The following Fedora EPEL 7 Security updates need testing: Age URL 497 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 260 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 126 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-785fc9a2ea dropbear-2016.72-1.el7 22 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e0c08a1414 php-PHPMailer-5.2.16-2.el7 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-325598c9ad pagure-2.2.2-1.el7 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-2e94f8cba5 tcpreplay-4.1.1-2.el7 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-767125139f python34-3.4.3-5.el7 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-d85f5db77a php-doctrine-orm-2.4.8-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6eebbe7e97 p7zip-16.02-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing BEDTools-2.26.0-1.el7 PEGTL-1.3.1-1.el7 asciinema-1.3.0-1.el7 globus-ftp-control-7.1-1.el7 globus-gass-transfer-8.9-1.el7 kstars-16.04.3-1.el7 p7zip-16.02-1.el7 php-pear-PHP-CodeSniffer-2.6.2-1.el7 php-pecl-krb5-1.1.0-1.el7 php-robrichards-xmlseclibs-2.0.0-2.20160105git84313ca.el7 php-robrichards-xmlseclibs1-1.4.1-2.20160518git2e20c8d.el7 python-appdirs-1.4.0-2.el7 python-bitmath-1.3.1-1.el7 python-cpopen-1.5-1.el7 python-libcnml-0.9.5-1.el7 python-simplepath-0.3.3-1.el7 rpkg-1.46-1.el7 thunderbird-enigmail-1.9.4-1.el7 Details about builds: ================================================================================ BEDTools-2.26.0-1.el7 (FEDORA-EPEL-2016-22706c5e16) A flexible suite of utilities for comparing genomic features -------------------------------------------------------------------------------- Update Information: Update to latest upstream release 2.26.0 -------------------------------------------------------------------------------- ================================================================================ PEGTL-1.3.1-1.el7 (FEDORA-EPEL-2016-6d20e825a0) Parsing Expression Grammar Template Library -------------------------------------------------------------------------------- Update Information: - Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1356499 - Review Request: PEGTL - Parsing Expression Grammar Template Library https://bugzilla.redhat.com/show_bug.cgi?id=1356499 -------------------------------------------------------------------------------- ================================================================================ asciinema-1.3.0-1.el7 (FEDORA-EPEL-2016-2471fdc2de) Command line client (terminal recorder) for asciinema.org service -------------------------------------------------------------------------------- Update Information: - update to new version 1.3.0 - rewritten from Go back to Python (supports version 3 only) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1250094 - please build asciinema for epel7 https://bugzilla.redhat.com/show_bug.cgi?id=1250094 [ 2 ] Bug #1234182 - asciinema-1.3.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1234182 -------------------------------------------------------------------------------- ================================================================================ globus-ftp-control-7.1-1.el7 (FEDORA-EPEL-2016-8c9318c297) Globus Toolkit - GridFTP Control Library -------------------------------------------------------------------------------- Update Information: globus-gass-transfer 8.9 * Fix globus_gass_transfer_register_accept() not returning error when listener is closing or accept already registered globus- ftp-control 7.1 * Add forced ordering option -------------------------------------------------------------------------------- ================================================================================ globus-gass-transfer-8.9-1.el7 (FEDORA-EPEL-2016-8c9318c297) Globus Toolkit - Globus Gass Transfer -------------------------------------------------------------------------------- Update Information: globus-gass-transfer 8.9 * Fix globus_gass_transfer_register_accept() not returning error when listener is closing or accept already registered globus- ftp-control 7.1 * Add forced ordering option -------------------------------------------------------------------------------- ================================================================================ kstars-16.04.3-1.el7 (FEDORA-EPEL-2016-1a5ce42e7e) Desktop Planetarium -------------------------------------------------------------------------------- Update Information: 16.04.3 -------------------------------------------------------------------------------- ================================================================================ p7zip-16.02-1.el7 (FEDORA-EPEL-2016-6eebbe7e97) Very high compression ratio file archiver -------------------------------------------------------------------------------- Update Information: Update p7zip to 16.02 and fix security