The following Fedora EPEL 7 Security updates need testing:
Age URL
282
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-3989
166
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
87
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6262
62
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6813
40
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7143
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7562
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7600
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7613
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7612
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7732
The following builds have been pushed to Fedora EPEL 7 updates-testing
bodhi-0.9.8-5.el7
ctpl-0.3.4-3.el7
dpm-xrootd-3.5.4-1.el7
drupal7-7.39-1.el7
epel-rpm-macros-7-3
fedfind-1.4.2-1.el7
fedmsg-0.15.0-1.el7
i7z-0.27.2-11.el7
marco-1.10.2-1.el7
parcimonie.sh-0-0.4.20150804gitc009937.el7
php-twig-1.20.0-1.el7
phpMyAdmin-4.4.14-1.el7
python-fedmsg-meta-fedora-infrastructure-0.15.0-1.el7
python-statsd-2.1.2-2.el7
salt-2015.5.5-1.el7
scalasca-2.2.2-3.el7
supervisor-3.1.3-3.el7
Details about builds:
================================================================================
bodhi-0.9.8-5.el7 (None)
A modular framework that facilitates publishing software updates
--------------------------------------------------------------------------------
Update Information:
Updated to work better against bodhi2 with the latest python-fedora bindings.
--------------------------------------------------------------------------------
================================================================================
ctpl-0.3.4-3.el7 (FEDORA-EPEL-2015-7731)
Template library and engine written in C
--------------------------------------------------------------------------------
Update Information:
ctpl-0.3.4-3.el7 - removed Patch0 as it gives errors during build (no longer
needed) - enable CLI tool again for EPEL7
--------------------------------------------------------------------------------
================================================================================
dpm-xrootd-3.5.4-1.el7 (FEDORA-EPEL-2015-7730)
XROOT interface to the Disk Pool Manager (DPM)
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
================================================================================
drupal7-7.39-1.el7 (FEDORA-EPEL-2015-7732)
An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:
Updated to 7.39 * [Release
notes](https://www.drupal.org/drupal-7.39-release-
notes) * [Drupal Core - Critical - Multiple Vulnerabilities - SA-
CORE-2015-003](https://www.drupal.org/SA-CORE-2015-003)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1255674 - drupal7: drupal: Several issues in 6.x and 7.x (SA-CORE-2015-003)
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1255674
--------------------------------------------------------------------------------
================================================================================
epel-rpm-macros-7-3 (None)
Extra Packages for Enterprise Linux RPM macros
--------------------------------------------------------------------------------
Update Information:
Fix %py2_install macro
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1241655 - please add new python macros also to epel
https://bugzilla.redhat.com/show_bug.cgi?id=1241655
--------------------------------------------------------------------------------
================================================================================
fedfind-1.4.2-1.el7 (FEDORA-EPEL-2015-7739)
Fedora Finder finds Fedora
--------------------------------------------------------------------------------
Update Information:
This update provides the latest upstream fedfind release, 1.4.2. There have been
many significant changes since the last packaged release, 1.2. You can find full
details on the [upstream
page](https://www.happyassassin.net/fedfind). Briefly,
fedfind's module has grown several new features for compose checking, and Koji
queries are now more efficient (and cached on the instance). fedfind will now
find more images and identify them more accurately. You can be somewhat sloppier
with `release`, `milestone` and `compose` parameters, both in `get_release()`
and in the CLI. The update fixes the major bug in 1.2 where you could not use
the CLI with a numeric release.
--------------------------------------------------------------------------------
================================================================================
fedmsg-0.15.0-1.el7 (FEDORA-EPEL-2015-7724)
Tools for Fedora Infrastructure real-time messaging
--------------------------------------------------------------------------------
Update Information:
Latest upstream. New msg2subjective() API.
