The following Fedora EPEL 7 Security updates need testing: Age URL 15 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2748/nodejs-0.10.32... 14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2825/nginx-1.6.2-1.... 14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2861/nodejs-qs-0.6.... 14 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2870/nodejs-send-0.... 9 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-2992/check-mk-1.2.4... 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3070/phpMyAdmin-4.2... 7 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3062/golang-1.3.3-1... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3236/python-oauth2-...
The following builds have been pushed to Fedora EPEL 7 updates-testing
R-3.1.1-7.el7 beesu-2.7-22.el7 elk-2.3.22-9.el7 fedmsg-0.11.0-1.el7 golang-github-kr-fs-0-0.1.git2788f0d.el7 guacamole-server-0.8.4-4.el7 igraph-0.7.1-1.el7 inxi-2.2.14-1.el7 libqtxdg-0.5.3-4.el7 octave-control-2.6.5-2.el7 perl-Data-Munge-0.08-1.el7 perl-Devel-CheckCompiler-0.05-2.el7 perl-LWP-Protocol-PSGI-0.07-1.el7 perl-Module-Build-XSUtil-0.14-2.el7 perl-Redis-1.976-1.el7 perl-Test-XML-0.08-2.el7 php-pear-Net-URL2-2.0.9-1.el7 php-phpunit-environment-1.1.0-1.el7 python-fedmsg-meta-fedora-infrastructure-0.3.5-1.el7 python-oauth2-1.5.211-8.el7 python-sphinxcontrib-issuetracker-0.11-2.el7 python-urllib2_kerberos-0.1.6-14.el7 rubygem-openssl_cms-0.0.2-1.20140212git7fea071.el7 scalapack-2.0.2-5.el7 wkhtmltopdf-0.12.1-1.el7 xfce4-session-4.10.1-7.el7
Details about builds:
================================================================================ R-3.1.1-7.el7 (FEDORA-EPEL-2014-3258) A language for data analysis and graphics -------------------------------------------------------------------------------- Update Information:
Fix java Requires/BuildRequires to be more permissive. -------------------------------------------------------------------------------- ChangeLog:
* Mon Sep 29 2014 Orion Poplawski orion@cora.nwra.com - 3.1.1-7 - Just BR/R java instead of java-1.5.0-gcj (bug #1110684) * Tue Sep 16 2014 David Sommerseth davids@redhat.com - 3.1.1-6 - Setting ulimit when running make check, to avoid segfault due to too small stack (needed on PPC64) * Tue Aug 26 2014 David Tardon dtardon@redhat.com - 3.1.1-5 - rebuild for ICU 53.1 * Fri Aug 15 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.1.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1110684 - R-java update has new dependencies https://bugzilla.redhat.com/show_bug.cgi?id=1110684 --------------------------------------------------------------------------------
================================================================================ beesu-2.7-22.el7 (FEDORA-EPEL-2014-3204) Graphical wrapper for su -------------------------------------------------------------------------------- Update Information:
EL7 build -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1150620 - build for epel7 or not? https://bugzilla.redhat.com/show_bug.cgi?id=1150620 --------------------------------------------------------------------------------
================================================================================ elk-2.3.22-9.el7 (FEDORA-EPEL-2014-3234) FP-LAPW Code -------------------------------------------------------------------------------- Update Information:
build against new openmpi on fc21 + epel7 package --------------------------------------------------------------------------------
================================================================================ fedmsg-0.11.0-1.el7 (FEDORA-EPEL-2014-3244) Tools for Fedora Infrastructure real-time messaging -------------------------------------------------------------------------------- Update Information:
New fedmsg.meta.msg2long_form API. Other IRC-related bugfixes and enhancements. -------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 9 2014 Ralph Bean rbean@redhat.com - 0.11.0-1 - Fix harmless error about twisted.words at daemon startup. - Optional shortening of links in IRC. - IRC bot now reconnects when dropped. - New fedmsg.meta.msg2long_form API. --------------------------------------------------------------------------------
================================================================================ golang-github-kr-fs-0-0.1.git2788f0d.el7 (FEDORA-EPEL-2014-3225) Provides Go filesystem-related functions -------------------------------------------------------------------------------- Update Information:
First package for Fedora -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1148447 - Review Request: golang-github-kr-fs - Provides Go filesystem-related functions https://bugzilla.redhat.com/show_bug.cgi?id=1148447 --------------------------------------------------------------------------------
================================================================================ guacamole-server-0.8.4-4.el7 (FEDORA-EPEL-2014-3229) Server-side native components that form the Guacamole proxy -------------------------------------------------------------------------------- Update Information:
Add proper Epoch also to subpackages. -------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 9 2014 Simone Caronni negativo17@gmail.com - 1:0.8.4-4 - Also add epoch to the various components. --------------------------------------------------------------------------------
================================================================================ igraph-0.7.1-1.el7 (FEDORA-EPEL-2014-3215) Library for creating and manipulating graphs -------------------------------------------------------------------------------- Update Information:
