Fedora EPEL 7 updates-testing report
by updates@fedoraproject.org
The following Fedora EPEL 7 Security updates need testing:
Age URL
578 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7
340 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7
59 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-23fa04bf1c redis-3.2.3-1.el7
57 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-4b8dd3488d knot-1.6.8-1.el7
42 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8f4ff76b3 chicken-4.11.0-3.el7
10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-aca1572ceb mingw-gnutls-3.3.24-1.el7
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-28ad6782b3 php-adodb-5.20.6-2.el7
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-208f62faa6 links-2.13-1.el7
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-452534ff97 php-ZendFramework-1.12.20-1.el7
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-39560a2353 mingw-c-ares-1.12.0-1.el7
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-60045af95e mingw-libidn-1.33-1.el7
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-0890ae6d2d nsd-4.1.13-1.el7
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-387d58ef27 chromium-53.0.2785.143-1.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-03fb3c1531 banshee-2.6.2-11.el7 dbus-sharp-0.7.0-15.el7 dbus-sharp-glib-0.5.0-13.el7 gdata-sharp-1.4.0.2-18.el7 gio-sharp-0.3-14.el7 gkeyfile-sharp-0.1-19.el7 gnome-sharp-2.24.2-12.el7 gtk-sharp-beans-2.14.0-17.el7 gtk-sharp2-2.12.26-3.el7 gtk-sharp3-2.99.3-16.el7 gudev-sharp-0.1-18.el7 libappindicator-12.10.0-11.el7 libgpod-0.8.3-8.el7 mono-4.2.4-7.el7 mono-addins-1.1-3.el7 mono-cecil-0.9.6-6.el7 mono-zeroconf-0.9.0-16.el7 notify-sharp-0.4.0-0.26.20100411svn.el7 notify-sharp3-3.0.3-2.el7 nunit-3.5-1.el7 nunit2-2.6.4-14.el7 pinta-1.6-5.el7 taglib-sharp-2.1.0.0-3.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
acme-tiny-0.1-10.20160810git5a7b4e7.el7
drupal7-7.51-1.el7
fedfind-2.5.0-1.el7
fedpkg-copr-0.8-1.el7
guacamole-server-0.9.9-1.el7
libgsasl-1.8.0-8.el7
pdf-stapler-0.3.3-8.el7
php-symfony-2.8.12-2.el7
php-twig-1.26.1-1.el7
python-pyroute2-0.4.9-1.el7
python-sync2jira-0.4-1.el7
relval-2.1.4-1.el7
tito-0.6.7-1.el7
uwsgi-2.0.14-1.el7
x2goserver-4.0.1.19-12.el7
Details about builds:
================================================================================
acme-tiny-0.1-10.20160810git5a7b4e7.el7 (FEDORA-EPEL-2016-f5a987216a)
Tiny auditable script to issue, renew Let's Encrypt certificates
--------------------------------------------------------------------------------
Update Information:
A tiny package to make acme-tiny secure and fire and forget easy on Fedora and
EPEL. Read the README for hints on using acme certs with sendmail, httpd, and
dovecot.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1366355 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1366355
--------------------------------------------------------------------------------
================================================================================
drupal7-7.51-1.el7 (FEDORA-EPEL-2016-5813e2c938)
An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:
https://www.drupal.org/project/drupal/releases/7.51
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1382177 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1382177
--------------------------------------------------------------------------------
================================================================================
fedfind-2.5.0-1.el7 (FEDORA-EPEL-2016-cf25788bac)
Fedora Finder finds Fedora
--------------------------------------------------------------------------------
Update Information:
The major change in this update is that fedfind now has the ability to
effectively override the productmd-formatted metadata provided by Pungi in
specific cases where it's problematic. There is a new helper function,
`helpers.correct_image`, which applies these 'corrections', and the image dicts
returned by the `Release.all_images` property - commonly used for getting a flat
list of image dicts from the compose metadata - now have these corrections
applied. This is intended to work around a [significant
issue](https://pagure.io/pungi/issue/417) that's appeared along with the
introduction of a Workstation ostree installer image for Fedora: pungi sets the
`type` for ostree installer images to `boot`, but that means there is no way to
distinguish a Workstation network install image from a Workstation ostree
install image using the metadata. This is a major problem for several things
which distinguish between images based on the metadata (openQA,
fedora_nightlies, and wikitcms are all affected by this). For now, fedfind will
'correct' the `type` for these images from `boot` to `dvd-ostree`. Note you can
get un'corrected' image dicts from the `Release.metadata` property, which always
provides the original, entirely unmodified metadata. There is also a new
helper, `fedfind.helpers.identify_image`, for constructing image identifiers
from image dicts; this is something various fedfind consumers do, and were
duplicating the code for, so let's let them share it. The relval update adjusts
`relval size-check` for the change (teaching it about the new `dvd-ostree`
type).
