The following Fedora EPEL 7 Security updates need testing:
Age URL
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-352a65d3bc
djvulibre-3.5.25.3-23.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-c44d955770
prosody-0.11.9-1.el7
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-113abf45ca
composer-1.10.22-1.el7
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-4ab96a9920
wordpress-5.1.10-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-4b7c1b59f8
upx-3.96-9.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-6cc996cdc4
opendmarc-1.4.1-1.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-969456590e
rxvt-unicode-9.21-4.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-0fec8057df
python3-lxml-4.2.5-4.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-17f170d38c
caribou0-0.4.21-26.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
centpkg-0.6.5-1.el7
chromium-90.0.4430.212-1.el7
exfatprogs-1.1.2-1.el7
libretls-3.3.3p1-1.el7
openhantek-3.2.3-1.el7
php-composer-semver3-3.2.5-1.el7
python-enlighten-1.10.1-1.el7
python-wcwidth-0.2.5-1.el7
slurm-20.11.7-3.el7
Details about builds:
================================================================================
centpkg-0.6.5-1.el7 (FEDORA-EPEL-2021-9b0bccf6e7)
CentOS utility for working with dist-git
--------------------------------------------------------------------------------
Update Information:
Latest upstream 0.6.5
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 25 2021 Carl George <carl(a)george.computer> - 0.6.5-1
- Latest upstream
--------------------------------------------------------------------------------
================================================================================
chromium-90.0.4430.212-1.el7 (FEDORA-EPEL-2021-0402b44d82)
A WebKit (Blink) powered web browser that Google doesn't want you to use
--------------------------------------------------------------------------------
Update Information:
Update to 90.0.4430.212. Fixes: CVE-2021-30506 CVE-2021-30507 CVE-2021-30508
CVE-2021-30509 CVE-2021-30510 CVE-2021-30511 CVE-2021-30512 CVE-2021-30513
CVE-2021-30514 CVE-2021-30515 CVE-2021-30516 CVE-2021-30517 CVE-2021-30518
CVE-2021-30519 CVE-2021-30520
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 18 2021 Tom Callaway <spot(a)fedoraproject.org> - 90.0.4430.212-1
- update to 90.0.4430.212
--------------------------------------------------------------------------------
================================================================================
exfatprogs-1.1.2-1.el7 (FEDORA-EPEL-2021-aa58c16483)
Userspace utilities for exFAT filesystems
--------------------------------------------------------------------------------
Update Information:
Update to bugfix release 1.1.2.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 25 2021 Simone Caronni <negativo17(a)gmail.com> - 1.1.2-1
- Update to 1.1.2.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1962822 - exfatprogs-1.1.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1962822
--------------------------------------------------------------------------------
================================================================================
libretls-3.3.3p1-1.el7 (FEDORA-EPEL-2021-945622f956)
Port of libtls from LibreSSL to OpenSSL
--------------------------------------------------------------------------------
Update Information:
- Upgrade to 3.3.3p1 (#1964579)
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 25 2021 Robert Scheck <robert(a)fedoraproject.org> 3.3.3p1-1
- Upgrade to 3.3.3p1 (#1964579)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1964579 - libretls-3.3.3p1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1964579
--------------------------------------------------------------------------------
================================================================================
openhantek-3.2.3-1.el7 (FEDORA-EPEL-2021-c20149394e)
Hantek and compatible USB digital signal oscilloscope
--------------------------------------------------------------------------------
Update Information:
Update to 3.2.3.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 25 2021 Vasiliy Glazov <vascom2(a)gmail.com> - 3.2.3-1
- Update to 3.2.3
--------------------------------------------------------------------------------
================================================================================
php-composer-semver3-3.2.5-1.el7 (FEDORA-EPEL-2021-af7f1990a3)
Semver library version 3
--------------------------------------------------------------------------------
Update Information:
**Version 3.2.5** 2021-05-24 * Fixed: issue comparing disjunctive
MultiConstraints to conjunctive ones (#127) * Fixed: added complete type
information using phpstan annotations
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 25 2021 Remi Collet <remi(a)remirepo.net> - 3.2.5-1
- update to 3.2.5
--------------------------------------------------------------------------------
================================================================================
python-enlighten-1.10.1-1.el7 (FEDORA-EPEL-2021-ec743e1094)
Enlighten Progress Bar
--------------------------------------------------------------------------------
Update Information:
Update to 1.10.1
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 25 2021 Avram Lubkin <aviso(a)rockhopper.net> - 1.10.1-1
- Update to 1.10.1
- Drop EL6
- Fix dependencies
--------------------------------------------------------------------------------
================================================================================
python-wcwidth-0.2.5-1.el7 (FEDORA-EPEL-2021-5de056f174)
Measures number of Terminal column cells of wide-character codes
--------------------------------------------------------------------------------
Update Information:
Update to 0.2.5
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 25 2021 Avram Lubkin <aviso(a)rockhopper.net> - 0.2.5-1
- Update to 0.2.5
* Sat Jun 20 2020 Avram Lubkin <aviso(a)rockhopper.net> - 0.2.4-1
- Update to 0.2.4
--------------------------------------------------------------------------------
================================================================================
slurm-20.11.7-3.el7 (FEDORA-EPEL-2021-7e9a7ecfb4)
Simple Linux Utility for Resource Management
--------------------------------------------------------------------------------
Update Information:
Move auth_jwt.so plugin to base package ---- - Update to 20.11.7 - Closes
security issue CVE-2021-31215
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 24 2021 Philip Kovacs <pkfed(a)fedoraproject.org> - 20.11.7-3
- Move auth_jwt.so plugin to base package (#1947878)
* Fri May 21 2021 Jitka Plesnikova <jplesnik(a)redhat.com> - 20.11.7-2
- Perl 5.34 rebuild
* Sat May 15 2021 Philip Kovacs <pkfed(a)fedoraproject.org> - 20.11.7-1
- Update to 20.11.7
- Closes security issue CVE-2021-31215
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1961071 - CVE-2021-31215 slurm: environment mishandling in PrologSlurmctld or
EpilogSlurmctld script may allow remote code execution
https://bugzilla.redhat.com/show_bug.cgi?id=1961071
--------------------------------------------------------------------------------