Update to 0.7.1 in EPEL 6 and EPEL7 --------------------------------------------------------------------------------
================================================================================ inxi-2.2.14-1.el7 (FEDORA-EPEL-2014-3208) A full featured system information script -------------------------------------------------------------------------------- Update Information:
Update to 2.2.14 -------------------------------------------------------------------------------- ChangeLog:
* Mon Sep 29 2014 Vasiliy N. Glazov vascom2@gmail.com 2.2.14-1 - Update to 2.2.14 --------------------------------------------------------------------------------
================================================================================ libqtxdg-0.5.3-4.el7 (FEDORA-EPEL-2014-3218) Qt4 implementation of desktop specifications -------------------------------------------------------------------------------- Update Information:
Provide qt4 support (#1147204) -------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 2 2014 Rex Dieter rdieter@fedoraproject.org - 0.5.3-4 - Provide qt4 support (#1147204) - rename libqtxdg-qt4 -> libqtxdg, libqtxdg-qt4-devel -> libqtxdg to ease/simplify upgrade path - use %find_lang for translations - -devel: drop cmake dep * Sun Aug 17 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.5.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.5.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sun May 11 2014 Lubomir Rintel lkundrak@v3.sk - 0.5.3-1 - Update to a later upstream release -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1147204 - libqtxdg: Please update version https://bugzilla.redhat.com/show_bug.cgi?id=1147204 --------------------------------------------------------------------------------
================================================================================ octave-control-2.6.5-2.el7 (FEDORA-EPEL-2014-3230) Computer-Aided Control System Design (CACSD) Tools for Octave -------------------------------------------------------------------------------- Update Information:
The Octave control systems package contains functions for analyzing and designing automatic control systems and algorithms. --------------------------------------------------------------------------------
================================================================================ perl-Data-Munge-0.08-1.el7 (FEDORA-EPEL-2014-3250) Utility functions for working with perl data structures and code references -------------------------------------------------------------------------------- Update Information:
Initial release -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1149978 - Review Request: perl-Data-Munge - Utility functions for working with perl data structures and code references https://bugzilla.redhat.com/show_bug.cgi?id=1149978 --------------------------------------------------------------------------------
================================================================================ perl-Devel-CheckCompiler-0.05-2.el7 (FEDORA-EPEL-2014-3226) Check the compiler's availability -------------------------------------------------------------------------------- Update Information:
This is the first Fedora/EPEL release of perl-Devel-CheckCompiler. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1150117 - Review Request: perl-Devel-CheckCompiler - Check the compiler's availability https://bugzilla.redhat.com/show_bug.cgi?id=1150117 --------------------------------------------------------------------------------
================================================================================ perl-LWP-Protocol-PSGI-0.07-1.el7 (FEDORA-EPEL-2014-3253) Override LWP's HTTP/HTTPS backend with your own PSGI application -------------------------------------------------------------------------------- Update Information:
Initial release -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1149645 - Review Request: perl-LWP-Protocol-PSGI - Override LWP's HTTP/HTTPS backend with your own PSGI application https://bugzilla.redhat.com/show_bug.cgi?id=1149645 --------------------------------------------------------------------------------
================================================================================ perl-Module-Build-XSUtil-0.14-2.el7 (FEDORA-EPEL-2014-3224) A Module::Build class for building XS modules -------------------------------------------------------------------------------- Update Information:
This is the first Fedora/EPEL release of perl-Module-Build-XSUtil. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1150121 - Review Request: perl-Module-Build-XSUtil - A Module::Build class for building XS modules https://bugzilla.redhat.com/show_bug.cgi?id=1150121 --------------------------------------------------------------------------------
================================================================================ perl-Redis-1.976-1.el7 (FEDORA-EPEL-2014-3251) Perl binding for Redis database -------------------------------------------------------------------------------- Update Information:
Upgrade to 1.976. -------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 9 2014 David Dick ddick@cpan.org - 1.976-1 - Upgrade to 1.976. * Fri Aug 29 2014 Jitka Plesnikova jplesnik@redhat.com - 1.975-2 - Perl 5.20 rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1150530 - perl-Redis-1.976 is available https://bugzilla.redhat.com/show_bug.cgi?id=1150530 --------------------------------------------------------------------------------
