The following Fedora EPEL 7 Security updates need testing:
Age URL
22
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3621/php-Smarty-3.1.21-1.el7
22
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3642/Pound-2.7-0.4.d.el7.1
18
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3745/tnftp-20141031-1.el7
10
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3886/python-requests-kerberos-0.6-1.el7
9
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3794/polarssl-1.3.9-2.el7
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3989/cross-binutils-2.23.88.0.1-2.el7.1
7
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3995/oath-toolkit-2.4.1-8.el7
6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4045/libvncserver-0.9.9-0.9.el7.1
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4113/kwebkitpart-1.3.4-5.el7
2
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4100/erlang-R16B-03.9.el7
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4152/lsyncd-2.1.5-6.el7
1
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4154/nodejs-0.10.33-1.el7,libuv-0.10.29-1.el7
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4174/python-eyed3-0.7.4-4.el7
0
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-4170/clamav-0.98.5-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
clamav-0.98.5-1.el7
ga-5.3b-14.el7
gflags-2.1.1-6.el7
gtk-gnutella-1.1.1-1.el7
gtk-murrine-engine-0.98.2-7.el7
myproxy-6.1.6-1.el7
ncl-6.2.1-1.el7
php-EasyRdf-0.8.0-5.el7
php-solarium-3.3.0-1.el7
python-eyed3-0.7.4-4.el7
python-pyroute2-0.3.2-1.el7
python-sh-1.08-4.el7
python-testrepository-0.0.18-2.el7
qpid-dispatch-0.2-8.el7
subunit-0.0.21-2.el7
yaz-5.6.0-1.el7
Details about builds:
================================================================================
clamav-0.98.5-1.el7 (FEDORA-EPEL-2014-4170)
End-user tools for the Clam Antivirus scanner
--------------------------------------------------------------------------------
Update Information:
ClamAV 0.98.5
=============
ClamAV 0.98.5 also includes these new features and bug fixes:
* Support for the XDP file format and extracting, decoding, and scanning PDF
files within XDP files. Addition of shared library support for LLVM versions
3.1 - 3.5 for the purpose of just-in-time(JIT) compilation of ClamAV bytecode
signatures. Andreas Cadhalpun submitted the patch implementing this support.
* Enhancements to the clambc command line utility to assist ClamAV bytecode
signature authors by providing introspection into compiled bytecode programs.
* Resolution of many of the warning messages from ClamAV compilation.
* Improved detection of malicious PE files.
* Security fix for ClamAV crash when using 'clamscan -a'. This issue was
identified by Kurt Siefried of Red Hat.
* Security fix for ClamAV crash when scanning maliciously crafted yoda's
crypter files. This issue, as well as several other bugs fixed in this release,
were identified by Damien Millescamp of Oppida.
* ClamAV 0.98.5 now works with OpenSSL in FIPS compliant mode. Thanks to
Reinhard Max for supplying the patch.
* Bug fixes and other feature enhancements.
Please see the ChangeLog file or GIT log for further details.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 Robert Scheck <[email protected]> - 0.98.5-1
- Upgrade to 0.98.5 and updated daily.cvd (#1138101)
* Sat Aug 16 2014 Fedora Release Engineering <[email protected]>
- 0.98.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1138101 - CVE-2013-6497 ClamAV: -a segmentation fault when
processing files
https://bugzilla.redhat.com/show_bug.cgi?id=1138101
--------------------------------------------------------------------------------
================================================================================
ga-5.3b-14.el7 (FEDORA-EPEL-2014-4160)
Global Arrays Toolkit
--------------------------------------------------------------------------------
Update Information:
Fix bug #1150473 to support epel7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1150473 - please build ga for EPEL7
https://bugzilla.redhat.com/show_bug.cgi?id=1150473
--------------------------------------------------------------------------------
================================================================================
gflags-2.1.1-6.el7 (FEDORA-EPEL-2014-4172)
Library for commandline flag processing
--------------------------------------------------------------------------------
Update Information:
Moved from rawhide to epel7.
