The following Fedora EPEL 7 Security updates need testing:
Age URL
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-10049c7b14
libbsd-0.11.7-2.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-0b26ab3924
xrdp-0.9.21-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
apptainer-1.1.4-1.el7
gfal2-2.21.2-1.el7
nut-2.8.0-2.el7
rpki-client-8.2-1.el7
voms-api-java-3.3.2-11.el7
Details about builds:
================================================================================
apptainer-1.1.4-1.el7 (FEDORA-EPEL-2022-f2ddee605b)
Application and environment virtualization
--------------------------------------------------------------------------------
Update Information:
Update to 1.1.4
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 13 2022 Dave Dykstra <dwd(a)fedoraproject.org> - 1.1.4
- Update to upstream 1.1.4.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2153084 - apptainer-1.1.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2153084
--------------------------------------------------------------------------------
================================================================================
gfal2-2.21.2-1.el7 (FEDORA-EPEL-2022-d386249793)
Grid file access library 2.0
--------------------------------------------------------------------------------
Update Information:
Upstream release v2.21.2
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 13 2022 Mihai Patrascoiu <mihai.patrascoiu(a)cern.ch> - 2.21.2-1
- Upgrade to upstream release 2.21.2
--------------------------------------------------------------------------------
================================================================================
nut-2.8.0-2.el7 (FEDORA-EPEL-2022-582eba423d)
Network UPS Tools
--------------------------------------------------------------------------------
Update Information:
updated to 2.8.0 ---- nut updated to 2.7.4
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 6 2022 Michal Hlavinka <mhlavink(a)redhat.com> - 2.8.0-2
- fix STATEPATH location and creation (#2024651)
- merged C99 related changes to configure from fedora
- trim changelog
* Tue Sep 13 2022 Michal Hlavinka <mhlavink(a)redhat.com> - 2.8.0-1
- update to 2.8.0
* Tue Jun 2 2020 Michal Hlavinka <mhlavink(a)redhat.com> - 2.7.4-3
- update nut run directories
* Tue May 26 2020 Orion Poplawski <orion(a)nwra.com> - 2.7.4-2
- Drop old udev requires/scriptlet
- Add upstream patch for TLS > 1.0 support
* Tue May 26 2020 Michal Hlavinka <mhlavink(a)redhat.com> - 2.7.4-1
- nut updated to 2.7.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1379382 - nut package is missing nut-scanner binary
https://bugzilla.redhat.com/show_bug.cgi?id=1379382
[ 2 ] Bug #1584330 - nut rpm has wrong mode and ownership for /var/run/nut
https://bugzilla.redhat.com/show_bug.cgi?id=1584330
[ 3 ] Bug #1618784 - nut-monitor.service references non-existant
/etc/tmpfiles.d/nut-run.conf
https://bugzilla.redhat.com/show_bug.cgi?id=1618784
[ 4 ] Bug #1837120 - Update nut in EL7
https://bugzilla.redhat.com/show_bug.cgi?id=1837120
[ 5 ] Bug #1876035 - Update nut to latest stable release 2.7.4
https://bugzilla.redhat.com/show_bug.cgi?id=1876035
--------------------------------------------------------------------------------
================================================================================
rpki-client-8.2-1.el7 (FEDORA-EPEL-2022-b460bd1076)
OpenBSD RPKI validator to support BGP Origin Validation
--------------------------------------------------------------------------------
Update Information:
# rpki-client 8.2 - Add a new `-H` command line option to create a shortlist
of repositories to synchronize to. For example, when invoking `rpki-client -H
rpki.ripe.net -H chloe.sobornost.net`, the utility will not connect to any other
hosts other than the two specified through the `-H` option. - Add support for
validating Geofeed (RFC 9092) authenticators. To see an example download
https://sobornost.net/geofeed.csv and run `rpki-client -f geofeed.csv`. - Add
support for validating Trust Anchor Key (TAK) objects. TAK objects can be used
to produce new Trust Anchor Locators (TALs) signed by and verified against the
previous Trust Anchor. See draft-ietf-sidrops-signed-tal for the full
specification. - Log lines related to RRDP/HTTPS connection problems now
include the IP address of the problematic endpoint (in brackets). - Improve
the error message when an invalid filename is encountered in the rpkiManifest
field in the Subject Access Information (SIA) extension. - Emit a warning when
unexpected X.509 extensions are encountered. - Restrict the ROA ipAddrBlocks
field to only allow two ROAIPAddressFamily structures (one per address family).
See draft-ietf-sidrops-rfc6482bis. - Check the absence of the Path Length
constraint in the Basic Constraints extension. - Restrict the SIA extension to
only allow the signedObject and rpkiNotify accessMethods. - Check that the
Signed Object access method is present in ROA, MFT, ASPA, TAK, and GBR End-
Entity certificates. - In addition to the `rsync://` scheme, also permit other
schemes (such as `https://`) in the SIA signedObject access method. - Check
that the KeyUsage extension is set to nothing but digitalSignature on End-Entity
certificates. - Check that the KeyUsage extension is set to nothing but
keyCertSign and CRLSign on CA certificates. - Check that the ExtendedKeyUsage
extension is absent on CA certificates. - Fix a bug in the handling of the
port of http_proxy. - The `-r` command line option has been deprecated. -
Filemode (`-f`) output is now presented as a text based table.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 14 2022 Robert Scheck <robert(a)fedoraproject.org> 8.2-1
- Upgrade to 8.2 (#2153077)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2153077 - rpki-client-8.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2153077
--------------------------------------------------------------------------------
================================================================================
voms-api-java-3.3.2-11.el7 (FEDORA-EPEL-2022-ae618a283f)
Virtual Organization Membership Service Java API
--------------------------------------------------------------------------------
Update Information:
Disable test that fails due to an expired certificate.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 13 2022 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 3.3.2-11
- Disable tests that fail due to more expired certificates
--------------------------------------------------------------------------------