The following Fedora EPEL 7 Security updates need testing: Age URL 448 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d condor-8.6.11-1.el7 189 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80 python-gnupg-0.4.4-1.el7 187 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b bubblewrap-0.3.3-2.el7 123 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-12067fc897 dosbox-0.74.3-2.el7 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-821ac0b641 mingw-libidn2-2.2.0-1.el7 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-19535181a5 java-latest-openjdk-13.0.1.9-2.rolling.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-458a052bdb rssh-2.3.4-15.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-0d0c37fcca hostapd-2.9-2.el7 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-e6e7d521d9 chromium-78.0.3904.70-1.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-ec3a3dac15 libmp4v2-2.1.0-0.18.trunkREV507.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-50f0062140 golang-1.13.3-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-1946200e23 putty-0.73-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
lua-sec-0.8.2-1.el7 python-configparser-4.0.2-2.el7 python3-psycopg2-2.7.7-2.el7 python3-requests-2.14.2-1.el7 python3-urllib3-1.25.1-1.el7
Details about builds:
================================================================================ lua-sec-0.8.2-1.el7 (FEDORA-EPEL-2019-9d9b7055da) Lua binding for OpenSSL library -------------------------------------------------------------------------------- Update Information:
LuaSec 0.8.2 ============ * Fix unexported 'ssl.config' table -------------------------------------------------------------------------------- ChangeLog:
* Wed Oct 23 2019 Robert Scheck robert@fedoraproject.org 0.8.2-1 - Upgrade to 0.8.2 (#1760499) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1760499 - lua-sec-0.8.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1760499 --------------------------------------------------------------------------------
================================================================================ python-configparser-4.0.2-2.el7 (FEDORA-EPEL-2019-c53e0a3a3f) Backport of Python 3 configparser module -------------------------------------------------------------------------------- Update Information:
Depend on python-backports -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 5 2019 Avram Lubkin aviso@fedoraproject.org - 4.0.2-2 - Depend on python-backports * Mon Oct 28 2019 Avram Lubkin aviso@fedoraproject.org - 4.0.2-1 - Update to 4.0.2 --------------------------------------------------------------------------------
================================================================================ python3-psycopg2-2.7.7-2.el7 (FEDORA-EPEL-2019-6ef0b13088) PostgreSQL database adapter for Python -------------------------------------------------------------------------------- Update Information:
Rename python36-psycopg2 to python3-psycopg2 -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 5 2019 Carl George carl@george.computer - 2.7.7-2 - Rename python36-psycopg2 to python3-psycopg2 --------------------------------------------------------------------------------
================================================================================ python3-requests-2.14.2-1.el7 (FEDORA-EPEL-2019-2d77bb9597) HTTP library, written in Python, for human beings -------------------------------------------------------------------------------- Update Information:
urllib3 -- Update to 1.25.1, fixes CVE (bz#1702475) requests -- Update to 2.14.2 -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 4 2019 Orion Poplwski orion@nwra.com - 2.14.2-1 - Update to 2.14.2 * Wed Apr 24 2019 Orion Poplwski orion@nwra.com - 2.13.0-1 - Update to 2.13.0 - Drop strict urllib3 version requirement -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1702473 - CVE-2019-11324 python-urllib3: Certification mishandle when error should be thrown https://bugzilla.redhat.com/show_bug.cgi?id=1702473 --------------------------------------------------------------------------------
================================================================================ python3-urllib3-1.25.1-1.el7 (FEDORA-EPEL-2019-2d77bb9597) Python 3 HTTP library with thread-safe connection pooling and file post -------------------------------------------------------------------------------- Update Information:
urllib3 -- Update to 1.25.1, fixes CVE (bz#1702475) requests -- Update to 2.14.2 -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 4 2019 Orion Poplawski orion@nwra.com - 1.25.1-1 - Update to 1.25.1, fixes CVE (bz#1702475) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1702473 - CVE-2019-11324 python-urllib3: Certification mishandle when error should be thrown https://bugzilla.redhat.com/show_bug.cgi?id=1702473 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org