The following Fedora EPEL 7 Security updates need testing:
Age URL
499 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087
dokuwiki-0-0.24.20140929c.el7
261 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f
mcollective-2.8.4-1.el7
128 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-785fc9a2ea
dropbear-2016.72-1.el7
24 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e0c08a1414
php-PHPMailer-5.2.16-2.el7
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-325598c9ad
pagure-2.2.2-1.el7
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-2e94f8cba5
tcpreplay-4.1.1-2.el7
9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-767125139f
python34-3.4.3-5.el7
7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-d85f5db77a
php-doctrine-orm-2.4.8-1.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6eebbe7e97
p7zip-16.02-1.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-7913c4c81c
breeze-icon-theme-5.24.0-1.el7 extra-cmake-modules-5.24.0-1.el7
kf5-5.24.0-1.el7 kf5-attica-5.24.0-1.el7 kf5-baloo-5.24.0-1.el7
kf5-bluez-qt-5.24.0-1.el7 kf5-frameworkintegration-5.24.0-1.el7
kf5-kactivities-5.24.0-1.el7 kf5-kactivities-stats-5.24.0-1.el7
kf5-kapidox-5.24.0-1.el7 kf5-karchive-5.24.0-1.el7 kf5-kauth-5.24.0-1.el7
kf5-kbookmarks-5.24.0-1.el7 kf5-kcmutils-5.24.0-1.el7 kf5-kcodecs-5.24.0-1.el7
kf5-kcompletion-5.24.0-1.el7 kf5-kconfig-5.24.0-1.el7
kf5-kconfigwidgets-5.24.0-1.el7 kf5-kcoreaddons-5.24.0-1.el7
kf5-kcrash-5.24.0-1.el7 kf5-kdbusaddons-5.24.0-1.el7
kf5-kdeclarative-5.24.0-1.el7 kf5-kded-5.24.0-1.el7
kf5-kdelibs4support-5.24.0-1.el7 kf5-kdesignerplugin-5.24.0-1.el7
kf5-kdesu-5.24.0-1.el7 kf5-kdewebkit-5.24.0-1.el7 kf5-kdnssd-5.24.0-1.el7
kf5-kdoctools-5.24.0-1.el7 kf5-kemoticons-5.24.0-1.el7
kf5-kfilemetadata-5.24.0-1.el7 kf5-kglobalaccel-5.24.0-1.el7
kf5-kguiaddons-5.24.0-1.el7 kf5-khtml
-5.24.0-1.el7 kf5-ki18n-5.24.0-1.el7 kf5-kiconthemes-5.24.0-1.el7
kf5-kidletime-5.24.0-1.el7 kf5-kimageformats-5.24.0-1.el7
kf5-kinit-5.24.0-1.el7 kf5-kio-5.24.0-1.el7 kf5-kitemmodels-5.24.0-1.el7
kf5-kitemviews-5.24.0-1.el7 kf5-kjobwidgets-5.24.0-1.el7 kf5-kjs-5.24.0-1.el7
kf5-kjsembed-5.24.0-1.el7 kf5-kmediaplayer-5.24.0-1.el7
kf5-knewstuff-5.24.0-1.el7 kf5-knotifications-5.24.0-1.el7
kf5-knotifyconfig-5.24.0-1.el7 kf5-kpackage-5.24.0-1.el7
kf5-kparts-5.24.0-1.el7 kf5-kpeople-5.24.0-1.el7 kf5-kplotting-5.24.0-1.el7
kf5-kpty-5.24.0-1.el7 kf5-kross-5.24.0-1.el7 kf5-krunner-5.24.0-1.el7
kf5-kservice-5.24.0-1.el7 kf5-ktexteditor-5.24.0-1.el7
kf5-ktextwidgets-5.24.0-1.el7 kf5-kunitconversion-5.24.0-1.el7
kf5-kwallet-5.24.0-1.el7 kf5-kwidgetsaddons-5.24.0-1.el7
kf5-kwindowsystem-5.24.0-1.el7 kf5-kxmlgui-5.24.0-1.el7
kf5-kxmlrpcclient-5.24.0-1.el7 kf5-modemmanager-qt-5.24.0-1.el7
kf5-networkmanager-qt-5.24.0-1.el7 kf5-plasma-5.24.0-1.el7
kf5-solid-5.24.0-1.el7 kf5-sonnet-5.24.0-1.el7 kf5
-threadweaver-5.24.0-1.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-3a667cc289
php-guzzlehttp-guzzle-5.3.1-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
breeze-icon-theme-5.24.0-1.el7