--------------------------------------------------------------------------------
================================================================================
fedpkg-copr-0.8-1.el7 (FEDORA-EPEL-2016-17f1f95ea4)
Fedpkg modified to work with copr dist git
--------------------------------------------------------------------------------
Update Information:
New package to interact with copr-dist-git
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1378341 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1378341
--------------------------------------------------------------------------------
================================================================================
guacamole-server-0.9.9-1.el7 (FEDORA-EPEL-2016-78bee79f2d)
Server-side native components that form the Guacamole proxy
--------------------------------------------------------------------------------
Update Information:
Latest upstream release: - Performance enhancements - Completely new interface,
single-tab layout, theming support, better mobile support, wide character
support - Keyboard-interactive auth, HTTP Basic auth - Telnet support - Config
file for guacd, improved keyboard, , C0 control codes, bug fixes. WebSockets by
default - Simultaneous connections, session management, central connection
history, filterable connection/user lists. - Scrollbar for SSH and Telnet. -
PostgreSQL support, database speed improvements - Simpler
installation/configuration - File browsing, VNC audio and file transfer -
Dynamic JPEG/WebP - Improved LDAP support - Lots of bugfixes
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 15 2016 Simone Caronni <negativo17(a)gmail.com> - 0.9.9-1
- Update to 0.9.9.
- Add libwebp as a build requirement.
- Make FreeRDP conditional.
- Add OOSP UUID library build requirement.
- Update environment in service file.
- Use automatic dependency logic for FreeRDP libraries.
- Enable new telnet plugin.
--------------------------------------------------------------------------------
================================================================================
libgsasl-1.8.0-8.el7 (FEDORA-EPEL-2016-f8771016d5)
GNU SASL library
--------------------------------------------------------------------------------
Update Information:
* Enabled GSSAPI support
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1381672 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1381672
--------------------------------------------------------------------------------
================================================================================
pdf-stapler-0.3.3-8.el7 (FEDORA-EPEL-2016-3ceba4626d)
Tool for manipulating PDF documents from the command line
--------------------------------------------------------------------------------
Update Information:
Initial build for EPEL. Synchronized with Fedora 24.
