The following Fedora EPEL 7 Security updates need testing: Age URL 318 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 80 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 43 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-f82c6fc04a p7zip-15.09-4.el7 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-dd35749dd3 wordpress-4.4.1-1.el7 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-43613cf75a keepassx-0.4.4-1.el7 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e34ffdd692 prosody-0.9.9-2.el7 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-273a82f7db owncloud-8.0.10-1.el7 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-551b68b67a moodle-3.0.2-1.el7 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8da165e1bb mbedtls-2.2.1-1.el7 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6f526f521d python-rsa-3.3-2.el7 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-043f77342d cgit-0.12-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-418a480529 gsi-openssh-6.6.1p1-3.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
gsi-openssh-6.6.1p1-3.el7 libmediainfo-0.7.81-1.el7 mediainfo-0.7.81-1.el7 metis-5.1.0-9.el7 nsd-4.1.7-4.el7 php-pear-PHP-CodeSniffer-2.5.1-1.el7 php-pecl-propro-1.0.2-1.el7 php-pecl-raphf-1.1.2-1.el7 pidgin-window-merge-0.3-5.el7 python-scandir-1.2-3.el7 python-sqlalchemy-1.0.11-1.el7 retrace-server-1.13-1.el7 scalapack-2.0.2-12.el7 voms-2.0.12-7.el7
Details about builds:
================================================================================ gsi-openssh-6.6.1p1-3.el7 (FEDORA-EPEL-2016-418a480529) An implementation of the SSH protocol with GSI authentication -------------------------------------------------------------------------------- Update Information:
Sync with latest openssh package. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1298033 - CVE-2016-0778 OpenSSH: Client buffer-overflow when using roaming connections https://bugzilla.redhat.com/show_bug.cgi?id=1298033 [ 2 ] Bug #1298032 - CVE-2016-0777 OpenSSH: Client Information leak due to use of roaming connection feature https://bugzilla.redhat.com/show_bug.cgi?id=1298032 --------------------------------------------------------------------------------
================================================================================ libmediainfo-0.7.81-1.el7 (FEDORA-EPEL-2016-54b6555f7a) Library for supplies technical and tag information about a video or audio file -------------------------------------------------------------------------------- Update Information:
Update to 0.7.81. --------------------------------------------------------------------------------
================================================================================ mediainfo-0.7.81-1.el7 (FEDORA-EPEL-2016-54b6555f7a) Supplies technical and tag information about a video or audio file (CLI) -------------------------------------------------------------------------------- Update Information:
Update to 0.7.81. --------------------------------------------------------------------------------
================================================================================ metis-5.1.0-9.el7 (FEDORA-EPEL-2016-1ba012bba4) Serial Graph Partitioning and Fill-reducing Matrix Ordering -------------------------------------------------------------------------------- Update Information:
- Removed ExcludeArch - Defined OpenMP support - Some cleanups of the SPEC file --------------------------------------------------------------------------------
================================================================================ nsd-4.1.7-4.el7 (FEDORA-EPEL-2016-bd7402c08d) Fast and lean authoritative DNS Name Server -------------------------------------------------------------------------------- Update Information:
Remove cronjob, enable zonefiles-write: in nsd.conf, don't delete xfrd.state --------------------------------------------------------------------------------
================================================================================ php-pear-PHP-CodeSniffer-2.5.1-1.el7 (FEDORA-EPEL-2016-f39b933afd) PHP coding standards enforcement tool -------------------------------------------------------------------------------- Update Information:
**Version 2.5.1** Upstream changelog: - The PHP-supplied T_SPACESHIP token has been replicated for PHP versions before 7.0 - T_SPACESHIP is now correctly identified as an operator, Thanks to Alexander Obuhovich for the patch - Generic LowerCaseKeyword now ensures array type hints are lowercase as well, Thanks to Mathieu Rochette for the patch - Squiz ComparisonOperatorUsageSniff no longer hangs on JS FOR loops that don't use semicolons - PHP_CodesSniffer now includes the composer autoload.php file, if there is one, Thanks to Klaus Purer for the patch. Added error Squiz.Commenting.FunctionComment.ScalarTypeHintMissing for PHP7 only (request #858). These errors were previously reported as Squiz.Commenting.FunctionComment.TypeHintMissing on PHP7. Disable this error message in a ruleset.xml file if your code needs to run on both PHP5 and PHP7 - The PHP 5.6 __debugInfo magic method no longer produces naming convention errors. Thanks to Michael Nowack for the patch - PEAR and Squiz FunctionComment sniffs now support variadic functions (request #841) - Fixed bug #622 : Wrong detection of Squiz.CSS.DuplicateStyleDefinition with media queries - Fixed bug #752 : The missing exception error is reported in first found DocBlock - Fixed bug #794 : PSR2 MultiLineFunctionDeclaration forbids comments after opening parenthesis of a multiline call - Fixed bug #820 : PEAR/PSR2 FunctionCallSignature sniffs suggest wrong indent when there are multiple arguments on a line - Fixed bug #822 : Ruleset hard-coded file paths are not used if not running from the same directory as the ruleset - Fixed bug #825 : FunctionCallArgumentSpacing sniff complains about more than one space before comment in multi-line function