The following Fedora EPEL 7 Security updates need testing: Age URL 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-3c8a5a400b p7zip-16.02-20.el7 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-a46e72f139 radare2-5.2.1-1.el7 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-255f12d77d zarafa-7.1.14-5.el7 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-b6ffea264a perl-Image-ExifTool-12.16-3.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-9cfa4ffd25 java-latest-openjdk-16.0.1.0.9-1.rolling.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-9cf47c841c python-yara-4.1.0-1.el7 yara-4.1.0-1.el7 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-3f4ec3ba2a sympa-6.2.62-1.el7 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-23a46d718e libopenmpt-0.5.8-1.el7

The following builds have been pushed to Fedora EPEL 7 updates-testing

ansible-2.9.21-1.el7 centos-packager-0.7.0-6.el7 chromium-90.0.4430.93-1.el7 exim-4.94.2-1.el7 fluidsynth-2.1.8-4.el7 qpid-proton-0.34.0-1.el7 rkhunter-1.4.6-3.el7

Details about builds:

================================================================================ ansible-2.9.21-1.el7 (FEDORA-EPEL-2021-80d45ac7ec) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information:

Update to ansible 2.9.21 with various small fixes to ansible-test. ---- Upgrade to 2.9.20 bugfix and security update. -------------------------------------------------------------------------------- ChangeLog:

* Tue May 4 2021 Kevin Fenzi kevin@scrye.com - 2.9.21-1 - Update to 2.9.21. * Sat Apr 24 2021 Kevin Fenzi kevin@scrye.com - 2.9.20-1 - Update to 2.9.20. - Split out ansible-test as a subpackage. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1939440 - CVE-2021-3447 ansible: multiple modules expose secured values [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1939440 [ 2 ] Bug #1939441 - CVE-2021-3447 ansible: multiple modules expose secured values [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1939441 [ 3 ] Bug #1952790 - packaging differences between Fedora/EPEL and ConfigManagementSIG/Red Hat https://bugzilla.redhat.com/show_bug.cgi?id=1952790 --------------------------------------------------------------------------------

================================================================================ centos-packager-0.7.0-6.el7 (FEDORA-EPEL-2021-30e5a3e918) Tools and files necessary for building CentOS packages -------------------------------------------------------------------------------- Update Information:

Initial package -------------------------------------------------------------------------------- ChangeLog:

-------------------------------------------------------------------------------- References:

[ 1 ] Bug #1953690 - Review Request: centos-packager - Tools and files necessary for building CentOS packages https://bugzilla.redhat.com/show_bug.cgi?id=1953690 --------------------------------------------------------------------------------

================================================================================ chromium-90.0.4430.93-1.el7 (FEDORA-EPEL-2021-314d2feba2) A WebKit (Blink) powered web browser that Google doesn't want you to use -------------------------------------------------------------------------------- Update Information:

Update to Chromium 90.0.4430.93. Fixes the following security issues: CVE-2021-21206 CVE-2021-21220 CVE-2021-21201 CVE-2021-21202 CVE-2021-21203 CVE-2021-21204 CVE-2021-21221 CVE-2021-21207 CVE-2021-21208 CVE-2021-21209 CVE-2021-21210 CVE-2021-21211 CVE-2021-21212 CVE-2021-21213 CVE-2021-21214 CVE-2021-21215 CVE-2021-21216 CVE-2021-21217 CVE-2021-21218 CVE-2021-21219 CVE-2021-21205 CVE-2021-21194 CVE-2021-21195 CVE-2021-21196 CVE-2021-21197 CVE-2021-21198 CVE-2021-21199 CVE-2021-21222 CVE-2021-21223 CVE-2021-21224 CVE-2021-21225 CVE-2021-21226 CVE-2021-21227 CVE-2021-21232 CVE-2021-21233 CVE-2021-21228 CVE-2021-21229 CVE-2021-21230 CVE-2021-21231 If you hold your broken appliances close to the screen when you update, it might fix them too. (fixes not guaranteed) -------------------------------------------------------------------------------- ChangeLog:

* Tue Apr 27 2021 Tom Callaway spot@fedoraproject.org - 90.0.4430.93-1 - update to 90.0.4430.93 * Wed Apr 21 2021 Tom Callaway spot@fedoraproject.org - 90.0.4430.85-1 - update to 90.0.4430.85 * Fri Apr 16 2021 Tom Callaway spot@fedoraproject.org - 90.0.4430.72-1 - update to 90.0.4430.72 * Wed Apr 14 2021 Tom Callaway spot@fedoraproject.org - 89.0.4389.128-1 - update to 89.0.4389.128 * Wed Mar 31 2021 Jonathan Wakely jwakely@redhat.com - 89.0.4389.90-5 - Rebuilt for removed libstdc++ symbols (#1937698) * Mon Mar 29 2021 Tom Callaway spot@fedoraproject.org - 89.0.4389.90-4 - fix libva compile in rawhide -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1945106 - CVE-2021-21194 chromium-browser: Use after free in screen capture https://bugzilla.redhat.com/show_bug.cgi?id=1945106 [ 2 ] Bug #1945107 - CVE-2021-21195 chromium-browser: Use after free in V8 https://bugzilla.redhat.com/show_bug.cgi?id=1945107 [ 3 ] Bug #1945108 - CVE-2021-21196 chromium-browser: Heap buffer overflow in TabStrip https://bugzilla.redhat.com/show_bug.cgi?id=1945108 [ 4 ] Bug #1945109 - CVE-2021-21197 chromium-browser: Heap buffer overflow in TabStrip https://bugzilla.redhat.com/show_bug.cgi?id=1945109 [ 5 ] Bug #1945110 - CVE-2021-21198 chromium-browser: Out of bounds read in IPC https://bugzilla.redhat.com/show_bug.cgi?id=1945110 [ 6 ] Bug #1945111 - CVE-2021-21199 chromium-browser: Use Use after free in Aura https://bugzilla.redhat.com/show_bug.cgi?id=1945111 [ 7 ] Bug #1949617 - CVE-2021-21206 chromium-browser: Use after free in Blink https://bugzilla.redhat.com/show_bug.cgi?id=1949617 [ 8 ] Bug #1949618 - CVE-2021-21220 chromium-browser: Insufficient validation of untrusted input in V8 for x86_64 https://bugzilla.redhat.com/show_bug.cgi?id=1949618 [ 9 ] Bug #1950436 - CVE-2021-21201 chromium-browser: Use after free in permissions https://bugzilla.redhat.com/show_bug.cgi?id=1950436 [ 10 ] Bug #1950437 - CVE-2021-21202 chromium-browser: Use after free in extensions https://bugzilla.redhat.com/show_bug.cgi?id=1950437 [ 11 ] Bug #1950438 - CVE-2021-21203 chromium-browser: Use after free in Blink https://bugzilla.redhat.com/show_bug.cgi?id=1950438 [ 12 ] Bug #1950439 - CVE-2021-21204 chromium-browser: Use after free in Blink https://bugzilla.redhat.com/show_bug.cgi?id=1950439 [ 13 ] Bug #1950440 - CVE-2021-21221 chromium-browser: Insufficient validation of untrusted input in Mojo https://bugzilla.redhat.com/show_bug.cgi?id=1950440 [ 14 ] Bug #1950441 - CVE-2021-21207 chromium-browser: Use after free in IndexedDB https://bugzilla.redhat.com/show_bug.cgi?id=1950441 [ 15 ] Bug #1950442 - CVE-2021-21208 chromium-browser: Insufficient data validation in QR scanner https://bugzilla.redhat.com/show_bug.cgi?id=1950442 [ 16 ] Bug #1950443 - CVE-2021-21209 chromium-browser: Inappropriate implementation in storage https://bugzilla.redhat.com/show_bug.cgi?id=1950443 [ 17 ] Bug #1950444 - CVE-2021-21210 chromium-browser: Inappropriate implementation in Network https://bugzilla.redhat.com/show_bug.cgi?id=1950444 [ 18 ] Bug #1950445 - CVE-2021-21211 chromium-browser: Inappropriate