--------------------------------------------------------------------------------
================================================================================
gtk-gnutella-1.1.1-1.el7 (FEDORA-EPEL-2014-4185)
GUI based Gnutella Client
--------------------------------------------------------------------------------
Update Information:
Upgrade to 1.1.1
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 Dmitry Butskoy <[email protected]> - 1.1.1-1
- Upgrade to 1.1.1
--------------------------------------------------------------------------------
================================================================================
gtk-murrine-engine-0.98.2-7.el7 (FEDORA-EPEL-2014-4186)
Murrine GTK2 engine
--------------------------------------------------------------------------------
Update Information:
Silence some terminal spam
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 16 2014 Fedora Release Engineering <[email protected]>
- 0.98.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <[email protected]>
- 0.98.2-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sun Apr 20 2014 Martin Sourada <[email protected]> - 0.98.2-5
- Silence deprecation warnings (#1046757)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1165876 - murrine engine spams the terminal
https://bugzilla.redhat.com/show_bug.cgi?id=1165876
--------------------------------------------------------------------------------
================================================================================
myproxy-6.1.6-1.el7 (FEDORA-EPEL-2014-4182)
Manage X.509 Public Key Infrastructure (PKI) security credentials
--------------------------------------------------------------------------------
Update Information:
MyProxy 6.1.6
* Allow TLS (no longer force SSLv3)
* VOMS support now in a separate package (myproxy-voms)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 Mattias Ellert <[email protected]> - 6.1.6-1
- Update to 6.1.6
- Drop patch myproxy-deps.patch (fixed upstream)
- Upstream source moved from sourceforge to the Globus Toolkit github repo
- Use source tarball published by Globus
- Use upstream's init scripts and systemd unit files
- New binary package myproxy-voms (voms support split out as a plugin)
--------------------------------------------------------------------------------
================================================================================
ncl-6.2.1-1.el7 (FEDORA-EPEL-2014-4168)
NCAR Command Language and NCAR Graphics
--------------------------------------------------------------------------------
Update Information:
NCAR Command Language (NCL) is an interpreted language designed specifically
for scientific data processing and visualization. Portable, robust, and free,
NCL supports netCDF3/4, GRIB1/2, HDF-SDS, HDF4-EOS, binary, shapefiles, and
ASCII files. Numerous analysis functions are built-in. High quality graphics
are easily created and customized with hundreds of graphic resources. Many
example scripts and their corresponding graphics are available.
--------------------------------------------------------------------------------
================================================================================
php-EasyRdf-0.8.0-5.el7 (FEDORA-EPEL-2014-4163)
A PHP library designed to make it easy to consume and produce RDF
--------------------------------------------------------------------------------
Update Information:
EasyRdf is a PHP library designed to make it easy to consume and produce RDF
(http://en.wikipedia.org/wiki/Resource_Description_Framework). It was designed
for use in mixed teams of experienced and inexperienced RDF developers. It is
written in Object Oriented PHP and has been tested extensively using PHPUnit.
After parsing EasyRdf builds up a graph of PHP objects that can then be walked
around to get the data to be placed on the page. Dump methods are available to
inspect what data is available during development.
Data is typically loaded into a EasyRdf_Graph object from source RDF documents,
loaded from the web via HTTP. The EasyRdf_GraphStore class simplifies loading
and saving data to a SPARQL 1.1 Graph Store.
SPARQL queries can be made over HTTP to a Triplestore using the
EasyRdf_Sparql_Client class. SELECT and ASK queries will return an
EasyRdf_Sparql_Result object and CONSTRUCT and DESCRIBE queries will return an
EasyRdf_Graph object.
Optional dependencies: graphviz, graphviz-gd, raptor2
--------------------------------------------------------------------------------
================================================================================
php-solarium-3.3.0-1.el7 (FEDORA-EPEL-2014-4173)
Solarium PHP Solr client library
--------------------------------------------------------------------------------
Update Information:
See https://github.com/basdenooijer/solarium/issues/294
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2014 Remi Collet <[email protected]> - 3.3.0-1
- update to 3.3.0
- provide php-composer(solarium/solarium)
- fix license handling
- don't run test suite with php 5.3 (EL-6)
--------------------------------------------------------------------------------
================================================================================
python-eyed3-0.7.4-4.el7 (FEDORA-EPEL-2014-4174)
Python audio data toolkit (ID3 and MP3)
--------------------------------------------------------------------------------
Update Information:
- Fixed CVE-2014-1934.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 Mr Niranjan <[email protected]> - 0.7.4-4
- Fixed CVE-2014-1934, patch from Travis Shirk.