call - Fixed bug #828 : Null classname is tokenized as T_NULL instead of T_STRING - Fixed bug #829 : Short array argument not fixed correctly when multiple function arguments are on the same line - Fixed bug #831 : PHPCS freezes in an infinite loop under Windows if no standard is passed - Fixed bug #832 : Tokenizer does not support context sensitive parsing. Thanks to Jaroslav Hansl��k for the patch - Fixed bug #835 : PEAR.Functions.FunctionCallSignature broken when closure uses return types - Fixed bug #838 : CSS indentation fixer changes color codes. Thanks to Klaus Purer for the patch - Fixed bug #839 : "__()" method is marked as not camel caps. Thanks to Tim Bezhashvyly for the patch - Fixed bug #852 : Generic.Commenting.DocComment not finding errors when long description is omitted - Fixed bug #854 : Return typehints in interfaces are not reported as T_RETURN_TYPE. Thanks to Jaroslav Hansl��k for the patch - Fixed bug #855 : Capital letter detection for multibyte strings doesn't work correctly - Fixed bug #857 : PSR2.ControlStructure.SwitchDeclaration shouldn't check indent of curly brace closers - Fixed bug #859 : Switch statement indention issue when returning function call with closure - Fixed bug #861 : Single-line arrays and function calls can generate incorrect indentation errors - Fixed bug #867 : Squiz.Strings.DoubleQuoteUsage broken for some escape codes. Thanks to Jack Blower for the help with the fix - Fixed bug #21005 : Incorrect indent detection when multiple properties are initialized to arrays - Fixed bug #21010 : Incorrect missing colon detection in CSS when first style is not on new line - Fixed bug #21011 : Incorrect error message text when newline found after opening brace --------------------------------------------------------------------------------
================================================================================ php-pecl-propro-1.0.2-1.el7 (FEDORA-EPEL-2016-fd3a3208a4) Property proxy -------------------------------------------------------------------------------- Update Information:
** Version 1.0.2** * Internals documentation at http://m6w6.github.io/ext- propro/v1.0.x/ * Travis support * Fix package.xml's maximum and minimum PHP version --------------------------------------------------------------------------------
================================================================================ php-pecl-raphf-1.1.2-1.el7 (FEDORA-EPEL-2016-e3d8cbda03) Resource and persistent handles factory -------------------------------------------------------------------------------- Update Information:
**Version 1.1.1** * Source code documentation available at http://m6w6.github.io/ext-raphf/v1.1.x * Travis support * Fix package.xml's maximum and minimum PHP version **Version 1.1.2** * Fixed release stability to stable --------------------------------------------------------------------------------
================================================================================ pidgin-window-merge-0.3-5.el7 (FEDORA-EPEL-2016-2e2ef692da) Pidgin plugin for single window mode -------------------------------------------------------------------------------- Update Information:
Initial build of the package. --------------------------------------------------------------------------------
================================================================================ python-scandir-1.2-3.el7 (FEDORA-EPEL-2016-7bafab63d3) A better directory iterator and faster os.walk() for Python -------------------------------------------------------------------------------- Update Information:
Update to version 1.2. Build Python3 package for el7+ --------------------------------------------------------------------------------
================================================================================ python-sqlalchemy-1.0.11-1.el7 (FEDORA-EPEL-2016-c1eb98d18b) Modular and flexible ORM library for python -------------------------------------------------------------------------------- Update Information:
Please test extensively. This update will stay in testing for an extended period to check for regressions. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1296875 - Package in EPEL7 is 0.9.7 when 1.0.10 is now available in Fedora https://bugzilla.redhat.com/show_bug.cgi?id=1296875 --------------------------------------------------------------------------------
================================================================================ retrace-server-1.13-1.el7 (FEDORA-EPEL-2016-83dee232b6) Application for remote coredump analysis -------------------------------------------------------------------------------- Update Information:
New upstream release that fixes several usability issues. --------------------------------------------------------------------------------
================================================================================ scalapack-2.0.2-12.el7 (FEDORA-EPEL-2016-f6fe732c8c) A subset of LAPACK routines redesigned for heterogeneous computing -------------------------------------------------------------------------------- Update Information:
Make blacs-openmpi require blacs-common (bug #1299939) ---- Apply bug fixes from trunk,.rebuild against current openmpi in EL7. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1299939 - blacs-openmpi-devel doesn't install Bdef.h https://bugzilla.redhat.com/show_bug.cgi?id=1299939 [ 2 ] Bug #1299143 - rebuild blacs/scalapack against new openmpi https://bugzilla.redhat.com/show_bug.cgi?id=1299143 --------------------------------------------------------------------------------
================================================================================ voms-2.0.12-7.el7 (FEDORA-EPEL-2016-238de46db9) Virtual Organization Membership Service -------------------------------------------------------------------------------- Update Information:
- Disable SSLv3. - Fix compilation with gcc 6. --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org