The following Fedora EPEL 7 Security updates need testing:
Age URL
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-9ec8ceb857
ansible-2.9.18-1.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-0859a9d61e
x11vnc-0.9.13-12.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-9fbe0750f7
privoxy-3.0.32-1.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-580891d7f4
chromium-88.0.4324.182-2.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-f1e9ccd247
zabbix40-4.0.29-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
ifstat-1.1-34.el7
nagios-4.4.6-4.el7
Details about builds:
================================================================================
ifstat-1.1-34.el7 (FEDORA-EPEL-2021-59a93a93dd)
Interface statistics
--------------------------------------------------------------------------------
Update Information:
Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
nagios-4.4.6-4.el7 (FEDORA-EPEL-2021-04cc5bcb08)
Host/service/network monitoring program
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2020-13977 BZ1849087 Add missing require for nagios-plugins-ping
Update to 4.4.6
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 3 2021 Guido Aulisi <guido.aulisi(a)gmail.com> - 4.4.6-4
- Add missing require for nagios-plugins-ping
- Fix run path
* Sat Feb 27 2021 Guido Aulisi <guido.aulisi(a)gmail.com> - 4.4.6-3
- Require plugins needed for localhost monitoring (#1932297)
* Tue Feb 23 2021 Guido Aulisi <guido.aulisi(a)gmail.com> - 4.4.6-2
- Fix systemd unit file permissions #1676334
* Sat Feb 20 2021 Guido Aulisi <guido.aulisi(a)gmail.com> - 4.4.6-1
- Update to 4.4.6
- Fix for CVE-2020-13977 #BZ1849087
- Some spec cleanup
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1666209 - Nagios cannot start after system reboot because of missing
directory
https://bugzilla.redhat.com/show_bug.cgi?id=1666209
[ 2 ] Bug #1829114 - nagios-4.4.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1829114
[ 3 ] Bug #1849087 - CVE-2020-13977 nagios: URL injection (post-authentication)
vulnerability [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1849087
[ 4 ] Bug #1932297 - Nagios server rpm missing some nagios-plugins-* dependency
https://bugzilla.redhat.com/show_bug.cgi?id=1932297
--------------------------------------------------------------------------------