implementation in Navigation https://bugzilla.redhat.com/show_bug.cgi?id=1950445 [ 19 ] Bug #1950446 - CVE-2021-21212 chromium-browser: Incorrect security UI in Network Config UI https://bugzilla.redhat.com/show_bug.cgi?id=1950446 [ 20 ] Bug #1950447 - CVE-2021-21213 chromium-browser: Use after free in WebMIDI https://bugzilla.redhat.com/show_bug.cgi?id=1950447 [ 21 ] Bug #1950448 - CVE-2021-21214 chromium-browser: Use after free in Network API https://bugzilla.redhat.com/show_bug.cgi?id=1950448 [ 22 ] Bug #1950449 - CVE-2021-21215 chromium-browser: Inappropriate implementation in Autofill https://bugzilla.redhat.com/show_bug.cgi?id=1950449 [ 23 ] Bug #1950450 - CVE-2021-21216 chromium-browser: Inappropriate implementation in Autofill https://bugzilla.redhat.com/show_bug.cgi?id=1950450 [ 24 ] Bug #1950451 - CVE-2021-21217 chromium-browser: Uninitialized Use in PDFium https://bugzilla.redhat.com/show_bug.cgi?id=1950451 [ 25 ] Bug #1950452 - CVE-2021-21218 chromium-browser: Uninitialized Use in PDFium https://bugzilla.redhat.com/show_bug.cgi?id=1950452 [ 26 ] Bug #1950453 - CVE-2021-21219 chromium-browser: Uninitialized Use in PDFium https://bugzilla.redhat.com/show_bug.cgi?id=1950453 [ 27 ] Bug #1950454 - CVE-2021-21205 chromium-browser: Insufficient policy enforcement in navigation https://bugzilla.redhat.com/show_bug.cgi?id=1950454 [ 28 ] Bug #1951741 - CVE-2021-21222 chromium-browser: Heap buffer overflow in V8 https://bugzilla.redhat.com/show_bug.cgi?id=1951741 [ 29 ] Bug #1951742 - CVE-2021-21223 chromium-browser: Integer overflow in Mojo https://bugzilla.redhat.com/show_bug.cgi?id=1951742 [ 30 ] Bug #1951743 - CVE-2021-21224 chromium-browser: Type Confusion in V8 https://bugzilla.redhat.com/show_bug.cgi?id=1951743 [ 31 ] Bug #1951744 - CVE-2021-21225 chromium-browser: Out of bounds memory access in V8 https://bugzilla.redhat.com/show_bug.cgi?id=1951744 [ 32 ] Bug #1951745 - CVE-2021-21226 chromium-browser: Use after free in navigation https://bugzilla.redhat.com/show_bug.cgi?id=1951745 [ 33 ] Bug #1954051 - CVE-2021-21227 chromium-browser: Insufficient data validation in V8 https://bugzilla.redhat.com/show_bug.cgi?id=1954051 [ 34 ] Bug #1954052 - CVE-2021-21232 chromium-browser: Use after free in Dev Tools https://bugzilla.redhat.com/show_bug.cgi?id=1954052 [ 35 ] Bug #1954053 - CVE-2021-21233 chromium-browser: Heap buffer overflow in ANGLE https://bugzilla.redhat.com/show_bug.cgi?id=1954053 [ 36 ] Bug #1954054 - CVE-2021-21228 chromium-browser: Insufficient policy enforcement in extensions https://bugzilla.redhat.com/show_bug.cgi?id=1954054 [ 37 ] Bug #1954055 - CVE-2021-21229 chromium-browser: Incorrect security UI in downloads https://bugzilla.redhat.com/show_bug.cgi?id=1954055 [ 38 ] Bug #1954056 - CVE-2021-21230 chromium-browser: Type Confusion in V8 https://bugzilla.redhat.com/show_bug.cgi?id=1954056 [ 39 ] Bug #1954058 - CVE-2021-21231 chromium-browser: Insufficient data validation in V8 https://bugzilla.redhat.com/show_bug.cgi?id=1954058 --------------------------------------------------------------------------------