--------------------------------------------------------------------------------
================================================================================
php-symfony-2.8.12-2.el7 (FEDORA-EPEL-2016-c5b86c9ec1)
PHP framework for web projects
--------------------------------------------------------------------------------
Update Information:
**Twig 1.26.1** (2016-10-05) * removed template source code from generated
template classes when debug is disabled * fixed default implementation of
Twig_Template::getDebugInfo() for better BC * fixed regression on static calls
for functions/filters/tests ---- **Twig 1.26.0** (2016-10-02) * added
template cache invalidation based on more environment options * added a missing
deprecation notice * fixed template paths when a template is stored in a PHAR
file * allowed filters/functions/tests implementation to use a different class
than the extension they belong to * deprecated
Twig_ExtensionInterface::getName() ---- **Twig 1.25.0** (2016-09-21) *
changed the way we store template source in template classes * removed usage of
realpath in cache keys * fixed Twig cache sharing when used with different
versions of PHP * removed embed parent workaround for simple use cases *
deprecated the ability to store non Node instances in Node::$nodes * deprecated
Twig_Environment::getLexer(), Twig_Environment::getParser(),
Twig_Environment::getCompiler() * deprecated Twig_Compiler::getFilename() ----
**Symfony 2.8.12** (2016-10-03) * bug #20102 [Validator] Url validator not
validating hosts ending in a number (gwkunze) * bug #20132 Use "more entropy"
option for uniqid() (javiereguiluz) * bug #20122 [Validator] Reset constraint
options (ro0NL) * bug #20116 fixed AddConstraintValidatorsPass config (fabpot)
* bug #20078 Fix #19943 Make sure to process each interface metadata only once
(lemoinem) * bug #20080 [Form] compound forms without children should be
considered rendered implicitly (backbone87) * bug #20087 [VarDumper] Fix PHP
7.1 compat (nicolas-grekas) * bug #20086 [VarDumper] Fix PHP 7.1 compat
(nicolas-grekas) * bug #20077 [Process] silent file operation to avoid open
basedir issues (xabbuh) * bug #20079 fixed Twig support for 1.26 and 2.0
(fabpot) * bug #20051 Fix indexBy type extraction (lemoinem) * bug #19951
[Finder] Trim trailing directory slash in ExcludeDirectoryFilterIterator (ro0NL)
* bug #20018 [VarDumper] Fix test (nicolas-grekas) * bug #20011 Use UUID for
error codes for Form validator. (Koc) * bug #20010 [DX] Fixed regression when
exception message swallowed when logging it. (Koc) * bug #19983 [TwigBridge]
removed Twig null nodes (deprecated as of Twig 1.25) (fabpot) * bug #19946
[Console] Fix parsing optionnal options with empty value in argv (chalasr) *
bug #19636 [Finder] no PHP warning on empty directory iteration (ggottwald) *
bug #19923 [bugfix] [Console] Set `Input::$interactive` to `false` when command
is executed with `--quiet` as verbosity level (phansys) * bug #19811 Fixed the
nullable support for php 7.1 and below (2.7, 2.8, 3.0) (iltar) * bug #19853
[PropertyInfo] Make ReflectionExtractor compatible with ReflectionType changes
in PHP 7.1 (teohhanhui) * bug #19904 [Form] Fixed collapsed ChoiceType options
attributes (HeahDude) * bug #19908 [Config] Handle open_basedir restrictions in
FileLocator (Nicofuma) * bug #19924 [DoctrineBridge][PropertyInfo] Treat
Doctrine decimal type as string (teohhanhui) * bug #19932 Fixed bad merge
(GrahamCampbell) * bug #19922 [Yaml][TwigBridge] Use JSON_UNESCAPED_SLASHES for
lint commands output (chalasr) * bug #19928 [Validator] Update IpValidatorTest
data set with a valid reserved IP (jakzal) * bug #19813 [Console] fixed PHP7
Errors are now handled and converted to Exceptions (fonsecas72) * bug #19879
[Form] Incorrect timezone with DateTimeLocalizedStringTransformer (mbeccati) *
bug #19878 Fix translation:update command count (tgalopin)
--------------------------------------------------------------------------------
================================================================================
php-twig-1.26.1-1.el7 (FEDORA-EPEL-2016-c5b86c9ec1)
The flexible, fast, and secure template engine for PHP
--------------------------------------------------------------------------------
Update Information:
**Twig 1.26.1** (2016-10-05) * removed template source code from generated
template classes when debug is disabled * fixed default implementation of
