The following Fedora EPEL 6 Security updates need testing:
Age URL
234 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828 chicken-4.9.0.1-4.el6
217 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6
211 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6
142 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8148 optipng-0.7.5-5.el6
142 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6
101 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6
72 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-579c4e2951 prosody-0.9.10-1.el6
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6eee18cd6e phpMyAdmin-4.0.10.14-1.el6
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-eb496fe204 python-pymongo-2.5.2-3.el6.1
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-cd56c646d5 wordpress-4.4.2-1.el6
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-cb3b95bd2f firebird-2.5.5.26952.0-2.el6
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8aee7a9340 php-horde-horde-5.2.9-1.el6
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-f61ec30f9f poco-1.4.2p1-3.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
R-qtl-1.38.4-1.el6
epel-rpm-macros-6-4
gtk-gnutella-1.1.8-1.el6
holland-1.0.12-3.el6
php-horde-mnemo-4.2.9-1.el6
php-horde-nag-4.2.7-1.el6
php-horde-turba-4.2.12-1.el6
poco-1.4.2p1-3.el6
python-nitrate-1.3-1.el6
python-rsa-3.3-5.el6
python-sphinx_rtd_theme-0.1.8-4.el6
retrace-server-1.13-2.el6
Details about builds:
================================================================================
R-qtl-1.38.4-1.el6 (FEDORA-EPEL-2016-06aa15dcce)
Tools for analyzing QTL experiments
--------------------------------------------------------------------------------
Update Information:
Version 1.38, 2015-12-03 Major changes: * Get rid of everything to do with
degrees of freedom in scanone and scantwo. The checks seem to offer little
value but rather produce cryptic warnings that confuse many users. * Fixed a
bug in scanone() when using weights with multiple phenotypes when some of the
phenotypes contain missing values. Minor changes: * In plotLodProfile, if col
has length > 1 but no equal to the number of QTL, give a warning, but either
repeat or subset the vector rather than just using the first value. *
Modified read.cross with format "mm" to handle files with "bc" where we
usually see "backcross".
--------------------------------------------------------------------------------
================================================================================
epel-rpm-macros-6-4 (FEDORA-EPEL-2016-9e5249d510)
Extra Packages for Enterprise Linux RPM macros
--------------------------------------------------------------------------------
Update Information:
This update attempts to work around issues when building with the SCL macros
installed, and also significantly simplifies the %license macro definition.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1301358 - Broken SCL build
https://bugzilla.redhat.com/show_bug.cgi?id=1301358
--------------------------------------------------------------------------------
================================================================================
gtk-gnutella-1.1.8-1.el6 (FEDORA-EPEL-2016-61312ae8c5)
GUI based Gnutella Client
--------------------------------------------------------------------------------
Update Information:
Update to 1.1.8
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1300181 - [abrt] gtk-gnutella: crash_handler(): gtk-gnutella killed by SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=1300181
--------------------------------------------------------------------------------
================================================================================
holland-1.0.12-3.el6 (FEDORA-EPEL-2016-0b5dd66ba7)
Pluggable Backup Framework
--------------------------------------------------------------------------------
Update Information:
backwards compatible 1.0.12 update, see [full changelog](https://github.com
/holland-backup/holland/blob/master/CHANGES.rst#1012---feb-8-2016)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1306039 - holland-1.0.12 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1306039
--------------------------------------------------------------------------------
================================================================================
php-horde-mnemo-4.2.9-1.el6 (FEDORA-EPEL-2016-5c8c0ab873)
A web based notes manager
--------------------------------------------------------------------------------
Update Information:
**Mnemo 4.2.9** * [jan] Use access rules compatible with both Apache 2.2 and
2.4. * [mjr] Fix fatal error when removing notepads in certain cases.
--------------------------------------------------------------------------------
================================================================================
php-horde-nag-4.2.7-1.el6 (FEDORA-EPEL-2016-8f97d22430)
A web based task list manager
--------------------------------------------------------------------------------
Update Information:
**Nag 4.2.7** * [mjr] Enforce child tasks must be completed before parent tasks
in edit form (Bug #12308). * [jan] Use access rules compatible with both Apache
2.2 and 2.4. * [mjr] Fix possible fatal error due to tasks created with an alarm
but no due date (Bug #14214). * [mjr] Fix storage of parent field when using
Kolab driver (Bug #14197, mike.gabriel(a)das-netzwerkteam.de) * [mjr] Fix
switching tab/filters when using Kolab driver (Bug #14196, mike.gabriel@das-
netzwerkteam.de). * [mjr] Fix moving subtasks to another tasklist when parent
task is moved (Bug #14209). * [mjr] Fix fatal error when saving tasks when
system shares are present in certain cases. * [mjr] Return recurring tasks via
listTimeObjects API (Bug #14137). * [mjr] Prevent orphaning tasks via the API.
--------------------------------------------------------------------------------
================================================================================
php-horde-turba-4.2.12-1.el6 (FEDORA-EPEL-2016-9812071919)
A web based address book
--------------------------------------------------------------------------------
Update Information:
**Turba 4.2.12** * [jan] Fix building search query if some fields are set for
strict search (Bug #12272). * [jan] Use access rules compatible with both Apache
2.2 and 2.4. * [mjr] Fix splitting tags over ActiveSync (Bug #14218). * [mjr]
Fix searching within virtual address books (Bug #14155). * [mjr] Fix import of
vCard with single component via API.
