The following Fedora EPEL 7 Security updates need testing: Age URL 706 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 468 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 187 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-23fa04bf1c redis-3.2.3-1.el7 171 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8f4ff76b3 chicken-4.11.0-3.el7 51 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-04bc9dd81d libbsd-0.8.3-1.el7 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-cf95057959 viewvc-1.1.26-1.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-0f3297a19b nagios-4.2.4-2.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e2cea1c22d python-cjson-1.1.0-9.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-920059d2ed mingw-wavpack-5.1.0-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing atoum-2.9.0-1.el7 dayjournal-23.0.6-1.el7 dia-0.97.3-6.el7 fedfind-3.4.3-1.el7 mingw-wavpack-5.1.0-1.el7 php-cs-fixer-2.1.0-1.el7 php-horde-Horde-Icalendar-2.1.6-1.el7 php-smbclient-0.9.0-1.el7 python-cached_property-1.3.0-7.el7 python-freezegun-0.1.19-1.el7 python-productmd-1.4-2.el7 Details about builds: ================================================================================ atoum-2.9.0-1.el7 (FEDORA-EPEL-2017-4d2935dc2e) PHP Unit Testing framework -------------------------------------------------------------------------------- Update Information: **Version 2.9.0** - 2017-02-11 * [#667](https://github.com/atoum/atoum/pull/667) Assert on array values using `mageekguy\atoum\asserters\phpArray::$values` ([krtek4]) * [#682](https://github.com/atoum/atoum/pull/682) Do not call parent class when mocking as interface ([mageekguy]) * [#679](https://github.com/atoum/atoum/pull/679) Copy `PHP_IDE_CONFIG` into forked processes ([mvrhov]) * [#678](https://github.com/atoum/atoum/pull/678) Each mock instance can be made unique by calling `eachInstanceIsUnique` on the mock generator ([mageekguy]) **Version 2.9.0-beta1** - 2016-10-08 * [#604](https://github.com/atoum/atoum/pull/604) Add a `addConfigurationCallable` method on the runner to allow extensions to register themselves ([agallou], [jubianchi]) * [#634](https://github.com/atoum/atoum/pull/634) Only one extension of a kind can be loaded. Extensions can be unloaded ([agallou], [jubianchi]) * [#619](https://github.com/atoum/atoum/pull/619) Add branches and paths coverage support to AtoumTask for Phing ([oxman]) * [#633](https://github.com/atoum/atoum/pull/633) Mock generator correctly handles the `self` return type ([jubianchi]) * [#637](https://github.com/atoum/atoum/pull/637) Errors are displayed in the TAP report ([jubianchi]) -------------------------------------------------------------------------------- ================================================================================ dayjournal-23.0.6-1.el7 (FEDORA-EPEL-2017-a15061e4e9) Digital journal that uses plain text files -------------------------------------------------------------------------------- Update Information: new package DayJournal is a text based journal program. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1409884 - Review Request: dayjournal - Digital journal that uses plain text files https://bugzilla.redhat.com/show_bug.cgi?id=1409884 -------------------------------------------------------------------------------- ================================================================================ dia-0.97.3-6.el7 (FEDORA-EPEL-2017-32724ea19e) Diagram drawing program -------------------------------------------------------------------------------- Update Information: The Dia drawing program can be used to draw different types of diagrams, and includes support for UML static structure diagrams (class diagrams), entity relationship modeling, and network diagrams. Dia can load and save diagrams to a custom file format, can load and save in .xml format, and can export to PostScript(TM). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1140966 - Please build an EPEL7 version of dia https://bugzilla.redhat.com/show_bug.cgi?id=1140966 -------------------------------------------------------------------------------- ================================================================================ fedfind-3.4.3-1.el7 (FEDORA-EPEL-2017-3d9caeaaae) Fedora compose and image finder -------------------------------------------------------------------------------- Update Information: This update provides a new version of fedfind. The main change is that the synthesized metadata for non-Pungi 4 composes has been enhanced to include a `composeinfo` dict, and `disc_number` items in the image dicts. These changes