The following Fedora EPEL 7 Security updates need testing: Age URL 499 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 261 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 128 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-785fc9a2ea dropbear-2016.72-1.el7 24 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e0c08a1414 php-PHPMailer-5.2.16-2.el7 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-325598c9ad pagure-2.2.2-1.el7 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-2e94f8cba5 tcpreplay-4.1.1-2.el7 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-767125139f python34-3.4.3-5.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-d85f5db77a php-doctrine-orm-2.4.8-1.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6eebbe7e97 p7zip-16.02-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-7913c4c81c breeze-icon-theme-5.24.0-1.el7 extra-cmake-modules-5.24.0-1.el7 kf5-5.24.0-1.el7 kf5-attica-5.24.0-1.el7 kf5-baloo-5.24.0-1.el7 kf5-bluez-qt-5.24.0-1.el7 kf5-frameworkintegration-5.24.0-1.el7 kf5-kactivities-5.24.0-1.el7 kf5-kactivities-stats-5.24.0-1.el7 kf5-kapidox-5.24.0-1.el7 kf5-karchive-5.24.0-1.el7 kf5-kauth-5.24.0-1.el7 kf5-kbookmarks-5.24.0-1.el7 kf5-kcmutils-5.24.0-1.el7 kf5-kcodecs-5.24.0-1.el7 kf5-kcompletion-5.24.0-1.el7 kf5-kconfig-5.24.0-1.el7 kf5-kconfigwidgets-5.24.0-1.el7 kf5-kcoreaddons-5.24.0-1.el7 kf5-kcrash-5.24.0-1.el7 kf5-kdbusaddons-5.24.0-1.el7 kf5-kdeclarative-5.24.0-1.el7 kf5-kded-5.24.0-1.el7 kf5-kdelibs4support-5.24.0-1.el7 kf5-kdesignerplugin-5.24.0-1.el7 kf5-kdesu-5.24.0-1.el7 kf5-kdewebkit-5.24.0-1.el7 kf5-kdnssd-5.24.0-1.el7 kf5-kdoctools-5.24.0-1.el7 kf5-kemoticons-5.24.0-1.el7 kf5-kfilemetadata-5.24.0-1.el7 kf5-kglobalaccel-5.24.0-1.el7 kf5-kguiaddons-5.24.0-1.el7 kf5-khtml -5.24.0-1.el7 kf5-ki18n-5.24.0-1.el7 kf5-kiconthemes-5.24.0-1.el7 kf5-kidletime-5.24.0-1.el7 kf5-kimageformats-5.24.0-1.el7 kf5-kinit-5.24.0-1.el7 kf5-kio-5.24.0-1.el7 kf5-kitemmodels-5.24.0-1.el7 kf5-kitemviews-5.24.0-1.el7 kf5-kjobwidgets-5.24.0-1.el7 kf5-kjs-5.24.0-1.el7 kf5-kjsembed-5.24.0-1.el7 kf5-kmediaplayer-5.24.0-1.el7 kf5-knewstuff-5.24.0-1.el7 kf5-knotifications-5.24.0-1.el7 kf5-knotifyconfig-5.24.0-1.el7 kf5-kpackage-5.24.0-1.el7 kf5-kparts-5.24.0-1.el7 kf5-kpeople-5.24.0-1.el7 kf5-kplotting-5.24.0-1.el7 kf5-kpty-5.24.0-1.el7 kf5-kross-5.24.0-1.el7 kf5-krunner-5.24.0-1.el7 kf5-kservice-5.24.0-1.el7 kf5-ktexteditor-5.24.0-1.el7 kf5-ktextwidgets-5.24.0-1.el7 kf5-kunitconversion-5.24.0-1.el7 kf5-kwallet-5.24.0-1.el7 kf5-kwidgetsaddons-5.24.0-1.el7 kf5-kwindowsystem-5.24.0-1.el7 kf5-kxmlgui-5.24.0-1.el7 kf5-kxmlrpcclient-5.24.0-1.el7 kf5-modemmanager-qt-5.24.0-1.el7 kf5-networkmanager-qt-5.24.0-1.el7 kf5-plasma-5.24.0-1.el7 kf5-solid-5.24.0-1.el7 kf5-sonnet-5.24.0-1.el7 kf5 -threadweaver-5.24.0-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-3a667cc289 php-guzzlehttp-guzzle-5.3.1-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing breeze-icon-theme-5.24.0-1.el7 composer-1.2.0-1.el7 drupal7-ctools-1.9-3.el7 extra-cmake-modules-5.24.0-1.el7 kf5-5.24.0-1.el7 kf5-attica-5.24.0-1.el7 kf5-baloo-5.24.0-1.el7 kf5-bluez-qt-5.24.0-1.el7 kf5-frameworkintegration-5.24.0-1.el7 kf5-kactivities-5.24.0-1.el7 kf5-kactivities-stats-5.24.0-1.el7 kf5-kapidox-5.24.0-1.el7 kf5-karchive-5.24.0-1.el7 kf5-kauth-5.24.0-1.el7 kf5-kbookmarks-5.24.0-1.el7 kf5-kcmutils-5.24.0-1.el7 kf5-kcodecs-5.24.0-1.el7 kf5-kcompletion-5.24.0-1.el7 kf5-kconfig-5.24.0-1.el7 kf5-kconfigwidgets-5.24.0-1.el7 kf5-kcoreaddons-5.24.0-1.el7 kf5-kcrash-5.24.0-1.el7 kf5-kdbusaddons-5.24.0-1.el7 kf5-kdeclarative-5.24.0-1.el7 kf5-kded-5.24.0-1.el7 kf5-kdelibs4support-5.24.0-1.el7 kf5-kdesignerplugin-5.24.0-1.el7 kf5-kdesu-5.24.0-1.el7 kf5-kdewebkit-5.24.0-1.el7 kf5-kdnssd-5.24.0-1.el7 kf5-kdoctools-5.24.0-1.el7 kf5-kemoticons-5.24.0-1.el7 kf5-kfilemetadata-5.24.0-1.el7 kf5-kglobalaccel-5.24.0-1.el7 kf5-kguiaddons-5.24.0-1.el7 kf5-khtml-5.24.0-1.el7 kf5-ki18n-5.24.0-1.el7 kf5-kiconthemes-5.24.0-1.el7 kf5-kidletime-5.24.0-1.el7 kf5-kimageformats-5.24.0-1.el7 kf5-kinit-5.24.0-1.el7 kf5-kio-5.24.0-1.el7 kf5-kitemmodels-5.24.0-1.el7 kf5-kitemviews-5.24.0-1.el7 kf5-kjobwidgets-5.24.0-1.el7 kf5-kjs-5.24.0-1.el7 kf5-kjsembed-5.24.0-1.el7 kf5-kmediaplayer-5.24.0-1.el7 kf5-knewstuff-5.24.0-1.el7 kf5-knotifications-5.24.0-1.el7 kf5-knotifyconfig-5.24.0-1.el7 kf5-kpackage-5.24.0-1.el7 kf5-kparts-5.24.0-1.el7 kf5-kpeople-5.24.0-1.el7 kf5-kplotting-5.24.0-1.el7 kf5-kpty-5.24.0-1.el7 kf5-kross-5.24.0-1.el7 kf5-krunner-5.24.0-1.el7 kf5-kservice-5.24.0-1.el7 kf5-ktexteditor-5.24.0-1.el7 kf5-ktextwidgets-5.24.0-1.el7 kf5-kunitconversion-5.24.0-1.el7 kf5-kwallet-5.24.0-1.el7 kf5-kwidgetsaddons-5.24.0-1.el7 kf5-kwindowsystem-5.24.0-1.el7 kf5-kxmlgui-5.24.0-1.el7 kf5-kxmlrpcclient-5.24.0-1.el7 kf5-modemmanager-qt-5.24.0-1.el7 kf5-networkmanager-qt-5.24.0-1.el7 kf5-plasma-5.24.0-1.el7 kf5-solid-5.24.0-1.el7 kf5-sonnet-5.24.0-1.el7 kf5-threadweaver-5.24.0-1.el7 koji-1.10.1-10.el7 lighttpd-1.4.40-1.el7 owncloud-9.0.4-1.el7 php-guzzlehttp-guzzle-5.3.1-1.el7 php-league-flysystem-1.0.25-1.el7 php-mikey179-vfsstream-1.6.4-1.el7 php-pecl-mongodb-1.1.8-3.el7 rabbitmq-server-3.3.5-23.el7 root-6.06.06-2.el7 Details about builds: ================================================================================ breeze-icon-theme-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) Breeze icon theme -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ composer-1.2.0-1.el7 (FEDORA-EPEL-2016-b1e5548d8d) Dependency Manager for PHP -------------------------------------------------------------------------------- Update Information: **Version 1.2.0** - 2016-07-19 * Security: Fixed [httpoxy](https://httpoxy.org/) vulnerability * Fixed `home` command to avoid rogue output on unix * Fixed output of git clones to clearly state when clones are from cache * Added caching of git repositories if you have git 2.3+ installed. Repositories will now be cached once and then cloned from local cache so subsequent installs should be faster * Added detection of HEAD changes to the `status` command. If you `git checkout X` in a vendor directory for example it will tell you that it is not at the version that was installed * Added a virtual `php-ipv6` extension to require PHP compiled with IPv6 support * Added `--no-suggest` to `install` and `update` commands to skip output of suggestions at the end * Added `--type` to the `search` command to restrict to a given package type * Added fossil support as alternative to git/svn/.. for package downloads * Improved BitBucket OAuth support * Added support for blocking cache operations using COMPOSER_CACHE_DIR=/dev/null (or NUL on windows) * Added support for using declare(strict_types=1) in plugins * Added `--prefer- stable` and `--prefer-lowest` to the `require` command * Added `--no-scripts` to the `require` and `remove` commands * Added `_comment` top level key to the schema to endorse using it as a place to store comments (it can be a string or array of strings) * Added support for justinrainbow/json-schema 2.0 * Fixed binaries not being re-installed if deleted by users or the bin-dir changes. `update` and `install` will now re-install them * Many minor UX and docs improvements -------------------------------------------------------------------------------- ================================================================================ drupal7-ctools-1.9-3.el7 (FEDORA-EPEL-2016-7460cbc212) Primarily a set of APIs and tools to improve the developer experience -------------------------------------------------------------------------------- Update Information: This suite is primarily a set of APIs and tools to improve the developer experience. It also contains a module called the Page Manager whose job is to manage pages. In particular it manages panel pages, but as it grows it will be able to manage far more than just Panels. For the moment, it includes the following tools: * Plugins -- tools to make it easy for modules to let other modules implement plugins from .inc files. * Exportables -- tools to make it easier for modules to have objects that live in database or live in code, such as 'default views'. * AJAX responder -- tools to make it easier for the server to handle AJAX requests and tell the client what to do with them. * Form tools -- tools to make it easier for forms to deal with AJAX. * Object caching -- tool to make it easier to edit an object across multiple page requests and cache the editing work. * Contexts -- the notion of wrapping objects in a unified wrapper and providing an API to create and accept these contexts as input. * Modal dialog -- tool to make it simple to put a form in a modal dialog. * Dependent -- a simple form widget to make form items appear and disappear based upon the selections in another item. * Content -- pluggable content types used as panes in Panels and other modules like Dashboard. * Form wizard -- an API to make multi-step forms much easier. * CSS tools -- tools to cache and sanitize CSS easily to make user-input CSS safe. -------------------------------------------------------------------------------- ================================================================================ extra-cmake-modules-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) Additional modules for CMake build system -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) Filesystem and RPM macros for KDE Frameworks 5 -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-attica-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks Tier 1 Addon with Open Collaboration Services API -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-baloo-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) A Tier 3 KDE Frameworks 5 module that provides indexing and search functionality -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-bluez-qt-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) A Qt wrapper for Bluez -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-frameworkintegration-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 4 workspace and cross-framework integration plugins -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kactivities-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) A KDE Frameworks 5 Tier 3 to organize user work into separate activities -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kactivities-stats-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) A KDE