================================================================================ perl-Test-XML-0.08-2.el7 (FEDORA-EPEL-2014-3254) Compare XML in perl tests -------------------------------------------------------------------------------- Update Information:
This is the first Fedora/EPEL release of perl-Test-XML. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1148580 - Review Request: perl-Test-XML - Compare XML in perl tests https://bugzilla.redhat.com/show_bug.cgi?id=1148580 --------------------------------------------------------------------------------
================================================================================ php-pear-Net-URL2-2.0.9-1.el7 (FEDORA-EPEL-2014-3228) Class for parsing and handling URL -------------------------------------------------------------------------------- Update Information:
Upstream Changelog:
Version 2.0.9 * Fixed #20418: Incorrect normalization of URI with missing authority * Upd: Test for RFC 3986 Section 1.1.2 Examples * Upd: Travis CI - PHP 5.6 added
Version 2.0.8 * Fixed #20420: Inconsistent setAuthority and getAuthority * Fixed #20423: URI with IPv6 or IPvFuture not parsed * Imp: Test for RFC 3986 Section 1.1.2 Examples -------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 9 2014 Remi Collet remi@fedoraproject.org - 2.0.9-1 - Update to 2.0.8 (stable) * Wed Oct 8 2014 Remi Collet remi@fedoraproject.org - 2.0.8-1 - Update to 2.0.8 (stable) --------------------------------------------------------------------------------
================================================================================ php-phpunit-environment-1.1.0-1.el7 (FEDORA-EPEL-2014-3241) Handle HHVM/PHP environments -------------------------------------------------------------------------------- Update Information:
* Add Console::hasColorSupport() -------------------------------------------------------------------------------- ChangeLog:
* Wed Oct 8 2014 Remi Collet remi@fedoraproject.org - 1.1.0-1 - update to 1.1.0 - enable test suite --------------------------------------------------------------------------------
================================================================================ python-fedmsg-meta-fedora-infrastructure-0.3.5-1.el7 (FEDORA-EPEL-2014-3249) Metadata providers for Fedora Infrastructure's fedmsg deployment -------------------------------------------------------------------------------- Update Information:
Fix to anitya processor. Bugfixes to anitya and pkgdb processors. New koschei and anitya processors. Handle new pkgdb messages, certain legacy messages, and new bugzilla messages. git messages now return the full patch via a call to msg2long_form -------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 9 2014 Ralph Bean rbean@redhat.com - 0.3.5-1 - Further fixes to anitya. * Wed Oct 8 2014 Ralph Bean rbean@redhat.com - 0.3.4-1 - Fixes to pkgdb and anitya processors. * Fri Oct 3 2014 Ralph Bean rbean@redhat.com - 0.3.3-1 - New koschei and anitya processors. * Mon Sep 29 2014 Ralph Bean rbean@redhat.com - 0.3.2-1 - Latest upstream. - Handle different types of legacy messages. - git messages now return the full patch via a call to msg2long_form. - future-proofing against new types of bugzilla messages. * Thu Aug 28 2014 Ralph Bean rbean@redhat.com - 0.3.1-1 - Latest upstream with the new conglomerator api. - Also, fixes to copr messages. - New threading lock put around fas cache regeneration. - Bump up the BR version on fedmsg. --------------------------------------------------------------------------------
================================================================================ python-oauth2-1.5.211-8.el7 (FEDORA-EPEL-2014-3236) Python support for improved oauth -------------------------------------------------------------------------------- Update Information:
Actually apply patch to fix CVE-2013-4347 (thanks to Jason Green, Matt Wilson). Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski. Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski. -------------------------------------------------------------------------------- ChangeLog:
* Wed Oct 8 2014 Tom Callaway spot@fedoraproject.org - 1.5.211-8 - actually apply patch to fix CVE-2013-4347 (thanks to Jason Green, Matt Wilson) * Fri Sep 12 2014 Tom Callaway spot@fedoraproject.org - 1.5.211-7 - Fix CVE-2013-4346 and CVE-2013-4347 (thanks to Philippe Makowski) * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.5.211-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sun Aug 4 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.5.211-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1007746 - CVE-2013-4346 python-oauth2: _check_signature() ignores the nonce value when validating signed urls https://bugzilla.redhat.com/show_bug.cgi?id=1007746 [ 2 ] Bug #1007758 - CVE-2013-4347 python-oauth2: Uses poor PRNG in nonce https://bugzilla.redhat.com/show_bug.cgi?id=1007758 --------------------------------------------------------------------------------
================================================================================ python-sphinxcontrib-issuetracker-0.11-2.el7 (FEDORA-EPEL-2014-3235) Sphinx integration with different issue trackers -------------------------------------------------------------------------------- Update Information:
A Sphinx extension to reference issues in issue trackers, either explicitly with an "issue" role or optionally implicitly by issue ids like #10 in plain text.
