The following Fedora EPEL 7 Security updates need testing: Age URL 326 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 88 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-043f77342d cgit-0.12-1.el7 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-418a480529 gsi-openssh-6.6.1p1-3.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-fb26e5cd3c privoxy-3.0.23-3.el7 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-fca17abc84 p7zip-15.09-9.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-f17c082f00 nginx-1.6.3-8.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-69b4d0e57c prosody-0.9.10-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
R-3.2.3-4.el7 abduco-0.5-1.el7 abi-dumper-0.99.14-1.el7 cherrytree-0.36.4-2.el7 cmake-fedora-2.5.1-1.el7 cmark-0.23.0-3.el7 cmark-0.23.0-4.el7 drbdlinks-1.27-3.el7 globus-gssapi-gsi-11.26-1.el7 hitch-1.1.1-1.el7 letsencrypt-0.3.0-1.el7 libinput-1.1.5-1.el7 libsidplayfp-1.8.3-2.el7 nginx-1.6.3-8.el7 pdns-3.4.7-2.el7 perl-Email-Valid-1.198-1.el7 pki-usgov-dod-cacerts-0.0.6-4.el7 prosody-0.9.10-1.el7 python-acme-0.3.0-1.el7 python-elfdata-0.6-1.el7 python-polib-1.0.7-2.el7 python-productmd-1.0-9.el7 python-raven-5.10.2-1.el7 python-requests-toolbelt-0.6.0-1.el7 rpmorphan-1.15-1.el7 rubygem-activerecord-deprecated_finders-1.0.3-6.el7 rubygem-minitest5-5.8.4-1.el7 tito-0.6.4-1.el7 wildmidi-0.3.8-3.el7 yadifa-2.1.5-1.el7
Details about builds:
================================================================================ R-3.2.3-4.el7 (FEDORA-EPEL-2016-17ae3a01b5) A language for data analysis and graphics -------------------------------------------------------------------------------- Update Information:
Add pre-built copies of the R HTML manuals to the packages which cannot build them due to an ancient texi2any (RHEL 5 & 6). RHEL 7 was updated to ensure clean upgrade path. ---- Add Requires: redhat-rpm-config on targets that are hardened, because R inherits the compiler flags that it was built with and passes them to all modules built for it later. --------------------------------------------------------------------------------
================================================================================ abduco-0.5-1.el7 (FEDORA-EPEL-2016-bab758e61a) Session management in a clean and simple way -------------------------------------------------------------------------------- Update Information:
Abduco 0.5 stable release -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1298907 - abduco-0.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1298907 --------------------------------------------------------------------------------
================================================================================ abi-dumper-0.99.14-1.el7 (FEDORA-EPEL-2016-51c0ff0edf) Tool to dump ABI of an ELF object containing DWARF debug info -------------------------------------------------------------------------------- Update Information:
Detect private data types in the ABI, i.e. not defined in public header files. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1301789 - abi-dumper-0.99.14 is available https://bugzilla.redhat.com/show_bug.cgi?id=1301789 --------------------------------------------------------------------------------
================================================================================ cherrytree-0.36.4-2.el7 (FEDORA-EPEL-2016-b49173f74f) Hierarchical note taking application -------------------------------------------------------------------------------- Update Information:
Update to 0.36.4 ---- update to cherrytree 0.36.3 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1160249 - cherrytree-0.36.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1160249 [ 2 ] Bug #1301941 - cherrytree-0.36.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1301941 --------------------------------------------------------------------------------
================================================================================ cmake-fedora-2.5.1-1.el7 (FEDORA-EPEL-2016-571c25a5ff) CMake helper modules for fedora developers -------------------------------------------------------------------------------- Update Information:
- Fixed: * Out-of-the-source build for ibus-chewing --------------------------------------------------------------------------------
================================================================================ cmark-0.23.0-3.el7 (FEDORA-EPEL-2016-65d6af6d87) CommonMark parsing and rendering -------------------------------------------------------------------------------- Update Information:
CommonMark parsing and rendering -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1266429 - Review Request: cmark - CommonMark parsing and rendering https://bugzilla.redhat.com/show_bug.cgi?id=1266429 --------------------------------------------------------------------------------
================================================================================ cmark-0.23.0-4.el7 (FEDORA-EPEL-2016-b3f7cd8978) CommonMark parsing and rendering -------------------------------------------------------------------------------- Update Information:
CommonMark parsing and rendering (http://commonmark.org/) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1266429 - Review Request: cmark - CommonMark parsing and rendering https://bugzilla.redhat.com/show_bug.cgi?id=1266429 --------------------------------------------------------------------------------
================================================================================ drbdlinks-1.27-3.el7 (FEDORA-EPEL-2016-8b5788b3e9) A program for managing links into a DRBD shared partition -------------------------------------------------------------------------------- Update Information:
Provide native systemd service --------------------------------------------------------------------------------
================================================================================ globus-gssapi-gsi-11.26-1.el7 (FEDORA-EPEL-2016-f2e8fc5635) Globus Toolkit - GSSAPI library -------------------------------------------------------------------------------- Update Information:
ix FORCE_TLS setting to allow TLSv1.1 and TLS1.2, not just TLSv1.0 --------------------------------------------------------------------------------
================================================================================ hitch-1.1.1-1.el7 (FEDORA-EPEL-2016-41a21534e9) Network proxy that terminates TLS/SSL connections -------------------------------------------------------------------------------- Update Information:
New upstream release. A bugfix relase. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1302474 - hitch-1.1.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1302474 --------------------------------------------------------------------------------
================================================================================ letsencrypt-0.3.0-1.el7 (FEDORA-EPEL-2016-e38556f243) A free, automated certificate authority client -------------------------------------------------------------------------------- Update Information:
Updated to 0.3.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1302701 - letsencrypt-0.3.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1302701 --------------------------------------------------------------------------------
================================================================================ libinput-1.1.5-1.el7 (FEDORA-EPEL-2016-c64c3afa71) Input device library -------------------------------------------------------------------------------- Update Information:
Upstream update to 1.1.5 --------------------------------------------------------------------------------
================================================================================ libsidplayfp-1.8.3-2.el7 (FEDORA-EPEL-2016-386eead9f4) SID chip music module playing library -------------------------------------------------------------------------------- Update Information:
Import to EPEL to satisfy QMMP dependency (rhbz#1242361#c3) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1242361 - [RFE] Please provide qmmp EPEL7 build https://bugzilla.redhat.com/show_bug.cgi?id=1242361 --------------------------------------------------------------------------------
================================================================================ nginx-1.6.3-8.el7 (FEDORA-EPEL-2016-f17c082f00) A high performance web server and reverse proxy server -------------------------------------------------------------------------------- Update Information:
- CVE-2016-0747: Insufficient limits of CNAME resolution in resolver - CVE-2016-0746: Use-after-free during CNAME response processing in resolver - CVE-2016-0742: Invalid pointer dereference in resolver --------------------------------------------------------------------------------
================================================================================ pdns-3.4.7-2.el7 (FEDORA-EPEL-2016-c3fc50614c) A modern, advanced and high performance authoritative-only nameserver -------------------------------------------------------------------------------- Update Information:
- Remove old PolarSSL dependency -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1302464 - Update to mbedtls causes a dependency issue with pdns https://bugzilla.redhat.com/show_bug.cgi?id=1302464 --------------------------------------------------------------------------------
================================================================================ perl-Email-Valid-1.198-1.el7 (FEDORA-EPEL-2016-efed433f78) Check validity of internet email address -------------------------------------------------------------------------------- Update Information:
Update to 1.198 to fix "multiple MX detection errors". -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1301214 - perl-Email-Valid: please update in epel7 https://bugzilla.redhat.com/show_bug.cgi?id=1301214 --------------------------------------------------------------------------------
================================================================================ pki-usgov-dod-cacerts-0.0.6-4.el7 (FEDORA-EPEL-2016-9eb4a82253) A collection of U.S. Government CA Certs that the DOD uses -------------------------------------------------------------------------------- Update Information:
A collection of U.S. Government CA Certs that the DOD uses https://bodhi.fedoraproject.org/updates/FEDORA-2016-1a87db5f8e recently added to fc23 https://bugzilla.redhat.com/show_bug.cgi?id=1274948 --------------------------------------------------------------------------------
================================================================================ prosody-0.9.10-1.el7 (FEDORA-EPEL-2016-69b4d0e57c) Flexible communications server for Jabber/XMPP -------------------------------------------------------------------------------- Update Information:
Prosody 0.9.10 ============== A summary of changes in this release: Security -------- * mod_dialback: Adopt key generation algorithm from XEP-0185, to prevent impersonation attacks (CVE-2016-0756) Fixes and improvements ---------------------- * Startup: Open /dev/urandom read-only, to fix a failure to start on some systems (fixes #585) * Networking: Improve handling of the 'select' network backend running out of file descriptors Minor changes ------------- * Networking: Increase default internal read size to prevent connections stalling with LuaEvent (see #583) * DNS: Discard queries that failed to send due to connection errors (fixes #598) * c2s, s2s: Lower priority of shutdown handler, so that modules such as MUC can always send shutdown notifications to (remote) users (fixes #601) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1302463 - CVE-2016-0756 prosody: mod_dialback allows impersonation attacks https://bugzilla.redhat.com/show_bug.cgi?id=1302463 --------------------------------------------------------------------------------
================================================================================ python-acme-0.3.0-1.el7 (FEDORA-EPEL-2016-e38556f243) Python library for the ACME protocol -------------------------------------------------------------------------------- Update Information:
Updated to 0.3.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1302701 - letsencrypt-0.3.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1302701 --------------------------------------------------------------------------------
================================================================================ python-elfdata-0.6-1.el7 (FEDORA-EPEL-2016-4bf0014108) Python wrapper to get ELF data -------------------------------------------------------------------------------- Update Information:
Updated elfdata module which can extract GNU_BUILD_ID from the ELF files. --------------------------------------------------------------------------------