--------------------------------------------------------------------------------
================================================================================
i7z-0.27.2-11.el7 (FEDORA-EPEL-2015-7729)
CLI curses based monitoring tool for Intel Core i7 processors
--------------------------------------------------------------------------------
Update Information:
i7z-0.27.2-11.el7 - Fix up docdir listing in spec file directive for epel7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1162339 - Please add i7z to epel7
https://bugzilla.redhat.com/show_bug.cgi?id=1162339
--------------------------------------------------------------------------------
================================================================================
marco-1.10.2-1.el7 (FEDORA-EPEL-2015-7726)
MATE Desktop window manager
--------------------------------------------------------------------------------
Update Information:
marco-1.10.2-1.el7 - update to 1.10.2 release - remove upstreamed patches -
fix rhbz (#1011869) (#1226530)
--------------------------------------------------------------------------------
================================================================================
parcimonie.sh-0-0.4.20150804gitc009937.el7 (FEDORA-EPEL-2015-7672)
Refresh your GnuPG keyring over Tor
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1242086 - Review Request: parcimonie.sh - Refresh your GnuPG keyring over
Tor
https://bugzilla.redhat.com/show_bug.cgi?id=1242086
--------------------------------------------------------------------------------
================================================================================
php-twig-1.20.0-1.el7 (FEDORA-EPEL-2015-7612)
The flexible, fast, and secure template engine for PHP
--------------------------------------------------------------------------------
Update Information:
## 1.20.0 (2015-08-12) * forbid access to the Twig environment from templates
and internal parts of Twig_Template * fixed limited RCEs when in sandbox mode *
deprecated Twig_Template::getEnvironment() * deprecated the _self variable for
usage outside of the from and import tags * added Twig_BaseNodeVisitor to ease
the compatibility of node visitors between 1.x and 2.x ## 1.19.0 (2015-07-31)
* fixed wrong error message when including an undefined template in a child
template * added support for variadic filters, functions, and tests * added
support for extra positional arguments in macros * added ignore_missing flag to
the source function * fixed batch filter with zero items * deprecated
Twig_Environment::clearTemplateCache() * fixed sandbox disabling when using the
include function
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1249259 - php-twig-v1.20.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1249259
[ 2 ] Bug #1255797 - php-twig: Remote code execution via Twig templates [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1255797
--------------------------------------------------------------------------------
================================================================================
phpMyAdmin-4.4.14-1.el7 (FEDORA-EPEL-2015-7725)
Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:
phpMyAdmin 4.4.14.0 (2015-08-20) ================================ * Export
after search, missing WHERE clause * Incomplete message after import * Incorrect
scalar type declaration (reported under PHP 7) * ReCaptcha produces deprecated
messages under PHP 7 * phpseclib < 2.0 produces deprecated messages on PHP 7 *
"Switch to copied table" doesn't work * Missing quotes after calling
"distinct
values" * Cannot import database with long data in one column * SPATIAL index
option is not clickable
--------------------------------------------------------------------------------
================================================================================
python-fedmsg-meta-fedora-infrastructure-0.15.0-1.el7 (FEDORA-EPEL-2015-7727)
Metadata providers for Fedora Infrastructure's fedmsg deployment
--------------------------------------------------------------------------------
Update Information:
Latest upstream. New msg2subjective() API. Some new handlers for bodhi2
messages and more.
--------------------------------------------------------------------------------
================================================================================
python-statsd-2.1.2-2.el7 (None)
A Python statsd client
--------------------------------------------------------------------------------
Update Information:
Fixed fedora-review warnings
--------------------------------------------------------------------------------
================================================================================
salt-2015.5.5-1.el7 (FEDORA-EPEL-2015-7738)
A parallel remote execution system
--------------------------------------------------------------------------------
Update Information:
salt-2015.5.5-1.el7 - Update to bugfix release 2015.5.5
--------------------------------------------------------------------------------
================================================================================
scalasca-2.2.2-3.el7 (FEDORA-EPEL-2015-7742)
Toolset for performance analysis of large-scale parallel applications
--------------------------------------------------------------------------------
Update Information:
scalasca-2.2.2-3.el7 - BR openssh-clients so test works in koji epel7
--------------------------------------------------------------------------------
================================================================================
supervisor-3.1.3-3.el7 (FEDORA-EPEL-2015-7728)
A System for Allowing the Control of Process State on UNIX
--------------------------------------------------------------------------------
Update Information:
Fix tmpfiles.d files.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1255159 - supervisord fails to start due to inability to create its socket
https://bugzilla.redhat.com/show_bug.cgi?id=1255159
--------------------------------------------------------------------------------