The following Fedora EPEL 7 Security updates need testing: Age URL 252 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 148 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6813 chicken-4.9.0.1-4.el7 56 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8155 nagios-4.0.8-1.el7 44 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-925e9374c9 python-pymongo-3.0.3-1.el7 20 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-234553a060 mediawiki123-1.23.11-1.el7 20 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-ad1b660a4d php-ZendFramework-1.12.16-1.el7 14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 14 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-97e247eb19 perl-HTML-Scrubber-0.15-1.el7 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-22f9be240b qemu-2.0.0-1.el7.6 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-f5273e10c1 rabbitmq-server-3.3.5-12.el7 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-f75cdd1774 metis-5.1.0-7.el7 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-4b33ee7c84 wildmagic5-5.13-12.el7 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-d6eaf22c8d MUMPS-5.0.1-4.el7 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e1379fc854 owncloud-8.0.9-1.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-693544258f telegram-cli-1.3.1-7.20150730git2052f4.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7b2b7d02df quassel-0.11.1-1.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8a26d71e56 pdns-3.4.7-1.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-da5a65c143 zarafa-7.1.14-1.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-c399ccf199 sundials-2.6.2-11.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-914de61c66 potrace-1.13-2.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-987c5b1ead monitorix-3.8.1-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
composer-1.0.0-0.15.alpha11.el7 fedmsg-0.16.2-5.el7 keybinder-0.3.1-1.el7 monitorix-3.8.1-1.el7 python-dirq-1.7-1.el7 uget-2.0.3-1.el7 yubikey-personalization-gui-3.1.23-2.el7
Details about builds:
================================================================================ composer-1.0.0-0.15.alpha11.el7 (FEDORA-EPEL-2015-589034bd4d) Dependency Manager for PHP -------------------------------------------------------------------------------- Update Information:
Upstream version 1.0.0alpha11 --------------------------------------------------------------------------------
================================================================================ fedmsg-0.16.2-5.el7 (FEDORA-EPEL-2015-fe204813fc) Tools for Fedora Infrastructure real-time messaging -------------------------------------------------------------------------------- Update Information:
Explicit python2 subpackages. --------------------------------------------------------------------------------
================================================================================ keybinder-0.3.1-1.el7 (FEDORA-EPEL-2015-a36503f5bc) A library for registering global keyboard shortcuts -------------------------------------------------------------------------------- Update Information:
keybinder-0.3.1-1.el7 - update to 0.3.1 - change of upstream URL --------------------------------------------------------------------------------
================================================================================ monitorix-3.8.1-1.el7 (FEDORA-EPEL-2015-987c5b1ead) A free, open source, lightweight system monitoring tool -------------------------------------------------------------------------------- Update Information:
This is a maintenance release that mainly fixes a Document Object Model (DOM)-based cross-site scripting (XSS) vulnerability in the monitorix.cgi file. Such vulnerability is by injection a JS code in the when parameter of the URL shown after generating the graphs. Additionally, a potential denial of service (DoS) issue was discovered in the same when parameter of the URL which could lead in the creation of an enormous amount of .png files in the imgs directory of the server. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1281979 - monitorix-3.8.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1281979 --------------------------------------------------------------------------------
================================================================================ python-dirq-1.7-1.el7 (FEDORA-EPEL-2015-e4bcf7fec2) Directory based queue -------------------------------------------------------------------------------- Update Information:
Updated to latest upstream version. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1281769 - python-dirq-1.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1281769 --------------------------------------------------------------------------------
================================================================================ uget-2.0.3-1.el7 (FEDORA-EPEL-2015-17cb1bd569) Download manager using GTK+ and libcurl -------------------------------------------------------------------------------- Update Information:
uget-2.0.3-1.el7 - 2.0.3 ---- rebuild for EPEL 7 --------------------------------------------------------------------------------
================================================================================ yubikey-personalization-gui-3.1.23-2.el7 (FEDORA-EPEL-2015-60de34c4f2) GUI for Yubikey personalization -------------------------------------------------------------------------------- Update Information:
yubikey-personalization-gui-3.1.23-2.el7 - Update to 3.1.23 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org