--------------------------------------------------------------------------------
================================================================================
poco-1.4.2p1-3.el6 (FEDORA-EPEL-2016-f61ec30f9f)
C++ class libraries for network-centric applications
--------------------------------------------------------------------------------
Update Information:
Apply patch for CVE-2014-0350 (#1091814)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1091812 - CVE-2014-0350 poco: certificate validation issue
https://bugzilla.redhat.com/show_bug.cgi?id=1091812
--------------------------------------------------------------------------------
================================================================================
python-nitrate-1.3-1.el6 (FEDORA-EPEL-2016-687d19409b)
Python API for the Nitrate test case management system
--------------------------------------------------------------------------------
Update Information:
Package nitrate for PyPI, several bug fixes, docs update - Better handle non-
existent objects [BZ#1204028] - Correctly handle no caseplan found [BZ#1171671]
- Typo fix in the TestPlan's _attributes [BZ#1304295] - Make sure that
PlanStatus id type is int - Include example config in documentation [BZ#1098818]
- Handle duplicate entry errors gracefully [BZ#1112521] -
TestCase.{setup,action,effect,breakdown} attributes [BZ#1089039] - Map
automated/manual when searching test cases [BZ#1092464] - Iterate over PlanRuns
sorted by id/creation - Indexing support for containers - Separate methods for
locking, handle corrupted cache - Limit cache writing window (chance of
corruption) [BZ#1091404] - Ignore malformed and stale cache locks [BZ#1091404] -
Workaround Teiid problem with converting time [BZ#1093054]
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1204028 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1204028
[ 2 ] Bug #1171671 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1171671
[ 3 ] Bug #1304295 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1304295
[ 4 ] Bug #1098818 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1098818
[ 5 ] Bug #1112521 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1112521
[ 6 ] Bug #1089039 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1089039
[ 7 ] Bug #1092464 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1092464
[ 8 ] Bug #1091404 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1091404
[ 9 ] Bug #1093054 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1093054
--------------------------------------------------------------------------------
================================================================================
python-rsa-3.3-5.el6 (FEDORA-EPEL-2016-68c802bce8)
Pure-Python RSA implementation
--------------------------------------------------------------------------------
Update Information:
Fix update from python-rsa to python2-rsa
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1305644 - Incorrect renaming handling breaks python-rsa -> python2-rsa upgrades
https://bugzilla.redhat.com/show_bug.cgi?id=1305644
--------------------------------------------------------------------------------
================================================================================
python-sphinx_rtd_theme-0.1.8-4.el6 (FEDORA-EPEL-2015-f7f062def8)
Sphinx theme for readthedocs.org
--------------------------------------------------------------------------------
Update Information:
Add Requires: fontawesome-web (rhbz#1282297)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1282297 - Missing dependency on fontawesome-fonts-web
https://bugzilla.redhat.com/show_bug.cgi?id=1282297
--------------------------------------------------------------------------------
================================================================================
retrace-server-1.13-2.el6 (FEDORA-EPEL-2016-d9520d4dc1)
Application for remote coredump analysis
--------------------------------------------------------------------------------
Update Information:
New upstream release that fixes several usability issues.
--------------------------------------------------------------------------------
The following Fedora EPEL 7 Security updates need testing:
Age URL
338 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7
100 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7
11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-69b4d0e57c prosody-0.9.10-1.el7
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-5aba523f53 phpMyAdmin-4.4.15.4-1.el7
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-a65d7ed780 python-pymongo-2.5.2-4.el7
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-638137e4de wordpress-4.4.2-1.el7
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-c8f005b596 mingw-curl-7.47.0-1.el7
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-a140bf655b mingw-libpng-1.6.21-1.el7
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6a9bb3d488 mingw-libxml2-2.9.3-1.el7
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6d2a530b12 mingw-pcre-8.38-1.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-2d8fa2e036 firebird-2.5.5.26952.0-2.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-23f4cb12a2 php-horde-horde-5.2.9-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
firebird-2.5.5.26952.0-2.el7
freight-0.3.5-9.el7
libmediainfo-0.7.82-1.el7
mediainfo-0.7.82-1.el7
mingw-crt-4.0.4-3.el7
mingw-headers-4.0.4-5.el7
php-horde-Horde-Cache-2.5.2-1.el7
php-horde-Horde-Core-2.22.6-1.el7
php-horde-Horde-Crypt-2.7.0-1.el7
php-horde-Horde-Date-2.2.0-1.el7
php-horde-Horde-Db-2.3.1-1.el7
php-horde-Horde-Form-2.0.12-1.el7
php-horde-Horde-Http-2.1.6-1.el7
php-horde-Horde-Imap-Client-2.29.5-1.el7
php-horde-Horde-Mime-Viewer-2.1.2-1.el7
php-horde-Horde-Service-Weather-2.3.2-1.el7
php-horde-Horde-SyncMl-2.0.6-1.el7
php-horde-Horde-Timezone-1.0.10-1.el7
php-horde-Horde-Vfs-2.3.1-1.el7
php-horde-horde-5.2.9-1.el7
php-horde-imp-6.2.12-1.el7
php-horde-ingo-3.2.8-1.el7
php-horde-kronolith-4.2.13-1.el7
php-nette-deprecated-2.3.2-1.el7
python-binaryornot-0.4.0-2.el7
python-hypothesis-1.11.2-3.el7
rubygem-cookiejar-0.3.2-8.el7
rubygem-em-socksify-0.3.0-11.el7
rubygem-net-ping-1.7.7-2.el7
rubygem-plist-3.2.0-1.el7
sword-1.7.4-6.el7
tracer-0.6.7-2.el7
xiphos-4.0.4-3.el7
Details about builds:
================================================================================
firebird-2.5.5.26952.0-2.el7 (FEDORA-EPEL-2016-2d8fa2e036)
SQL relational database management system
--------------------------------------------------------------------------------
Update Information:
move fb_config (#1297506)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1297447 - CVE-2016-1569 firebird: authenticated remote crash by gbak invocation
https://bugzilla.redhat.com/show_bug.cgi?id=1297447
--------------------------------------------------------------------------------
================================================================================
freight-0.3.5-9.el7 (FEDORA-EPEL-2016-e3fc9652cf)
A modern take on the Debian archive
--------------------------------------------------------------------------------
Update Information:
- Fix compatibility with apt 1.1 (Debian Stretch, Ubuntu Xenial)
--------------------------------------------------------------------------------
================================================================================
libmediainfo-0.7.82-1.el7 (FEDORA-EPEL-2016-695ea1c57f)
Library for supplies technical and tag information about a video or audio file
--------------------------------------------------------------------------------
Update Information:
Update to 0.7.82.