Twig_Template::getDebugInfo() for better BC * fixed regression on static calls
for functions/filters/tests ---- **Twig 1.26.0** (2016-10-02) * added
template cache invalidation based on more environment options * added a missing
deprecation notice * fixed template paths when a template is stored in a PHAR
file * allowed filters/functions/tests implementation to use a different class
than the extension they belong to * deprecated
Twig_ExtensionInterface::getName() ---- **Twig 1.25.0** (2016-09-21) *
changed the way we store template source in template classes * removed usage of
realpath in cache keys * fixed Twig cache sharing when used with different
versions of PHP * removed embed parent workaround for simple use cases *
deprecated the ability to store non Node instances in Node::$nodes * deprecated
Twig_Environment::getLexer(), Twig_Environment::getParser(),
Twig_Environment::getCompiler() * deprecated Twig_Compiler::getFilename() ----
**Symfony 2.8.12** (2016-10-03) * bug #20102 [Validator] Url validator not
validating hosts ending in a number (gwkunze) * bug #20132 Use "more entropy"
option for uniqid() (javiereguiluz) * bug #20122 [Validator] Reset constraint
options (ro0NL) * bug #20116 fixed AddConstraintValidatorsPass config (fabpot)
* bug #20078 Fix #19943 Make sure to process each interface metadata only once
(lemoinem) * bug #20080 [Form] compound forms without children should be
considered rendered implicitly (backbone87) * bug #20087 [VarDumper] Fix PHP
7.1 compat (nicolas-grekas) * bug #20086 [VarDumper] Fix PHP 7.1 compat
(nicolas-grekas) * bug #20077 [Process] silent file operation to avoid open
basedir issues (xabbuh) * bug #20079 fixed Twig support for 1.26 and 2.0
(fabpot) * bug #20051 Fix indexBy type extraction (lemoinem) * bug #19951
[Finder] Trim trailing directory slash in ExcludeDirectoryFilterIterator (ro0NL)
* bug #20018 [VarDumper] Fix test (nicolas-grekas) * bug #20011 Use UUID for
error codes for Form validator. (Koc) * bug #20010 [DX] Fixed regression when
exception message swallowed when logging it. (Koc) * bug #19983 [TwigBridge]
removed Twig null nodes (deprecated as of Twig 1.25) (fabpot) * bug #19946
[Console] Fix parsing optionnal options with empty value in argv (chalasr) *
bug #19636 [Finder] no PHP warning on empty directory iteration (ggottwald) *
bug #19923 [bugfix] [Console] Set `Input::$interactive` to `false` when command
is executed with `--quiet` as verbosity level (phansys) * bug #19811 Fixed the
nullable support for php 7.1 and below (2.7, 2.8, 3.0) (iltar) * bug #19853
[PropertyInfo] Make ReflectionExtractor compatible with ReflectionType changes
in PHP 7.1 (teohhanhui) * bug #19904 [Form] Fixed collapsed ChoiceType options
attributes (HeahDude) * bug #19908 [Config] Handle open_basedir restrictions in
FileLocator (Nicofuma) * bug #19924 [DoctrineBridge][PropertyInfo] Treat
Doctrine decimal type as string (teohhanhui) * bug #19932 Fixed bad merge
(GrahamCampbell) * bug #19922 [Yaml][TwigBridge] Use JSON_UNESCAPED_SLASHES for
lint commands output (chalasr) * bug #19928 [Validator] Update IpValidatorTest
data set with a valid reserved IP (jakzal) * bug #19813 [Console] fixed PHP7
Errors are now handled and converted to Exceptions (fonsecas72) * bug #19879
[Form] Incorrect timezone with DateTimeLocalizedStringTransformer (mbeccati) *
bug #19878 Fix translation:update command count (tgalopin)
--------------------------------------------------------------------------------
================================================================================
python-pyroute2-0.4.9-1.el7 (FEDORA-EPEL-2016-20ae3aadc7)
Pure Python netlink library
--------------------------------------------------------------------------------
Update Information:
critical fd leak fix ---- uplift to 0.4.x ---- critical NetNS fd leak fix
--------------------------------------------------------------------------------
================================================================================
python-sync2jira-0.4-1.el7 (FEDORA-EPEL-2016-610f574584)
Sync pagure and github issues to jira, via fedmsg
--------------------------------------------------------------------------------
Update Information:
Handle different jira-python versions. ---- Better handling of unique links.
