The following Fedora EPEL 7 Security updates need testing:
Age URL
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-d5e825b208
isync-1.3.6-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
freetds-1.3.3-1.el7
libmysofa-1.2.1-1.el7
rpminspect-data-fedora-1.7-1.el7
Details about builds:
================================================================================
freetds-1.3.3-1.el7 (FEDORA-EPEL-2021-0cd46dc751)
Implementation of the TDS (Tabular DataStream) protocol
--------------------------------------------------------------------------------
Update Information:
Update to 1.3.3
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 8 2021 Dmitry Butskoy <Dmitry(a)Butskoy.name> - 1.3.3-1
- update to 1.3.3
--------------------------------------------------------------------------------
================================================================================
libmysofa-1.2.1-1.el7 (FEDORA-EPEL-2021-bc5821ce86)
C functions for reading HRTFs
--------------------------------------------------------------------------------
Update Information:
various smaller security bug fixes
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 6 2021 Nicolas Chauvet <kwizart(a)gmail.com> - 1.2.1-1
- Update to 1.2.1
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.2-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1935083 - CVE-2020-6860 libmysofa: stack-based buffer overflow in readDataVar
in hdf/dataobject.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1935083
[ 2 ] Bug #2019194 - CVE-2021-3756 libmysofa: heap-based buffer overflow in loudness(),
mysofa_check() and readOHDRHeaderMessageDataLayout() [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2019194
[ 3 ] Bug #2019195 - CVE-2021-3756 libmysofa: heap-based buffer overflow in loudness(),
mysofa_check() and readOHDRHeaderMessageDataLayout() [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2019195
--------------------------------------------------------------------------------
================================================================================
rpminspect-data-fedora-1.7-1.el7 (FEDORA-EPEL-2021-57e50b8620)
Build deviation compliance tool data files
--------------------------------------------------------------------------------
Update Information:
Upgrade to rpminspect-data-fedora-1.7
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 7 2021 David Cantrell <dcantrell(a)redhat.com> - 1.7-1
- Upgrade to rpminspect-data-fedora-1.7
--------------------------------------------------------------------------------