composer-1.2.0-1.el7
drupal7-ctools-1.9-3.el7
extra-cmake-modules-5.24.0-1.el7
kf5-5.24.0-1.el7
kf5-attica-5.24.0-1.el7
kf5-baloo-5.24.0-1.el7
kf5-bluez-qt-5.24.0-1.el7
kf5-frameworkintegration-5.24.0-1.el7
kf5-kactivities-5.24.0-1.el7
kf5-kactivities-stats-5.24.0-1.el7
kf5-kapidox-5.24.0-1.el7
kf5-karchive-5.24.0-1.el7
kf5-kauth-5.24.0-1.el7
kf5-kbookmarks-5.24.0-1.el7
kf5-kcmutils-5.24.0-1.el7
kf5-kcodecs-5.24.0-1.el7
kf5-kcompletion-5.24.0-1.el7
kf5-kconfig-5.24.0-1.el7
kf5-kconfigwidgets-5.24.0-1.el7
kf5-kcoreaddons-5.24.0-1.el7
kf5-kcrash-5.24.0-1.el7
kf5-kdbusaddons-5.24.0-1.el7
kf5-kdeclarative-5.24.0-1.el7
kf5-kded-5.24.0-1.el7
kf5-kdelibs4support-5.24.0-1.el7
kf5-kdesignerplugin-5.24.0-1.el7
kf5-kdesu-5.24.0-1.el7
kf5-kdewebkit-5.24.0-1.el7
kf5-kdnssd-5.24.0-1.el7
kf5-kdoctools-5.24.0-1.el7
kf5-kemoticons-5.24.0-1.el7
kf5-kfilemetadata-5.24.0-1.el7
kf5-kglobalaccel-5.24.0-1.el7
kf5-kguiaddons-5.24.0-1.el7
kf5-khtml-5.24.0-1.el7
kf5-ki18n-5.24.0-1.el7
kf5-kiconthemes-5.24.0-1.el7
kf5-kidletime-5.24.0-1.el7
kf5-kimageformats-5.24.0-1.el7
kf5-kinit-5.24.0-1.el7
kf5-kio-5.24.0-1.el7
kf5-kitemmodels-5.24.0-1.el7
kf5-kitemviews-5.24.0-1.el7
kf5-kjobwidgets-5.24.0-1.el7
kf5-kjs-5.24.0-1.el7
kf5-kjsembed-5.24.0-1.el7
kf5-kmediaplayer-5.24.0-1.el7
kf5-knewstuff-5.24.0-1.el7
kf5-knotifications-5.24.0-1.el7
kf5-knotifyconfig-5.24.0-1.el7
kf5-kpackage-5.24.0-1.el7
kf5-kparts-5.24.0-1.el7
kf5-kpeople-5.24.0-1.el7
kf5-kplotting-5.24.0-1.el7
kf5-kpty-5.24.0-1.el7
kf5-kross-5.24.0-1.el7
kf5-krunner-5.24.0-1.el7
kf5-kservice-5.24.0-1.el7
kf5-ktexteditor-5.24.0-1.el7
kf5-ktextwidgets-5.24.0-1.el7
kf5-kunitconversion-5.24.0-1.el7
kf5-kwallet-5.24.0-1.el7
kf5-kwidgetsaddons-5.24.0-1.el7
kf5-kwindowsystem-5.24.0-1.el7
kf5-kxmlgui-5.24.0-1.el7
kf5-kxmlrpcclient-5.24.0-1.el7
kf5-modemmanager-qt-5.24.0-1.el7
kf5-networkmanager-qt-5.24.0-1.el7
kf5-plasma-5.24.0-1.el7
kf5-solid-5.24.0-1.el7
kf5-sonnet-5.24.0-1.el7
kf5-threadweaver-5.24.0-1.el7
koji-1.10.1-10.el7
lighttpd-1.4.40-1.el7
owncloud-9.0.4-1.el7
php-guzzlehttp-guzzle-5.3.1-1.el7
php-league-flysystem-1.0.25-1.el7
php-mikey179-vfsstream-1.6.4-1.el7
php-pecl-mongodb-1.1.8-3.el7
rabbitmq-server-3.3.5-23.el7
root-6.06.06-2.el7
Details about builds:
================================================================================
breeze-icon-theme-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
Breeze icon theme
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
composer-1.2.0-1.el7 (FEDORA-EPEL-2016-b1e5548d8d)
Dependency Manager for PHP
--------------------------------------------------------------------------------
Update Information:
**Version 1.2.0** - 2016-07-19 * Security: Fixed
[httpoxy](https://httpoxy.org/) vulnerability * Fixed `home` command to avoid
rogue output on unix * Fixed output of git clones to clearly state when clones
are from cache * Added caching of git repositories if you have git 2.3+
installed. Repositories will now be cached once and then cloned from local cache
