The following Fedora EPEL 7 Security updates need testing:
Age URL
317
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d
condor-8.6.11-1.el7
93
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-d2c1368294
cinnamon-3.6.7-5.el7
86
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-50a6a1ddfd
afflib-3.7.18-2.el7
59
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80
python-gnupg-0.4.4-1.el7
57
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b
bubblewrap-0.3.3-2.el7
29
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-fc63c75ab1
hostapd-2.8-1.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-24edff97c6
php-brumann-polyfill-unserialize-1.0.3-1.el7 php-typo3-phar-stream-wrapper2-2.1.2-1.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-f428efb17c
drupal7-uuid-1.3-1.el7
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-193cafec2e
GraphicsMagick-1.3.32-1.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-7a3942050d
nodejs-6.17.1-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-a7d80aae2a
pdns-4.1.10-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
chromium-75.0.3770.100-2.el7
git-cola-3.4-1.el7
libuv-1.30.0-1.el7
python-dns-lexicon-3.2.8-1.el7
python-josepy-1.1.0-9.el7
python-krbcontext-0.9-1.el7
python-mwclient-0.9.3-3.el7
stlink-1.5.1-0.3.20190606git84f63d2.el7
Details about builds:
================================================================================
chromium-75.0.3770.100-2.el7 (FEDORA-EPEL-2019-b94f559810)
A WebKit (Blink) powered web browser
--------------------------------------------------------------------------------
Update Information:
Update to Chromium 75.0.3770.100. The usual pile of bugs and CVE fixes. vaapi
support disabled, just too broken. :( Fixes CVE-2019-5824 CVE-2019-5825
CVE-2019-5826 CVE-2019-5827 CVE-2019-5828 CVE-2019-5829 CVE-2019-5830
CVE-2019-5831 CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5835
CVE-2019-5836 CVE-2019-5837 CVE-2019-5838 CVE-2019-5839 CVE-2019-5840
CVE-2019-5842
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 25 2019 Tom Callaway <spot(a)fedoraproject.org> - 75.0.3770.100-2
- fix v8 compile with gcc
* Thu Jun 20 2019 Tom Callaway <spot(a)fedoraproject.org> - 75.0.3770.100-1
- update to 75.0.3770.100
* Fri Jun 14 2019 Tom Callaway <spot(a)fedoraproject.org> - 75.0.3770.90-1
- update to 75.0.3770.90
* Wed Jun 5 2019 Tom Callaway <spot(a)fedoraproject.org> - 75.0.3770.80-1
- update to 75.0.3770.80
- disable vaapi (via conditional), too broken
* Fri May 31 2019 Tom Callaway <spot(a)fedoraproject.org> - 74.0.3729.169-1
- update to 74.0.3729.169
* Thu Apr 11 2019 Tom Callaway <spot(a)fedoraproject.org> - 73.0.3683.103-1
- update to 73.0.3683.103
- add CLONE_VFORK logic to seccomp filter for linux to handle glibc 2.29 change
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1718269 - CVE-2019-5840 chromium-browser: Popup blocker bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1718269
[ 2 ] Bug #1718268 - CVE-2019-5839 chromium-browser: Incorrect handling of certain code
points in Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1718268
[ 3 ] Bug #1718267 - CVE-2019-5838 chromium-browser: Overly permissive tab access in
Extensions
https://bugzilla.redhat.com/show_bug.cgi?id=1718267
[ 4 ] Bug #1718266 - CVE-2019-5837 chromium-browser: Cross-origin resources size
disclosure in Appcache
https://bugzilla.redhat.com/show_bug.cgi?id=1718266
[ 5 ] Bug #1718264 - CVE-2019-5836 chromium-browser: Heap buffer overflow in Angle
https://bugzilla.redhat.com/show_bug.cgi?id=1718264
[ 6 ] Bug #1718263 - CVE-2019-5835 chromium-browser: Out of bounds read in Swiftshader
https://bugzilla.redhat.com/show_bug.cgi?id=1718263
[ 7 ] Bug #1718262 - CVE-2019-5834 chromium-browser: URL spoof in Omnibox on iOS
https://bugzilla.redhat.com/show_bug.cgi?id=1718262
[ 8 ] Bug #1718261 - CVE-2019-5833 chromium-browser: Inconsistent security UI placement
https://bugzilla.redhat.com/show_bug.cgi?id=1718261
