The following Fedora EPEL 7 Security updates need testing: Age URL 703 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 466 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 184 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-23fa04bf1c redis-3.2.3-1.el7 168 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8f4ff76b3 chicken-4.11.0-3.el7 48 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7 15 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-555b5847ec drupal7-title-1.0-0.7.alpha9.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-cf95057959 viewvc-1.1.26-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-0f3297a19b nagios-4.2.4-2.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing apiviz-1.3.2-13.el7 flr-0.0.2-1.el7 iperf3-3.1.6-1.el7 jmock-2.8.2-2.el7 mate-terminal-1.16.2-1.el7 nagios-4.2.4-2.el7 nrpe-3.0.1-1.el7 os-maven-plugin-1.2.3-6.el7 php-cs-fixer-2.0.1-1.el7 php-pecl-zendopcache-7.0.5-2.el7 php-phpunit-PHPUnit-4.8.35-1.el7 python-ansible-tower-cli-3.0.3-1.el7 python-bugzilla-2.0.0-1.el7 qt5ct-0.30-1.el7 shrinkwrap-1.2.3-2.el7 tripwire-2.4.3.2-1.el7 xrootd-4.6.0-1.el7 Details about builds: ================================================================================ apiviz-1.3.2-13.el7 (FEDORA-EPEL-2017-e98c397932) APIviz is a JavaDoc doclet to generate class and package diagrams -------------------------------------------------------------------------------- Update Information: Applying the fedora patches to EPEL7. -------------------------------------------------------------------------------- ================================================================================ flr-0.0.2-1.el7 (FEDORA-EPEL-2017-640794de99) Fedora Releng python libraries and command line tools -------------------------------------------------------------------------------- Update Information: Update to latest upstream ---- First release of flr for Fedora. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1411502 - Review Request: flr - Fedora RelEng python libraries and command line tools https://bugzilla.redhat.com/show_bug.cgi?id=1411502 -------------------------------------------------------------------------------- ================================================================================ iperf3-3.1.6-1.el7 (FEDORA-EPEL-2017-3cce0800e6) Measurement tool for TCP/UDP bandwidth performance -------------------------------------------------------------------------------- Update Information: Minor updates and fixes -------------------------------------------------------------------------------- ================================================================================ jmock-2.8.2-2.el7 (FEDORA-EPEL-2017-c878b5542e) Java library for testing code with mock objects -------------------------------------------------------------------------------- Update Information: Package jmock for EPEL7 -------------------------------------------------------------------------------- ================================================================================ mate-terminal-1.16.2-1.el7 (FEDORA-EPEL-2017-ba680f54d6) Terminal emulator for MATE -------------------------------------------------------------------------------- Update Information: - update to 1.16.2 ---- - fix rhbz (#1398234), (#1417365), (#1399641) -------------------------------------------------------------------------------- ================================================================================ nagios-4.2.4-2.el7 (FEDORA-EPEL-2017-0f3297a19b) Host/service/network monitoring program -------------------------------------------------------------------------------- Update Information: Major Update. Fixes various CVE and other issues. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288989 - nagios crashes on start in case host template contains empty property https://bugzilla.redhat.com/show_bug.cgi?id=1288989 [ 2 ] Bug #1289710 - Nagios 4.0.8 does not expand contact macro correctly https://bugzilla.redhat.com/show_bug.cgi?id=1289710 [ 3 ] Bug #1299166 - nagios: Worker: Unknown jobtype: 10 https://bugzilla.redhat.com/show_bug.cgi?id=1299166 [ 4 ] Bug #1322666 - Selinux prevents checks from running https://bugzilla.redhat.com/show_bug.cgi?id=1322666 [ 5 ] Bug #1329857 - Update EPEL7 nagios 4.0.8 to 4.1.1 https://bugzilla.redhat.com/show_bug.cgi?id=1329857 [ 6 ] Bug #1330627 - Error: Could not read object configuration