The following Fedora EPEL 7 Security updates need testing: Age URL 645 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 407 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 126 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-23fa04bf1c redis-3.2.3-1.el7 109 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8f4ff76b3 chicken-4.11.0-3.el7 52 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-ee3cc4d1b6 compat-guile18-1.8.8-14.el7 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-0e9b9b02bb phpMyAdmin-4.4.15.9-1.el7 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-89c47c50a3 mingw-gdk-pixbuf-2.30.8-2.el7 mingw-qt5-qtimageformats-5.6.0-2.el7 mingw-jasper-1.900.28-1.el7 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-bd288eeb9f php-php-gettext-1.0.12-1.el7 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-7059e6dc35 roundcubemail-1.1.7-1.el7 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-fd41ef0987 php-simplesamlphp-saml2-2.3.3-1.el7 php-simplesamlphp-saml2_1-1.10.3-1.el7 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-967040283d lxc-1.0.9-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-090cbd0a83 botan-1.10.14-3.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing asio-1.10.8-1.el7 botan-1.10.14-3.el7 fedora-packager-0.6.0.0-3.el7 fedpkg-minimal-1.1.0-7.el7 ioping-1.0-1.el7 koji-1.11.0-1.el7 ninja-build-1.7.2-2.el7 perl-Compress-Raw-Lzma-2.061-2.el7 psysh-0.8.0-1.el7 youtube-dl-2016.12.09-1.el7 Details about builds: ================================================================================ asio-1.10.8-1.el7 (FEDORA-EPEL-2016-24d5d82964) A cross-platform C++ library for network programming -------------------------------------------------------------------------------- Update Information: update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1396638 - asio FTBFS https://bugzilla.redhat.com/show_bug.cgi?id=1396638 -------------------------------------------------------------------------------- ================================================================================ botan-1.10.14-3.el7 (FEDORA-EPEL-2016-090cbd0a83) Crypto library written in C++ -------------------------------------------------------------------------------- Update Information: ### Botan 1.10.14 ### * NOTE WELL: Botan 1.10.x is supported for security patches only until 2017-12-31 * Fix integer overflow during BER decoding, found by Falko Strenzke. This bug is not thought to be directly exploitable but upgrading ASAP is advised. (CVE-2016-9132) * Fix two cases where (in error situations) an exception would be thrown from a destructor, causing a call to std::terminate. * When RC4 is disabled in the build, also prevent it from being included in the OpenSSL provider. (GH #638) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1400894 - CVE-2016-9132 botan: Integer overflow in BER decoder https://bugzilla.redhat.com/show_bug.cgi?id=1400894 -------------------------------------------------------------------------------- ================================================================================ fedora-packager-0.6.0.0-3.el7 (FEDORA-EPEL-2016-b92463563b) Tools for setting up a fedora maintainer environment -------------------------------------------------------------------------------- Update Information: Updates needed for the fedora infra flag day 2016 Dependency on krb5-workstation fixed. ---- Add --new-chroot option for runroot plugin, allowing mock inside koji to use systemd-nspawn style chroot. -------------------------------------------------------------------------------- ================================================================================ fedpkg-minimal-1.1.0-7.el7 (FEDORA-EPEL-2016-5e10c95014) Script to allow fedpkg fetch to work -------------------------------------------------------------------------------- Update Information: needed to fix building with flag day changes ---- updates needed for new sources format ---- This update provides handling for the new sources format created as part of the flag day changes. -------------------------------------------------------------------------------- ================================================================================ ioping-1.0-1.el7 (FEDORA-EPEL-2016-ddc912c649) Simple disk I/O latency monitoring tool -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- ================================================================================ koji-1.11.0-1.el7 (FEDORA-EPEL-2016-b92463563b) Build system tools -------------------------------------------------------------------------------- Update Information: Updates needed for the fedora infra flag day 2016 Dependency on krb5-workstation fixed. ---- Add --new-chroot option for runroot plugin, allowing mock inside koji to use systemd-nspawn style chroot. -------------------------------------------------------------------------------- ================================================================================ ninja-build-1.7.2-2.el7 (FEDORA-EPEL-2016-b8e2abd1bc) A small build system with a focus on speed -------------------------------------------------------------------------------- Update Information: Update to 1.7.2 -------------------------------------------------------------------------------- ================================================================================ perl-Compress-Raw-Lzma-2.061-2.el7 (FEDORA-EPEL-2016-631b5111aa) Low-level interface to lzma compression library -------------------------------------------------------------------------------- Update Information: This updated version of the package is built against the new xz 5.2.2 in EL 7.3. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1403868 - Error: Package: perl-Compress-Raw-Lzma-2.061-1.el7.x86_64 (@epel) Requires: xz-libs(x86-64) = 5.1.2 https://bugzilla.redhat.com/show_bug.cgi?id=1403868 -------------------------------------------------------------------------------- ================================================================================ psysh-0.8.0-1.el7 (FEDORA-EPEL-2016-03e624d8e6) A runtime developer console, interactive debugger and REPL for PHP -------------------------------------------------------------------------------- Update Information: ## v0.8.0 #### New * Add a Hoa\Console-based pure PHP readline fallback, for PHP installs compiled without readline or libedit (Thanks @zonuexe) * Automatically check for updates (Thanks @eeree!) * Add an updateCheck frequency configuration. It defaults to weekly, but you can set it to always, daily, weekly, monthly or never. * Update to PHP Parser v3.0, with better PHP 7.1 support (Thanks @GrahamCampbell!) * Add support for language constructs (isset, unset, empty, etc) in the doc command. * Build a psysh-compat as well as psysh Phar. The second Phar contains polyfills for intl and readline. It's quite a bit bigger, but also quite a bit more useful for PHP installs without all the bells and whistles. #### Improved * Fix "uninitialized string offset" in autocomplete matchers. * Prevent PHP's built-in webserver from hanging after debugging (Thanks @5tevan!) * Allow recursive static calls when defining classes. * Shrink compiled Phar size by ~10%. * Fix VarDumper truncating null bytes in output. * Add support for multiline comment input. * Catch invalid pass by reference arguments. * Better handling for Error in newer PHPs. * Better formatting for error output. * Build Phar with detect_unicode=Off if compiled under PHP 5.3, because PHP 5.3. * Various fixes for HHVM tests. #### And a couple of things I'm prolly more excited about than you: * Test the lowest versions of all dependencies in CI. They're all currently failing, but it's a start :) * Speed up CI builds by disabling xdebug. * Build GitHub releases on CI for great justice. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1403040 - psysh-0.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1403040 -------------------------------------------------------------------------------- ================================================================================ youtube-dl-2016.12.09-1.el7 (FEDORA-EPEL-2016-522dd00d66) A small command-line program to download online videos -------------------------------------------------------------------------------- Update Information: Update to the latest upstream -------------------------------------------------------------------------------- References: [ 1 ] Bug #1400607 - youtube-dl-2016.12.09 is available https://bugzilla.redhat.com/show_bug.cgi?id=1400607 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
