The following Fedora EPEL 7 Security updates need testing:
Age URL
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-4dd661d32b
prosody-0.11.12-1.el7
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-04da0327c7
clamav-0.103.5-1.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-f37ca1b24a
guacamole-server-1.4.0-1.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-92a697e332
zabbix40-4.0.37-1.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-c99f63fce9
zabbix50-5.0.19-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
davix-0.8.0-2.el7
lynis-3.0.7-1.el7
nodejs-16.13.2-3.el7
remmina-1.4.23-2.el7
teem-1.11.0-54.el7
uglify-js-3.14.5-2.el7
Details about builds:
================================================================================
davix-0.8.0-2.el7 (FEDORA-EPEL-2022-1254f2d95d)
Toolkit for http based file management
--------------------------------------------------------------------------------
Update Information:
Fixing some compiler warnings.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 16 2022 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 0.8.0-2
- Fix some compilation warnings and errors
--------------------------------------------------------------------------------
================================================================================
lynis-3.0.7-1.el7 (FEDORA-EPEL-2022-b995f78fc5)
Security and system auditing tool
--------------------------------------------------------------------------------
Update Information:
3.0.7
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 19 2022 Gwyn Ciesla <gwync(a)protonmail.com> - 3.0.7-1
- 3.0.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2042237 - lynis-3.0.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2042237
--------------------------------------------------------------------------------
================================================================================
nodejs-16.13.2-3.el7 (FEDORA-EPEL-2022-bf9c411793)
JavaScript runtime
--------------------------------------------------------------------------------
Update Information:
Update EPEL 7 to Node.js 16.x
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 19 2022 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.13.2-3
- Bundle zlib on EPEL 7
* Mon Jan 17 2022 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.13.2-2
- Add support for building on EPEL 7
* Tue Jan 11 2022 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.13.2-1
- Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531)
- Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532)
- Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533)
- Prototype pollution via `console.table` properties (Low)(CVE-2022-21824)
* Thu Dec 2 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.13.1-2
- Enable building for EPEL 8 modules
* Thu Dec 2 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.13.1-1
- Update to 16.13.1
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V16.m...
* Thu Nov 25 2021 Honza Horak <hhorak(a)redhat.com> - 1:16.13.0-3
- Make sure binary node-gyp is executable
Resolves: #2026615
* Mon Nov 1 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.13.0-1
- Update to 16.13.0
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V16.m...
- Add support for epel8
* Mon Oct 25 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.12.0-1
- Update to 16.12.0
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V16.m...
* Wed Oct 13 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.11.1-1
- Update to 16.11.1
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V16.m...
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V16.m...
* Thu Sep 23 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.10.0-1
- Update to 16.10.0
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V16.m...
* Tue Sep 14 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.9.1-4
- Correct the bad merge of corepack fix
* Tue Sep 14 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.9.1-3
- Drop auto-dependency on PowerShell introduced by corepack
* Tue Sep 14 2021 Sahana Prasad <sahana(a)redhat.com> - 1:16.9.1-2
- Rebuilt with OpenSSL 3.0.0
* Mon Sep 13 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.9.1-1
- Update to 16.9.1
- Add experimental 'corepack' tool
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V16.m...
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V16.m...
* Tue Aug 31 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.8.0-1
- Update to 16.8.0
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V16.m...
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V16.m...
* Wed Aug 11 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.6.2-1
- Update to 16.6.2
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V16.m...
* Tue Aug 3 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.6.1-1
- Update to 16.6.1
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V16.m...
- Fixes v8 regression introduced in 16.6.0
* Mon Aug 2 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.6.0-1
- Update to 16.6.0
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V16.m...
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
1:16.5.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Tue Jul 20 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.5.0-1
- Update to 16.5.0
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V16.m...
* Fri Jul 2 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.4.1-2
- Re-add support for v8 development headers
* Thu Jul 1 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.4.1-1
- Update to 16.4.1
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V16.m...
* Wed Jun 23 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.4.0-1
- Update to 16.4.0
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V16.m...
* Fri Jun 4 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.3.0-1
- Update to 16.3.0
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V16.m...
* Wed May 19 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.2.0-1
- Update to 16.2.0
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V16.m...
- Fix changelog version numbers
* Tue May 4 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.1.0-1
- Update to 16.1.0
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V16.m...
- Drop upstreamed patch
* Thu Apr 29 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.0.0-1
- First release of Node.js 16.x
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2041022 - Provide nodejs for EPEL 7
https://bugzilla.redhat.com/show_bug.cgi?id=2041022
--------------------------------------------------------------------------------
================================================================================
remmina-1.4.23-2.el7 (FEDORA-EPEL-2022-1c4f843097)
Remote Desktop Client
--------------------------------------------------------------------------------
Update Information:
* Wed Jan 19 2022 Phil Wyett <philip.wyett(a)kathenas.org> - 1.4.23-2 - Remove
unneeded BuildRequires for gtk-vnc-2.0. libvncserver is the preferred for VNC
and disables the gvnc plugin if found. We have not in the recent past built
the gvnc plugin. * Wed Jan 19 2022 Phil Wyett <philip.wyett(a)kathenas.org> -
1.4.23-1 - New upstream version 1.4.23. - Enable x2go plugin.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 19 2022 Phil Wyett <philip.wyett(a)kathenas.org> - 1.4.23-2
- Remove unneeded BuildRequires for gtk-vnc-2.0.
libvncserver is the preferred for VNC and disables the gvnc plugin if found.