data! https://bugzilla.redhat.com/show_bug.cgi?id=1330627 [ 7 ] Bug #1341683 - Worker 26676: Unknown jobtype: 10 https://bugzilla.redhat.com/show_bug.cgi?id=1341683 [ 8 ] Bug #1405365 - CVE-2016-9565 nagios: Command injection via curl in MagpieRSS [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1405365 [ 9 ] Bug #1411399 - nagios componentes outdated and vulnerable https://bugzilla.redhat.com/show_bug.cgi?id=1411399 -------------------------------------------------------------------------------- ================================================================================ nrpe-3.0.1-1.el7 (FEDORA-EPEL-2017-7a7f004578) Host/service/network monitoring agent for Nagios -------------------------------------------------------------------------------- Update Information: Update to 3.0.1. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1190708 - nrpe.service does not support reload for systemd https://bugzilla.redhat.com/show_bug.cgi?id=1190708 -------------------------------------------------------------------------------- ================================================================================ os-maven-plugin-1.2.3-6.el7 (FEDORA-EPEL-2017-dd0dc28b74) Maven plugin for generating platform-dependent properties -------------------------------------------------------------------------------- Update Information: Packages os-maven-plugin for EPEL7 -------------------------------------------------------------------------------- ================================================================================ php-cs-fixer-2.0.1-1.el7 (FEDORA-EPEL-2017-cbf9d727e2) A tool to automatically fix PHP code style -------------------------------------------------------------------------------- Update Information: **Changelog for v2.0.1** * bug #2357 Better handling of file name that is the same in multiple finder paths (keradus) * bug #2373 FunctionDeclarationFixer - Fix static anonymous functions (SpacePossum) * bug #2377 PhpdocSeparationFixer - Ignore incorrect PHPDoc (SpacePossum, keradus) * bug #2388 PhpdocAlignFixer - unicode characters support (SpacePossum) * bug #2399 HashToSlashCommentFixer - Fix edge cases (SpacePossum) * bug #2403 ClassDefinitionFixer - Anonymous classes format by PSR12 (SpacePossum) * bug #2408 SingleClassElementPerStatementFixer, PhpdocSeparationFixer - add missing WhitespacesAwareFixerInterface interface (keradus) * bug #2425 ClassKeywordRemoveFixer - Fix handling leading backslash and comments (SpacePossum) * bug #2430 PhpdocAlignFixer - Fix alignment of variadic params. (SpacePossum) * bug #2437 NoWhitespaceInBlankLineFixer - Fix more cases (SpacePossum) * bug #2444 MbStrFunctionsFixer - handle return reference in method declaration (SpacePossum) * bug #2449 PhpdocAlignFixer - don't crash poorly formatted phpdoc (GrahamCampbell) * bug #2477 BracesFixer - Do not remove white space inside declare statement (SpacePossum) * bug #2481 Fix priorities between declare_strict_types and blank_line_after_opening_tag (juliendufresne, keradus) * bug #2507 NoClosingTagFixer - Do not insert semicolon in comment (SpacePossum) * minor #2347 UPGRADE.md - Fix multi-row description (drAlberT, keradus) * minor #2352 Corrected method visibility (GrahamCampbell) * minor #2353 Fix: Typos (localheinz) * minor #2354 Enhancement: Allow to specify minimum and maximum PHP versions for code samples (localheinz) * minor #2356 Fixed spelling on "blank line" (GrahamCampbell) * minor #2361 ConfigurationResolver - Reject unknown rules (localheinz) * minor #2368 clean ups (SpacePossum, localheinz) * minor #2380 DescribeCommand - filter code samples and output note when none can be demonstrated (localheinz) * minor #2381 Tests - Do not use annotations for asserting exceptions (localheinz, keradus) * minor #2382 Consistently provide a default configuration field (localheinz) * minor #2383 update .php_cs.dist configuration (keradus) * minor #2386 PHP7.1 Integration test - Add features added in PHP7.1. (SpacePossum) * minor #2392 FixCommandHelp - fix typo (keradus) * minor #2393 Remove overcomplete tests (SpacePossum) * minor #2394 Update .gitattributes (SpacePossum) * minor #2395 NoEmptyCommentFixer - Fix typo (fritz-c) * minor #2396 MethodArgumentSpaceFixer - scope down endpoint (SpacePossum) * minor #2397 RuleSet - Check risky (SpacePossum, keradus) * minor #2400 Add Fixer descriptions (SpacePossum) * minor #2401 Fix UPGRADE.md (issei-m) * minor #2405 Transformers - Must be final (SpacePossum) * minor #2406 ProtectedToPrivateFixer - Use backticks for visibility in description (localheinz) * minor #2407 Add tests for not abusing interfaces (keradus) * minor #2410 DX: Keep packages sorted (localheinz) * minor #2412 Enhancement: Add more descriptions (localheinz) * minor #2413 Update Symfony ruleset (fabpot) * minor #2419 README.rst - use double backticks for code pieces in rule descriptions (keradus) * minor #2422 BracesFixer - cleanup code after introducing CT::T_FUNCTION_IMPORT (keradus) * minor #2426 .php_cs.dist - update local CS config (keradus) * minor #2428 SCA with Php Inspections (EA Extended) (kalessil) * minor #2433 AbstractFixerTestCase - give all the details available during catch (Slamdunk) * minor #2434 COOKBOOK- FIXERS.md - Replace reference to outdated class with current (greg0ire) * minor #2436 MethodArgumentSpaceFixer - Remove duplicate class name (greg0ire) * minor #2441 IndentationTypeFixer - Fix description and upgrade guide (SpacePossum) * minor #2443 AppVeyor - update configuration (keradus) * minor #2447 .php_cs.dist - update local CS config (keradus) * minor #2452 Provide rules definitions (keradus) * minor #2455 NoMultilineWhitespaceAroundDoubleArrowFixer - Add missing priority test (SpacePossum) * minor #2466 Provide rules definitions (keradus) * minor #2470 README.rst - explain the usage of "--path-mode" parameter (kalimatas) * minor #2474 Housekeeping (SpacePossum) * minor #2487 UPGRADE.md - Fix typo (SpacePossum) * minor #2493 FixCommand - Output warning message when both config and rules options are passed (SpacePossum) * minor #2496 DX: Travis - check for trailing spaces (keradus) * minor #2499 FileSpecificCodeSample - Specify class name relative to root namespace (localheinz, keradus) * minor #2506 SCA (SpacePossum) * minor #2515 Fix code indentation (keradus) * minor #2521 SCA trailing spces check - ouput lines with trailing white space (SpacePossum) * minor #2522 Fix docs and small code issues (keradus) -------------------------------------------------------------------------------- ================================================================================ php-pecl-zendopcache-7.0.5-2.el7 (FEDORA-EPEL-2017-d51b801025) The Zend OPcache -------------------------------------------------------------------------------- Update Information: Add security mitigation fix backported from PHP 5.6: * php#69090 check cached files permissions This change introduce 2 new configuration options: * **opcache.validate_permission** (default 0): leads OPcache to check file readability on each access to cached file. This directive should be enabled in shared hosting environment, when few users (PHP-FPM pools) reuse the common OPcache shared memory. * **opcache.validate_root** (default 0): prevent name collisions in chroot'ed environment. This directive prevents file name collisions in different "chroot" environments. It should be enabled for sites that may serve requests in different "chroot" environments. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1409317 - backport security fix #69090 for OPcache https://bugzilla.redhat.com/show_bug.cgi?id=1409317 -------------------------------------------------------------------------------- ================================================================================ php-phpunit-PHPUnit-4.8.35-1.el7 (FEDORA-EPEL-2017-264c0092cd) The PHP Unit Testing framework -------------------------------------------------------------------------------- Update Information: **Version 4.8.35** - 2017-02-06 * Backported the forward compatibility layer for PHPUnit 6 from PHPUnit 5 so that `PHPUnit\Framework\TestCase` can be used instead of `PHPUnit_Framework_TestCase` ----- **Version 4.8.34** - 2017-01-26 * Fixed [#2447](https://github.com/sebastianbergmann/phpunit/issues/2447): Reverted backwards incompatible change to handling of boolean environment variable values specified in XML ---- **Version 4.8.33** - 2017-01-25 * Fixed [#1983](https://github.com/sebastianbergmann/phpunit/pull/1983): Tests with `@expectedException` annotation cannot be skipped * Fixed [#2275](https://github.com/sebastianbergmann/phpunit/pull/2275): Invalid UTF-8 characters can lead to missing output * Fixed [#2331](https://github.com/sebastianbergmann/phpunit/issues/2331): Boolean environment variable values