpenVPN -------------------------------------------------------------------------------- Update Information: VPN plugin update. ---- This update disables client renegotiation by default, leaving the value up to the server or user override. This fixes frequent renegotiation failures when using two-factor authentication when the client has a much lower value than the server. This update disables client renegotiation by default, leaving the value up to the server or user override. This fixes frequent renegotiation failures when using two-factor authentication when the client has a much lower value than the server. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148910 - Please Build/Release for EPEL7 https://bugzilla.redhat.com/show_bug.cgi?id=1148910 [ 2 ] Bug #969433 - OpenVPN frequently disconnects https://bugzilla.redhat.com/show_bug.cgi?id=969433 -------------------------------------------------------------------------------- ================================================================================ NetworkManager-vpnc-1.0.8-1.el7 (FEDORA-EPEL-2015-2919d6d7d9) NetworkManager VPN plugin for vpnc -------------------------------------------------------------------------------- Update Information: VPN plugin update. ---- This update disables client renegotiation by default, leaving the value up to the server or user override. This fixes frequent renegotiation failures when using two-factor authentication when the client has a much lower value than the server. This update disables client renegotiation by default, leaving the value up to the server or user override. This fixes frequent renegotiation failures when using two-factor authentication when the client has a much lower value than the server. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1148910 - Please Build/Release for EPEL7 https://bugzilla.redhat.com/show_bug.cgi?id=1148910 [ 2 ] Bug #969433 - OpenVPN frequently disconnects https://bugzilla.redhat.com/show_bug.cgi?id=969433 -------------------------------------------------------------------------------- ================================================================================ clamav-0.99-1.el7 (FEDORA-EPEL-2015-7b36c1ca5a) End-user tools for the Clam Antivirus scanner -------------------------------------------------------------------------------- Update Information: ClamAV 0.99 contains major new features and changes. YARA rules, Perl Compatible Regular Expressions, revamped on-access scanning for Linux, and other new features join the many great features of ClamAV: - Processing of YARA rules (some limitations - see signatures.pdf). - Support in ClamAV logical signatures for many of the features added for YARA, such as Perl Compatible Regular Expressions, alternate strings, and YARA string attributes. See signatures.pdf for full details. - New and improved on-access scanning for Linux. See the recent blog post and clamdoc.pdf for details on the new on-access capabilities. - A new ClamAV API callback function that is invoked when a virus is found. This is intended primarily for applications running in all-match mode. Any applications using all-match mode must use the new callback function to record and report detected viruses. - Configurable default password list to attempt zip file decryption. - TIFF file support. - A new signature target type for designating signatures to run against files with unknown file types. - Improved fidelity of the "data loss prevention" heuristic algorithm. Code supplied by Bill Parker. - Support for LZMA decompression within Adobe Flash files. - Support for MSO attachments within Microsoft Office 2003 XML files. - A new sigtool option(--ascii-normalize) allowing signature authors to more easily generate normalized versions of ascii files. Please note: If you are using clamd on-access scanning or have applications using all-match mode, you will want to review the changes and make any necessary adjustments before using ClamAV 0.99. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1287327 - clamav-0.99 is available https://bugzilla.redhat.com/show_bug.cgi?id=1287327 -------------------------------------------------------------------------------- ================================================================================ comic-neue-fonts-2.2-2.el7 (FEDORA-EPEL-2015-dc5560cd58) A typeface family inspired by Comic Sans -------------------------------------------------------------------------------- Update Information: initial build for epel7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1271787 - Review Request: comic-neue-fonts - A typeface family inspired by Comic Sans https://bugzilla.redhat.com/show_bug.cgi?id=1271787 -------------------------------------------------------------------------------- ================================================================================ flrig-1.3.23-1.el7 (FEDORA-EPEL-2015-68b60b736c) Transceiver control program -------------------------------------------------------------------------------- Update Information: Version 1.3.23 - maintenance release - FT817 FT857D FT897D * Added read ACK after every write * Added up to 10 retries if ACK not received after write. - xmlrpc server * Added new get's - rig.get_info, transfers all controls