We have not in the recent past built the gvnc plugin.
* Wed Jan 19 2022 Phil Wyett <philip.wyett(a)kathenas.org> - 1.4.23-1
- New upstream version 1.4.23.
- Enable x2go plugin.
* Wed Nov 10 2021 Simone Caronni <negativo17(a)gmail.com> - 1.4.21-1
- Update to 1.4.21.
* Tue Sep 14 2021 Sahana Prasad <sahana(a)redhat.com> - 1.4.20-3
- Rebuilt with OpenSSL 3.0.0
* Fri Jul 23 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.4.20-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
teem-1.11.0-54.el7 (FEDORA-EPEL-2022-5a2b76bb89)
Libraries for processing and visualizing scientific raster data
--------------------------------------------------------------------------------
Update Information:
Fix RHBZ#2042106: the `teem-devel` package no longer depends on `cmake-
filesystem`, which does not exist in EPEL7. Instead, it co-owns the relevant
directory.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 19 2022 Benjamin A. Beasley <code(a)musicinmybrain.net> 1.11.0-54
- Fix RHBZ#2042106
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2042106 - "teem-devel" package requires
"cmake-filesystem" which does not exist
https://bugzilla.redhat.com/show_bug.cgi?id=2042106
--------------------------------------------------------------------------------
================================================================================
uglify-js-3.14.5-2.el7 (FEDORA-EPEL-2022-e18dcf2d58)
JavaScript parser, mangler/compressor and beautifier toolkit
--------------------------------------------------------------------------------
Update Information:
Update uglify-js in EPEL 7 to version 3
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 19 2022 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 3.14.5-2
- Update uglify-js for EPEL 7 to version 3
- Provide/Obsolete uglify-js3
* Thu Dec 16 2021 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 3.14.5-1
- Update to 3.14.5
* Wed Dec 1 2021 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 3.14.4-1
- Update to 3.14.4
* Tue Nov 2 2021 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 3.14.3-1
- Update to 3.14.3
* Thu Oct 14 2021 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 3.14.2-1
- Update to 3.14.2
* Fri Aug 13 2021 S��rgio Basto <sergio(a)serjux.com> - 3.14.1-1
- Update to 3.14.1
* Fri Jul 23 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.10.4-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.10.4-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Fri Sep 18 2020 Troy Dawson <tdawson(a)redhat.com> - 3.10.4-1
- Update to 3.10.4
* Wed Jul 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.8.22-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri Jan 31 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.8.22-9
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Wed Jan 22 2020 Jan Stan��k <jstanek(a)redhat.com> - 2.8.22-8
- Remove unneeded legacy conditionals around %{nodejs_arches} and %{_jsdir}
- Disable colors in tests
- Use %bcond_without for conditional compilation
* Sat Jul 27 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.8.22-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sun Feb 3 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.8.22-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.8.22-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Feb 9 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.8.22-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Tue Aug 15 2017 Jun Aruga <jaruga(a)redhat.com> - 2.8.22-3
- Remove duplicate BuildArch entry: BuildArch: noarch
* Thu Jul 27 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.8.22-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Tue Jul 4 2017 Jun Aruga <jaruga(a)redhat.com> - 2.8.22-1
- Update to upstream 2.8.22 release
* Wed Mar 29 2017 Jun Aruga <jaruga(a)redhat.com> - 2.8.17-1
- Update to upstream 2.8.17 release
* Sat Feb 11 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.7.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Mon Aug 1 2016 Jun Aruga <jaruga(a)redhat.com> - 2.7.0-2
- Update to prevent timeout error on an ARM builder. (rhbz#1361179)
* Thu Jul 28 2016 Jared Smith <jsmith(a)fedoraproject.org> - 2.7.0-1
- Update to upstream 2.7.0 release
* Sat Jul 9 2016 Jared Smith <jsmith(a)fedoraproject.org> - 2.6.4-1
- Update to upstream 2.6.4 release
* Wed Feb 10 2016 Tom Hughes <tom(a)compton.nu> - 2.6.1-1
- Update to 2.6.1 upstream release
* Fri Feb 5 2016 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.4.13-9
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Sat Nov 21 2015 Tom Hughes <tom(a)compton.nu> - 2.4.13-8
- update async dependency
* Fri Jun 19 2015 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.4.13-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.4.13-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1341824 - CVE-2015-8857 uglify-js: Incorrect Handling of Non-Boolean
Comparisons During Minification [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1341824
--------------------------------------------------------------------------------