so subsequent installs should be faster * Added detection of HEAD changes to
the `status` command. If you `git checkout X` in a vendor directory for example
it will tell you that it is not at the version that was installed * Added a
virtual `php-ipv6` extension to require PHP compiled with IPv6 support * Added
`--no-suggest` to `install` and `update` commands to skip output of suggestions
at the end * Added `--type` to the `search` command to restrict to a given
package type * Added fossil support as alternative to git/svn/.. for package
downloads * Improved BitBucket OAuth support * Added support for blocking
cache operations using COMPOSER_CACHE_DIR=/dev/null (or NUL on windows) *
Added support for using declare(strict_types=1) in plugins * Added `--prefer-
stable` and `--prefer-lowest` to the `require` command * Added `--no-scripts`
to the `require` and `remove` commands * Added `_comment` top level key to the
schema to endorse using it as a place to store comments (it can be a string or
array of strings) * Added support for justinrainbow/json-schema 2.0 * Fixed
binaries not being re-installed if deleted by users or the bin-dir changes.
`update` and `install` will now re-install them * Many minor UX and docs
improvements
--------------------------------------------------------------------------------
================================================================================
drupal7-ctools-1.9-3.el7 (FEDORA-EPEL-2016-7460cbc212)
Primarily a set of APIs and tools to improve the developer experience
--------------------------------------------------------------------------------
Update Information:
This suite is primarily a set of APIs and tools to improve the developer
experience. It also contains a module called the Page Manager whose job is to
manage pages. In particular it manages panel pages, but as it grows it will be
able to manage far more than just Panels. For the moment, it includes the
following tools: * Plugins -- tools to make it easy for modules to let other
modules implement plugins from .inc files. * Exportables -- tools to make
it easier for modules to have objects that live in database or live in
code, such as 'default views'. * AJAX responder -- tools to make it easier for
the server to handle AJAX requests and tell the client what to do with
them. * Form tools -- tools to make it easier for forms to deal with AJAX. *
Object caching -- tool to make it easier to edit an object across multiple
page requests and cache the editing work. * Contexts -- the notion of wrapping
objects in a unified wrapper and providing an API to create and accept
these contexts as input. * Modal dialog -- tool to make it simple to put a form
in a modal dialog. * Dependent -- a simple form widget to make form items appear
and disappear based upon the selections in another item. * Content --
pluggable content types used as panes in Panels and other modules like
Dashboard. * Form wizard -- an API to make multi-step forms much easier. * CSS
tools -- tools to cache and sanitize CSS easily to make user-input CSS
safe.
