The following Fedora EPEL 7 Security updates need testing:
Age URL
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-352a65d3bc
djvulibre-3.5.25.3-23.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-c44d955770
prosody-0.11.9-1.el7
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-113abf45ca
composer-1.10.22-1.el7
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-4ab96a9920
wordpress-5.1.10-1.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-4b7c1b59f8
upx-3.96-9.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-ecbb787cdb
slurm-20.11.7-1.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-6cc996cdc4
opendmarc-1.4.1-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
highway-0.12.1-1.el7
rxvt-unicode-9.21-4.el7
Details about builds:
================================================================================
highway-0.12.1-1.el7 (FEDORA-EPEL-2021-153a84b92a)
Efficient and performance-portable SIMD
--------------------------------------------------------------------------------
Update Information:
Update to 0.12.1 ---- Initial RPM
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1906980 - Review Request: highway - Efficient and performance-portable SIMD
https://bugzilla.redhat.com/show_bug.cgi?id=1906980
[ 2 ] Bug #1963675 - highway-0.12.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1963675
--------------------------------------------------------------------------------
================================================================================
rxvt-unicode-9.21-4.el7 (FEDORA-EPEL-2021-969456590e)
Unicode version of rxvt
--------------------------------------------------------------------------------
Update Information:
- Fixes [
CVE-2021-33477](https://nvd.nist.gov/vuln/detail/CVE-2021-33477) -
conservatively, by disabling the escape sequences.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 21 2021 Robbie Harwood <rharwood(a)redhat.com> - 9.21-4
- Patch for 2021-33477
- Note that 9.26 doesn't build on el7, so we can't update to it
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1961797 - CVE-2021-33477 rxvt-unicode: possible remote code execution
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1961797
--------------------------------------------------------------------------------