The following Fedora EPEL 7 Security updates need testing:
Age URL
210
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
106
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6813
chicken-4.9.0.1-4.el7
39
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7800
python-django-1.6.11-3.el7
18
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8100
wordpress-4.3.1-1.el7
18
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8113
php-ZendFramework2-2.4.8-1.el7
16
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8146 nrpe-2.15-7.el7
14
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8155 nagios-4.0.8-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-c29d29cc8f
mediawiki123-1.23.10-2.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-925e9374c9
python-pymongo-3.0.3-1.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-bf18ffa52d
opensmtpd-5.7.2p1-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
cube-4.3.2-3.el7
engrampa-1.10.2-2.el7
fedfind-1.6.2-1.el7
fedmsg-0.16.1-4.el7
nginx-1.6.3-7.el7
opensmtpd-5.7.2p1-1.el7
pidgin-sipe-1.20.0-1.el7
python-wikitcms-1.12.3-1.el7
shinken-2.4.2-1.el7
tor-0.2.6.10-4.el7
Details about builds:
================================================================================
cube-4.3.2-3.el7 (FEDORA-EPEL-2015-88c56c0ffe)
CUBE Uniform Behavioral Encoding generic presentation component
--------------------------------------------------------------------------------
Update Information:
Have devel package depend on cube-libs, not cube ---- cube-4.3.2-2.fc22 -
Make separate libs package (for scorep) - Don't BR Java stuff cube-4.3.2-2.el6
- Make separate libs package (for scorep) - Don't BR Java stuff
cube-4.3.2-2.el7 - Make separate libs package (for scorep) - Don't BR Java
stuff cube-4.3.2-2.fc23 - Make separate libs package (for scorep) - Don't BR
Java stuff
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1240311 - Please make a libs package
https://bugzilla.redhat.com/show_bug.cgi?id=1240311
--------------------------------------------------------------------------------
================================================================================
engrampa-1.10.2-2.el7 (FEDORA-EPEL-2015-93650dc588)
MATE Desktop file archiver
--------------------------------------------------------------------------------
Update Information:
engrampa-1.10.2-2.el7 - update to 1.10.2 release - fix # rhbz (#1264593) -
don't crash when opening archives on network drive (ftp, smb, ...) - fix
https://github.com/mate-desktop/engrampa/issues/78 - Cannot extract mulpiple
files concurently to a seprate directory
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1264593 - Engrampa segfaults when attempting to open an archive from a
networked location
https://bugzilla.redhat.com/show_bug.cgi?id=1264593
--------------------------------------------------------------------------------
================================================================================
fedfind-1.6.2-1.el7 (FEDORA-EPEL-2015-8158)
Fedora Finder finds Fedora
--------------------------------------------------------------------------------
Update Information:
This update provides the new release of fedfind, 1.6.2, with some tweaks to
image identification (including better handling of Atomic images) and handling
of post-release nightly snapshots (related to the [Two Week
Atomic](https://fedorahosted.org/fesco/ticket/1452) plan). It also provides a
new release of python-wikitcms which will improve the image names shown in the
download tables on TC/RC wiki pages. ---- This update provides the latest
upstream version of python-wikitcms, 1.12.3, with a small bug fix (the previous
version accidentally printed the captcha to the console when editing a page
required solving a captcha; this has been fixed) and a refinement to the layout
of the download tables (images are now more finely distinguished so there are
fewer rows with multiple links).
--------------------------------------------------------------------------------
================================================================================
fedmsg-0.16.1-4.el7 (FEDORA-EPEL-2015-99889caa93)
Tools for Fedora Infrastructure real-time messaging
--------------------------------------------------------------------------------
Update Information:
Try again to get python executables correctly referencing python2. ---- Knock
'daemon' out of setuptools requirements as it is only really needed on el6.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1255974 - Binaries ship python2 packages, but expect to run with python3
https://bugzilla.redhat.com/show_bug.cgi?id=1255974
[ 2 ] Bug #1268497 - [abrt] python-fedmsg-commands:
fedmsg-config:3:<module>:ImportError: No module named 'fedmsg'
https://bugzilla.redhat.com/show_bug.cgi?id=1268497
--------------------------------------------------------------------------------
================================================================================
nginx-1.6.3-7.el7 (FEDORA-EPEL-2015-5c13016aed)
A high performance web server and reverse proxy server
--------------------------------------------------------------------------------
Update Information:
Remove PID file in ExecStartPre, before starting nginx. `nginx -t` creates the
file /run/nginx.pid if it doesn't exist. This is fine in ExecStartPre, but if
the user ran `nginx -t` from the cmdline then the PID file will have the wrong
SELinux context.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1268621 - nginx PID file setting fails with SELinux (default config).
