The following Fedora EPEL 7 Security updates need testing: Age URL 313 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 76 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 39 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-f82c6fc04a p7zip-15.09-4.el7 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-864da6c179 nghttp2-1.6.0-1.el7 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e21e03e52f mono-2.10.8-9.el7 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-3e181e41ca openvpn-2.3.10-1.el7 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e04c714f9d gajim-0.16.5-1.el7 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-ec85678f0c nodejs-ws-1.0.1-1.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-dd35749dd3 wordpress-4.4.1-1.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-43613cf75a keepassx-0.4.4-1.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e34ffdd692 prosody-0.9.9-2.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-273a82f7db owncloud-8.0.10-1.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8da165e1bb mbedtls-2.2.1-1.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6f526f521d python-rsa-3.3-2.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-925e9374c9 python-pymongo-3.0.3-1.el7

The following builds have been pushed to Fedora EPEL 7 updates-testing

atomic-reactor-1.6.1-1.el7 gpaste-3.14.4.1-1.el7 libisds-0.10.2-1.el7 libwhirlpool-1.0-1.el7 log4cplus-1.1.3-0.4.rc3.el7 perl-WWW-Twilio-API-0.18-2.el7 php-symfony-2.7.9-2.el7 python-beanbag-1.9.2-2.el7 python-pymongo-3.0.3-1.el7 python3-PyYAML-3.11-2.el7 smtpping-1.1.2-2.el7 tayga-0.9.2-3.el7

Details about builds:

================================================================================ atomic-reactor-1.6.1-1.el7 (FEDORA-EPEL-2016-e9f7a6ffe3) Improved builder for Docker images -------------------------------------------------------------------------------- Update Information:

New upstream release. --------------------------------------------------------------------------------

================================================================================ gpaste-3.14.4.1-1.el7 (FEDORA-EPEL-2016-d2f94b1cf4) Clipboard management system -------------------------------------------------------------------------------- Update Information:

GNOME 3.14 support -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1288281 - gnome-shell-extension-gpaste is not compatible with EL 7.2 https://bugzilla.redhat.com/show_bug.cgi?id=1288281 --------------------------------------------------------------------------------

================================================================================ libisds-0.10.2-1.el7 (FEDORA-EPEL-2016-a1783f74ea) Library for accessing the Czech Data Boxes -------------------------------------------------------------------------------- Update Information:

This release fixes building with disabled libxurl support. --------------------------------------------------------------------------------

================================================================================ libwhirlpool-1.0-1.el7 (FEDORA-EPEL-2016-969ea72593) Whirlpool cryptographic hash function library -------------------------------------------------------------------------------- Update Information:

1.0 -- 2015-12-16 * First public release -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1292216 - Review Request: libwhirlpool - Whirlpool cryptographic hash function library https://bugzilla.redhat.com/show_bug.cgi?id=1292216 --------------------------------------------------------------------------------

================================================================================ log4cplus-1.1.3-0.4.rc3.el7 (FEDORA-EPEL-2016-2b0a5fdc60) Logging Framework for C++ -------------------------------------------------------------------------------- Update Information:

Fixed one bug -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1297906 - log4cplus is not compiled with C++11 support because of typo in spec https://bugzilla.redhat.com/show_bug.cgi?id=1297906 --------------------------------------------------------------------------------

================================================================================ perl-WWW-Twilio-API-0.18-2.el7 (FEDORA-EPEL-2016-7eef5cd0bf) Accessing Twilio's REST API with Perl -------------------------------------------------------------------------------- Update Information:

Revision history for Perl extension WWW::Twilio::API. r24 | scott | 2014-10-13 10:24:23 -0600 (Mon, 13 Oct 2014) | 1 line - document utf8 argument ------------------------------------------------------------------------ r23 | scott | 2014-10-13 10:17:31 -0600 (Mon, 13 Oct 2014) | 1 line - version bump: 0.18 ------------------------------------------------------------------------ r22 | scott | 2014-10-13 10:17:07 -0600 (Mon, 13 Oct 2014) | 1 line - enable utf8 support [Kris Matthews] [rt#98963] 0.17 - LWP callback support (thanks: Preston Gilchrist) ------------------------------------------------------------------------ r20 | scott | 2012-07-14 21:17:56 -0600 (Sat, 14 Jul 2012) | 1 line - LWP callback added (Preston Gilchrist) ------------------------------------------------------------------------ 0.16 - GET parameters (e.g., SMS/Messages) are now passed correctly ------------------------------------------------------------------------ r17 | scott | 2011-10-10 20:47:27 -0600 (Mon, 10 Oct 2011) | 2 lines - fixes for GET parameters ------------------------------------------------------------------------ -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1297527 - Review Request: perl-WWW-Twilio-API - Accessing Twilio's REST API with Perl https://bugzilla.redhat.com/show_bug.cgi?id=1297527 --------------------------------------------------------------------------------

================================================================================ php-symfony-2.7.9-2.el7 (FEDORA-EPEL-2016-c70d9f1b0e) PHP framework for web projects -------------------------------------------------------------------------------- Update Information:

**Version 2.7.9** (2016-01-14) * security #17359 do not ship with a custom rng implementation (xabbuh, fabpot) * bug #17314 Fix max width for multibyte keys in choice question (mheki) * bug #17326 [Console] Display console application name even when no version set (polc) * bug #17328 [Serializer] Allow to use proxies in object_to_populate (dunglas) * bug #17347 Workaround https://bugs.php.net/63206 (nicolas-grekas) * bug #17140 [Serializer] Remove normalizer cache in Serializer class (jvasseur) * bug #17307 [FrameworkBundle] Fix paths with % in it (like urlencoded) (scaytrase) * bug #17078 [Bridge] [Doctrine] [Validator] Added support \IteratorAggregate for UniqueEntityValidator (Disparity) * bug #17298 [FrameworkBundle] Use proper class to fetch $versionStrategy property (dosten) * bug #17287 [HttpKernel] Forcing string comparison on query parameters sort in UriSigner (Tim van Densen) * bug #17279 [FrameworkBundle] Add case in Kernel directory guess for PHPUnit (tgalopin) * bug #17278 [FrameworkBundle] Add case in Kernel directory guess for PHPUnit (tgalopin) * bug #17275 [PhpUnitBridge] Re-enable the garbage collector (nicolas-grekas) * bug #17276 [Process] Fix potential race condition (nicolas-grekas) * bug #17183 [FrameworkBundle] Set the kernel.name properly after a cache warmup (jakzal) * bug #17159 [Yaml] recognize when a block scalar is left (xabbuh) * bug #17195 bug #14246 [Filesystem] dumpFile() non atomic (Hidde Boomsma) * feature #16747 [Form] Improved performance of ChoiceType and its subtypes (webmozart) * bug #17177 [Process] Fix potential race condition leading to transient tests (nicolas-grekas) * bug #17163 [Form] fix Catchable Fatal Error if choices is not an array (Gladhon, nicolas-grekas) * bug #17119 [Form] improve deprecation message for "empty_value" and "choice_list" options. (hhamon) --------------------------------------------------------------------------------

================================================================================ python-beanbag-1.9.2-2.el7 (FEDORA-EPEL-2016-06e25cc466) A helper module for accessing REST APIs -------------------------------------------------------------------------------- Update Information:

This is a new package for python beanbag module BeanBag is a simple module that lets you access REST APIs in an easy way. For example: >>> import beanbag

...

...

github = beanbag.BeanBag("https://api.github.com") >>> watchers =

github.repos.ajtowns.beanbag.watchers() >>> for w in watchers: ... print(w["login"]) See http://beanbag.readthedocs.org/ for more information. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1296974 - Review Request: python-beanbag - A helper module for accessing REST APIs https://bugzilla.redhat.com/show_bug.cgi?id=1296974 --------------------------------------------------------------------------------

================================================================================ python-pymongo-3.0.3-1.el7 (FEDORA-EPEL-2015-925e9374c9) Python driver for MongoDB -------------------------------------------------------------------------------- Update Information:

python-pymongo-3.0.3-1.fc21 - Upstream 3.0.3 - Fix CVE-2013-7440 (RHBZ#1231231 #1231232) python-pymongo-3.0.3-1.fc22 - Upstream 3.0.3 - Fix CVE-2013-7440 (RHBZ#1231231 #1231232) python-pymongo-3.0.3-1.el6 - Upstream 3.0.3 - Fix CVE-2013-7440 (RHBZ#1231231 #1231232) python-pymongo-3.0.3-1.el7 - Upstream 3.0.3 - Fix CVE-2013-7440 (RHBZ#1231231 #1231232) python- pymongo-3.0.3-1.fc23 - Upstream 3.0.3 - Fix CVE-2013-7440 (RHBZ#1231231 #1231232) -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1231231 - CVE-2013-7440 CVE-2013-2099 python-pymongo: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1231231 [ 2 ] Bug #1210043 - Mongoengine require pymongo 2.7.1 https://bugzilla.redhat.com/show_bug.cgi?id=1210043 [ 3 ] Bug #1231232 - CVE-2013-7440 CVE-2013-2099 python-pymongo: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1231232 --------------------------------------------------------------------------------

================================================================================ python3-PyYAML-3.11-2.el7 (FEDORA-EPEL-2016-33336b22da) YAML parser and emitter for Python 3 -------------------------------------------------------------------------------- Update Information:

YAML is a data serialization format designed for human readability and interaction with scripting languages. PyYAML is a YAML parser and emitter for Python 3. PyYAML features a complete YAML 1.1 parser, Unicode support, pickle support, capable extension API, and sensible error messages. PyYAML supports standard YAML tags and provides Python-specific tags that allow to represent an arbitrary Python object. PyYAML is applicable for a broad range of tasks from complex configuration files to object serialization and persistance. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1294717 - Review Request: python3-PyYAML - YAML parser and emitter for Python https://bugzilla.redhat.com/show_bug.cgi?id=1294717 --------------------------------------------------------------------------------

================================================================================ smtpping-1.1.2-2.el7 (FEDORA-EPEL-2016-aa7f81af3d) Small tool for measuring SMTP parameters -------------------------------------------------------------------------------- Update Information:

Release 1.1.2 (package initial submission) -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1290530 - Review Request: smtpping - Small tool for measuring SMTP parameters https://bugzilla.redhat.com/show_bug.cgi?id=1290530 --------------------------------------------------------------------------------

================================================================================ tayga-0.9.2-3.el7 (FEDORA-EPEL-2016-6782b896fa) Simple, no-fuss NAT64 -------------------------------------------------------------------------------- Update Information:

Initial builds of tayga, a userspace NAT64 daemon. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1263941 - Review Request: tayga - Simple out-of-kernel stateless NAT64 daemon https://bugzilla.redhat.com/show_bug.cgi?id=1263941 --------------------------------------------------------------------------------