* Sat Jun 7 2014 Fedora Release Engineering <[email protected]>
- 0.7.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1063671 - CVE-2014-1934 python-eyed3: insecure temporary file
creation
https://bugzilla.redhat.com/show_bug.cgi?id=1063671
--------------------------------------------------------------------------------
================================================================================
python-pyroute2-0.3.2-1.el7 (FEDORA-EPEL-2014-4157)
Pure Python netlink library
--------------------------------------------------------------------------------
Update Information:
Update to 0.3.2
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Peter V. Saveliev <[email protected]> 0.3.2-1
- Update to 0.3.2
* Sat Jun 7 2014 Fedora Release Engineering <[email protected]>
- 0.2.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-sh-1.08-4.el7 (FEDORA-EPEL-2014-4177)
Python module to simplify calling shell commands
--------------------------------------------------------------------------------
Update Information:
Branch for epel7.
--------------------------------------------------------------------------------
================================================================================
python-testrepository-0.0.18-2.el7 (FEDORA-EPEL-2014-4180)
A repository of test results
--------------------------------------------------------------------------------
Update Information:
- to support openstack juno testing
--------------------------------------------------------------------------------
================================================================================
qpid-dispatch-0.2-8.el7 (FEDORA-EPEL-2014-4175)
Dispatch router for Qpid
--------------------------------------------------------------------------------
Update Information:
DISPATCH-75 - Removed reference to qdstat.conf from qdstat manpage.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 19 2014 Darryl L. Pierce <[email protected]> - 0.2-8
- DISPATCH-75 - Removed reference to qdstat.conf from qdstat manpage.
- Include systemd service file for EPEL7 packages.
- Brought systemd support up to current Fedora packaging guidelines.
- Resolves: BZ#1165691
- Resolves: BZ#1165681
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]>
- 0.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1165691 - Man page for qdstat.conf is missing
https://bugzilla.redhat.com/show_bug.cgi?id=1165691
[ 2 ] Bug #1165681 - RPMs do not provide a systemd service unit file
https://bugzilla.redhat.com/show_bug.cgi?id=1165681
--------------------------------------------------------------------------------
================================================================================
subunit-0.0.21-2.el7 (FEDORA-EPEL-2014-4179)
C bindings for subunit
--------------------------------------------------------------------------------
Update Information:
- to support openstack juno testing
--------------------------------------------------------------------------------
================================================================================
yaz-5.6.0-1.el7 (FEDORA-EPEL-2014-4181)
Z39.50/SRW/SRU toolkit
--------------------------------------------------------------------------------
Update Information:
--- 5.6.0 2014/11/17
* When marc-8 charset is specified when decoding MARC records, yaz-marcdump and
ZOOM record render will inspect leader 9 and switch to UTF-8 (Unicode) if that
holds 'a'. This changes behavior, but is considered safe because only MARC21
with leader 9='a' are Unicode. YAZ-800
* Fix cs_put may reconnect if send fails. YAZ-798
--- 5.5.1 2014/11/03
* Fix cannot build YAZ on jessie : libgnutls-dev is gone YAZ-797
--- 5.5.0 2014/10/27
* Extended comstack with outgoing IP YAZ-795.
* For cs_create_host + cs_create_host_proxy the vhost may be followed by a
outgoing host/IP. Separator is blank.
--- 5.4.4 2014/10/20
* Add YAZ_EXPORT to cql_transform_r fixes YAZ-793 . This issue fixes linker
error with yazpp on Windows.
--- 5.4.3 2014/10/08
* Fix uri array may overflow in yaz_solr_encode_request YAZ-775
* Fix PQF to Solr conversion may produce invalid Solr query YAZ-792
* 0 ptr reference in handling Solr response with error YAZ-791
* Fix annoying warning about wrbuf_putc on newer GCC YAZ-789
* Fix documentation about --installa option YAZ-788
--- 5.4.2 2014/08/26
* daemon: properly report when receiving SIGUSR2 from child YAZ-785
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2014 Christopher Meng <[email protected]> - 5.6.0-1
- Update to 5.6.0
* Tue Aug 26 2014 David Tardon <[email protected]> - 5.4.1-2
- rebuild for ICU 53.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1134028 - yaz-5.5.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1134028
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/epel-devel
