The following Fedora EPEL 7 Security updates need testing:
Age URL
41
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-4a9fc09599
openjpeg2-2.3.1-10.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-f1768ebc94
opensmtpd-6.8.0p2-1.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-e06cd0281c
zabbix30-3.0.31-1.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-e30a25d6d0
chromium-88.0.4324.96-1.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-4e3398c399
libssh-0.7.7-1.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-c09d7045f3
seamonkey-2.53.6-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
R-qtl-1.47.9-1.el7
monitorix-3.13.1-1.el7
nx-libs-3.5.99.25-4.el7
youtube-dl-2021.01.24.1-1.el7
Details about builds:
================================================================================
R-qtl-1.47.9-1.el7 (FEDORA-EPEL-2021-46fabd09df)
Tools for analyzing QTL experiments
--------------------------------------------------------------------------------
Update Information:
R-qtl 1.47-9
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 27 2021 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 1.47.9-1
- Update to 1.47-9
* Mon Jan 25 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.46.2-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Mon Aug 10 2020 Tom Callaway <spot(a)fedoraproject.org> - 1.46.2-5
- rebuild for FlexiBLAS R
* Sat Aug 1 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.46.2-4
- Second attempt - Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Mon Jul 27 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.46.2-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri Jun 5 2020 Tom Callaway <spot(a)fedoraproject.org> - 1.46.2-2
- rebuild for R 4
--------------------------------------------------------------------------------
================================================================================
monitorix-3.13.1-1.el7 (FEDORA-EPEL-2021-ba217a684f)
A free, open source, lightweight system monitoring tool
--------------------------------------------------------------------------------
Update Information:
This new version fixes a security bug introduced in the 3.13.0 version that lead
the HTTP built-in server to bypass the Basic Authentication when the option
hosts_deny is not defined, which is the default. Besides this fix, this version
also updates the main configuration file to add the option hosts_deny = all by
default inside the auth subsection, in an attempt to make the default behaviour
more clear. All users using the 3.13.0 version are advised and encouraged to
upgrade to this new version, which resolves the security issue. ---- This new
version introduces three new modules: the long-awaited pgsql.pm capable of
monitoring up to 9 databases of an unlimited number of PostgreSQL servers, the
redis.pm and tinyproxy.pm which are both also capable of monitoring an unlimited
number of Redis and Tinyproxy servers respectively. This version also includes
some interesting new features. The new CSS theming support will allow people to
create their own color themes. The new support for the ss command in port.pm and
nginx.pm modules. The ability to map the device names and also to include a
title name in disk.pm module. The new stacked visualization of network stats
available on a number of modules, and more. Also with this new version,
Monitorix is able to be executed as a regular user instead of root. This is of
course subject to the capabilities of each module to get statistics without
using the superuser. The rest of new features, changes and bugs fixed are, as
always, reflected in the Changes file.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 27 2021 Jordi Sanfeliu <jordi(a)fibranet.cat> - 3.13.1-1
- Updated to 3.13.1.
* Fri Jan 22 2021 Jordi Sanfeliu <jordi(a)fibranet.cat> - 3.13.0-1
- Updated to 3.13.0.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1919169 - monitorix-3.13.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1919169
[ 2 ] Bug #1920998 - monitorix-3.13.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1920998
--------------------------------------------------------------------------------
================================================================================
nx-libs-3.5.99.25-4.el7 (FEDORA-EPEL-2021-cf7a3c6e2b)
NX X11 protocol compression libraries
--------------------------------------------------------------------------------
Update Information:
Disable extraneous debug logging that can fill disks
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 26 2021 Orion Poplawski <orion(a)nwra.com> - 3.5.99.25-4
- Add upstream patch to quiet logging
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
3.5.99.25-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1916491 - nxagent logs exessively to session.log
https://bugzilla.redhat.com/show_bug.cgi?id=1916491
--------------------------------------------------------------------------------
================================================================================
youtube-dl-2021.01.24.1-1.el7 (FEDORA-EPEL-2021-19bb0eb2b6)
A small command-line program to download online videos
--------------------------------------------------------------------------------
Update Information:
Update to version 2021.01.24.1 ---- Update to version 2021.01.16
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 27 2021 David Schw��rer <davidsch(a)fedoraproject.org> - 2021.01.24.1-1
- Update to 2021.01.24.1
* Mon Jan 18 2021 David Schw��rer <davidsch(a)fedoraproject.org> - 2021.01.16-1
- Update to 2021.01.16
* Fri Jan 8 2021 David Schw��rer <davidsch(a)fedoraproject.org> - 2021.01.08-1
- Update to 2021.01.08
* Tue Jan 5 2021 David Schw��rer <davidsch(a)fedoraproject.org> - 2021.01.03-2
- Update to 2021.01.03
* Sun Jan 3 2021 David Schw��rer <davidsch(a)fedoraproject.org> - 2021.01.03-1
- Update to 2021.01.03
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1916977 - youtube-dl-2021.01.16 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1916977
[ 2 ] Bug #1920080 - youtube-dl-2021.01.24.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1920080
--------------------------------------------------------------------------------