The following Fedora EPEL 7 Security updates need testing:
Age URL
21
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-1f259a45ef
openjpeg2-2.3.1-11.el7
21
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-9eaea6f65c
audacious-plugins-4.0.5-4.el7 fluidsynth-2.1.8-4.el7
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-c4678a5e4b
radare2-5.3.1-1.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-49226a1ff0
aom-3.1.1-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
python-flask-migrate-2.0.4-1.el7
tor-0.3.5.15-1.el7
Details about builds:
================================================================================
python-flask-migrate-2.0.4-1.el7 (FEDORA-EPEL-2021-4911efe30c)
SQLAlchemy database migrations for Flask applications using Alembic
--------------------------------------------------------------------------------
Update Information:
Update to 2.0.4, the last release in the 2.0.x series. Additionally, a number of
improvements were made to the packaging. ## Release 2.0.4 - 2017-05-30 -
Support -x arguments in "migrate" command (#148) ## Release 2.0.3 - 2017-01-29
- Support multiple -x arguments in the Flask-Script interface (#103) ## Release
2.0.2 - 2016-12-09 - Support passing alembic context kwargs from constructor
into init_app (#138) ## Release 2.0.1 - 2016-11-13 - Fix flake8 warnings in
Alembic templates (#136)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 1 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> - 2.0.4-1
- Update to 2.0.4, the last release in the 2.0.x series
* Mon May 31 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> - 2.0.0-4
- Replace %modname with a group of name macros and use them in more places
- Change URL from PyPI to GitHub, and HTTP to HTTPS
- Use %pypi_source macro
- Adjust whitespace to personal preference
- Drop %python3_pkgversion and %python_provide macros, only needed in EPEL
- Remove executable bits from files in the Python package
- Version the BR���s and manual Requires
- Run the tests
- Change Python 3 conditional macro to a modern build conditional and use
%python3_pkgversion macro (but still do not try to build for Python 3 due to
missing dependencies)
- Remove cruft for EL6 and older
- Make the common description a macro
--------------------------------------------------------------------------------
================================================================================
tor-0.3.5.15-1.el7 (FEDORA-EPEL-2021-92a8baa028)
Anonymizing overlay network for TCP
--------------------------------------------------------------------------------
Update Information:
update to latest upstream release (with security fixes!) Fixes bz#1972880,
bz#1972883, bz#1972887 => CVE-2021-34550 / CVE-2021-34549 / CVE-2021-34548
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1972880 - CVE-2021-34548 tor: RELAY_END or RELAY_RESOLVED spoofing
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1972880
[ 2 ] Bug #1972883 - CVE-2021-34549 tor: hashtable-based CPU denial-of-service attack
against relays [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1972883
[ 3 ] Bug #1972887 - CVE-2021-34550 tor: out-of-bounds memory access in v3 onion service
descriptor parsing [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1972887
--------------------------------------------------------------------------------