--------------------------------------------------------------------------------
================================================================================
mediainfo-0.7.82-1.el7 (FEDORA-EPEL-2016-695ea1c57f)
Supplies technical and tag information about a video or audio file (CLI)
--------------------------------------------------------------------------------
Update Information:
Update to 0.7.82.
--------------------------------------------------------------------------------
================================================================================
mingw-crt-4.0.4-3.el7 (FEDORA-EPEL-2016-2a2482c847)
MinGW Windows cross-compiler runtime
--------------------------------------------------------------------------------
Update Information:
Backported various commits which are required to build wine-gecko 2.44
--------------------------------------------------------------------------------
================================================================================
mingw-headers-4.0.4-5.el7 (FEDORA-EPEL-2016-2a2482c847)
Win32/Win64 header files
--------------------------------------------------------------------------------
Update Information:
Backported various commits which are required to build wine-gecko 2.44
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Cache-2.5.2-1.el7 (FEDORA-EPEL-2016-75b5bcd323)
Horde Caching API
--------------------------------------------------------------------------------
Update Information:
**Horde_Cache 2.5.2** * [jan] Improve performance and memory consumption of
garbage collection in File driver. * [jan] Fix garbage collection in File
driver. * [jan] Fix caching issues within the same request in the Memcache
driver. * [jan] Fix the Mongo driver's expire() if not using a logger. * [jan]
Add unit tests.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Core-2.22.6-1.el7 (FEDORA-EPEL-2016-6d0474dbf9)
Horde Core Framework libraries
--------------------------------------------------------------------------------
Update Information:
**Horde_Core 2.22.6** * [mjr] Improvements to GHOSTED/SUPPORTED handling for
ActiveSync. * [mjr] Do not throw a fatal error if a meeting request can not be
deleted after responding to it. * [mjr] Changes for EAS 16.0 support. * [mjr]
Honor the disabled property when rendering boolean form types. * [jan] Fix
returning to last page after problem reporting from AJAX pages (Bug #12112). *
[jan] Fix updating group cache with LDAP backend. * [jan]
Horde_Registry_Nlsconfig#validLang() checks now if a locale is installed
(Request #10457). * [jan] Mark PHP 7 as supported. * [jan] Add option to always
lowercase user names after logging in.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Crypt-2.7.0-1.el7 (FEDORA-EPEL-2016-b121534f62)
Horde Cryptography API
--------------------------------------------------------------------------------
Update Information:
**Horde_Crypt 2.7.0** * [jan] Add
Horde_Crypt_Pgp::pgpPacketInformationMultiple() and
Horde_Crypt_Pgp_Backend_Binary::packetInfoMultiple() (Request #13190). * [jan]
Fix retrieving PGP keys from the keyserver with certain HTTP client backends. *
[jan] Fix creating PGP keys with comments (Bug #14125). * [jan] Mark PHP 7 as
supported.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Date-2.2.0-1.el7 (FEDORA-EPEL-2016-644b8bf912)
Horde Date package
--------------------------------------------------------------------------------
Update Information:
**Horde_Date 2.2.0** * [mjr] Add Horde_Date_Recurrence::isEqual(). * [jan] Mark
PHP 7 as supported.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Db-2.3.1-1.el7 (FEDORA-EPEL-2016-373b359e6e)
Horde Database Libraries
--------------------------------------------------------------------------------
Update Information:
**Horde_Db 2.3.1** * [jan] Bump earliest supported PostgreSQL version to 8.3. *
[jan] Improve getting tables and indexes from PostgreSQL servers (Ivan Sergio
Borgonovo). * [jan] Mark PHP 7 as supported.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Form-2.0.12-1.el7 (FEDORA-EPEL-2016-581de4be55)
Horde Form API
--------------------------------------------------------------------------------
Update Information:
**Horde_Form 2.0.12** * [jan] Fix field types being overwritten in certain
cases. * [jan] Allow any empty format specifiers for the monthdayyear field (Bug
#14130). * [jan] Mark PHP 7 as supported.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Http-2.1.6-1.el7 (FEDORA-EPEL-2016-a867aa1f97)
Horde HTTP libraries
--------------------------------------------------------------------------------
Update Information:
**Horde_Http 2.1.6** * [jan] Fix disabling SSL certificate hostname check
(Thomas Jarosch Bug #12929). * [jan] Mark PHP 7 as supported.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Imap-Client-2.29.5-1.el7 (FEDORA-EPEL-2016-42dc0aebff)
Horde IMAP abstraction interface
--------------------------------------------------------------------------------
Update Information:
**Horde_Imap_Client 2.29.5** * [jan] Don't try LOGIN authentication over secure
connections if explicitly disabled. * [jan] Mark PHP 7 as supported. * [jan]