data in a single string - rig.get_update, transfers all changed controls data in a single string, "NIL" if no changes - FT900 * Added FT900 backend, contributed by Ernst Schroeder, DJ7HS * Correct split behavior for have_splitAB designated xcvrs like the FT950 and FT900 - TS590SG * add back end for 590SG - MXE update - FT990a * simple blind control of FT990 with very early ROM version - Set Mode/BW controls * change ordering of set when mode change read from transceiver - KENWOOD mods * change read SWR / ALC command strings and interpretation for TS990 * correct various errors in Shift/Width, Lo/Hi cut tables. Reorder use of SL and SH variables - TS480 - TS590 - TS870 - TS990 - TS2000 - IC7800 * Added IC-7800 class - fldigi BW interface * Add missing bw_vals_ to various xcvr backends - restore xml client * allow flrig to act as either a multi-client xmlrcp server or a single client to fldigi server - BUILD_{DATE,USER,HOST} * Externally overridable BUILD_DATE, BUILD_USER, and BUILD_HOST to allow distros to generate reproducible builds. -------------------------------------------------------------------------------- ================================================================================ gnome-screensaver-3.6.1-14.el7 (FEDORA-EPEL-2015-b455ab6de3) GNOME Screensaver -------------------------------------------------------------------------------- Update Information: Adding gnome-screensaver for EL 7.2 -------------------------------------------------------------------------------- ================================================================================ gstreamer1-vaapi-0.6.1-1.el7 (FEDORA-EPEL-2015-cf1220cabc) GStreamer plugins to use VA API video acceleration -------------------------------------------------------------------------------- Update Information: rebase to master -------------------------------------------------------------------------------- References: [ 1 ] Bug #1285128 - Cannot update to 7.2 because packages aren't found https://bugzilla.redhat.com/show_bug.cgi?id=1285128 -------------------------------------------------------------------------------- ================================================================================ kstart-4.1-8.el7 (FEDORA-EPEL-2015-0bc1161afd) Daemon version of kinit for Kerberos v5 -------------------------------------------------------------------------------- Update Information: Remove obsolete --disable-k4start configure option and add --with-aklog option. Thanks sh...@eth0.net. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1287213 - Housekeeping: Remove obsolete --disable-k4start configure option https://bugzilla.redhat.com/show_bug.cgi?id=1287213 [ 2 ] Bug #1287210 - Provide compile-time default for AFS Login program https://bugzilla.redhat.com/show_bug.cgi?id=1287210 -------------------------------------------------------------------------------- ================================================================================ nodejs-file-uri-to-path-0.0.2-1.el7 (FEDORA-EPEL-2015-44ab76f625) Convert a file: URI to a file path -------------------------------------------------------------------------------- Update Information: Initial packaging for Fedora. -------------------------------------------------------------------------------- ================================================================================ nodejs-saucelabs-0.1.1-3.el7 (FEDORA-EPEL-2015-9e054fbb17) A wrapper around Sauce Labs REST API -------------------------------------------------------------------------------- Update Information: Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ notification-daemon-3.14.1-2.el7 (FEDORA-EPEL-2015-0844b613bb) Desktop Notification Daemon -------------------------------------------------------------------------------- Update Information: Adding notification-daemon for EL 7.2 -------------------------------------------------------------------------------- ================================================================================ perl-Judy-0.41-4.el7 (FEDORA-EPEL-2015-bcf7cbbe0e) Library for creating and accessing dynamic arrays -------------------------------------------------------------------------------- Update Information: Bumped release to push an update (#751119) -------------------------------------------------------------------------------- References: [ 1 ] Bug #751119 - Review Request: perl-Judy - Perl wrapper for Judy https://bugzilla.redhat.com/show_bug.cgi?id=751119 -------------------------------------------------------------------------------- ================================================================================ perl-Log-Log4perl-Appender-Socket-UNIX-1.04-3.el7 (FEDORA-EPEL-2015-f871afba8b) Log4perl appender for writing to UNIX domain sockets -------------------------------------------------------------------------------- Update Information: Bumped release to push an update. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1263600 - Review Request: perl-Log-Log4perl-Appender-Socket-UNIX - Log4perl appender for writing to UNIX domain sockets https://bugzilla.redhat.com/show_bug.cgi?id=1263600 -------------------------------------------------------------------------------- ================================================================================ php-nette-database-2.3.7-1.el7 (FEDORA-EPEL-2015-6e042cb284) Nette Database Component -------------------------------------------------------------------------------- Update Information: Nette provides a powerful layer for accessing your database easily. - composes SQL queries with ease - easily fetches data - uses efficient queries and does not transmit unnecessary data The Nette\Database\Connection class is a wrapper around the PDO and represents a connection to the database. The core functionality is provided by Nette\Database\Context. Nette\Database\Table layer provides an enhanced layer for table querying. To use this library, you just have to add, in your project: require_once '/usr/share/php/Nette/Database/autoload.php'; -------------------------------------------------------------------------------- References: [ 1 ] Bug #1277474 - Review Request: php-nette-database - Nette Database Component https://bugzilla.redhat.com/show_bug.cgi?id=1277474 -------------------------------------------------------------------------------- ================================================================================ php-nette-forms-2.3.6-1.el7 (FEDORA-EPEL-2015-97916dc9c1) Nette Forms: greatly facilitates web forms -------------------------------------------------------------------------------- Update Information: Nette\Forms greatly facilitates creating and processing web forms. What it can really do? - validate sent data both client-side (JavaScript) and server-side - provide high level of security - multiple render modes - translations, i18n To use this library, you just have to add, in your project: require_once '/usr/share/php/Nette/Forms/autoload.php'; -------------------------------------------------------------------------------- References: [ 1 ] Bug #1277465 - Review Request: php-nette-forms - Nette Forms: greatly facilitates web forms https://bugzilla.redhat.com/show_bug.cgi?id=1277465 -------------------------------------------------------------------------------- ================================================================================ php-nette-reflection-2.3.1-1.el7 (FEDORA-EPEL-2015-ec065d1f29) Nette PHP Reflection Component -------------------------------------------------------------------------------- Update Information: If you need to find every information about any class, reflection is the right tool to do it. You can easily find out which methods does any class have, what parameters do those methods accept, etc. Nette\Object simplifies access to class' self-reflection with method getReflection(), returning a Nette\Reflection\ClassType object. To use this library, you just have to add, in your project: require_once '/usr/share/php/Nette/Reflection/autoload.php'; -------------------------------------------------------------------------------- References: [ 1 ] Bug #1277413 - Review Request: php-nette-reflection - Nette PHP Reflection Component https://bugzilla.redhat.com/show_bug.cgi?id=1277413 -------------------------------------------------------------------------------- ================================================================================ php-nette-robot-loader-2.3.1-2.el7 (FEDORA-EPEL-2015-a143e3b7a9) Nette RobotLoader: comfortable autoloading -------------------------------------------------------------------------------- Update Information: RobotLoader is a tool that gives you comfort of automated class loading for your entire application including third-party libraries. - get rid of all require - only necessary scripts are loaded - requires no strict file naming conventions - allows more classes in single file To use this library, you just have to add, in your project: require_once '/usr/share/php/Nette/RobotLoader/autoload.php'; -------------------------------------------------------------------------------- References: [ 1 ] Bug #1277437 - Review Request: php-nette-robot-loader - Nette RobotLoader: comfortable autoloading https://bugzilla.redhat.com/show_bug.cgi?id=1277437 -------------------------------------------------------------------------------- ================================================================================ php-nette-security-2.3.1-1.el7 (FEDORA-EPEL-2015-4509a1f056) Nette Security: Access Control Component -------------------------------------------------------------------------------- Update Information: Nette Security: Access Control - user login and logout - verifying user privileges - securing against vulnerabilities - how to create custom authenticators and authorizators - Access Control List To use this library, you just have to add, in your project: require_once '/usr/share/php/Nette/Security/autoload.php'; -------------------------------------------------------------------------------- References: [ 1 ] Bug #1277418 - Review Request: php-nette-security - Nette Security: Access Control Component https://bugzilla.redhat.com/show_bug.cgi?id=1277418 -------------------------------------------------------------------------------- ================================================================================ php-pecl-libsodium-1.0.2-1.el7 (FEDORA-EPEL-2015-f1835271bf) Wrapper for the Sodium cryptographic library -------------------------------------------------------------------------------- Update Information: A simple, low-level PHP extension for libsodium. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1286768 - Review Request: php-pecl-libsodium - Wrapper for the Sodium cryptographic library https://bugzilla.redhat.com/show_bug.cgi?id=1286768 -------------------------------------------------------------------------------- ================================================================================ php-pecl-solr2-2.3.0-1.el7 (FEDORA-EPEL-2015-afd952fffe) Object oriented API to Apache Solr -------------------------------------------------------------------------------- Update Information: **Version 2.3.0** release notes - Support indexing child/nested documents [Request #70739] - Support nested documents parsing SolrObject [Request #70953] - Support nested documents parsing SolrDocument [Request #70974] - Added maxScore to SolrResponse [Request #68610] - Fixed issues on big endean processors (Remi Collet) - Enhancements on method parameter naming (reflections) -------------------------------------------------------------------------------- ================================================================================ proftpd-1.3.5a-2.el7 (FEDORA-EPEL-2015-0ec0c87b3a) Flexible, stable and highly-configurable FTP server -------------------------------------------------------------------------------- Update Information: Part of the SFTP handshake involves "extensions", which are key/value pairs, comprised of strings. In SSH, strings are encoded for network transport as a 32-bit length, followed by the bytes. The mod_sftp module currently places no bounds/length limitations when reading these SFTP extension key/value data from the network. A malicious attacker might attempt to encode large values, and allocate more memory than is necessary, causing excessive resource usage or the FTP daemon to crash. This update limits the amount of memory allocated to handle these extensions. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1286977 - proftpd: unbounded SFTP extended attribute key/values https://bugzilla.redhat.com/show_bug.cgi?id=1286977 -------------------------------------------------------------------------------- ================================================================================ python-stuf-0.9.16-5.el7 (FEDORA-EPEL-2015-549e8d253e) Fancy python dictionary types -------------------------------------------------------------------------------- Update Information: Initial packaging. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1281998 - Review Request: python-stuf - Fancy python dictionary types https://bugzilla.redhat.com/show_bug.cgi?id=1281998 -------------------------------------------------------------------------------- ================================================================================ qpid-cpp-0.34-5.el7 (FEDORA-EPEL-2015-40795af09d) Libraries for Qpid C++ client applications -------------------------------------------------------------------------------- Update Information: Resolved bz 1286881. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1286881 - qpidd does not start https://bugzilla.redhat.com/show_bug.cgi?id=1286881 -------------------------------------------------------------------------------- ================================================================================ rabbitmq-server-3.3.5-13.el7 (FEDORA-EPEL-2015-1bf26150cd) The RabbitMQ server -------------------------------------------------------------------------------- Update Information: Fix for node failing to start after the network split. Backported from rabbitmq-management 3.5.7 (patch no. 9). See also: * https://github.com/rabbitmq/rabbitmq-management/issues/81 -------------------------------------------------------------------------------- ================================================================================ scsi-target-utils-1.0.55-3.el7 (FEDORA-EPEL-2015-ecd70ea01e) The SCSI target daemon and utility programs -------------------------------------------------------------------------------- Update Information: change spec to fix 1209472 ---- fix build issue on s390x update to latest upstream for bug fixes. update to latest upstream for bug fixes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1209472 - scsi-target-utils needs to disable glusterfs support for epel7 ppc64le/aarch64 https://bugzilla.redhat.com/show_bug.cgi?id=1209472 [ 2 ] Bug #1193043 - scsi-target-utils fails to build on s390(x) https://bugzilla.redhat.com/show_bug.cgi?id=1193043 -------------------------------------------------------------------------------- ================================================================================ vertica-python-0.5.4-1.el7 (FEDORA-EPEL-2015-e5625be3f6) A native Python adapter for the Vertica database -------------------------------------------------------------------------------- Update Information: update to version 0.5.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1285768 - vertica-python-0.5.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1285768 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list epel-devel@lists.fedoraproject.org http://lists.fedoraproject.org/admin/lists/epel-devel@lists.fedoraproject.org