[EPEL-devel] Fedora EPEL 7 updates-testing report

updates Fri, 08 May 2015 09:43:34 -0700

The following Fedora EPEL 7 Security updates need testing:
 Age  URL
 176  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3989/cross-binutils-2.23.88.0.1-2.el7.1
  60  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1087/dokuwiki-0-0.24.20140929c.el7
  60  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0952/qpid-qmf-0.28-27.el7,qpid-cpp-0.30-12.el7
  43  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1421/quassel-0.11.0-2.el7
  37  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-1545/strongswan-5.3.0-1.el7
  12  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5973/mingw-libtiff-4.0.3-6.el7
  12  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5991/mingw-libgcrypt-1.6.3-1.el7
  12  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5995/mingw-qt-4.8.6-8.el7
  12  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5960/testdisk-7.0-3.el7
  12  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5987/mingw-openssl-1.0.2a-1.el7
  12  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5994/mingw-qt5-qtbase-5.4.1-2.el7
  12  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5971/mingw-curl-7.42.0-1.el7
  11  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6006/dpkg-1.16.16-5.el7
   9  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6030/proftpd-1.3.5-5.el7
   1  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6122/libssh-0.6.5-1.el7
   1  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-6178/t1utils-1.39-1.el7
   0  
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5937/wordpress-4.2.2-1.el7



The following builds have been pushed to Fedora EPEL 7 updates-testing

    cfitsio-3.370-1.el7
    cube-4.3.1-1.el7
    dex-1.0-1.el7
    dist-git-0.11-1.el7
    otf2-1.5.1-1.el7
    python-fmn-consumer-0.6.2-1.el7
    python-geojson-1.0.9-2.el7
    qt5-qtbase-5.4.1-13.el7
    scorep-1.4-1.el7
    the_silver_searcher-0.30.0-1.el7
    websvn-2.3.3-9.el7
    wordpress-4.2.2-1.el7

Details about builds:


================================================================================
 cfitsio-3.370-1.el7 (FEDORA-EPEL-2015-6189)
 Library for manipulating FITS data files
--------------------------------------------------------------------------------
Update Information:

Several bugfixes and enhancements, see: 
http://heasarc.gsfc.nasa.gov/FTP/software/fitsio/c/docs/changes.txt
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 12 2014 Sergio Pascual <[email protected]> - 3.370-1
- New upstream (3.370)
- Patches for ppc64le and aarch64 added upstream
* Sat Jun  7 2014 Fedora Release Engineering <[email protected]> 
- 3.360-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Thu May 15 2014 Sergio Pascual <[email protected]> - 3.360-3
- Add ppc64le support (bz #1097248).
* Tue Apr 15 2014 Marcin Juszkiewicz <[email protected]> - 3.360-2
- Add AArch64 support.
--------------------------------------------------------------------------------


================================================================================
 cube-4.3.1-1.el7 (FEDORA-EPEL-2015-6180)
 CUBE Uniform Behavioral Encoding generic presentation component
--------------------------------------------------------------------------------
Update Information:

Score-P 1.4:

Major features:

- Basic support for OpenCL instrumentation.
- For GCC versions 4.5 till 4.9 a new function instrumentation is available via 
the plug-in interface of the compiler. This new function instrumentation 
greatly improves the measurement performance. It also provides compile-time 
instrumentation filtering using the same filter file format as the run-time  
filtering.  On some systems the GCC plug-in dev package needs to be installed, 
in order to provide the necessary header files.

Features and improvements:

- Support for pthread_exit and pthread_cancel was added.
- Added support for task migration in the profiling system.
- Added support for Intel Xeon Phi systems (native mode only)
- Added new user instrumentation macros (e.g., 
SCOREP_USER_REGION_BY_NAME_BEGIN( name, type ) and  
SCOREP_USER_REGION_BY_NAME_END( name )). These macros can annotate user regions 
without the need to take care about the handle struct.