Frameworks 5 Tier 3 library for accessing the usage data collected by the activities system -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kapidox-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 4 scripts and data for building API documentation -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-karchive-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 1 addon with archive functions -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kauth-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 2 integration module to perform actions as privileged user -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kbookmarks-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 addon for bookmarks manipulation -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kcmutils-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 addon with extra API to write KConfigModules -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kcodecs-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 1 addon with string manipulation methods -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kcompletion-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 2 addon with auto completion widgets and classes -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kconfig-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 1 addon with advanced configuration system -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kconfigwidgets-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 addon for creating configuration dialogs -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kcoreaddons-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 1 addon with various classes on top of QtCore -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kcrash-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 2 addon for handling application crashes -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kdbusaddons-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 1 addon with various classes on top of QtDBus -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kdeclarative-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 addon for Qt declarative -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kded-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 addon with extensible daemon for system-level services -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kdelibs4support-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 4 module with porting aid from KDELibs 4 -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kdesignerplugin-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 integration module for Qt Designer -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kdesu-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 integration with su -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kdewebkit-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 integration module for QtWebKit -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kdnssd-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 1 integration module for DNS-SD services (Zeroconf) -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kdoctools-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 2 addon for generating documentation -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kemoticons-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 module with support for emoticons and emoticons themes -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kfilemetadata-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) A Tier 2 KDE Framework for extracting file metadata -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kglobalaccel-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 integration module for global shortcuts -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kguiaddons-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 1 addon with various classes on top of QtGui -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-khtml-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 4 solution with KHTML, a HTML rendering engine -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-ki18n-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 1 addon for localization -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kiconthemes-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 integration module with icon themes -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kidletime-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 1 integration module for idle time detection -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kimageformats-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 1 addon with additional image plugins for QtGui -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kinit-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 tier 3 solution for process launching -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kio-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 solution for filesystem abstraction -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kitemmodels-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 1 addon with item models -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kitemviews-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 1 addon with item views -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kjobwidgets-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 2 addon for KJobs -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kjs-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 functional module with JavaScript interpreter -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kjsembed-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 addon for binding JS objects to QObjects -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kmediaplayer-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 module with interface for media player features -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-knewstuff-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 module for downloading application assets -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-knotifications-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 2 solution with abstraction for system notifications -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-knotifyconfig-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 module for KNotify configuration -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kpackage-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 2 library to load and install packages as plugins -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kparts-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 solution for KParts -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kpeople-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 library for contact and people aggregation -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kplotting-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 1 addon for plotting -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kpty-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 2 module providing Pty abstraction -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kross-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 solution for multi-language application scripting -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-krunner-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 solution with parallelized query system -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kservice-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 solution for advanced plugin and service introspection -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-ktexteditor-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 with advanced embeddable text editor -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-ktextwidgets-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 addon with advanced text editing widgets -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kunitconversion-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 2 addon for unit conversions -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kwallet-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 solution for password management -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kwidgetsaddons-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 1 addon with various classes on top of QtWidgets -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kwindowsystem-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 1 integration module with classes for windows management -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kxmlgui-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 solution for user-configurable main windows -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-kxmlrpcclient-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 library for interaction with XML RPC services -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-modemmanager-qt-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) A Tier 1 KDE Frameworks module wrapping ModemManager DBus API -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-networkmanager-qt-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) A Tier 1 KDE Frameworks 5 module that wraps NetworkManager DBus API -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-plasma-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 3 framework is foundation to build a primary user interface -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-solid-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 1 integration module that provides hardware information -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-sonnet-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 1 solution for spell checking -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ kf5-threadweaver-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c) KDE Frameworks 5 Tier 1 addon for advanced thread management -------------------------------------------------------------------------------- Update Information: KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde- frameworks-5.24.0.