Improve Oracle compatibility. * [mjr] Fix fatal error during shutdown due to
incorrect exception name. * [jan] Fix broken ID requests under certain
circumstances.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Mime-Viewer-2.1.2-1.el7 (FEDORA-EPEL-2016-d6e1d29cdd)
Horde MIME Viewer Library
--------------------------------------------------------------------------------
Update Information:
**Horde_Mime_Viewer 2.1.2** * [jan] Add temp_dir configuration parameter to
OpenOffice/LibreOffice viewer (Request #11756). * [jan] Mark PHP 7 as supported.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Service-Weather-2.3.2-1.el7 (FEDORA-EPEL-2016-cc7d8b2ae0)
Horde Weather Provider
--------------------------------------------------------------------------------
Update Information:
**Horde_Service_Weather 2.3.2** * [jan] Catch Horde_Date exceptions and try
harder to provide dates for weather alerts. * [jan] Mark PHP 7 as supported.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-SyncMl-2.0.6-1.el7 (FEDORA-EPEL-2016-9968f93369)
Horde_SyncMl provides an API for processing SyncML requests
--------------------------------------------------------------------------------
Update Information:
**Horde_SyncMl 2.0.6** * [jan] Split large objects into multiple messages
(thomas(a)trethan.net, Request #11071). * [jan] Remove workarounds for ancient
Synthesis clients (Bug #10942). * [jan] Mark PHP 7 as supported.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Timezone-1.0.10-1.el7 (FEDORA-EPEL-2016-5d4c596775)
Timezone library
--------------------------------------------------------------------------------
Update Information:
**Horde_Timezone 1.0.10** * [mjr] Fix generation of broken VTIMEZONE components
for certain Rules (Bug #14221). * [jan] Mark PHP 7 as supported.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Vfs-2.3.1-1.el7 (FEDORA-EPEL-2016-dfb0f8b6d0)
Virtual File System API
--------------------------------------------------------------------------------
Update Information:
**Horde_Vfs 2.3.1** * [jan] Mark PHP 7 as supported. * small bugfix
--------------------------------------------------------------------------------
================================================================================
php-horde-horde-5.2.9-1.el7 (FEDORA-EPEL-2016-23f4cb12a2)
Horde Application Framework
--------------------------------------------------------------------------------
Update Information:
**horde 5.2.9** * [jan] SECURITY: Fix XSS vulnerability in menu bar exposed by
few applications (Bug #14213). * [jan] Add more detailed user DN settings to
Kolab group configuration (Request #11737). * [jan] Fix returning to last page
after problem reporting from AJAX pages (Bug #12112). * [jan] Fix custom
database configuration for groups (Bug #11664). * [jan] Use access rules
compatible with both Apache 2.2 and 2.4. * [mjr] Fix reporting results for non-
select queries in administrative sql shell (Bug #14216).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1304397 - CVE-2016-2228 php-horde: reflected cross-site scripting
https://bugzilla.redhat.com/show_bug.cgi?id=1304397
[ 2 ] Bug #1305597 - CVE-2015-8807 php-horde-Horde: Cross-site scripting in _renderVarInput_number
https://bugzilla.redhat.com/show_bug.cgi?id=1305597
--------------------------------------------------------------------------------
================================================================================
php-horde-imp-6.2.12-1.el7 (FEDORA-EPEL-2016-9af08e2e42)
A web based webmail system
--------------------------------------------------------------------------------
Update Information:
**imp 6.2.12** * [jan] Don't strip PGP mime parts when saving sent messages
(Bug #14233). * [jan] Fix retrieving public PGP keys with certain HTTP client
backends. * [jan] Send MDNs from the correct identity (Bug #14034). * [jan] Fix
autocompleter filtering if items exceed the maximum size (jsveiga(a)it.eng.br, Bug
#13984). * [jan] Use access rules compatible with both Apache 2.2 and 2.4. *
[jan] Allow to disable remote accounts by locking the preference. * [jan] Fix
setting title with newmail count in IE11 and Edge (Bug #14189). * [jan] Fix
wrapping of plain text converted from HTML MIME parts.
--------------------------------------------------------------------------------
================================================================================
php-horde-ingo-3.2.8-1.el7 (FEDORA-EPEL-2016-460b51ea7f)
An email filter rules manager
--------------------------------------------------------------------------------
Update Information:
**Ingo 3.2.8** * [jan] Fix editing shared rulesets (Bug #12694). * [jan] Allow
to edit permissions of another user's rules if that user assigned ownership. *
[jan] Use access rules compatible with both Apache 2.2 and 2.4. * [jan] Fix
variable name in vacation_addresses hook example. * [jan] Correctly save names
of mailbox created from the rule form (Bug #14150). * [mjr] Fix invalid URLs in
certain forms when cookies are disabled (Bug #14148).
