The following Fedora EPEL 7 Security updates need testing:
Age URL
709
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d
condor-8.6.11-1.el7
448
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b
bubblewrap-0.3.3-2.el7
158
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-fa8a2e97c6
python-waitress-1.4.3-1.el7
98
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-19d171a465
python34-3.4.10-5.el7
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-2f9c63b80c
php-horde-kronolith-4.2.29-1.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-dab5d98f39
cacti-1.2.13-1.el7 cacti-spine-1.2.13-1.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-07adc005e6
mbedtls-2.7.16-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-192ef0b5e1
hostapd-2.9-3.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-3d8bba637d
clamav-0.102.4-1.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-2c80eb66b5
libASL-0.1.7-6.el7 matio-1.5.17-3.el7 openmeeg-2.4-0.4.rc4.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
elements-5.10-1.el7
elements-alexandria-2.16-1.el7
golang-1.13.14-1.el7
pveclib-1.0.4-3.el7
python-regex-2020.7.14-1.el7
singularity-3.6.1-1.el7
snmptt-1.4.2-1.el7
sourcextractor++-0.11-1.el7
stoken-0.92-1.el7
Details about builds:
================================================================================
elements-5.10-1.el7 (FEDORA-EPEL-2020-eee8988b4a)
A C++/Python build framework
--------------------------------------------------------------------------------
Update Information:
New upstream release for elements, alexandria and sourcextractor++
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 20 2020 Alejandro Alvarez Ayllon <a.alvarezayllon(a)gmail.com> 5.10-1
- Update for upstream release 5.10
--------------------------------------------------------------------------------
================================================================================
elements-alexandria-2.16-1.el7 (FEDORA-EPEL-2020-eee8988b4a)
A lightweight C++ utility library
--------------------------------------------------------------------------------
Update Information:
New upstream release for elements, alexandria and sourcextractor++
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 17 2020 Alejandro Alvarez Ayllon <alejandro.alvarezayllon(a)unige.ch>
2.16-1
- New upstream release 2.16
--------------------------------------------------------------------------------
================================================================================
golang-1.13.14-1.el7 (FEDORA-EPEL-2020-90cbb3a9ff)
The Go Programming Language
--------------------------------------------------------------------------------
Update Information:
* Rebase to go1.13.14 * Security fix for CVE-2020-15586
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 20 2020 Jakub ��ajka <jcajka(a)redhat.com> - 1.13.14-1
- Rebase to go1.13.14
- Fix for CVE-2020-15586
- Resolves: BZ#1856956
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1856953 - CVE-2020-15586 golang: data race in certain net/http servers
including ReverseProxy can lead to DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1856953
--------------------------------------------------------------------------------
================================================================================
pveclib-1.0.4-3.el7 (FEDORA-EPEL-2020-df3af2a8f8)
Library for simplified access to PowerISA vector operations
--------------------------------------------------------------------------------
Update Information:
Power Vector Library (pveclib) A library of useful vector operations for POWER.
Introduced as pveclib-1.0.3 in F31. Recent upgrade to v.1.0.4 and successfully
built for F33. Suggestion/request by dave.love(a)manchester.ac.uk to include
pveclib in EL7/8 and have successful built these in koji.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1855094 - Upgrade pveclib to 1.0.4
https://bugzilla.redhat.com/show_bug.cgi?id=1855094
[ 2 ] Bug #1855248 - please build for el7/8
https://bugzilla.redhat.com/show_bug.cgi?id=1855248
--------------------------------------------------------------------------------
================================================================================
python-regex-2020.7.14-1.el7 (FEDORA-EPEL-2020-4087d71ee2)
Alternative regular expression module, to replace re
--------------------------------------------------------------------------------
Update Information:
Update to 2020.7.14.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 23 2020 Thomas Moschny <thomas.moschny(a)gmx.de> - 2020.7.14-1
- Update to 2020.7.14.
--------------------------------------------------------------------------------
================================================================================
singularity-3.6.1-1.el7 (FEDORA-EPEL-2020-c94247dfde)
Application and environment virtualization
--------------------------------------------------------------------------------
Update Information:
Upgrade to upstream 3.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 22 2020 Dave Dykstra <dwd(a)fedoraproject.org> - 3.6.1-1
- Upgrade to upstream 3.6.1.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1859399 - singularity-3.6.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1859399
--------------------------------------------------------------------------------
================================================================================
snmptt-1.4.2-1.el7 (FEDORA-EPEL-2020-489c36a241)
An SNMP trap handler written in Perl
--------------------------------------------------------------------------------
Update Information:
- Removed the daemon_gid option and enhanced the daemon_uid option so that it
retreives the group membership for daemon_uid from the OS. This fixes a bug
in 1.4.1 where it was not possible to define multiple group members with
daemon_gid. - Fixed a security issue with EXEC / PREXEC / unknown_trap_exec that
could allow malicious shell code to be executed. - Fixed a bug with EXEC /
PREXEC / unknown_trap_exec that caused commands to be run as root instead of
the user defined in daemon_uid. - Added the snmptt.ini option daemon_gid to
allow the gid to be set in addition to the uid. Defaults to 'nobody' if not
defined.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 23 2020 Volker Fr��hlich <volker27(a)gmx.at> - 1.4.2-1
- New upstream release
* Wed Jul 22 2020 Volker Fr��hlich <volker27(a)gmx.at> - 1.4.1-1
- New upstream release
--------------------------------------------------------------------------------
================================================================================
sourcextractor++-0.11-1.el7 (FEDORA-EPEL-2020-eee8988b4a)
A program that extracts a catalog of sources from astronomical images, and the successor
of SExtractor
--------------------------------------------------------------------------------
Update Information:
New upstream release for elements, alexandria and sourcextractor++
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 21 2020 Alejandro Alvarez Ayllon <aalvarez(a)fedoraproject.org> 0.11-1
- Update for upstream release 0.11
* Sat May 30 2020 Jonathan Wakely <jwakely(a)redhat.com> - 0.10-4
- Rebuilt for Boost 1.73
* Tue May 26 2020 Miro Hron��ok <mhroncok(a)redhat.com> - 0.10-3
- Rebuilt for Python 3.9
* Tue Mar 17 2020 Alejandro Alvarez Ayllon <aalvarez(a)fedoraproject.org> 0.10-2
- Rebuild for wcslib 7.2
--------------------------------------------------------------------------------
================================================================================
stoken-0.92-1.el7 (FEDORA-EPEL-2020-0e0bb6de69)
Token code generator compatible with RSA SecurID 128-bit (AES) token
--------------------------------------------------------------------------------
Update Information:
SPEC file update and small release 0.92.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 23 2020 Simone Caronni <negativo17(a)gmail.com> - 0.92-1
- Update to 0.92.
- Update SPEC file.
* Fri Jan 31 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.91-9
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Sat Jul 27 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.91-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sun Feb 3 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.91-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.91-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Feb 9 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.91-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Thu Aug 3 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.91-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Thu Jul 27 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.91-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Sat Feb 11 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.91-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
--------------------------------------------------------------------------------