--------------------------------------------------------------------------------
================================================================================
relval-2.1.4-1.el7 (FEDORA-EPEL-2016-cf25788bac)
Tool for interacting with Fedora QA wiki pages
--------------------------------------------------------------------------------
Update Information:
The major change in this update is that fedfind now has the ability to
effectively override the productmd-formatted metadata provided by Pungi in
specific cases where it's problematic. There is a new helper function,
`helpers.correct_image`, which applies these 'corrections', and the image dicts
returned by the `Release.all_images` property - commonly used for getting a flat
list of image dicts from the compose metadata - now have these corrections
applied. This is intended to work around a [significant
issue](https://pagure.io/pungi/issue/417) that's appeared along with the
introduction of a Workstation ostree installer image for Fedora: pungi sets the
`type` for ostree installer images to `boot`, but that means there is no way to
distinguish a Workstation network install image from a Workstation ostree
install image using the metadata. This is a major problem for several things
which distinguish between images based on the metadata (openQA,
fedora_nightlies, and wikitcms are all affected by this). For now, fedfind will
'correct' the `type` for these images from `boot` to `dvd-ostree`. Note you can
get un'corrected' image dicts from the `Release.metadata` property, which always
provides the original, entirely unmodified metadata. There is also a new
helper, `fedfind.helpers.identify_image`, for constructing image identifiers
from image dicts; this is something various fedfind consumers do, and were
duplicating the code for, so let's let them share it. The relval update adjusts
`relval size-check` for the change (teaching it about the new `dvd-ostree`
type).
--------------------------------------------------------------------------------
================================================================================
tito-0.6.7-1.el7 (FEDORA-EPEL-2016-7ac8777d37)
A tool for managing rpm based git projects
--------------------------------------------------------------------------------
Update Information:
- Hookup tito's --no-cleanup with rpmbuild's --noclean. (dgoodwin(a)redhat.com) -
Print package manager output in _auto_install (frostyx(a)email.cz) - Use 'dnf
reinstall' when package is already installed (frostyx(a)email.cz) - Install
packages via DNF if available (frostyx(a)email.cz) - CentOS uses yum
(miroslav(a)suchy.cz) - Allow customizing git commit message (lsedlar(a)redhat.com)
- README.md: Also link to Fedora wiki page collection of these tools
(walters(a)verbum.org) - mv rel-eng/ .tito/ (msuchy(a)redhat.com) - buildroot tag is
not needed for ages (msuchy(a)redhat.com) - better release number for untagged
packages (msuchy(a)redhat.com) - Only pass one project_name to copr build command
(dominic(a)cleal.org) - remove dependency on yum-utils (msuchy(a)redhat.com) ----
Added ability to specify changelog lines on tagging CLI with --changelog (can be
used multple times), and support for the new %autosetup macro.
--------------------------------------------------------------------------------
================================================================================
uwsgi-2.0.14-1.el7 (FEDORA-EPEL-2016-82f3151d61)
Fast, self-healing, application container server
--------------------------------------------------------------------------------
Update Information:
Updated to latest upstream stable + more fixes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1325524 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1325524
[ 2 ] Bug #1339558 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1339558
--------------------------------------------------------------------------------
================================================================================
x2goserver-4.0.1.19-12.el7 (FEDORA-EPEL-2016-ef7d22a52a)
X2Go Server
--------------------------------------------------------------------------------
Update Information:
- Fix x2golistdesktops on EL7 (bug #1371690) - Add upstream patch to drop
blowfish cipher (bug #1350014) - Add requires grep (bug #1319154)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1371690 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1371690
--------------------------------------------------------------------------------