Currently the following issue trackers are supported:
* GitHub * BitBucket * Launchpad * Google Code * Debian BTS * Jira
A simple API is provided to add support for other issue trackers. If you added support for a new tracker, please consider sending a patch to make your work available to other users of this extension.
--------------------------------------------------------------------------------
================================================================================ python-urllib2_kerberos-0.1.6-14.el7 (FEDORA-EPEL-2014-2753) Kerberos over HTTP Negotiate/SPNEGO support for urllib2 -------------------------------------------------------------------------------- Update Information:
Fix logging format for Python 2.6 (#1065576) First EPEL7 package. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1065576 - Add additional patches to urllib2_kerberos https://bugzilla.redhat.com/show_bug.cgi?id=1065576 --------------------------------------------------------------------------------
================================================================================ rubygem-openssl_cms-0.0.2-1.20140212git7fea071.el7 (FEDORA-EPEL-2014-3252) OpenSSL with CMS functions -------------------------------------------------------------------------------- Update Information:
OpenSSL with Cryptographic Message Syntax functions for Ruby 2.0. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1132008 - Review Request: rubygem-openssl_cms - OpenSSL with CMS functions https://bugzilla.redhat.com/show_bug.cgi?id=1132008 --------------------------------------------------------------------------------
================================================================================ scalapack-2.0.2-5.el7 (FEDORA-EPEL-2014-3255) A subset of LAPACK routines redesigned for heterogeneous computing -------------------------------------------------------------------------------- Update Information:
Build for epel7. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1150469 - please build scalapack/blacs for EPEL7 https://bugzilla.redhat.com/show_bug.cgi?id=1150469 --------------------------------------------------------------------------------
================================================================================ wkhtmltopdf-0.12.1-1.el7 (FEDORA-EPEL-2014-3211) Simple shell utility to convert html to pdf -------------------------------------------------------------------------------- Update Information:
Update to 0.12.1 -------------------------------------------------------------------------------- ChangeLog:
* Wed Aug 27 2014 Mamoru TASAKA mtasaka@fedoraproject.org - 0.12.1-1 - 0.12.1 * Mon Aug 18 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.12.0-1.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sun Jun 8 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.12.0-1.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Tue Jun 3 2014 Mamoru TASAKA mtasaka@fedoraproject.org - 0.12.0-1 - 0.12.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1139360 - Update wkhtmltopdf to 0.12.1 in EPEL 7 https://bugzilla.redhat.com/show_bug.cgi?id=1139360 --------------------------------------------------------------------------------
================================================================================ xfce4-session-4.10.1-7.el7 (FEDORA-EPEL-2014-3212) Xfce session manager -------------------------------------------------------------------------------- Update Information:
Update to fix bashisms -------------------------------------------------------------------------------- ChangeLog:
* Wed Oct 8 2014 Mukundan Ragavan nonamedotc@fedoraproject.org - 4.10.1-7 - Add patch for fixing bashisms. Fixes bug 1150207 --------------------------------------------------------------------------------