--------------------------------------------------------------------------------
================================================================================
php-horde-kronolith-4.2.13-1.el7 (FEDORA-EPEL-2016-5178df8ea9)
A web based calendar
--------------------------------------------------------------------------------
Update Information:
**Kronolith 4.2.13** * [mjr] Add missing EAS ghosted property support for all
EAS versions. Prevents potential loss of event data during synchronization.
**Kronolith 4.2.12** * [mjr] Fix missing truncated event description when using
ActiveSync. * [jan] Fix week number in basic view if week starts on Sundays. *
[mjr] Fix issue where new event could be created with exceptions from previously
edited event. * [jan] Mark preferences only available in basic mode. * [jan] Use
access rules compatible with both Apache 2.2 and 2.4. * [jan] Fix accidental
deletion of events if importing recurring events without a UID attribute (Bug
#14208). * [mjr] Honor confirm_delete preference in dynamic view (Bug #14188). *
[mjr] Correctly deal with cancelled meetings via ActiveSync. * [mjr] Fix
visibility of alarm titles when alarm is generated via CLI (Bug #14154). * [mjr]
Fix display of embed code by adding the full url.
--------------------------------------------------------------------------------
================================================================================
php-nette-deprecated-2.3.2-1.el7 (FEDORA-EPEL-2016-5163d91411)
APIs and features removed from Nette Framework
--------------------------------------------------------------------------------
Update Information:
APIs and features removed from Nette Framework. To use this library, you just
have to add, in your project: require_once
'/usr/share/php/Nette/Deprecated/autoload.php';
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1277478 - Review Request: php-nette-deprecated - APIs and features removed from Nette Framework
https://bugzilla.redhat.com/show_bug.cgi?id=1277478
--------------------------------------------------------------------------------
================================================================================
python-binaryornot-0.4.0-2.el7 (FEDORA-EPEL-2016-d302423db2)
A pure Python package to check if a file is binary or text
--------------------------------------------------------------------------------
Update Information:
Initial import of the package python-binaryornot
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1286119 - Review Request: python-binaryornot - A pure Python package to check if a file is binary or text
https://bugzilla.redhat.com/show_bug.cgi?id=1286119
--------------------------------------------------------------------------------
================================================================================
python-hypothesis-1.11.2-3.el7 (FEDORA-EPEL-2016-044b4fda3e)
A library for property based testing
--------------------------------------------------------------------------------
Update Information:
First build of python-hypothesis for EPEL7
--------------------------------------------------------------------------------
================================================================================
rubygem-cookiejar-0.3.2-8.el7 (FEDORA-EPEL-2016-f20e99808e)
Parsing and returning cookies in Ruby
--------------------------------------------------------------------------------
Update Information:
Updates for EPEL7
--------------------------------------------------------------------------------
================================================================================
rubygem-em-socksify-0.3.0-11.el7 (FEDORA-EPEL-2016-15b90e6786)
Transparent proxy support for any EventMachine protocol
--------------------------------------------------------------------------------
Update Information:
Updated for EPEL7
--------------------------------------------------------------------------------
================================================================================
rubygem-net-ping-1.7.7-2.el7 (FEDORA-EPEL-2016-1fc522e0fa)
A ping interface for Ruby
--------------------------------------------------------------------------------
Update Information:
Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rubygem-plist-3.2.0-1.el7 (FEDORA-EPEL-2016-6d72c8ecc4)
All-purpose Property List manipulation library
--------------------------------------------------------------------------------
Update Information:
initial spec file for branch epel 7
--------------------------------------------------------------------------------
================================================================================
sword-1.7.4-6.el7 (FEDORA-EPEL-2016-0cf47875b0)
Free Bible Software Project
--------------------------------------------------------------------------------
Update Information:
Backport 1.7.4 to EPEL
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1256490 - Package also Python, Perl and Java bindings
https://bugzilla.redhat.com/show_bug.cgi?id=1256490
--------------------------------------------------------------------------------
================================================================================
tracer-0.6.7-2.el7 (FEDORA-EPEL-2016-d0a431ea5e)
Finds outdated running applications in your system
--------------------------------------------------------------------------------
Update Information:
New upstream release. - Recognize root user from -r or --root arguments; Fix
#51 - Don't force root, rather catch exceptions; See #49 - Use non-zero exit
codes to indicate various situations; See #46 - Fix unicode error from
raw_input (RhBug:1279409) - Change distro name retrieval to try to read /etc
/os-release first
--------------------------------------------------------------------------------
================================================================================
xiphos-4.0.4-3.el7 (FEDORA-EPEL-2016-f6a8d40a18)
Bible study and research tool
--------------------------------------------------------------------------------
