[SECURITY] Fedora EPEL 6 Update: squirrelmail-1.4.22-5.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2017-4efdb40c89
2017-06-02 17:34:44.772282
--------------------------------------------------------------------------------
Name : squirrelmail
Product : Fedora EPEL 6
Version : 1.4.22
Release : 5.el6
URL : http://www.squirrelmail.org/
Summary : webmail client written in php
Description :
SquirrelMail is a basic webmail package written in PHP4. It
includes built-in pure PHP support for the IMAP and SMTP protocols, and
all pages render in pure HTML 4.0 (with no JavaScript) for maximum
compatibility across browsers. It has very few requirements and is very
easy to configure and install.
--------------------------------------------------------------------------------
Update Information:
fix insufficient escaping of user-supplied data (CVE-2017-7692)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1445165 - CVE-2017-7692 squirrelmail: Insufficient escaping of user-supplied data
https://bugzilla.redhat.com/show_bug.cgi?id=1445165
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update squirrelmail' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 11 months
Fedora EPEL 7 Update: layla-fonts-2.0-1.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2017-11da7bd396
2017-06-01 14:28:02.991145
--------------------------------------------------------------------------------
Name : layla-fonts
Product : Fedora EPEL 7
Version : 2.0
Release : 1.el7
URL : http://sites.google.com/site/mohammedisam2000/home/projects
Summary : A collection of traditional Arabic fonts
Description :
This package is a collection of traditional Arabic fonts (including Thuluth,
Koufi, Ruqaa..) in addition to other newly designed fonts. The aim is to
provide all the basic fonts an Arabic user will need under X window system.
More fonts will be added regularly to the collection to make it the only font
source an Arabic user will need to install under the X window system
--------------------------------------------------------------------------------
Update Information:
- Fixed fonts. They work on MacOS now - Changed Latin letters and numbers
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update layla-fonts' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 11 months
Fedora EPEL 7 Update: php-justinrainbow-json-schema5-5.2.1-1.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2017-a67b399334
2017-06-01 14:28:02.991080
--------------------------------------------------------------------------------
Name : php-justinrainbow-json-schema5
Product : Fedora EPEL 7
Version : 5.2.1
Release : 1.el7
URL : https://github.com/justinrainbow/json-schema
Summary : A library to validate a json schema
Description :
A PHP Implementation for validating JSON Structures against a given Schema.
This package provides the library version 5.
See http://json-schema.org/
Autoloader: /usr/share/php/JsonSchema5/autoload.php
--------------------------------------------------------------------------------
Update Information:
**Version 5.2.1** * fix #353 Validation of JSON-Schema * fix #405 fix bug when
applying defaults * fix #408 SchemaStorage::addSchema() should call
BaseConsstraint::arrayToObjectRecursive() on the provide schemas * fix #409
[BUGFIX] Cast empty schema arrays to object * fix #411 [BUGFIX] Split
$objectDefinition into $schema and $properties * fix #415 Issue-414: Allow The
Option of T or space for Date time. * fix #416 Testcase for minProperties with
properties defined + Fix Test * fix #419 [BUGFIX] Split "uri" format into "uri"
& "uri-reference", fix meta-schema bug * fix #421 [BUGFIX] Tweak phpdocumentor
dependency to avoid install conflicts
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update php-justinrainbow-json-schema5' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 11 months
[SECURITY] Fedora EPEL 7 Update: wordpress-4.7.5-1.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2017-a9209fb240
2017-06-01 14:28:02.991029
--------------------------------------------------------------------------------
Name : wordpress
Product : Fedora EPEL 7
Version : 4.7.5
Release : 1.el7
URL : http://www.wordpress.org
Summary : Blog tool and publishing platform
Description :
Wordpress is an online publishing / weblog package that makes it very easy,
almost trivial, to get information out to people on the web.
Important information in /usr/share/doc/wordpress-4.7.5/README.fedora
--------------------------------------------------------------------------------
Update Information:
**WordPress 4.7.5** is now available. This is a security release for all
previous versions and we strongly encourage you to update your sites
immediately. WordPress versions 4.7.4 and earlier are affected by six security
issues: * Insufficient redirect validation in the HTTP class. Reported by
Ronni Skansing. * Improper handling of post meta data values in the XML-RPC
API. Reported by Sam Thomas. * Lack of capability checks for post meta data
in the XML-RPC API. Reported by Ben Bidner of the WordPress Security Team. *
A Cross Site Request Forgery (CRSF) vulnerability was discovered in the
filesystem credentials dialog. Reported by Yorick Koster. * A cross-site
scripting (XSS) vulnerability was discovered when attempting to upload very
large files. Reported by Ronni Skansing. * A cross-site scripting (XSS)
vulnerability was discovered related to the Customizer. Reported by Weston Ruter
of the WordPress Security Team. Thank you to the reporters of these issues for
practicing responsible disclosure. In addition to the security issues above,
WordPress 4.7.5 contains 3 maintenance fixes to the 4.7 release series. For more
information, see the [release notes](https://codex.wordpress.org/Version_4.7.5)
or consult the [list of changes](https://core.trac.wordpress.org/query?status=cl
osed&milestone=4.7.5&group=component&col=id&col=summary&col=component&col=status
&col=owner&col=type&col=priority&col=keywords&order=priority).