================================================================================ exim-4.94.2-1.el7 (FEDORA-EPEL-2021-dad1996f63) The exim mail transfer agent -------------------------------------------------------------------------------- Update Information:

This is new version of exim. -------------------------------------------------------------------------------- ChangeLog:

* Tue May 4 2021 Jaroslav ��karvada jskarvad@redhat.com - 4.94.2-1 - New version * Mon Apr 12 2021 Jaroslav ��karvada jskarvad@redhat.com - 4.94-3 - Release bump to fix greylisting --------------------------------------------------------------------------------

================================================================================ fluidsynth-2.1.8-4.el7 (FEDORA-EPEL-2021-f17367545f) Real-time software synthesizer -------------------------------------------------------------------------------- Update Information:

Security fix for CVE-2021-21417 -------------------------------------------------------------------------------- ChangeLog:

* Tue May 4 2021 Christoph Karl <pampelmuse [AT] gmx [DOT] at> - 2.1.8-4 - Makes EPEL 7 build working * Fri Apr 16 2021 Christoph Karl <pampelmuse [AT] gmx [DOT] at> - 2.1.8-3 - Cleanup cmake * Fri Apr 16 2021 Christoph Karl <pampelmuse [AT] gmx [DOT] at> - 2.1.8-2 - Resolves: rhbz #1921265 * Sat Apr 10 2021 Christoph Karl <pampelmuse [AT] gmx [DOT] at> - 2.1.8-1 - Update to 2.1.8 * Tue Jan 26 2021 Fedora Release Engineering releng@fedoraproject.org - 2.1.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Mon Aug 3 2020 Erich Eickmeyer erich@ericheickmeyer.com - 2.1.1-4 - Rebuild with fixes for Fedora 33 - Resolves: rhbz #1863571 * Sat Aug 1 2020 Fedora Release Engineering releng@fedoraproject.org - 2.1.1-3 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Mon Jul 27 2020 Fedora Release Engineering releng@fedoraproject.org - 2.1.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Mon Feb 17 2020 Orcan Ogetbil <oget[dot]fedora[at]gmail[dot]com> - 2.1.1-1 - Update to 2.1.1 * Sun Feb 16 2020 Orcan Ogetbil <oget[dot]fedora[at]gmail[dot]com> - 2.1.0-1 - Update to 2.1.0 * Tue Jan 28 2020 Fedora Release Engineering releng@fedoraproject.org - 1.1.11-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Thu Jul 25 2019 Fedora Release Engineering releng@fedoraproject.org - 1.1.11-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Sun Feb 17 2019 Igor Gnatenko ignatenkobrain@fedoraproject.org - 1.1.11-5 - Rebuild for readline 8.0 * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 1.1.11-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Tue Sep 18 2018 Owen Taylor otaylor@redhat.com - 1.1.11-3 - Disable hack for Flatpak builds - JACK isn't useful inside a sandbox, since there won't be enough privileges. * Fri Jul 13 2018 Fedora Release Engineering releng@fedoraproject.org - 1.1.11-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Sun May 6 2018 Orcan Ogetbil <oget[dot]fedora[at]gmail[dot]com> - 1.1.11-1 - Update to 1.1.11 * Sun Feb 25 2018 Orcan Ogetbil <oget[dot]fedora[at]gmail[dot]com> - 1.1.10-1 - Update to 1.1.10 - Drop upstreamed patches - Drop ldconfig calls in post and postun * Wed Feb 7 2018 Fedora Release Engineering releng@fedoraproject.org - 1.1.9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Sat Jan 6 2018 Orcan Ogetbil <oget[dot]fedora[at]gmail[dot]com> - 1.1.9-1 - Update to 1.1.9 - Fix startup issue when an invalid soundfont file name is given as a command line argument RHBZ#1399896 * Mon Aug 14 2017 Pete Walter pwalter@fedoraproject.org - 1.1.6-12 - Disable lash support * Wed Aug 2 2017 Fedora Release Engineering releng@fedoraproject.org - 1.1.6-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Wed Jul 26 2017 Fedora Release Engineering releng@fedoraproject.org - 1.1.6-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Fri Feb 10 2017 Fedora Release Engineering releng@fedoraproject.org - 1.1.6-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild * Thu Jan 12 2017 Igor Gnatenko ignatenko@redhat.com - 1.1.6-8 - Rebuild for readline 7.x -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1955613 - CVE-2021-21417 fluidsynth: A use after free via invalid SoundFont file [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1955613 --------------------------------------------------------------------------------

================================================================================ qpid-proton-0.34.0-1.el7 (FEDORA-EPEL-2021-ba45275aed) A high performance, lightweight messaging library -------------------------------------------------------------------------------- Update Information:

Rebased to 0.34.0. -------------------------------------------------------------------------------- ChangeLog:

* Tue May 4 2021 Irina Boverman iboverma@redhat.com - 0.34.0-1 - Rebased to 0.34.0 --------------------------------------------------------------------------------

================================================================================ rkhunter-1.4.6-3.el7 (FEDORA-EPEL-2021-77fa1bea73) A host-based tool to scan for rootkits, backdoors and local exploits -------------------------------------------------------------------------------- Update Information:

Add patch to fix false positive for libkeyutils -------------------------------------------------------------------------------- ChangeLog:

* Tue May 4 2021 Kevin Fenzi kevin@scrye.com - 1.4.6-3 - Add patch to fix false positive for libkeyutils --------------------------------------------------------------------------------