[ 9 ] Bug #1718260 - CVE-2019-5832 chromium-browser: Incorrect CORS handling in XHR
https://bugzilla.redhat.com/show_bug.cgi?id=1718260
[ 10 ] Bug #1718259 - CVE-2019-5831 chromium-browser: Incorrect map processing in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1718259
[ 11 ] Bug #1718258 - CVE-2019-5830 chromium-browser: Incorrectly credentialed requests
in CORS
https://bugzilla.redhat.com/show_bug.cgi?id=1718258
[ 12 ] Bug #1718257 - CVE-2019-5829 chromium-browser: Use after free in Download
Manager
https://bugzilla.redhat.com/show_bug.cgi?id=1718257
[ 13 ] Bug #1718256 - CVE-2019-5828 chromium-browser: Use after free in ServiceWorker
https://bugzilla.redhat.com/show_bug.cgi?id=1718256
[ 14 ] Bug #1707248 - CVE-2019-5826 chromium-browser: Use-after-free in IndexedDB
https://bugzilla.redhat.com/show_bug.cgi?id=1707248
[ 15 ] Bug #1707247 - CVE-2019-5825 chromium-browser: Out-of-bounds write in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1707247
[ 16 ] Bug #1702913 - CVE-2019-5823 chromium-browser: Forced navigation from service
worker
https://bugzilla.redhat.com/show_bug.cgi?id=1702913
[ 17 ] Bug #1702912 - CVE-2019-5822 chromium-browser: CORS bypass in download manager
https://bugzilla.redhat.com/show_bug.cgi?id=1702912
[ 18 ] Bug #1702911 - CVE-2019-5821 chromium-browser: Integer overflow in PDFium
https://bugzilla.redhat.com/show_bug.cgi?id=1702911
[ 19 ] Bug #1702910 - CVE-2019-5820 chromium-browser: Integer overflow in PDFium
https://bugzilla.redhat.com/show_bug.cgi?id=1702910
[ 20 ] Bug #1702909 - CVE-2019-5819 chromium-browser: Incorrect escaping in developer
tools
https://bugzilla.redhat.com/show_bug.cgi?id=1702909
[ 21 ] Bug #1702908 - CVE-2019-5818 chromium-browser: Uninitialized value in media
reader
https://bugzilla.redhat.com/show_bug.cgi?id=1702908
[ 22 ] Bug #1702907 - CVE-2019-5817 chromium-browser: Heap buffer overflow in Angle on
Windows
https://bugzilla.redhat.com/show_bug.cgi?id=1702907
[ 23 ] Bug #1702906 - CVE-2019-5816 chromium-browser: Exploit persistence extension on
Android
https://bugzilla.redhat.com/show_bug.cgi?id=1702906
[ 24 ] Bug #1702905 - CVE-2019-5815 chromium-browser: Heap buffer overflow in Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1702905
[ 25 ] Bug #1702904 - CVE-2019-5814 chromium-browser: CORS bypass in Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1702904
[ 26 ] Bug #1702903 - CVE-2019-5813 chromium-browser: Out of bounds read in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1702903
[ 27 ] Bug #1702902 - CVE-2019-5812 chromium-browser: URL spoof in Omnibox on iOS
https://bugzilla.redhat.com/show_bug.cgi?id=1702902
[ 28 ] Bug #1702901 - CVE-2019-5811 chromium-browser: CORS bypass in Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1702901
[ 29 ] Bug #1702900 - CVE-2019-5810 chromium-browser: User information disclosure in
Autofill
https://bugzilla.redhat.com/show_bug.cgi?id=1702900
[ 30 ] Bug #1702899 - CVE-2019-5809 chromium-browser: Use after free in Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1702899
[ 31 ] Bug #1702898 - CVE-2019-5808 chromium-browser: Use after free in Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1702898
[ 32 ] Bug #1702897 - CVE-2019-5807 chromium-browser: Memory corruption in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1702897
[ 33 ] Bug #1702896 - CVE-2019-5806 chromium-browser: Integer overflow in Angle
https://bugzilla.redhat.com/show_bug.cgi?id=1702896
[ 34 ] Bug #1702895 - CVE-2019-5805 chromium-browser: Use after free in PDFium
https://bugzilla.redhat.com/show_bug.cgi?id=1702895
--------------------------------------------------------------------------------
================================================================================
git-cola-3.4-1.el7 (FEDORA-EPEL-2019-0901e336dc)
A sleek and powerful git GUI
--------------------------------------------------------------------------------
Update Information:
update to version 3.4 ---- update to version 3.3 ---- update to git-cola 3.2
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jun 28 2019 Oliver Haessler <oliver(a)redhat.com> - 3.4-1
- Update to 3.4
* Mon Feb 4 2019 Oliver Haessler <oliver(a)redhat.com> - 3.3-1
- Update to 3.3
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Tue Jan 8 2019 Oliver Haessler <oliver(a)redhat.com> - 3.2-1
- Update to 3.2
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.10-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 2.10-5
- Rebuilt for Python 3.7
* Wed Feb 7 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.10-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.10-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Feb 10 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.10-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1720988 - git-cola-3.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1720988
[ 2 ] Bug #1671646 - [abrt] git-cola: _check_arg_types():
genericpath.py:149:_check_arg_types:TypeError: join() argument must be str or bytes, not
'NoneType'
https://bugzilla.redhat.com/show_bug.cgi?id=1671646
[ 3 ] Bug #1670143 - [abrt] git-cola: _check_arg_types():
genericpath.py:149:_check_arg_types:TypeError: join() argument must be str or bytes, not
'NoneType'
https://bugzilla.redhat.com/show_bug.cgi?id=1670143
[ 4 ] Bug #1669436 - [abrt] git-cola: _execute_child(): git.py:323:git:NameError: name
'WIN32' is not defined
https://bugzilla.redhat.com/show_bug.cgi?id=1669436
[ 5 ] Bug #1672000 - git-cola-3.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672000
[ 6 ] Bug #1555766 - git-cola: FTBFS in F28
https://bugzilla.redhat.com/show_bug.cgi?id=1555766
[ 7 ] Bug #1440743 - git-cola-3.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1440743
--------------------------------------------------------------------------------
================================================================================
libuv-1.30.0-1.el7 (FEDORA-EPEL-2019-33b28a1b66)
Platform layer for node.js
--------------------------------------------------------------------------------
Update Information:
Update to libuv 1.30.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 27 2019 Stephen Gallagher <sgallagh(a)redhat.com> - 1.30.0-1
- Update to 1.30.0
-
https://github.com/libuv/libuv/blob/v1.30.0/ChangeLog
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1724703 - libuv-1.30.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1724703
--------------------------------------------------------------------------------
================================================================================
python-dns-lexicon-3.2.8-1.el7 (FEDORA-EPEL-2019-cc556afbee)
Manipulate DNS records on various DNS providers in a standardized/agnostic way
--------------------------------------------------------------------------------
Update Information:
Update to 3.2.8.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 27 2019 Eli Young <elyscape(a)gmail.com> - 3.2.8-1
- Update to 3.2.8 (#1722190)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1722190 - python-dns-lexicon-3.2.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1722190
--------------------------------------------------------------------------------
================================================================================
python-josepy-1.1.0-9.el7 (FEDORA-EPEL-2019-c675213c72)
JOSE protocol implementation in Python
--------------------------------------------------------------------------------
Update Information:
Split docs to separate package
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 27 2019 Eli Young <elyscape(a)gmail.com> - 1.1.0-9
- Split docs to separate package (#1700273)
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1.0-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Thu Dec 13 2018 Eli Young <elyscape(a)gmail.com> - 1.1.0-7
- Remove Python 2 package in Fedora 30+ (#1658534)