issues for CVE-2016-2335, CVE-2016-2334 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1335575 - CVE-2016-2335 p7zip: Out-of-bounds read vuilerability https://bugzilla.redhat.com/show_bug.cgi?id=1335575 [ 2 ] Bug #1335577 - CVE-2016-2334 p7zip: Heap-buffer-overflow vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1335577 -------------------------------------------------------------------------------- ================================================================================ php-pear-PHP-CodeSniffer-2.6.2-1.el7 (FEDORA-EPEL-2016-1595682019) PHP coding standards enforcement tool -------------------------------------------------------------------------------- Update Information: **Version 2.6.2** - Added a new --exclude CLI argument to exclude a list of sniffs from checking and fixing (request #904) - Accepts the same sniff codes as the --sniffs command line argument, but provides the opposite functionality - Added a new -q command line argument to disable progress and verbose information from being printed (request #969) - Useful if a coding standard hard-codes progess or verbose output but you want PHPCS to be quiet - Use the command "phpcs --config-set quiet true" to turn quiet mode on by default - Generic LineLength sniff no longer errors for comments that cannot be broken out onto a new line (request #766) - A typical case is a comment that contains a very long URL - The comment is ignored if putting the URL on a indented new comment line would be longer than the allowed length - Settings extensions in a ruleset no longer causes PHP notices during unit testing - Thanks to Klaus Purer for the patch - Version control reports now show which errors are fixable if you are showing sources - Added a new sniff to enforce a single space after a NOT operator (request #1051) - Include in a ruleset using the code Generic.Formatting.SpaceAfterNot - The Squiz.Commenting.BlockComment sniff now supports tabs for indenting comment lines (request #1056) - Fixed bug #790 : Incorrect missing throws error in methods that use closures - Fixed bug #908 : PSR2 standard is not checking that closing brace is on line following the body - Fixed bug #945 : Incorrect indent behavior using deep-nested function and arrays - Fixed bug #961 : Two anonymous functions passed as function/method arguments cause indentation false positive - Fixed bug #1005 : Using global composer vendor autoload breaks PHP lowercase built-in function sniff - Thanks to Michael Butler for the patch - Fixed bug #1007 : Squiz Unreachable code detection is not working properly with a closure inside a case - Fixed bug #1023 : PSR2.Classes.ClassDeclaration fails if class extends base class and "implements" is on trailing line - Fixed bug #1026 : Arrays in comma delimited class properties cause ScopeIndent to increase indent - Fixed bug #1028 : Squiz ArrayDeclaration incorrectly fixes multi-line array where end bracket is not on a new line - Fixed bug #1034 : Squiz FunctionDeclarationArgumentSpacing gives incorrect error when first arg is a variadic - Fixed bug #1036 : Adjacent assignments aligned analysis statement wrong - Fixed bug #1049 : Version control reports can show notices when the report width is very small - Fixed bug #21050 : PEAR MultiLineCondition sniff suppresses errors on last condition line -------------------------------------------------------------------------------- ================================================================================ php-pecl-krb5-1.1.0-1.el7 (FEDORA-EPEL-2016-49522b7e24) Kerberos authentification extension -------------------------------------------------------------------------------- Update Information: **Version 1.1.0** - [FEATURE] PHP7 compatibility - [FEATURE] Support getting/setting TL_DATA in KADM - [BUG] Fix GSSAPI->acquireCredentials behaviour, now defaults to GSS_C_INITIATE if only a ccache is available eagerly initialize credentials when no principal is specified (use ccache default principal) - [BUG] Fix a couple of memory leaks, add a few more sanity checks -------------------------------------------------------------------------------- ================================================================================ php-robrichards-xmlseclibs-2.0.0-2.20160105git84313ca.el7 (FEDORA-EPEL-2016-4eaeb87c86) A PHP library for XML Security -------------------------------------------------------------------------------- Update Information: xmlseclibs is a library written in PHP for working with XML Encryption and Signatures. NOTE: php-mcrypt will not be automatically installed as a dependency of this package so it will need to be "manually" installed if it is required -- specifically for the following XMLSecurityKey encryption types: - XMLSecurityKey::AES128_CBC - XMLSecurityKey::AES192_CBC - XMLSecurityKey::AES256_CBC - XMLSecurityKey::TRIPLEDES_CBC -------------------------------------------------------------------------------- References: [ 1 ] Bug #1356569 - Review Request: php-robrichards-xmlseclibs - A PHP library for XML Security https://bugzilla.redhat.com/show_bug.cgi?id=1356569 -------------------------------------------------------------------------------- ================================================================================ php-robrichards-xmlseclibs1-1.4.1-2.20160518git2e20c8d.el7 (FEDORA-EPEL-2016-6a6e50e9bf) A PHP library for XML Security (version 1) -------------------------------------------------------------------------------- Update Information: xmlseclibs is a library written in PHP for working with XML Encryption and Signatures. NOTE: php-mcrypt will not be automatically installed as a dependency of this package so it will need to be "manually" installed if it is required -- specifically for the following XMLSecurityKey encryption types: - XMLSecurityKey::AES128_CBC - XMLSecurityKey::AES192_CBC - XMLSecurityKey::AES256_CBC - XMLSecurityKey::TRIPLEDES_CBC -------------------------------------------------------------------------------- References: [ 1 ] Bug #1356584 - Review Request: php-robrichards-xmlseclibs1 - A PHP library for XML Security (version 1) https://bugzilla.redhat.com/show_bug.cgi?id=1356584 -------------------------------------------------------------------------------- ================================================================================ python-appdirs-1.4.0-2.el7 (FEDORA-EPEL-2016-b02f9e1187) Python module for determining platform-specific directories -------------------------------------------------------------------------------- Update Information: Initial release in EPEL7 -------------------------------------------------------------------------------- ================================================================================ python-bitmath-1.3.1-1.el7 (FEDORA-EPEL-2016-63a6b94850) Aids representing and manipulating file sizes in various prefix notations -------------------------------------------------------------------------------- Update Information: New release -------------------------------------------------------------------------------- ================================================================================ python-cpopen-1.5-1.el7 (FEDORA-EPEL-2016-50177b8e3b) Creates a sub-process in simpler safer manner -------------------------------------------------------------------------------- Update Information: 1.5 includes - 7163e79 Do not close inherited fds from parent ---- 1.4-3 - 7163e79 Do not close inherited fds from parent -------------------------------------------------------------------------------- ================================================================================ python-libcnml-0.9.5-1.el7 (FEDORA-EPEL-2016-ed7b6f014c) libcnml is a CNML parser library for Python -------------------------------------------------------------------------------- Update Information: Minor update -------------------------------------------------------------------------------- ================================================================================ python-simplepath-0.3.3-1.el7 (FEDORA-EPEL-2016-a7969edbb2) A python library for data-structure lookup -------------------------------------------------------------------------------- Update Information: Version Update. -------------------------------------------------------------------------------- ================================================================================ rpkg-1.46-1.el7 (FEDORA-EPEL-2016-b1aba63eaa) Utility for interacting with rpm+git packaging systems -------------------------------------------------------------------------------- Update Information: Change log - Warning untracked patches when push (cqi) [#71](https://pagure.io/rpkg/issue/71) - handle correct spec path when push from outside the repo (cqi) - Remove support for BuildContainer release task opt (lucarval) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1353699 - None https://bugzilla.redhat.com/show_bug.cgi?id=1353699 [ 2 ] Bug #1357155 - None https://bugzilla.redhat.com/show_bug.cgi?id=1357155 [ 3 ] Bug #1356891 - None https://bugzilla.redhat.com/show_bug.cgi?id=1356891 -------------------------------------------------------------------------------- ================================================================================ thunderbird-enigmail-1.9.4-1.el7 (FEDORA-EPEL-2016-55fd709bec) Authentication and encryption extension for Mozilla Thunderbird -------------------------------------------------------------------------------- Update Information: Upgrade to 1.9.4 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list epel-devel@xxxxxxxxxxxxxxxxxxxxxxx https://lists.fedoraproject.org/admin/lists/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
