The following Fedora EPEL 7 Security updates need testing:
Age URL
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-a46e72f139
radare2-5.2.1-1.el7
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-255f12d77d
zarafa-7.1.14-5.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-b6ffea264a
perl-Image-ExifTool-12.16-3.el7
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-9cfa4ffd25
java-latest-openjdk-16.0.1.0.9-1.rolling.el7
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-9cf47c841c
python-yara-4.1.0-1.el7 yara-4.1.0-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-3f4ec3ba2a
sympa-6.2.62-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-23a46d718e
libopenmpt-0.5.8-1.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-314d2feba2
chromium-90.0.4430.93-1.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-f17367545f
fluidsynth-2.1.8-4.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-80d45ac7ec
ansible-2.9.21-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
annobin-9.71-1.el7
knot-resolver-5.3.2-1.el7
python-impacket-0.9.22-3.el7
Details about builds:
================================================================================
annobin-9.71-1.el7 (FEDORA-EPEL-2021-04c7d75012)
Annotate and examine compiled binary files
--------------------------------------------------------------------------------
Update Information:
Bug fixes, especially in the annocheck tool
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 5 2021 Nick Clifton <nickc(a)redhat.com> - 9.71-1
- timing: do not initialise the clock if the timing tool is disabled.
- gcc-plugin: Replace ICE messsages with verbose messages.
- Fix the testsuite so that it can be run in parallel.
- Annocheck: WARN if the annobin plugin was built for a newer version of the compiler than
the one on which it was run. (#1950657)
- Obsolete annobin < 9.66-1 (bug #1949570)
- Annocheck: Improve detection of missing GNU-stack support.
- Correct a package rename (bug #1949570)
- Require docs subpackage by the other ones because of a license
- Build-requiring perl-interpreter is enough
- Fix bz1949570
- Fix anomolies reported by covscan.
- Move documentation into a sub-package.
- gcc-plugin: Use a fixed filename when running in LTO mode.
--------------------------------------------------------------------------------
================================================================================
knot-resolver-5.3.2-1.el7 (FEDORA-EPEL-2021-268b0d5c5e)
Caching full DNS Resolver
--------------------------------------------------------------------------------
Update Information:
new upstream release 5.3.2
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 7 2021 Jakub Ru��i��ka <jakub.ruzicka(a)nic.cz> - 5.3.2-1
- update to upstream version 5.3.2
--------------------------------------------------------------------------------
================================================================================
python-impacket-0.9.22-3.el7 (FEDORA-EPEL-2021-680600d10f)
Collection of Python classes providing access to network packets
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2021-31800 - #1957428, #1957427 - fix path traversal in
smbserver.py ---- fix dependencies for EPEL7 as of #1893859
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 7 2021 Michal Ambroz <rebus _AT seznam.cz> - 0.9.22-3
- fix CVE-2021-31800 - #1957428, #1957427 during 0.9.22 lifecycle
* Sun May 2 2021 Michal Ambroz <rebus _AT seznam.cz> - 0.9.22-2
- fix dependencies for EPEL7 as of #1893859
* Wed Apr 14 2021 Michal Ambroz <rebus _AT seznam.cz> - 0.9.22-1
- Updated to new upstream release 0.9.22
- modernize specfile with bconds
- upstream patch for python39 compatibility (needed for FC34+)
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.9.21-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Jul 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.9.21-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue May 26 2020 Miro Hron��ok <mhroncok(a)redhat.com> - 0.9.21-6
- Rebuilt for Python 3.9
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1957426 - CVE-2021-31800 python-impacket: Multiple path traversal
vulnerabilities in smbserver.py
https://bugzilla.redhat.com/show_bug.cgi?id=1957426
--------------------------------------------------------------------------------