Update Information:
Exclude ppc64 from EPEL for lack of gtkhtml3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1214009 - Doesn���t build on ppc* for EPEL
https://bugzilla.redhat.com/show_bug.cgi?id=1214009
--------------------------------------------------------------------------------
The following Fedora EPEL 6 Security updates need testing:
Age URL
234 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828 chicken-4.9.0.1-4.el6
216 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6
210 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6
142 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8148 optipng-0.7.5-5.el6
142 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6
100 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6
72 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-579c4e2951 prosody-0.9.10-1.el6
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6eee18cd6e phpMyAdmin-4.0.10.14-1.el6
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-eb496fe204 python-pymongo-2.5.2-3.el6.1
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-cd56c646d5 wordpress-4.4.2-1.el6
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-cb3b95bd2f firebird-2.5.5.26952.0-2.el6
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8aee7a9340 php-horde-horde-5.2.9-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
firebird-2.5.5.26952.0-2.el6
freight-0.3.5-6.el6
libmediainfo-0.7.82-1.el6
mediainfo-0.7.82-1.el6
php-horde-Horde-Cache-2.5.2-1.el6
php-horde-Horde-Core-2.22.6-1.el6
php-horde-Horde-Crypt-2.7.0-1.el6
php-horde-Horde-Date-2.2.0-1.el6
php-horde-Horde-Db-2.3.1-1.el6
php-horde-Horde-Form-2.0.12-1.el6
php-horde-Horde-Http-2.1.6-1.el6
php-horde-Horde-Imap-Client-2.29.5-1.el6
php-horde-Horde-Mime-Viewer-2.1.2-1.el6
php-horde-Horde-Service-Weather-2.3.2-1.el6
php-horde-Horde-SyncMl-2.0.6-1.el6
php-horde-Horde-Timezone-1.0.10-1.el6
php-horde-Horde-Vfs-2.3.1-1.el6
php-horde-horde-5.2.9-1.el6
php-horde-imp-6.2.12-1.el6
php-horde-ingo-3.2.8-1.el6
php-horde-kronolith-4.2.13-1.el6
php-nette-deprecated-2.3.2-1.el6
Details about builds:
================================================================================
firebird-2.5.5.26952.0-2.el6 (FEDORA-EPEL-2016-cb3b95bd2f)
SQL relational database management system
--------------------------------------------------------------------------------
Update Information:
move fb_config (#1297506)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1297447 - CVE-2016-1569 firebird: authenticated remote crash by gbak invocation
https://bugzilla.redhat.com/show_bug.cgi?id=1297447
--------------------------------------------------------------------------------
================================================================================
freight-0.3.5-6.el6 (FEDORA-EPEL-2016-e6d7b375ed)
A modern take on the Debian archive
--------------------------------------------------------------------------------
Update Information:
- Fix compatibility with apt 1.1 (Debian Stretch, Ubuntu Xenial)
--------------------------------------------------------------------------------
================================================================================
libmediainfo-0.7.82-1.el6 (FEDORA-EPEL-2016-27b306ced7)
Library for supplies technical and tag information about a video or audio file
--------------------------------------------------------------------------------
Update Information:
Update to 0.7.82.
--------------------------------------------------------------------------------
================================================================================
mediainfo-0.7.82-1.el6 (FEDORA-EPEL-2016-27b306ced7)
Supplies technical and tag information about a video or audio file (CLI)
--------------------------------------------------------------------------------
Update Information:
Update to 0.7.82.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Cache-2.5.2-1.el6 (FEDORA-EPEL-2016-9632f71a37)
Horde Caching API
--------------------------------------------------------------------------------
Update Information:
**Horde_Cache 2.5.2** * [jan] Improve performance and memory consumption of
garbage collection in File driver. * [jan] Fix garbage collection in File
driver. * [jan] Fix caching issues within the same request in the Memcache
driver. * [jan] Fix the Mongo driver's expire() if not using a logger. * [jan]
Add unit tests.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Core-2.22.6-1.el6 (FEDORA-EPEL-2016-336a9e3182)
Horde Core Framework libraries
--------------------------------------------------------------------------------
Update Information:
**Horde_Core 2.22.6** * [mjr] Improvements to GHOSTED/SUPPORTED handling for
ActiveSync. * [mjr] Do not throw a fatal error if a meeting request can not be
deleted after responding to it. * [mjr] Changes for EAS 16.0 support. * [mjr]
Honor the disabled property when rendering boolean form types. * [jan] Fix
returning to last page after problem reporting from AJAX pages (Bug #12112). *
[jan] Fix updating group cache with LDAP backend. * [jan]
Horde_Registry_Nlsconfig#validLang() checks now if a locale is installed
(Request #10457). * [jan] Mark PHP 7 as supported. * [jan] Add option to always
lowercase user names after logging in.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Crypt-2.7.0-1.el6 (FEDORA-EPEL-2016-b39588d51e)
Horde Cryptography API
--------------------------------------------------------------------------------
Update Information:
**Horde_Crypt 2.7.0** * [jan] Add
Horde_Crypt_Pgp::pgpPacketInformationMultiple() and
Horde_Crypt_Pgp_Backend_Binary::packetInfoMultiple() (Request #13190). * [jan]
Fix retrieving PGP keys from the keyserver with certain HTTP client backends. *
[jan] Fix creating PGP keys with comments (Bug #14125). * [jan] Mark PHP 7 as
supported.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Date-2.2.0-1.el6 (FEDORA-EPEL-2016-a21ad632b9)
Horde Date package
--------------------------------------------------------------------------------