User tools and API improvements and changes:

- Due to the added task migration support, the default for the invokation of 
OPARI2 in the instrumenter was changed. Until now, the instrumenter let OPARI2 
make all tasks tied and print a warning if an untied task was encountered. The 
new default is that the untied tasks are left untied and no warning is printed.
- The task related data storage mechanism was changed. The profiling backend 
does not use a hash table to associate a task id with a data structure anymore, 
but gets a pointer from the task management in the measurement core. Thus, the 
environment variable SCOREP_PROFILING_TASK_TABLE_SIZE to specify the size of 
the hash table disappeared.
- Added the environment variable SCOREP_PROFILING_TASK_EXCHANGE_NUM to specify 
how ofter the profiling system returns reallocated memory objects that have 
migrated to another thread.
- Support for cobi was removed.
- SCOREP_User_RegionBegin / SCOREP_User_RegionInit accept NULL as parameter 
value for lastFileName and lastFileHandle. This simplifies the calls to these 
functions when used directly without the provided macros.
- score-score got a new option: -m allows to display mangled region names.  
Furthermore, the filter evalution in scorep-score can also use mangled names, 
too.

Bugfixes:

- In some cases, not all regions are exited at measurement finalization time. 
Fixed.
- Using PGI compiler instrumentation in conjunction with tasks could lead wrong 
region handles in region exits. Fixed.
- Fix building of MPI wrapper if compiler issues unrelated warnings at 
configure time.
- The SCOREP_USER_METRIC_UINT64 macro used signed values. Fixed.
- Add conflict in the instrumenter between --thread=pthread and --mutex=pthread.
- Fixed errors with libmpigf during linking of the instrumented application.
- Fixes wrong acquisition order in pthread_cond_timedwait by modifying the 
nesting level (analog pthread_cond_wait)
- Fixes that internal CUDA driver calls were recorded
- Fixes a potential deadlock in CUDA adapter for multithreaded CUDA
- Fortran OpenMP applications instrumented with OPARI2 and preprocessing report 
wrong file names ending in '.input.F' for POMP2 regions.
--------------------------------------------------------------------------------
ChangeLog:

* Tue May  5 2015 Orion Poplawski <[email protected]> - 4.3.1-1
- Update to 4.3.1
* Sat May  2 2015 Kalev Lember <[email protected]> - 4.2.3-5
- Rebuilt for GCC 5 C++11 ABI change
* Thu Mar 26 2015 Richard Hughes <[email protected]> - 4.2.3-4
- Add an AppData file for the software center
* Tue Mar  3 2015 Peter Robinson <[email protected]> 4.2.3-3
- rebuild (gcc5)
* Sat Aug 16 2014 Fedora Release Engineering <[email protected]> 
- 4.2.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 dex-1.0-1.el7 (FEDORA-EPEL-2015-6188)
 Dextrous text editor
--------------------------------------------------------------------------------
Update Information:

Updated to v1.0
--------------------------------------------------------------------------------
ChangeLog:

* Wed May  6 2015 Craig Barnes <[email protected]> - 1.0-1
- Update to stable version
* Mon Feb  2 2015 Craig Barnes <[email protected]> - 0-0.8.20150202gitdbe12c5
- Update snapshot to latest upstream commit
- Add ncurses-devel as a build dependency
* Sat Aug 16 2014 Fedora Release Engineering <[email protected]> 
- 0-0.7.20140609gitece2668
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 dist-git-0.11-1.el7 (FEDORA-EPEL-2015-6183)
 Package source version control system
--------------------------------------------------------------------------------
Update Information:

new selinux subpackage
perl require and files update ([email protected])
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1214357 - Review Request: dist-git - Package source version 
control system
        https://bugzilla.redhat.com/show_bug.cgi?id=1214357
--------------------------------------------------------------------------------


================================================================================
 otf2-1.5.1-1.el7 (FEDORA-EPEL-2015-6180)
 Open Trace Format 2 library
--------------------------------------------------------------------------------
Update Information:

Score-P 1.4:

Major features:

- Basic support for OpenCL instrumentation.
- For GCC versions 4.5 till 4.9 a new function instrumentation is available via 
the plug-in interface of the compiler. This new function instrumentation 
greatly improves the measurement performance. It also provides compile-time 
instrumentation filtering using the same filter file format as the run-time  
filtering.  On some systems the GCC plug-in dev package needs to be installed, 
in order to provide the necessary header files.