--------------------------------------------------------------------------------
================================================================================
extra-cmake-modules-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
Additional modules for CMake build system
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
Filesystem and RPM macros for KDE Frameworks 5
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-attica-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks Tier 1 Addon with Open Collaboration Services API
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-baloo-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
A Tier 3 KDE Frameworks 5 module that provides indexing and search
functionality
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-bluez-qt-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
A Qt wrapper for Bluez
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-frameworkintegration-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 4 workspace and cross-framework integration plugins
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kactivities-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
A KDE Frameworks 5 Tier 3 to organize user work into separate activities
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kactivities-stats-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
A KDE Frameworks 5 Tier 3 library for accessing the usage data collected by
the activities system
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kapidox-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 4 scripts and data for building API documentation
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-karchive-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 1 addon with archive functions
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kauth-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 2 integration module to perform actions as privileged
user
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kbookmarks-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 addon for bookmarks manipulation
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kcmutils-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 addon with extra API to write KConfigModules
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kcodecs-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 1 addon with string manipulation methods
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kcompletion-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 2 addon with auto completion widgets and classes
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kconfig-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 1 addon with advanced configuration system
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kconfigwidgets-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 addon for creating configuration dialogs
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kcoreaddons-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 1 addon with various classes on top of QtCore
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kcrash-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 2 addon for handling application crashes
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kdbusaddons-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 1 addon with various classes on top of QtDBus
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kdeclarative-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 addon for Qt declarative
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kded-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 addon with extensible daemon for system-level services
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kdelibs4support-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 4 module with porting aid from KDELibs 4
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kdesignerplugin-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 integration module for Qt Designer
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kdesu-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 integration with su
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kdewebkit-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 integration module for QtWebKit
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kdnssd-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 1 integration module for DNS-SD services (Zeroconf)
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kdoctools-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 2 addon for generating documentation
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kemoticons-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 module with support for emoticons and emoticons themes
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kfilemetadata-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
A Tier 2 KDE Framework for extracting file metadata
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kglobalaccel-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 integration module for global shortcuts
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kguiaddons-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 1 addon with various classes on top of QtGui
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-khtml-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 4 solution with KHTML, a HTML rendering engine
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-ki18n-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 1 addon for localization
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kiconthemes-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 integration module with icon themes
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kidletime-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 1 integration module for idle time detection
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kimageformats-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 1 addon with additional image plugins for QtGui
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kinit-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 tier 3 solution for process launching
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kio-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 solution for filesystem abstraction
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kitemmodels-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 1 addon with item models
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kitemviews-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 1 addon with item views
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kjobwidgets-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 2 addon for KJobs
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kjs-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 functional module with JavaScript interpreter
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kjsembed-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 addon for binding JS objects to QObjects
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kmediaplayer-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 module with interface for media player features
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-knewstuff-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 module for downloading application assets
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-knotifications-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 2 solution with abstraction for system notifications
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-knotifyconfig-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 module for KNotify configuration
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kpackage-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 2 library to load and install packages as plugins
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kparts-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 solution for KParts
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kpeople-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 library for contact and people aggregation
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kplotting-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 1 addon for plotting
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kpty-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 2 module providing Pty abstraction