specified in XML get mangled * Fixed [#2392](https://github.com/sebastianbergmann/phpunit/issues/2392): Empty (but valid) data provider should skip the test * Fixed [#2431](https://github.com/sebastianbergmann/phpunit/issues/2431): `assertArraySubset()` does not support `ArrayAccess` ---- **Version 4.8.32** - 2017-01-22 * Fixed [#2428](https://github.com/sebastianbergmann/phpunit/pull/2428): Nested arrays specificied in XML configuration file are not handled correctly ---- **Version 4.8.31** - 2016-12-09 * Fixed [#2384](https://github.com/sebastianbergmann/phpunit/pull/2384): Handle `PHPUnit_Framework_Exception` correctly when expecting exceptions ---- **Version 4.8.30** - 2016-12-02 * Fixed [#2367](https://github.com/sebastianbergmann/phpunit/pull/2367): Bug in `PHPUnit_Util_Test::parseAnnotationContent()` * Fixed [#2375](https://github.com/sebastianbergmann/phpunit/issues/2375): Invalid regular expression for `--filter` causes PHP warning ---- **Version 4.8.29** - 2016-11-20 * Bumped the required version of `sebastian/comparator` ---- **Version 4.8.28** - 2016-11-14 * Improved the fix for [#1955](https://github.com/sebastianbergmann/phpunit/issues/1955): Process isolation fails when running tests with `phpdbg -qrr` -------------------------------------------------------------------------------- ================================================================================ python-ansible-tower-cli-3.0.3-1.el7 (FEDORA-EPEL-2017-2b3704203a) A CLI tool for Ansible Tower -------------------------------------------------------------------------------- Update Information: update to 3.0.3 -------------------------------------------------------------------------------- ================================================================================ python-bugzilla-2.0.0-1.el7 (FEDORA-EPEL-2017-9bdff7c3d8) A python library and tool for interacting with Bugzilla -------------------------------------------------------------------------------- Update Information: * Rebased to version 2.0.0 * Several fixes for use with bugzilla 5 * This release contains several smallish API breaks: * Bugzilla.bug_autorefresh now defaults to False * Credentials are now cached in ~/.cache/python-bugzilla/ * bin/bugzilla was converted to argparse * bugzilla query --boolean_chart option is removed * Unify command line flags across sub commands -------------------------------------------------------------------------------- ================================================================================ qt5ct-0.30-1.el7 (FEDORA-EPEL-2017-a4e26eb0d6) Qt5 Configuration Tool -------------------------------------------------------------------------------- Update Information: new version 0.30 ---- new version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1419295 - qt5ct-0.30 is available https://bugzilla.redhat.com/show_bug.cgi?id=1419295 [ 2 ] Bug #1416400 - qt5ct-0.29 is available https://bugzilla.redhat.com/show_bug.cgi?id=1416400 -------------------------------------------------------------------------------- ================================================================================ shrinkwrap-1.2.3-2.el7 (FEDORA-EPEL-2017-c5103075f3) A simple mechanism to assemble Java archives -------------------------------------------------------------------------------- Update Information: Package shrinkwrap java library for EPEL7 -------------------------------------------------------------------------------- ================================================================================ tripwire-2.4.3.2-1.el7 (FEDORA-EPEL-2017-c451d02b31) IDS (Intrusion Detection System) -------------------------------------------------------------------------------- Update Information: update to 2.4.3.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #830999 - tripwire cron should send mail to configured recipients https://bugzilla.redhat.com/show_bug.cgi?id=830999 -------------------------------------------------------------------------------- ================================================================================ xrootd-4.6.0-1.el7 (FEDORA-EPEL-2017-9b2cd39ee3) Extended ROOT file server -------------------------------------------------------------------------------- Update Information: New version 4.6.0, release notes are here: https://github.com/xrootd/xrootd/blob/v4.6.0/docs/ReleaseNotes.txt -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
