The following Fedora EPEL 7 Security updates need testing: Age URL 677 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 439 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 158 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-23fa04bf1c redis-3.2.3-1.el7 141 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8f4ff76b3 chicken-4.11.0-3.el7 21 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7 18 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-0fa3a954b0 borgbackup-1.0.9-1.el7 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-bb32162e83 php-swiftmailer-5.4.5-1.el7 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-92129d651d exim-4.88-2.el7 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-770d2afc7d mingw-flac-1.3.2-1.el7 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-fbb2447c6e php-PHPMailer-5.2.22-1.el7 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-80cfb13391 moodle-3.2.1-1.el7 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-3d29bf8e34 php-ZendFramework2-2.4.11-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-f1acebb58b wordpress-4.7.1-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-6ee140a6d3 fedmsg-0.18.2-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing bodhi-2.3.3-2.el7 fedfind-3.2.5-1.el7 fedmsg-0.18.2-1.el7 golang-github-davecgh-go-spew-0-0.10.git3e6e67c.el7 golang-github-hashicorp-hcl-0-0.10.gitef8133d.el7 golang-github-magiconair-properties-1.5.3-5.el7 golang-github-mitchellh-mapstructure-0-0.13.gitca63d7c.el7 golang-github-spf13-pflag-0-0.16.gitc7e63cf.el7 golang-googlecode-go-crypto-0-0.13.git81372b2.el7 golang-googlecode-text-0-0.16.git04b8648.el7 python-fedmsg-atomic-composer-2016.3-1.el7 uwsgi-2.0.14-6.el7 Details about builds: ================================================================================ bodhi-2.3.3-2.el7 (FEDORA-EPEL-2016-cd060eeb3c) A modular framework that facilitates publishing software updates -------------------------------------------------------------------------------- Update Information: Update python-fedmsg-atomic-composer to [2016.3](https://github.com/fedora-infra /fedmsg-atomic-composer/releases/tag/2016.3) and bodhi to [2.3.0](https://github.com/fedora-infra/bodhi/releases/tag/2.3.0). Update bodhi to [2.3.1](https://github.com/fedora-infra/bodhi/releases/tag/2.3.1). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1389519 - bodhi-server and bodhi-client don't include the release in their Requires on python2-bodhi https://bugzilla.redhat.com/show_bug.cgi?id=1389519 -------------------------------------------------------------------------------- ================================================================================ fedfind-3.2.5-1.el7 (FEDORA-EPEL-2017-46580dcf29) Fedora Finder finds Fedora -------------------------------------------------------------------------------- Update Information: This update provides a new version of fedfind with support for the new stable nightly Docker composes (they contain only Docker base images for a couple of arches). -------------------------------------------------------------------------------- ================================================================================ fedmsg-0.18.2-1.el7 (FEDORA-EPEL-2017-6ee140a6d3) Tools for Fedora Infrastructure real-time messaging -------------------------------------------------------------------------------- Update Information: Fix validation logic in the base consumer The base consumer is intended to only derive its validation switch from the on-disk configuration if the child class doesn't override the validate_signatures switch. There was a bug here where the default value provided in the base class made it appear as if *all* child consumers had turned *off* validation, which is incorrect. This fix turns on signature validation by default while preserving the ability of child consumers to override the on-disk configuration in special cases. - Fixes: CVE-2017-1000001 - Reviewed-by: Patrick Uiterwijk -------------------------------------------------------------------------------- ================================================================================ golang-github-davecgh-go-spew-0-0.10.git3e6e67c.el7 (FEDORA-EPEL-2017-67b8cdcd9e) Deep pretty printer for Go data structures to aid in debug -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1248791 - Tracker for golang-github-davecgh-go-spew https://bugzilla.redhat.com/show_bug.cgi?id=1248791 -------------------------------------------------------------------------------- ================================================================================ golang-github-hashicorp-hcl-0-0.10.gitef8133d.el7 (FEDORA-EPEL-2017-78a5afc356) HCL is a configuration language -------------------------------------------------------------------------------- Update Information: Bump to upstream ef8133da8cda503718a74741312bf50821e6de79 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1250468 - Tracker for golang-github-hashicorp-hcl https://bugzilla.redhat.com/show_bug.cgi?id=1250468 -------------------------------------------------------------------------------- ================================================================================ golang-github-magiconair-properties-1.5.3-5.el7 (FEDORA-EPEL-2017-bbfc0a6da8) Java properties scanner for Go -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1413067 - Tracker for golang-github-magiconair-properties https://bugzilla.redhat.com/show_bug.cgi?id=1413067 -------------------------------------------------------------------------------- ================================================================================ golang-github-mitchellh-mapstructure-0-0.13.gitca63d7c.el7 (FEDORA-EPEL-2017-62e17f2dc4) Go library for decoding generic map values into native Go structures -------------------------------------------------------------------------------- Update Information: Bump to upstream ca63d7c062ee3c9f34db231e352b60012b4fd0c1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1243892 - Tracker for golang-github-mitchellh-mapstructure https://bugzilla.redhat.com/show_bug.cgi?id=1243892 -------------------------------------------------------------------------------- ================================================================================ golang-github-spf13-pflag-0-0.16.gitc7e63cf.el7 (FEDORA-EPEL-2017-7a60dada5c) Replacement for Go's flag package -------------------------------------------------------------------------------- Update Information: Bump to upstream c7e63cf4530bcd3ba943729cee0efeff2ebea63f -------------------------------------------------------------------------------- References: [ 1 ] Bug #1214731 - Tracker for golang-github-spf13-pflag https://bugzilla.redhat.com/show_bug.cgi?id=1214731 -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-go-crypto-0-0.13.git81372b2.el7 (FEDORA-EPEL-2017-94c4b52a1e) Supplementary Go cryptography libraries -------------------------------------------------------------------------------- Update Information: Bump to upstream 81372b2fc2f10bef2a7f338da115c315a56b2726 ---- Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1231618 - Tracker for golang-googlecode-go-crypto https://bugzilla.redhat.com/show_bug.cgi?id=1231618 -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-text-0-0.16.git04b8648.el7 (FEDORA-EPEL-2017-510dbeda14) Supplementary Go text libraries -------------------------------------------------------------------------------- Update Information: Bump to upstream 04b8648d973c126ae60143b3e1473bc1576c7597 ---- Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1254601 - Tracker for golang-googlecode-text https://bugzilla.redhat.com/show_bug.cgi?id=1254601 -------------------------------------------------------------------------------- ================================================================================ python-fedmsg-atomic-composer-2016.3-1.el7 (FEDORA-EPEL-2016-cd060eeb3c) Composes atomic trees when Fedora repositories are updated -------------------------------------------------------------------------------- Update Information: Update python-fedmsg-atomic-composer to [2016.3](https://github.com/fedora-infra /fedmsg-atomic-composer/releases/tag/2016.3) and bodhi to [2.3.0](https://github.com/fedora-infra/bodhi/releases/tag/2.3.0). Update bodhi to [2.3.1](https://github.com/fedora-infra/bodhi/releases/tag/2.3.1). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1389519 - bodhi-server and bodhi-client don't include the release in their Requires on python2-bodhi https://bugzilla.redhat.com/show_bug.cgi?id=1389519 -------------------------------------------------------------------------------- ================================================================================ uwsgi-2.0.14-6.el7 (FEDORA-EPEL-2017-37685faf8d) Fast, self-healing, application container server -------------------------------------------------------------------------------- Update Information: Adding the cheaper_busyness plugin (Jorge Gallegos) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1413076 - Package uwsgi busyness ("cheaper_busyness") plugin https://bugzilla.redhat.com/show_bug.cgi?id=1413076 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