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kross-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 solution for multi-language application scripting
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-krunner-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 solution with parallelized query system
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kservice-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 solution for advanced plugin and service introspection
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-ktexteditor-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 with advanced embeddable text editor
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-ktextwidgets-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 addon with advanced text editing widgets
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kunitconversion-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 2 addon for unit conversions
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kwallet-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 solution for password management
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kwidgetsaddons-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 1 addon with various classes on top of QtWidgets
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kwindowsystem-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 1 integration module with classes for windows management
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kxmlgui-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 solution for user-configurable main windows
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-kxmlrpcclient-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 library for interaction with XML RPC services
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-modemmanager-qt-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
A Tier 1 KDE Frameworks module wrapping ModemManager DBus API
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-networkmanager-qt-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
A Tier 1 KDE Frameworks 5 module that wraps NetworkManager DBus API
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-plasma-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 3 framework is foundation to build a primary user
interface
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-solid-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 1 integration module that provides hardware information
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-sonnet-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 1 solution for spell checking
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
kf5-threadweaver-5.24.0-1.el7 (FEDORA-EPEL-2016-7913c4c81c)
KDE Frameworks 5 Tier 1 addon for advanced thread management
--------------------------------------------------------------------------------
Update Information:
KDE Frameworks 5.24.0, see also https://www.kde.org/announcements/kde-
frameworks-5.24.0.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357410 - CVE-2016-6232 kf5-karchive: Extraction of tar files
possible to arbitrary system locations
https://bugzilla.redhat.com/show_bug.cgi?id=1357410
--------------------------------------------------------------------------------
================================================================================
koji-1.10.1-10.el7 (FEDORA-EPEL-2016-f7bbdbcf8e)
Build system tools
--------------------------------------------------------------------------------
Update Information:
update to git master upstream, add lmc cosmetic fixes add patch to disable login
in koji-web add patch to enable dns in runroot chroots
--------------------------------------------------------------------------------
================================================================================
lighttpd-1.4.40-1.el7 (FEDORA-EPEL-2016-1ec4dd82f2)
Lightning fast webserver with light system requirements
--------------------------------------------------------------------------------
Update Information:
1.4.40 https://www.lighttpd.net/2016/7/16/1.4.40/
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357238 - lighttpd-1.4.40 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1357238
--------------------------------------------------------------------------------
================================================================================
owncloud-9.0.4-1.el7 (FEDORA-EPEL-2016-855b9c1407)
Private file sync and share server
--------------------------------------------------------------------------------
Update Information:
Update to 9.0.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1349700 - Update Fedora.README to clarify the SELinux section
https://bugzilla.redhat.com/show_bug.cgi?id=1349700
--------------------------------------------------------------------------------
================================================================================
php-guzzlehttp-guzzle-5.3.1-1.el7 (FEDORA-EPEL-2016-3a667cc289)
PHP HTTP client and webservice framework
--------------------------------------------------------------------------------
Update Information:
## 5.3.1 - 2016-07-18 * Address HTTP_PROXY security vulnerability,
CVE-2016-5385: https://httpoxy.org/ * Event name fix:
https://github.com/guzzle/guzzle/commit/fcae91ff31de41e312fe113ec3acbcda31b2622e
* Response header case sensitivity fix:
https://github.com/guzzle/guzzle/commit/043eeadf20ee40ddc6712faee4d3957a91f2b041
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357580 - php-guzzlehttp-guzzle-5.3.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1357580
--------------------------------------------------------------------------------
================================================================================
php-league-flysystem-1.0.25-1.el7 (FEDORA-EPEL-2016-287b04698a)
Filesystem abstraction: Many filesystems, one API
--------------------------------------------------------------------------------
Update Information:
**Version 1.0.25** - 2016-07-18 * [Local\Ftp] Streams opened with `fopen` now
open in binary mode, which is better on Windows environments.
--------------------------------------------------------------------------------
================================================================================
php-mikey179-vfsstream-1.6.4-1.el7 (FEDORA-EPEL-2016-e4f56aa9ba)
PHP stream wrapper for a virtual file system
--------------------------------------------------------------------------------
Update Information:
**Version 1.6.4** (2016-07-18) * fixed #134 type safe directory names,
reported and fixed by Sebastian Hopfe
--------------------------------------------------------------------------------
================================================================================
php-pecl-mongodb-1.1.8-3.el7 (FEDORA-EPEL-2016-539597afca)
MongoDB driver for PHP
--------------------------------------------------------------------------------
Update Information:
The purpose of this driver is to provide exceptionally thin glue between MongoDB
and PHP, implementing only fundemental and performance-critical components
necessary to build a fully-functional MongoDB driver.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1269056 - Review Request: php-pecl-mongodb - MongoDB driver for PHP
https://bugzilla.redhat.com/show_bug.cgi?id=1269056
--------------------------------------------------------------------------------
================================================================================
rabbitmq-server-3.3.5-23.el7 (FEDORA-EPEL-2016-64956c631e)
The RabbitMQ server
--------------------------------------------------------------------------------
Update Information:
* Backports for some issues
--------------------------------------------------------------------------------
================================================================================
root-6.06.06-2.el7 (FEDORA-EPEL-2016-fcc7456b56)
Numerical data analysis framework
--------------------------------------------------------------------------------
Update Information:
ROOT 6.06.06 https://root.cern.ch/doc/v606/release-notes.html#release-6.0606
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1357279 - redhat-rpm-config not listed as a dependency
https://bugzilla.redhat.com/show_bug.cgi?id=1357279
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list
epel-devel@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/epel-devel@lists.fedoraproject.org
