The following Fedora EPEL 7 Security updates need testing:
Age URL
767
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d
condor-8.6.11-1.el7
506
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b
bubblewrap-0.3.3-2.el7
14
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-83bdeb2965
ansible-2.9.13-1.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-f9a066663b
mbedtls-2.7.17-1.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-25e525a9ca
seamonkey-2.53.4-1.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-918ad695f6
proftpd-1.3.5e-10.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-d968abb383
golang-1.15.2-1.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-0f3f88c479
nginx-1.16.1-2.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-92064b5b2b
singularity-3.6.3-1.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-6b04ee5c07
libuv-1.39.0-1.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-e621d9ff68
matio-1.5.18-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
amavis-2.12.0-10.el7
boinc-client-7.16.6-6.el7
chromium-85.0.4183.102-1.el7
libprelude-5.2.0-1.el7
mcabber-1.1.2-1.el7
tarantool-1.10.7.33-1.el7
Details about builds:
================================================================================
amavis-2.12.0-10.el7 (FEDORA-EPEL-2020-a99ad8d21e)
Email filter with virus scanner and spamassassin support
--------------------------------------------------------------------------------
Update Information:
Don't disable service after obsoleting amavisd-new (RHBZ#1875299)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 18 2020 Juan Orti Alcaine <jortialc(a)redhat.com> - 2.12.0-10
- Don't disable service after obsoleting amavisd-new (RHBZ#1875299)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1875299 - Amavis update to amavis-2.12.0-9.el7 stops and disables amavisd
https://bugzilla.redhat.com/show_bug.cgi?id=1875299
--------------------------------------------------------------------------------
================================================================================
boinc-client-7.16.6-6.el7 (FEDORA-EPEL-2020-6458bf0901)
The BOINC client
--------------------------------------------------------------------------------
Update Information:
renamed .desktop file
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 18 2020 Germano Massullo <germano.massullo(a)gmail.com> - 7.16.6-6
- Renamed boinc-manager.desktop to boincmgr.desktop This fixes
https://bugzilla.redhat.com/show_bug.cgi?id=1880553
* Sat Aug 1 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 7.16.6-5
- Second attempt - Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Mon Jul 27 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 7.16.6-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
chromium-85.0.4183.102-1.el7 (FEDORA-EPEL-2020-dec199d5a2)
A WebKit (Blink) powered web browser
--------------------------------------------------------------------------------
Update Information:
Update Chromium to 85.0.4183.102. Fix issue where unpackaged components
prevented hardware accelerated rendering from working. Also fixes the following
security issues: CVE-2020-6573 CVE-2020-6574 CVE-2020-6575 CVE-2020-6576
CVE-2020-15959
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 8 2020 Tom Callaway <spot(a)fedoraproject.org> - 85.0.4183.102-1
- update to 85.0.4183.102
- install ANGLE so files (libEGL.so, libGLESv2.so)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1877090 - CVE-2020-6573 chromium-browser: Use after free in video
https://bugzilla.redhat.com/show_bug.cgi?id=1877090
[ 2 ] Bug #1877091 - CVE-2020-6574 chromium-browser: Insufficient policy enforcement in
installer
https://bugzilla.redhat.com/show_bug.cgi?id=1877091
[ 3 ] Bug #1877093 - CVE-2020-6575 chromium-browser: Race in Mojo
https://bugzilla.redhat.com/show_bug.cgi?id=1877093
[ 4 ] Bug #1877094 - CVE-2020-6576 chromium-browser: Use after free in offscreen canvas
https://bugzilla.redhat.com/show_bug.cgi?id=1877094
[ 5 ] Bug #1877095 - CVE-2020-15959 chromium-browser: Insufficient policy enforcement in
networking
https://bugzilla.redhat.com/show_bug.cgi?id=1877095
--------------------------------------------------------------------------------
================================================================================
libprelude-5.2.0-1.el7 (FEDORA-EPEL-2020-d1a19d6c90)
Secure Connections between all Sensors and the Prelude Manager
--------------------------------------------------------------------------------
Update Information:
Bump version 5.2
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 17 2020 Thomas Andrejak <thomas.andrejak(a)gmail.com> - 5.2.0-1
- Bump version 5.2.0
--------------------------------------------------------------------------------
================================================================================
mcabber-1.1.2-1.el7 (FEDORA-EPEL-2020-0395d83cb5)
Console Jabber instant messaging client
--------------------------------------------------------------------------------
Update Information:
Update to 1.1.2. ---- Update to 1.1.1.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Sep 19 2020 Vasiliy N. Glazov <vascom2(a)gmail.com> - 1.1.2-1
- Update to 1.1.2
* Mon Sep 7 2020 Vasiliy N. Glazov <vascom2(a)gmail.com> - 1.1.1-1
- Update to 1.1.1
* Tue Jul 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1.0-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jan 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1.0-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Jul 25 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1.0-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1876260 - mcabber-1.1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1876260
[ 2 ] Bug #1880740 - mcabber-1.1.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1880740
--------------------------------------------------------------------------------
================================================================================
tarantool-1.10.7.33-1.el7 (FEDORA-EPEL-2020-f56ff5d88d)
Real-time data integration platform
--------------------------------------------------------------------------------
Update Information:
Update to the latest LTS release
--------------------------------------------------------------------------------
ChangeLog:
* Sat Sep 19 2020 Roman Tsisyk <rtsisyk(a)fedoraproject.org> - 1.10.7.33-1
- Update to the latest LTS release.
- Disable tests - they need doesn't work in rpmbuild environment.
--------------------------------------------------------------------------------