Fix/workaround included.
https://bugzilla.redhat.com/show_bug.cgi?id=1268621
--------------------------------------------------------------------------------
================================================================================
opensmtpd-5.7.2p1-1.el7 (FEDORA-EPEL-2015-bf18ffa52d)
Free implementation of the server-side SMTP protocol as defined by RFC 5321
--------------------------------------------------------------------------------
Update Information:
Update to opensmtpd 5.7.2, the latest upstream version.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1268509 - opensmtpd: 5.7.2 release available
https://bugzilla.redhat.com/show_bug.cgi?id=1268509
--------------------------------------------------------------------------------
================================================================================
pidgin-sipe-1.20.0-1.el7 (FEDORA-EPEL-2015-ca9d3baf0a)
Pidgin protocol plugin to connect to MS Office Communicator
--------------------------------------------------------------------------------
Update Information:
New upstream release: * added support for automatic authentication scheme
selection * added support for Multi-Factor Authentication (MFA) * added support
for buddy photos from contact card * added support for SIP ID in contact search
* added support for EWS based contact search when UCS is used * improves user
experience for [MS-DLX] based contact search * fixes calendar state machine when
EWS URL is set * add support for SRTP (requires libpurple >= 3.0.0) * parse HTML
from Lync conference URL * add workaround for farstream 0.1.x with libnice >=
0.1.10 * fix SIP re-authentication timeout to be max. 8 hours * fixes Office365
authentication failure
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1257485 - SIPE-285: Lync connections no longer work at all (RC4 cipher
disabled by MS)
https://bugzilla.redhat.com/show_bug.cgi?id=1257485
--------------------------------------------------------------------------------
================================================================================
python-wikitcms-1.12.3-1.el7 (FEDORA-EPEL-2015-8158)
Fedora QA wiki test management Python library
--------------------------------------------------------------------------------
Update Information:
This update provides the new release of fedfind, 1.6.2, with some tweaks to
image identification (including better handling of Atomic images) and handling
of post-release nightly snapshots (related to the [Two Week
Atomic](https://fedorahosted.org/fesco/ticket/1452) plan). It also provides a
new release of python-wikitcms which will improve the image names shown in the
download tables on TC/RC wiki pages. ---- This update provides the latest
upstream version of python-wikitcms, 1.12.3, with a small bug fix (the previous
version accidentally printed the captcha to the console when editing a page
required solving a captcha; this has been fixed) and a refinement to the layout
of the download tables (images are now more finely distinguished so there are
fewer rows with multiple links).
--------------------------------------------------------------------------------
================================================================================
shinken-2.4.2-1.el7 (FEDORA-EPEL-2015-4004b0116a)
Python Monitoring tool
--------------------------------------------------------------------------------
Update Information:
Update from upstream. ---- Fix Bug 1257871
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1257871 - shinken-broker systemd script failed to restart broker daemon
https://bugzilla.redhat.com/show_bug.cgi?id=1257871
--------------------------------------------------------------------------------
================================================================================
tor-0.2.6.10-4.el7 (FEDORA-EPEL-2015-9c4f67e9ec)
Anonymizing overlay network for TCP (The onion router)
--------------------------------------------------------------------------------
Update Information:
* Remove NoNewPrivileges as it prevents SELinux transition. * Revert back to
DeviceAllow instead of PrivateDevices due to SELinux denials. ---- better
systemd integration and enable libseccomp support
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1243025 - systemd support not enabled
https://bugzilla.redhat.com/show_bug.cgi?id=1243025
--------------------------------------------------------------------------------