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1.0-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Mon Jul 2 2018 Eli Young <elyscape(a)gmail.com> - 1.1.0-5
- Enable tests
* Mon Jul 2 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 1.1.0-4
- Rebuilt for Python 3.7
* Fri Jun 29 2018 Eli Young <elyscape(a)gmail.com> - 1.1.0-3
- Use available python2 metapackages for EPEL7
- Specify binary name for sphinx-build
- Fix permissions on man files
* Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 1.1.0-2
- Rebuilt for Python 3.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1700273 - python3-josepy-1.1.0-8.fc30 has file conflicts with
python2-josepy-1.1.0-6.fc29
https://bugzilla.redhat.com/show_bug.cgi?id=1700273
--------------------------------------------------------------------------------
================================================================================
python-krbcontext-0.9-1.el7 (FEDORA-EPEL-2019-a7727fe4aa)
A Kerberos context manager
--------------------------------------------------------------------------------
Update Information:
- Fix .travis.yml to use Python 3.7 (Chenxiong Qi) - Update docs/source/conf.py
to read package info properly (Chenxiong Qi) - Add Python 3.7 to and remove
Python 3.5 from TravisCI (Chenxiong Qi) - Update scripts (Chenxiong Qi) - Ignore
more directories from git (Chenxiong Qi) - Remove testenv py34 and py35
(Chenxiong Qi) - Add testenv py37 (Chenxiong Qi) - Fix typo in comment
(Chenxiong Qi) - Fix renewing expired FILE ccache (Michael Simacek) - Remove
flake8 from BuildRequires from SPEC (Chenxiong Qi)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 27 2019 Chenxiong Qi <cqi(a)redhat.com> - 0.9-1
- Build release version 0.9
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.8-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Oct 17 2018 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 0.8-7
- Subpackage python2-krbcontext has been removed
See
https://fedoraproject.org/wiki/Changes/Mass_Python_2_Package_Removal
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.8-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 0.8-5
- Rebuilt for Python 3.7
* Mon Feb 12 2018 Iryna Shcherbina <ishcherb(a)redhat.com> - 0.8-4
- Update Python 2 dependency declarations to new packaging standards
(See
https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
* Fri Feb 9 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.8-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-mwclient-0.9.3-3.el7 (FEDORA-EPEL-2019-0406490dad)
Mwclient is a client to the MediaWiki API
--------------------------------------------------------------------------------
Update Information:
This update drops the dependency on and use of pep8, which is being retired in
Rawhide. It was only used to run a lint check during package build; there should
be no functional changes in this update.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 26 2019 Adam Williamson <awilliam(a)redhat.com> - 0.9.3-3
- Backport a few patches to remove use of pep8 (being retired)
- Only BuildRequire pytest-cache on EL7, it is part of pytest since
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.9.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Nov 23 2018 Adam Williamson <awilliam(a)redhat.com> - 0.9.3-1
- New release 0.9.3
- Disable Python 2 build on F30+ / RHEL 8+
--------------------------------------------------------------------------------
================================================================================
stlink-1.5.1-0.3.20190606git84f63d2.el7 (FEDORA-EPEL-2019-dd82fe96f2)
STM32 discovery line Linux programmer
--------------------------------------------------------------------------------
Update Information:
Update to latest git.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 27 2019 Vasiliy N. Glazov <vascom2(a)gmail.com> -
1.5.1-0.3.20190606git84f63d2
- Update to latest git
--------------------------------------------------------------------------------