Features and improvements:

- Support for pthread_exit and pthread_cancel was added.
- Added support for task migration in the profiling system.
- Added support for Intel Xeon Phi systems (native mode only)
- Added new user instrumentation macros (e.g., 
SCOREP_USER_REGION_BY_NAME_BEGIN( name, type ) and  
SCOREP_USER_REGION_BY_NAME_END( name )). These macros can annotate user regions 
without the need to take care about the handle struct.

User tools and API improvements and changes:

- Due to the added task migration support, the default for the invokation of 
OPARI2 in the instrumenter was changed. Until now, the instrumenter let OPARI2 
make all tasks tied and print a warning if an untied task was encountered. The 
new default is that the untied tasks are left untied and no warning is printed.
- The task related data storage mechanism was changed. The profiling backend 
does not use a hash table to associate a task id with a data structure anymore, 
but gets a pointer from the task management in the measurement core. Thus, the 
environment variable SCOREP_PROFILING_TASK_TABLE_SIZE to specify the size of 
the hash table disappeared.
- Added the environment variable SCOREP_PROFILING_TASK_EXCHANGE_NUM to specify 
how ofter the profiling system returns reallocated memory objects that have 
migrated to another thread.
- Support for cobi was removed.
- SCOREP_User_RegionBegin / SCOREP_User_RegionInit accept NULL as parameter 
value for lastFileName and lastFileHandle. This simplifies the calls to these 
functions when used directly without the provided macros.
- score-score got a new option: -m allows to display mangled region names.  
Furthermore, the filter evalution in scorep-score can also use mangled names, 
too.

Bugfixes:

- In some cases, not all regions are exited at measurement finalization time. 
Fixed.
- Using PGI compiler instrumentation in conjunction with tasks could lead wrong 
region handles in region exits. Fixed.
- Fix building of MPI wrapper if compiler issues unrelated warnings at 
configure time.
- The SCOREP_USER_METRIC_UINT64 macro used signed values. Fixed.
- Add conflict in the instrumenter between --thread=pthread and --mutex=pthread.
- Fixed errors with libmpigf during linking of the instrumented application.
- Fixes wrong acquisition order in pthread_cond_timedwait by modifying the 
nesting level (analog pthread_cond_wait)
- Fixes that internal CUDA driver calls were recorded
- Fixes a potential deadlock in CUDA adapter for multithreaded CUDA
- Fortran OpenMP applications instrumented with OPARI2 and preprocessing report 
wrong file names ending in '.input.F' for POMP2 regions.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 11 2015 Orion Poplawski <[email protected]> - 1.5.1-1
- Update to 1.5.1
* Sun Aug 17 2014 Fedora Release Engineering <[email protected]> 
- 1.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 python-fmn-consumer-0.6.2-1.el7 (FEDORA-EPEL-2015-6187)
 Backend worker daemon for Fedora Notifications
--------------------------------------------------------------------------------
Update Information:

Fix base64 content-transfer-encoding issue.
Correctly encode emails.
Latest upstream.
--------------------------------------------------------------------------------
ChangeLog:

* Wed May  6 2015 Ralph Bean <[email protected]> - 0.6.2-1
- new version
* Tue May  5 2015 Ralph Bean <[email protected]> - 0.6.1-1
- new version
* Sun May  3 2015 Ralph Bean <[email protected]> - 0.6.0-2
- Add new req on python-bleach.
* Sun May  3 2015 Ralph Bean <[email protected]> - 0.6.0-1
- new version
--------------------------------------------------------------------------------


================================================================================
 python-geojson-1.0.9-2.el7 (FEDORA-EPEL-2015-6190)
 Encoder/decoder for simple GIS features
--------------------------------------------------------------------------------
Update Information:

Latest upstream and a new python3 subpackage!
--------------------------------------------------------------------------------
ChangeLog:

* Wed May  6 2015 Ralph Bean <[email protected]> - 1.0.9-2
- Python3 subpackage!
* Wed May  6 2015 Ralph Bean <[email protected]> - 1.0.9-1
- Latest upstream.
- Changed %doc files, which changed upstream.
- Removed patch and just made setuptools a runtime dep.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1218994 - Update python-geojson to version 1.0.9
        https://bugzilla.redhat.com/show_bug.cgi?id=1218994
--------------------------------------------------------------------------------