are necessary for `resultsdb_conventions` to work with the synthesized metadata. Another change is that `fedfind.release.get_release(url='someurl')` will no longer return generic `Pungi4Release` instances for URLs in unknown domains, as Patrick van Uiterwijk suggested it may constitute a potential security problem in some use cases. If this change causes you trouble, please report an issue or contact me and it may be possible to restore the old behaviour as an option. On EPEL 7, there is now a Python 3 build of the fedfind library (currently `python34-fedfind`), and the `fedfind` CLI tool now uses the Python 3 library. The other updated packages also gain Python 3 builds of their libraries (they are all in fedfind's dependency chains). `freezegun` is updated to the last release in the 0.1 series, 0.1.19, which should be compatible with the previously-packaged version (0.1.12). On EPEL 6, the other packages don't change significantly, but the package spec files were adjusted a bit so I went ahead and built the packages. -------------------------------------------------------------------------------- ================================================================================ mingw-wavpack-5.1.0-1.el7 (FEDORA-EPEL-2017-920059d2ed) Completely open audiocodec -------------------------------------------------------------------------------- Update Information: Update wavpack to 5.1.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1417860 - CVE-2016-10169 CVE-2016-10170 CVE-2016-10171 CVE-2016-10172 mingw-wavpack: various flaws [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1417860 [ 2 ] Bug #1420680 - Update to 5.1.0 https://bugzilla.redhat.com/show_bug.cgi?id=1420680 -------------------------------------------------------------------------------- ================================================================================ php-cs-fixer-2.1.0-1.el7 (FEDORA-EPEL-2017-0c2891fe76) A tool to automatically fix PHP code style -------------------------------------------------------------------------------- Update Information: **Changelog for v2.1.0** * feature #2124 Add TernaryToNullCoalescingFixer (Slamdunk, SpacePossum) * feature #2280 Configurable OrderedImportsFixer (DarkaOnLine) * feature #2351 Enhancement: Allow to configure return_type_declaration rule (localheinz) * feature #2359 Add PhpdocNoUselessInheritdocFixer (SpacePossum, keradus) * feature #2414 Add PhpdocReturnSelfReferenceFixer (SpacePossum) * feature #2415 Add IsNullFixer (kalessil, keradus) * feature #2421 BracesFixer - Add allow_single_line_closure configuration (keradus) * feature #2461 PhpdocNoUselessInheritdocFixer - support multiline docblock (keradus) * feature #2462 Add NativeFunctionInvocationFixer (localheinz, keradus, Slamdunk) * feature #2478 DeclareEqualNormalizeFixer - Add config option (SpacePossum) * feature #2494 FixCommand - Support rules with params (ptcong, keradus) * minor #2452 Provide rules definitions (keradus) * minor #2460 RuleSet - extend Symfony (keradus) * minor #2483 DX: AbstractIntegrationTestCase does not use IntegrationCase::shouldCheckPriority, logic is now automated and method is now deprecated (keradus) * minor #2488 IsNullFixer - Fix bug when calling without params (SpacePossum) * minor #2519 remove trailing whitespace (keradus) ---- **Changelog for v2.0.1** * bug #2357 Better handling of file name that is the same in multiple finder paths (keradus) * bug #2373 FunctionDeclarationFixer - Fix static anonymous functions (SpacePossum) * bug #2377 PhpdocSeparationFixer - Ignore incorrect PHPDoc (SpacePossum, keradus) * bug #2388 PhpdocAlignFixer - unicode characters support (SpacePossum) * bug #2399 HashToSlashCommentFixer - Fix edge cases (SpacePossum) * bug #2403 ClassDefinitionFixer - Anonymous classes format by PSR12 (SpacePossum) * bug #2408 SingleClassElementPerStatementFixer, PhpdocSeparationFixer - add missing WhitespacesAwareFixerInterface interface (keradus) * bug #2425 ClassKeywordRemoveFixer - Fix handling leading backslash and comments (SpacePossum) * bug #2430 PhpdocAlignFixer - Fix alignment of variadic params. (SpacePossum) * bug #2437 NoWhitespaceInBlankLineFixer - Fix more cases (SpacePossum) * bug #2444 MbStrFunctionsFixer - handle return reference in method declaration (SpacePossum) * bug #2449 PhpdocAlignFixer - don't crash poorly formatted phpdoc (GrahamCampbell) * bug #2477 BracesFixer - Do not remove white space inside declare statement (SpacePossum) * bug #2481 Fix priorities between declare_strict_types and blank_line_after_opening_tag (juliendufresne, keradus) * bug #2507 NoClosingTagFixer - Do not insert