Update Information:
**Horde_Date 2.2.0** * [mjr] Add Horde_Date_Recurrence::isEqual(). * [jan] Mark
PHP 7 as supported.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Db-2.3.1-1.el6 (FEDORA-EPEL-2016-91bb02bafc)
Horde Database Libraries
--------------------------------------------------------------------------------
Update Information:
**Horde_Db 2.3.1** * [jan] Bump earliest supported PostgreSQL version to 8.3. *
[jan] Improve getting tables and indexes from PostgreSQL servers (Ivan Sergio
Borgonovo). * [jan] Mark PHP 7 as supported.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Form-2.0.12-1.el6 (FEDORA-EPEL-2016-dc9d8bbf7f)
Horde Form API
--------------------------------------------------------------------------------
Update Information:
**Horde_Form 2.0.12** * [jan] Fix field types being overwritten in certain
cases. * [jan] Allow any empty format specifiers for the monthdayyear field (Bug
#14130). * [jan] Mark PHP 7 as supported.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Http-2.1.6-1.el6 (FEDORA-EPEL-2016-1f4daf994e)
Horde HTTP libraries
--------------------------------------------------------------------------------
Update Information:
**Horde_Http 2.1.6** * [jan] Fix disabling SSL certificate hostname check
(Thomas Jarosch Bug #12929). * [jan] Mark PHP 7 as supported.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Imap-Client-2.29.5-1.el6 (FEDORA-EPEL-2016-695ae04a29)
Horde IMAP abstraction interface
--------------------------------------------------------------------------------
Update Information:
**Horde_Imap_Client 2.29.5** * [jan] Don't try LOGIN authentication over secure
connections if explicitly disabled. * [jan] Mark PHP 7 as supported. * [jan]
Improve Oracle compatibility. * [mjr] Fix fatal error during shutdown due to
incorrect exception name. * [jan] Fix broken ID requests under certain
circumstances.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Mime-Viewer-2.1.2-1.el6 (FEDORA-EPEL-2016-cc075272a8)
Horde MIME Viewer Library
--------------------------------------------------------------------------------
Update Information:
**Horde_Mime_Viewer 2.1.2** * [jan] Add temp_dir configuration parameter to
OpenOffice/LibreOffice viewer (Request #11756). * [jan] Mark PHP 7 as supported.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Service-Weather-2.3.2-1.el6 (FEDORA-EPEL-2016-62d2d34dc6)
Horde Weather Provider
--------------------------------------------------------------------------------
Update Information:
**Horde_Service_Weather 2.3.2** * [jan] Catch Horde_Date exceptions and try
harder to provide dates for weather alerts. * [jan] Mark PHP 7 as supported.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-SyncMl-2.0.6-1.el6 (FEDORA-EPEL-2016-7b3929941c)
Horde_SyncMl provides an API for processing SyncML requests
--------------------------------------------------------------------------------
Update Information:
**Horde_SyncMl 2.0.6** * [jan] Split large objects into multiple messages
(thomas(a)trethan.net, Request #11071). * [jan] Remove workarounds for ancient
Synthesis clients (Bug #10942). * [jan] Mark PHP 7 as supported.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Timezone-1.0.10-1.el6 (FEDORA-EPEL-2016-6a261f33b2)
Timezone library
--------------------------------------------------------------------------------
Update Information:
**Horde_Timezone 1.0.10** * [mjr] Fix generation of broken VTIMEZONE components
for certain Rules (Bug #14221). * [jan] Mark PHP 7 as supported.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Vfs-2.3.1-1.el6 (FEDORA-EPEL-2016-92a348428a)
Virtual File System API
--------------------------------------------------------------------------------
Update Information:
**Horde_Vfs 2.3.1** * [jan] Mark PHP 7 as supported. * small bugfix
--------------------------------------------------------------------------------
================================================================================
php-horde-horde-5.2.9-1.el6 (FEDORA-EPEL-2016-8aee7a9340)
Horde Application Framework
--------------------------------------------------------------------------------
Update Information:
**horde 5.2.9** * [jan] SECURITY: Fix XSS vulnerability in menu bar exposed by
few applications (Bug #14213). * [jan] Add more detailed user DN settings to
Kolab group configuration (Request #11737). * [jan] Fix returning to last page
after problem reporting from AJAX pages (Bug #12112). * [jan] Fix custom
database configuration for groups (Bug #11664). * [jan] Use access rules
compatible with both Apache 2.2 and 2.4. * [mjr] Fix reporting results for non-
select queries in administrative sql shell (Bug #14216).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1305597 - CVE-2015-8807 php-horde-Horde: Cross-site scripting in _renderVarInput_number
https://bugzilla.redhat.com/show_bug.cgi?id=1305597
[ 2 ] Bug #1304397 - CVE-2016-2228 php-horde: reflected cross-site scripting
https://bugzilla.redhat.com/show_bug.cgi?id=1304397
--------------------------------------------------------------------------------
================================================================================
php-horde-imp-6.2.12-1.el6 (FEDORA-EPEL-2016-3172ac44f6)
A web based webmail system
--------------------------------------------------------------------------------
Update Information:
**imp 6.2.12** * [jan] Don't strip PGP mime parts when saving sent messages
(Bug #14233). * [jan] Fix retrieving public PGP keys with certain HTTP client
backends. * [jan] Send MDNs from the correct identity (Bug #14034). * [jan] Fix
autocompleter filtering if items exceed the maximum size (jsveiga(a)it.eng.br, Bug
#13984). * [jan] Use access rules compatible with both Apache 2.2 and 2.4. *
[jan] Allow to disable remote accounts by locking the preference. * [jan] Fix
setting title with newmail count in IE11 and Edge (Bug #14189). * [jan] Fix
wrapping of plain text converted from HTML MIME parts.