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files possible to arbitrary system locations https://bugzilla.redhat.com/show_bug.cgi?id=1357410 -------------------------------------------------------------------------------- ================================================================================ koji-1.10.1-10.el7 (FEDORA-EPEL-2016-f7bbdbcf8e) Build system tools -------------------------------------------------------------------------------- Update Information: update to git master upstream, add lmc cosmetic fixes add patch to disable login in koji-web add patch to enable dns in runroot chroots -------------------------------------------------------------------------------- ================================================================================ lighttpd-1.4.40-1.el7 (FEDORA-EPEL-2016-1ec4dd82f2) Lightning fast webserver with light system requirements -------------------------------------------------------------------------------- Update Information: 1.4.40 https://www.lighttpd.net/2016/7/16/1.4.40/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357238 - lighttpd-1.4.40 is available https://bugzilla.redhat.com/show_bug.cgi?id=1357238 -------------------------------------------------------------------------------- ================================================================================ owncloud-9.0.4-1.el7 (FEDORA-EPEL-2016-855b9c1407) Private file sync and share server -------------------------------------------------------------------------------- Update Information: Update to 9.0.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1349700 - Update Fedora.README to clarify the SELinux section https://bugzilla.redhat.com/show_bug.cgi?id=1349700 -------------------------------------------------------------------------------- ================================================================================ php-guzzlehttp-guzzle-5.3.1-1.el7 (FEDORA-EPEL-2016-3a667cc289) PHP HTTP client and webservice framework -------------------------------------------------------------------------------- Update Information: ## 5.3.1 - 2016-07-18 * Address HTTP_PROXY security vulnerability, CVE-2016-5385: https://httpoxy.org/ * Event name fix: https://github.com/guzzle/guzzle/commit/fcae91ff31de41e312fe113ec3acbcda31b2622e * Response header case sensitivity fix: https://github.com/guzzle/guzzle/commit/043eeadf20ee40ddc6712faee4d3957a91f2b041 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357580 - php-guzzlehttp-guzzle-5.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1357580 -------------------------------------------------------------------------------- ================================================================================ php-league-flysystem-1.0.25-1.el7 (FEDORA-EPEL-2016-287b04698a) Filesystem abstraction: Many filesystems, one API -------------------------------------------------------------------------------- Update Information: **Version 1.0.25** - 2016-07-18 * [Local\Ftp] Streams opened with `fopen` now open in binary mode, which is better on Windows environments. -------------------------------------------------------------------------------- ================================================================================ php-mikey179-vfsstream-1.6.4-1.el7 (FEDORA-EPEL-2016-e4f56aa9ba) PHP stream wrapper for a virtual file system -------------------------------------------------------------------------------- Update Information: **Version 1.6.4** (2016-07-18) * fixed #134 type safe directory names, reported and fixed by Sebastian Hopfe -------------------------------------------------------------------------------- ================================================================================ php-pecl-mongodb-1.1.8-3.el7 (FEDORA-EPEL-2016-539597afca) MongoDB driver for PHP -------------------------------------------------------------------------------- Update Information: The purpose of this driver is to provide exceptionally thin glue between MongoDB and PHP, implementing only fundemental and performance-critical components necessary to build a fully-functional MongoDB driver. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1269056 - Review Request: php-pecl-mongodb - MongoDB driver for PHP https://bugzilla.redhat.com/show_bug.cgi?id=1269056 -------------------------------------------------------------------------------- ================================================================================ rabbitmq-server-3.3.5-23.el7 (FEDORA-EPEL-2016-64956c631e) The RabbitMQ server -------------------------------------------------------------------------------- Update Information: * Backports for some issues -------------------------------------------------------------------------------- ================================================================================ root-6.06.06-2.el7 (FEDORA-EPEL-2016-fcc7456b56) Numerical data analysis framework -------------------------------------------------------------------------------- Update Information: ROOT 6.06.06 https://root.cern.ch/doc/v606/release-notes.html#release-6.0606 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357279 - redhat-rpm-config not listed as a dependency https://bugzilla.redhat.com/show_bug.cgi?id=1357279 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list epel-devel@xxxxxxxxxxxxxxxxxxxxxxx https://lists.fedoraproject.org/admin/lists/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