semicolon in comment (SpacePossum) * minor #2347 UPGRADE.md - Fix multi-row description (drAlberT, keradus) * minor #2352 Corrected method visibility (GrahamCampbell) * minor #2353 Fix: Typos (localheinz) * minor #2354 Enhancement: Allow to specify minimum and maximum PHP versions for code samples (localheinz) * minor #2356 Fixed spelling on "blank line" (GrahamCampbell) * minor #2361 ConfigurationResolver - Reject unknown rules (localheinz) * minor #2368 clean ups (SpacePossum, localheinz) * minor #2380 DescribeCommand - filter code samples and output note when none can be demonstrated (localheinz) * minor #2381 Tests - Do not use annotations for asserting exceptions (localheinz, keradus) * minor #2382 Consistently provide a default configuration field (localheinz) * minor #2383 update .php_cs.dist configuration (keradus) * minor #2386 PHP7.1 Integration test - Add features added in PHP7.1. (SpacePossum) * minor #2392 FixCommandHelp - fix typo (keradus) * minor #2393 Remove overcomplete tests (SpacePossum) * minor #2394 Update .gitattributes (SpacePossum) * minor #2395 NoEmptyCommentFixer - Fix typo (fritz-c) * minor #2396 MethodArgumentSpaceFixer - scope down endpoint (SpacePossum) * minor #2397 RuleSet - Check risky (SpacePossum, keradus) * minor #2400 Add Fixer descriptions (SpacePossum) * minor #2401 Fix UPGRADE.md (issei-m) * minor #2405 Transformers - Must be final (SpacePossum) * minor #2406 ProtectedToPrivateFixer - Use backticks for visibility in description (localheinz) * minor #2407 Add tests for not abusing interfaces (keradus) * minor #2410 DX: Keep packages sorted (localheinz) * minor #2412 Enhancement: Add more descriptions (localheinz) * minor #2413 Update Symfony ruleset (fabpot) * minor #2419 README.rst - use double backticks for code pieces in rule descriptions (keradus) * minor #2422 BracesFixer - cleanup code after introducing CT::T_FUNCTION_IMPORT (keradus) * minor #2426 .php_cs.dist - update local CS config (keradus) * minor #2428 SCA with Php Inspections (EA Extended) (kalessil) * minor #2433 AbstractFixerTestCase - give all the details available during catch (Slamdunk) * minor #2434 COOKBOOK-FIXERS.md - Replace reference to outdated class with current (greg0ire) * minor #2436 MethodArgumentSpaceFixer - Remove duplicate class name (greg0ire) * minor #2441 IndentationTypeFixer - Fix description and upgrade guide (SpacePossum) * minor #2443 AppVeyor - update configuration (keradus) * minor #2447 .php_cs.dist - update local CS config (keradus) * minor #2452 Provide rules definitions (keradus) * minor #2455 NoMultilineWhitespaceAroundDoubleArrowFixer - Add missing priority test (SpacePossum) * minor #2466 Provide rules definitions (keradus) * minor #2470 README.rst - explain the usage of "--path-mode" parameter (kalimatas) * minor #2474 Housekeeping (SpacePossum) * minor #2487 UPGRADE.md - Fix typo (SpacePossum) * minor #2493 FixCommand - Output warning message when both config and rules options are passed (SpacePossum) * minor #2496 DX: Travis - check for trailing spaces (keradus) * minor #2499 FileSpecificCodeSample - Specify class name relative to root namespace (localheinz, keradus) * minor #2506 SCA (SpacePossum) * minor #2515 Fix code indentation (keradus) * minor #2521 SCA trailing spces check - ouput lines with trailing white space (SpacePossum) * minor #2522 Fix docs and small code issues (keradus) -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Icalendar-2.1.6-1.el7 (FEDORA-EPEL-2017-57b373cb12) iCalendar API -------------------------------------------------------------------------------- Update Information: **Horde_Icalendar 2.1.6** * [mjr] Fix PHP 5.3 compatibility (Remi Collet). **Horde_Icalendar 2.1.5** * [mjr] Fix calculating timezone offsets when parsing vTimezone components. -------------------------------------------------------------------------------- ================================================================================ php-smbclient-0.9.0-1.el7 (FEDORA-EPEL-2017-48157d812c) PHP wrapper for libsmbclient -------------------------------------------------------------------------------- Update Information: **Version 0.9.0** - fix gh#47 Incorrect function definition for smbclient_read - optimization: enable stream wrapper reusing connections -------------------------------------------------------------------------------- ================================================================================ python-cached_property-1.3.0-7.el7 (FEDORA-EPEL-2017-3d9caeaaae) A cached-property for decorating methods in Python classes -------------------------------------------------------------------------------- Update