--------------------------------------------------------------------------------
================================================================================
php-horde-ingo-3.2.8-1.el6 (FEDORA-EPEL-2016-031ce96323)
An email filter rules manager
--------------------------------------------------------------------------------
Update Information:
**Ingo 3.2.8** * [jan] Fix editing shared rulesets (Bug #12694). * [jan] Allow
to edit permissions of another user's rules if that user assigned ownership. *
[jan] Use access rules compatible with both Apache 2.2 and 2.4. * [jan] Fix
variable name in vacation_addresses hook example. * [jan] Correctly save names
of mailbox created from the rule form (Bug #14150). * [mjr] Fix invalid URLs in
certain forms when cookies are disabled (Bug #14148).
--------------------------------------------------------------------------------
================================================================================
php-horde-kronolith-4.2.13-1.el6 (FEDORA-EPEL-2016-1b9428015c)
A web based calendar
--------------------------------------------------------------------------------
Update Information:
**Kronolith 4.2.13** * [mjr] Add missing EAS ghosted property support for all
EAS versions. Prevents potential loss of event data during synchronization.
**Kronolith 4.2.12** * [mjr] Fix missing truncated event description when using
ActiveSync. * [jan] Fix week number in basic view if week starts on Sundays. *
[mjr] Fix issue where new event could be created with exceptions from previously
edited event. * [jan] Mark preferences only available in basic mode. * [jan] Use
access rules compatible with both Apache 2.2 and 2.4. * [jan] Fix accidental
deletion of events if importing recurring events without a UID attribute (Bug
#14208). * [mjr] Honor confirm_delete preference in dynamic view (Bug #14188). *
[mjr] Correctly deal with cancelled meetings via ActiveSync. * [mjr] Fix
visibility of alarm titles when alarm is generated via CLI (Bug #14154). * [mjr]
Fix display of embed code by adding the full url.
--------------------------------------------------------------------------------
================================================================================
php-nette-deprecated-2.3.2-1.el6 (FEDORA-EPEL-2016-54356eb14f)
APIs and features removed from Nette Framework
--------------------------------------------------------------------------------
Update Information:
APIs and features removed from Nette Framework. To use this library, you just
have to add, in your project: require_once
'/usr/share/php/Nette/Deprecated/autoload.php';
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1277478 - Review Request: php-nette-deprecated - APIs and features removed from Nette Framework
https://bugzilla.redhat.com/show_bug.cgi?id=1277478
--------------------------------------------------------------------------------
Hi,
EPEL7 currently ship Redis 2.8.x branch, but it will be EOLed soon
after the 3.2.x branch will be released.
I plan to update EPEL7 branch to 3.0.x, there's no specific action
required from users for the migration.
Regards,
H.
The following packages are orphaned and will be retired when they
are orphaned for six weeks, unless someone adopts them. If you know for sure
that the package should be retired, please do so now with a proper reason:
https://fedoraproject.org/wiki/How_to_remove_a_package_at_end_of_life
Note: If you received this mail directly you (co)maintain one of the affected
packages or a package that depends on one. Please adopt the affected package or
retire your depending package to avoid broken dependencies, otherwise your
package will be retired when the affected package gets retired.
Package (co)maintainers Status Change
=============================================================
electronics-menu orphan, chitlesh 17 weeks ago
faience-icon-theme orphan 5 weeks ago
gfal2-plugin-xrootd orphan, aalvarez, adev 13 weeks ago
gtk-unico-engine orphan 5 weeks ago
lemonpos orphan 0 weeks ago
mate-applet-lockkeys orphan 5 weeks ago
monkeysphere orphan, stardust85 0 weeks ago
passenger orphan 13 weeks ago
rear orphan, gdha 3 weeks ago
shorewall orphan, digimer, jgu 4 weeks ago
The following packages require above mentioned packages:
Depending on: shorewall (1), status change: 2016-01-06 (4 weeks ago)
fail2ban (maintained by: orion, athmane, atkac)
fail2ban-shorewall-0.9.3-1.el7.noarch requires shorewall = 4.6.5.3-1.el7
Affected (co)maintainers
aalvarez: gfal2-plugin-xrootd
adev: gfal2-plugin-xrootd
athmane: shorewall
atkac: shorewall
chitlesh: electronics-menu
digimer: shorewall
gdha: rear
jgu: shorewall
orion: shorewall
stardust85: monkeysphere
Orphans (10): electronics-menu faience-icon-theme gfal2-plugin-xrootd
gtk-unico-engine lemonpos mate-applet-lockkeys monkeysphere
passenger rear shorewall
Orphans (dependend on) (1): shorewall
Orphans (epel7) for at least 6 weeks (dependend on) (0):
Orphans (epel7)(not depended on) (9): electronics-menu
faience-icon-theme gfal2-plugin-xrootd gtk-unico-engine lemonpos
mate-applet-lockkeys monkeysphere passenger rear
Orphans (epel7) for at least 6 weeks (not dependend on) (3):
electronics-menu gfal2-plugin-xrootd passenger
Depending packages (epel7) (1): fail2ban
Packages depending on packages orphaned (epel7) for more than 6 weeks
(0):
Not found in repo (epel7) (3): lemonpos monkeysphere passenger
--
The script creating this output is run and developed by Fedora
Release Engineering. Please report issues at its trac instance:
https://fedorahosted.org/rel-eng/
The sources of this script can be found at:
https://pagure.io/releng/blob/master/f/scripts/find_unblocked_orphans.py