================================================================================
 qt5-qtbase-5.4.1-13.el7 (FEDORA-EPEL-2015-6184)
 Qt5 - QtBase components
--------------------------------------------------------------------------------
Update Information:

Backport data corruption fix in QNetworkAccessManager.
--------------------------------------------------------------------------------
ChangeLog:

* Tue May  5 2015 Rex Dieter <[email protected]> 5.4.1-13
- backport: data corruption in QNetworkAccessManager
* Fri May  1 2015 Rex Dieter <[email protected]> - 5.4.1-12
- backport a couple more upstream fixes
- introduce -common noarch subpkg, should help multilib issues
* Sat Apr 25 2015 Rex Dieter <[email protected]> 5.4.1-11
- port qtdbusconnection_no_debug.patch from qt(4)
* Fri Apr 17 2015 Rex Dieter <[email protected]> 5.4.1-10
- -examples: include %{_qt5_docdir}/qdoc/examples-manifest.xml (#1212750)
--------------------------------------------------------------------------------


================================================================================
 scorep-1.4-1.el7 (FEDORA-EPEL-2015-6180)
 Scalable Performance Measurement Infrastructure for Parallel Codes
--------------------------------------------------------------------------------
Update Information:

Score-P 1.4:

Major features:

- Basic support for OpenCL instrumentation.
- For GCC versions 4.5 till 4.9 a new function instrumentation is available via 
the plug-in interface of the compiler. This new function instrumentation 
greatly improves the measurement performance. It also provides compile-time 
instrumentation filtering using the same filter file format as the run-time  
filtering.  On some systems the GCC plug-in dev package needs to be installed, 
in order to provide the necessary header files.

Features and improvements:

- Support for pthread_exit and pthread_cancel was added.
- Added support for task migration in the profiling system.
- Added support for Intel Xeon Phi systems (native mode only)
- Added new user instrumentation macros (e.g., 
SCOREP_USER_REGION_BY_NAME_BEGIN( name, type ) and  
SCOREP_USER_REGION_BY_NAME_END( name )). These macros can annotate user regions 
without the need to take care about the handle struct.

User tools and API improvements and changes:

- Due to the added task migration support, the default for the invokation of 
OPARI2 in the instrumenter was changed. Until now, the instrumenter let OPARI2 
make all tasks tied and print a warning if an untied task was encountered. The 
new default is that the untied tasks are left untied and no warning is printed.
- The task related data storage mechanism was changed. The profiling backend 
does not use a hash table to associate a task id with a data structure anymore, 
but gets a pointer from the task management in the measurement core. Thus, the 
environment variable SCOREP_PROFILING_TASK_TABLE_SIZE to specify the size of 
the hash table disappeared.
- Added the environment variable SCOREP_PROFILING_TASK_EXCHANGE_NUM to specify 
how ofter the profiling system returns reallocated memory objects that have 
migrated to another thread.
- Support for cobi was removed.
- SCOREP_User_RegionBegin / SCOREP_User_RegionInit accept NULL as parameter 
value for lastFileName and lastFileHandle. This simplifies the calls to these 
functions when used directly without the provided macros.
- score-score got a new option: -m allows to display mangled region names.  
Furthermore, the filter evalution in scorep-score can also use mangled names, 
too.

Bugfixes:

- In some cases, not all regions are exited at measurement finalization time. 
Fixed.
- Using PGI compiler instrumentation in conjunction with tasks could lead wrong 
region handles in region exits. Fixed.
- Fix building of MPI wrapper if compiler issues unrelated warnings at 
configure time.
- The SCOREP_USER_METRIC_UINT64 macro used signed values. Fixed.
- Add conflict in the instrumenter between --thread=pthread and --mutex=pthread.
- Fixed errors with libmpigf during linking of the instrumented application.
- Fixes wrong acquisition order in pthread_cond_timedwait by modifying the 
nesting level (analog pthread_cond_wait)
- Fixes that internal CUDA driver calls were recorded
- Fixes a potential deadlock in CUDA adapter for multithreaded CUDA
- Fortran OpenMP applications instrumented with OPARI2 and preprocessing report 
wrong file names ending in '.input.F' for POMP2 regions.
--------------------------------------------------------------------------------
ChangeLog:

* Tue May  5 2015 Orion Poplawski <[email protected]> - 1.4-1
- Update to 1.4
* Sun May  3 2015 Zbigniew Jędrzejewski-Szmek <[email protected]> - 1.3-7
- Rebuild for changed mpich
* Sat May  2 2015 Kalev Lember <[email protected]> - 1.3-6
- Rebuilt for GCC 5 C++11 ABI change
* Fri Mar 13 2015 Orion Poplawski <[email protected]> - 1.3-5
- Rebuild for mpich 3.1.4 soname change
* Wed Mar  4 2015 Orion Poplawski <[email protected]> - 1.3-4
- Rebuild for papi
* Mon Jan 19 2015 Marcin Juszkiewicz <[email protected]> - 1.3-3
- update gnu-config files to build on aarch64
--------------------------------------------------------------------------------


================================================================================
 the_silver_searcher-0.30.0-1.el7 (FEDORA-EPEL-2015-6181)
 Super-fast text searching tool (ag)
--------------------------------------------------------------------------------
Update Information:

update to 0.30.0
--------------------------------------------------------------------------------
ChangeLog:

* Thu May  7 2015 Kenjiro Nakayama <[email protected]> - 0.30.0-1
- update to 0.30.0
--------------------------------------------------------------------------------


================================================================================
 websvn-2.3.3-9.el7 (FEDORA-EPEL-2015-6179)
 Online subversion repository browser
--------------------------------------------------------------------------------
Update Information:

Install missing javascript directory.
--------------------------------------------------------------------------------
ChangeLog:

* Thu May  7 2015 Xavier Bachelot <[email protected]> 2.3.3-9
- Add missing javascript directory (RHBZ#1218590).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1218590 - javascript dir is missing from RPM
        https://bugzilla.redhat.com/show_bug.cgi?id=1218590
--------------------------------------------------------------------------------


================================================================================
 wordpress-4.2.2-1.el7 (FEDORA-EPEL-2015-5937)
 Blog tool and publishing platform
--------------------------------------------------------------------------------
Update Information:

**WordPress 4.2 “Powell” **
* Upstream announcement https://wordpress.org/news/2015/04/powell/

**WordPress 4.2.1 Security Release**
* Upstream announcement https://wordpress.org/news/2015/04/wordpress-4-2-1/

**WordPress 4.2.2 Security and Maintenance Release**
* Upstream announcement https://wordpress.org/news/2015/05/wordpress-4-2-2/
--------------------------------------------------------------------------------
ChangeLog:

* Thu May  7 2015 Remi Collet <[email protected]> - 4.2.2-1
- WordPress 4.2.2 Security and Maintenance Release
* Tue Apr 28 2015 Remi Collet <[email protected]> - 4.2.1-1
- WordPress 4.2.1 Security Release
- WordPress 4.2 “Powell”
* Fri Apr 24 2015 Remi Collet <[email protected]> - 4.1.3-1
- WordPress 4.1.3 Maintenance Release
* Thu Apr 23 2015 Remi Collet <[email protected]> - 4.1.2-1
- WordPress 4.1.2 Security Release
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1214650 - CVE-2015-3438 CVE-2015-3439 wordpress: several 
vulnerabilities fixed in Wordpress 4.1.2
        https://bugzilla.redhat.com/show_bug.cgi?id=1214650
  [ 2 ] Bug #1216069 - CVE-2015-3440 wordpress: stored XSS via long comments
        https://bugzilla.redhat.com/show_bug.cgi?id=1216069
  [ 3 ] Bug #1219368 - wordpress: two cross-site scripting flaws fixed in 4.2.2
        https://bugzilla.redhat.com/show_bug.cgi?id=1219368
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/epel-devel

[EPEL-devel] Fedora EPEL 7 updates-testing report

Reply via email to