================================================================================ python-polib-1.0.7-2.el7 (FEDORA-EPEL-2016-8ec371628d) A library to parse and manage gettext catalogs -------------------------------------------------------------------------------- Update Information:
Upstream update to 1.0.7 --------------------------------------------------------------------------------
================================================================================ python-productmd-1.0-9.el7 (FEDORA-EPEL-2016-090ce4d02f) Library providing parsers for metadata related to OS installation -------------------------------------------------------------------------------- Update Information:
add python-productmd to epel7 ---- adding python-productmd to epel --------------------------------------------------------------------------------
================================================================================ python-raven-5.10.2-1.el7 (FEDORA-EPEL-2016-536e3ccb2c) Python client for Sentry -------------------------------------------------------------------------------- Update Information:
Update to python-raven-5.10.2 ---- First EPEL release -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1234950 - Package python-raven in EPEL https://bugzilla.redhat.com/show_bug.cgi?id=1234950 [ 2 ] Bug #1298402 - python-raven-5.10.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1298402 --------------------------------------------------------------------------------
================================================================================ python-requests-toolbelt-0.6.0-1.el7 (FEDORA-EPEL-2016-2c85206fce) A utility belt for advanced users of python-requests -------------------------------------------------------------------------------- Update Information:
update to 0.6.0 release --------------------------------------------------------------------------------
================================================================================ rpmorphan-1.15-1.el7 (FEDORA-EPEL-2016-6410427984) List packages that have no dependencies (like deborphan) -------------------------------------------------------------------------------- Update Information:
Adding rpmorphan to EPEL -------------------------------------------------------------------------------- References:
[ 1 ] Bug #860433 - RFE - please maintain rpmorphan for EPEL https://bugzilla.redhat.com/show_bug.cgi?id=860433 --------------------------------------------------------------------------------
================================================================================ rubygem-activerecord-deprecated_finders-1.0.3-6.el7 (FEDORA-EPEL-2016-e52a4ce8de) This gem contains deprecated finder APIs extracted from Active Record -------------------------------------------------------------------------------- Update Information:
Bring package to EPEL7 --------------------------------------------------------------------------------
================================================================================ rubygem-minitest5-5.8.4-1.el7 (FEDORA-EPEL-2016-e9edb7ff2c) minitest provides a complete suite of testing facilities -------------------------------------------------------------------------------- Update Information:
Updated to new upstream -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1298622 - Review Request: rubygem-minitest5 - minitest provides a complete suite of testing facilities https://bugzilla.redhat.com/show_bug.cgi?id=1298622 --------------------------------------------------------------------------------
================================================================================ tito-0.6.4-1.el7 (FEDORA-EPEL-2016-ed4568b9bf) A tool for managing rpm based git projects -------------------------------------------------------------------------------- Update Information:
Fix tagging with --use-version on MEAD projects. Fix git annex builder cleanup returning to proper directory. Fix issue with .spec file basename in some situations. --------------------------------------------------------------------------------
================================================================================ wildmidi-0.3.8-3.el7 (FEDORA-EPEL-2016-3f3fffda5a) Softsynth midi player -------------------------------------------------------------------------------- Update Information:
Import to EPEL to satisfy QMMP dependency (rhbz#1242361#c3) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1242361 - [RFE] Please provide qmmp EPEL7 build https://bugzilla.redhat.com/show_bug.cgi?id=1242361 --------------------------------------------------------------------------------
================================================================================ yadifa-2.1.5-1.el7 (FEDORA-EPEL-2016-42474ec730) Lightweight authoritative Name Server with DNSSEC capabilities -------------------------------------------------------------------------------- Update Information:
20160108: YADIFA 2.1.5 - Dynamic updates do not use temporary files anymore which improves their general performance. - The statistics now shows the referrals. Fixes: - fixed an issue where getting a huge incremental transfer would prevent the server from answering queries while applying the changes. - fixed an issue serving IXFR that would occur when a incremental change step was bigger than 64KB - fixed an issue for Solaris with the memory aligment fix not active everywhere - fixed an issue on the Solaris build settings - fixed an issue where sometimes yadifad would not find a configuration file given as a parameter with a relative path - fixed an issue where a wild-card would not be properly returned with an AXFR - fixed an issue where dynamically updating a zone at a speed such that the zone file would need to be written multiple times on disk before finishing the previous write could lead to a deadlock 20151026: YADIFA 2.1.4 - The zone reader error reporting has been improved. - Stacktrace support added for Solaris. Known issue: - Adding and or removing NSEC3PARAM dynamically is not properly handled. Fixes: - fixed an issue where an NSEC3 answer proving a * query would lead to a crash - fixed an issue where a private key may be not recognised as such - fixed an issue where dynamic update prerequisite check would fail a valid match - fixed an issue where zone signature maintenance would only start if all private keys were available. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1302113 - yadifa: 2.1.5 release available https://bugzilla.redhat.com/show_bug.cgi?id=1302113 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org