Fedora EPEL 7 updates-testing report
by updates@fedoraproject.org
The following Fedora EPEL 7 Security updates need testing:
Age URL
356 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7
119 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7
13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-bc557a5441 nghttp2-1.7.1-1.el7
13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-287d763bcd GraphicsMagick-1.3.23-4.el7 gdl-0.9.5-3.el7 octave-3.8.2-19.el7
11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-5748740371 qt-creator-3.5.1-2.el7 botan-1.10.12-1.el7
7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8c727601c5 libebml-1.3.3-3.el7
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e79091a3b8 ReviewBoard-2.5.3-1.el7 python-djblets-0.9.1-1.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6dc46a554e libssh-0.6.5-2.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-b23b791a7e drupal7-7.43-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
drupal7-7.43-1.el7
easytag-2.4.2-1.el7
libmodbus-3.0.6-1.el7
lynis-2.1.1-2.el7
perl-File-Edit-Portable-1.20-1.el7
perl-Net-SSLGlue-1.055-2.el7
perl-XML-Entities-1.0002-2.el7
pungi-3.12-3.el7.1
python-productmd-1.0-12.el7
Details about builds:
================================================================================
drupal7-7.43-1.el7 (FEDORA-EPEL-2016-b23b791a7e)
An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:
https://www.drupal.org/SA-CORE-2016-001 ---- Various bug fixes. For details,
refer to release notes at: https://www.drupal.org/drupal-7.42-release-notes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1312394 - drupal7: drupal: several issues fixed in 7.43 and 6.38 (SA-CORE-2016-001) [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1312394
[ 2 ] Bug #1312391 - drupal7: drupal: several issues fixed in 7.43 and 6.38 (SA-CORE-2016-001) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1312391
[ 3 ] Bug #1304551 - drupal7-7.42 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1304551
--------------------------------------------------------------------------------
================================================================================
easytag-2.4.2-1.el7 (FEDORA-EPEL-2016-2edf40d107)
Tag editor for MP3, Ogg, FLAC and other music files
--------------------------------------------------------------------------------
Update Information:
Update to 2.4.2
--------------------------------------------------------------------------------
================================================================================
libmodbus-3.0.6-1.el7 (FEDORA-EPEL-2016-142b181f2d)
A Modbus library
--------------------------------------------------------------------------------
Update Information:
Fix remote buffer overflow vulnerability on write requests
--------------------------------------------------------------------------------
================================================================================
lynis-2.1.1-2.el7 (FEDORA-EPEL-2016-ded382ea0a)
Security and system auditing tool
--------------------------------------------------------------------------------
Update Information:
Update to 2.1.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1308372 - Lynis 2.1.1 available
https://bugzilla.redhat.com/show_bug.cgi?id=1308372
--------------------------------------------------------------------------------
================================================================================
perl-File-Edit-Portable-1.20-1.el7 (FEDORA-EPEL-2016-087361557b)
Read and write files while keeping the original line-endings intact
--------------------------------------------------------------------------------
Update Information:
1.20 2016-02-26 - no functional changes - code cleanup, slight refactoring -
changed from croak() to confess() for better diagnostics 1.19 2016-02-20 -
is_read check in write() is now performed before $copy assignment to $file, so
that the proper original file's recsep is used (fixes #19)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1310275 - perl-File-Edit-Portable-1.20 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1310275
--------------------------------------------------------------------------------
================================================================================
perl-Net-SSLGlue-1.055-2.el7 (FEDORA-EPEL-2016-b75ede6348)
Add/extend SSL support for common perl modules
--------------------------------------------------------------------------------
Update Information:
1.055 2015/10/25 - fix memory leak in Net::SSLGlue::Socket, RT#107816. Thanks
to kasyap.mr[AT]gmail[DOT]com for reporting 1.054 2015/04/28 - if a version
of libnet is detected which already supports TLS (i.e. libnet 3.0+) warn and use
this instead. 1.053 2014/05/28 - if current LWP is detected is use this
mostly unpatched - fix Net::SSLGlue::FTP to use the same hostname when verifying
the certificate of the data connection 1.052 2014/01/16 - FTPS: reuse same
SSL session for control and data channnel to work with default configuration of
proftpd. 1.051 2014/01/10 - fixes to Net::FTP SSL support - examples/ftps-
tests.pl has lots of tests for FTP against live server 1.05 2014/01/09 -
added support for SSL+IPv6 in Net::FTP - new package Net::SSLGlue::Socket for a
socket which combines plain,ssl,ipv6 - fixed some tests - some checks for bad
certificates do not work anymore because these certs were fixed
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1312492 - perl-Net-SSLGlue: bump version in epel
https://bugzilla.redhat.com/show_bug.cgi?id=1312492
--------------------------------------------------------------------------------
================================================================================
perl-XML-Entities-1.0002-2.el7 (FEDORA-EPEL-2016-30df3c5583)
Decode strings with XML entities
--------------------------------------------------------------------------------
Update Information:
1.0002 2015-08-17 14:46 - Replaced curly brackets with parentheses in variable
expansion in Makefile.PL. Fixes RT106483; Credits: Daniel Macks
<dmacks(a)netspace.org> - make clean no longer wipes out entities data 1.0001
2012-08-03 13:32 - Added docs about encoding entities.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1312488 - perl-XML-Entities: bump version in epel
https://bugzilla.redhat.com/show_bug.cgi?id=1312488
--------------------------------------------------------------------------------
================================================================================
pungi-3.12-3.el7.1 (FEDORA-EPEL-2016-6fe00c7831)
Distribution compose tool
--------------------------------------------------------------------------------
Update Information:
adding to epel7
--------------------------------------------------------------------------------
================================================================================
python-productmd-1.0-12.el7 (FEDORA-EPEL-2016-0de038976a)
Library providing parsers for metadata related to OS installation
--------------------------------------------------------------------------------
Update Information:
add a patch to make rawhide as a version consistently an option
--------------------------------------------------------------------------------