Information: This update provides a new version of fedfind. The main change is that the synthesized metadata for non-Pungi 4 composes has been enhanced to include a `composeinfo` dict, and `disc_number` items in the image dicts. These changes are necessary for `resultsdb_conventions` to work with the synthesized metadata. Another change is that `fedfind.release.get_release(url='someurl')` will no longer return generic `Pungi4Release` instances for URLs in unknown domains, as Patrick van Uiterwijk suggested it may constitute a potential security problem in some use cases. If this change causes you trouble, please report an issue or contact me and it may be possible to restore the old behaviour as an option. On EPEL 7, there is now a Python 3 build of the fedfind library (currently `python34-fedfind`), and the `fedfind` CLI tool now uses the Python 3 library. The other updated packages also gain Python 3 builds of their libraries (they are all in fedfind's dependency chains). `freezegun` is updated to the last release in the 0.1 series, 0.1.19, which should be compatible with the previously-packaged version (0.1.12). On EPEL 6, the other packages don't change significantly, but the package spec files were adjusted a bit so I went ahead and built the packages. -------------------------------------------------------------------------------- ================================================================================ python-freezegun-0.1.19-1.el7 (FEDORA-EPEL-2017-3d9caeaaae) Let your Python tests travel through time -------------------------------------------------------------------------------- Update Information: This update provides a new version of fedfind. The main change is that the synthesized metadata for non-Pungi 4 composes has been enhanced to include a `composeinfo` dict, and `disc_number` items in the image dicts. These changes are necessary for `resultsdb_conventions` to work with the synthesized metadata. Another change is that `fedfind.release.get_release(url='someurl')` will no longer return generic `Pungi4Release` instances for URLs in unknown domains, as Patrick van Uiterwijk suggested it may constitute a potential security problem in some use cases. If this change causes you trouble, please report an issue or contact me and it may be possible to restore the old behaviour as an option. On EPEL 7, there is now a Python 3 build of the fedfind library (currently `python34-fedfind`), and the `fedfind` CLI tool now uses the Python 3 library. The other updated packages also gain Python 3 builds of their libraries (they are all in fedfind's dependency chains). `freezegun` is updated to the last release in the 0.1 series, 0.1.19, which should be compatible with the previously-packaged version (0.1.12). On EPEL 6, the other packages don't change significantly, but the package spec files were adjusted a bit so I went ahead and built the packages. -------------------------------------------------------------------------------- ================================================================================ python-productmd-1.4-2.el7 (FEDORA-EPEL-2017-3d9caeaaae) Library providing parsers for metadata related to OS installation -------------------------------------------------------------------------------- Update Information: This update provides a new version of fedfind. The main change is that the synthesized metadata for non-Pungi 4 composes has been enhanced to include a `composeinfo` dict, and `disc_number` items in the image dicts. These changes are necessary for `resultsdb_conventions` to work with the synthesized metadata. Another change is that `fedfind.release.get_release(url='someurl')` will no longer return generic `Pungi4Release` instances for URLs in unknown domains, as Patrick van Uiterwijk suggested it may constitute a potential security problem in some use cases. If this change causes you trouble, please report an issue or contact me and it may be possible to restore the old behaviour as an option. On EPEL 7, there is now a Python 3 build of the fedfind library (currently `python34-fedfind`), and the `fedfind` CLI tool now uses the Python 3 library. The other updated packages also gain Python 3 builds of their libraries (they are all in fedfind's dependency chains). `freezegun` is updated to the last release in the 0.1 series, 0.1.19, which should be compatible with the previously-packaged version (0.1.12). On EPEL 6, the other packages don't change significantly, but the package spec files were adjusted a bit so I went ahead and built the packages. -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