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update wordpress' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 11 months
Fedora EPEL 7 Update: piglit-1.0.20170515-4.GITa969d23f.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2017-d1c6009b42
2017-06-01 14:28:02.990971
--------------------------------------------------------------------------------
Name : piglit
Product : Fedora EPEL 7
Version : 1.0.20170515
Release : 4.GITa969d23f.el7
URL : http://cgit.freedesktop.org/piglit/
Summary : Collection of automated tests for OpenGL implementations
Description :
Piglit is a collection of automated tests for OpenGL implementations.
The goal of Piglit is to help improve the quality of open source
OpenGL drivers by providing developers with a simple means to
perform regression tests.
--------------------------------------------------------------------------------
Update Information:
Update to the latest upstream to test Vulcan cards
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update piglit' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 11 months
Fedora EPEL 7 Update: spec-version-maven-plugin-1.2-9.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2017-482698ccc4
2017-06-01 14:28:02.990916
--------------------------------------------------------------------------------
Name : spec-version-maven-plugin
Product : Fedora EPEL 7
Version : 1.2
Release : 9.el7
URL : http://glassfish.java.net/
Summary : Spec Version Maven Plugin
Description :
Maven Plugin to configure APIs version and
specs in a MANIFEST.MF file.
--------------------------------------------------------------------------------
Update Information:
Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update spec-version-maven-plugin' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 11 months
Fedora EPEL 7 Update: jboss-jacc-1.5-api-1.0.0-7.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2017-0484b8c3a3
2017-06-01 14:28:02.990850
--------------------------------------------------------------------------------
Name : jboss-jacc-1.5-api
Product : Fedora EPEL 7
Version : 1.0.0
Release : 7.el7
URL : https://github.com/jboss/jboss-jacc-api_spec
Summary : JACC 1.5 API (JSR-115)
Description :
JSR-000115 Java Authorization Contract for Containers 1.5 API
--------------------------------------------------------------------------------
Update Information:
Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update jboss-jacc-1.5-api' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 11 months
Fedora EPEL 7 Update: jboss-jaxb-2.2-api-1.0.4-14.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2017-85f375b70f
2017-06-01 14:28:02.990778
--------------------------------------------------------------------------------
Name : jboss-jaxb-2.2-api
Product : Fedora EPEL 7
Version : 1.0.4
Release : 14.el7
URL : http://www.jboss.org
Summary : Java Architecture for XML Binding 2.2
Description :
Java Architecture for XML Binding Version 2.2 classes.
--------------------------------------------------------------------------------
Update Information:
fix FTBFS
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update jboss-jaxb-2.2-api' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 11 months
Fedora EPEL 7 Update: clinfo-2.1.17.02.09-1.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2017-24bc2e0645
2017-06-01 14:28:02.990715
--------------------------------------------------------------------------------
Name : clinfo
Product : Fedora EPEL 7
Version : 2.1.17.02.09
Release : 1.el7
URL : https://github.com/Oblomov/clinfo
Summary : Enumerate OpenCL platforms and devices
Description :
A simple OpenCL application that enumerates all possible platform and
device properties. Inspired by AMD's program of the same name, it is
coded in pure C99 and it tries to output all possible information,
including that provided by platform-specific extensions, and not to
crash on platform-unsupported properties (e.g. 1.2 properties on 1.1
platforms).
--------------------------------------------------------------------------------
Update Information:
New build of the package in the newly created branch.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update clinfo' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 11 months
Fedora EPEL 7 Update: root-6.08.06-7.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2017-1544bb535d
2017-06-01 14:28:02.990519
--------------------------------------------------------------------------------
Name : root
Product : Fedora EPEL 7
Version : 6.08.06
Release : 7.el7
URL : https://root.cern.ch/
Summary : Numerical data analysis framework
Description :
The ROOT system provides a set of object oriented frameworks with all
the functionality needed to handle and analyze large amounts of data
in a very efficient way. Having the data defined as a set of objects,
specialized storage methods are used to get direct access to the
separate attributes of the selected objects, without having to touch
the bulk of the data. Included are histograming methods in an
arbitrary number of dimensions, curve fitting, function evaluation,
minimization, graphics and visualization classes to allow the easy
setup of an analysis system that can query and process the data
interactively or in batch mode, as well as a general parallel
processing framework, PROOF, that can considerably speed up an
analysis.
Thanks to the built-in C++ interpreter cling, the command, the
scripting and the programming language are all C++. The interpreter
allows for fast prototyping of the macros since it removes the, time
consuming, compile/link cycle. It also provides a good environment to
learn C++. If more performance is needed the interactively developed
macros can be compiled using a C++ compiler via a machine independent
transparent compiler interface called ACliC.
The system has been designed in such a way that it can query its
databases in parallel on clusters of workstations or many-core
machines. ROOT is an open system that can be dynamically extended by
linking external libraries. This makes ROOT a premier platform on
which to build data acquisition, simulation and data analysis systems.
--------------------------------------------------------------------------------
Update Information:
Backport python 3 compatibility fixes from upstream. Fix for macro scope issue.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1437135 - Upstream Bug in python3-jupyroot
https://bugzilla.redhat.com/show_bug.cgi?id=1437135
[ 2 ] Bug #1448289 - variables declared in gROOT->Macro lost from scope
https://bugzilla.redhat.com/show_bug.cgi?id=1448289
[ 3 ] Bug #1451362 - CMake config refers to the wrong libJupyROOT.so
https://bugzilla.redhat.com/show_bug.cgi?id=1451362
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update root' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 11 months