The following Fedora EPEL 7 Security updates need testing:
Age URL
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-ba899b9717
golang-1.19.6-1.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-cd6dc8dccf
wordpress-5.1.16-1.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-00ddf3658a
dropbear-2017.75-3.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
chromium-113.0.5672.126-1.el7
eccodes-2.30.0-1.el7
liblxi-1.20-1.el7
Details about builds:
================================================================================
chromium-113.0.5672.126-1.el7 (FEDORA-EPEL-2023-1388277bf4)
A WebKit (Blink) powered web browser that Google doesn't want you to use
--------------------------------------------------------------------------------
Update Information:
update to 113.0.5672.126. Fixes the many security issues
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 17 2023 Than Ngo <than(a)redhat.com> - 113.0.5672.126-1
- drop clang workaround for el8
- update to 113.0.5672.126
* Tue May 9 2023 Than Ngo <than(a)redhat.com> - 113.0.5672.92-1
- update to 113.0.5672.92
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2196008 - regression | flooding avc: denied { setcap } |
chromium-113.0.5672.63-1.el8
https://bugzilla.redhat.com/show_bug.cgi?id=2196008
[ 2 ] Bug #2207609 - CVE-2021-31239 chromium: sqlite: denial of service via the
appendvfs.c function [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2207609
[ 3 ] Bug #2207612 - CVE-2021-31239 chromium: sqlite: denial of service via the
appendvfs.c function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2207612
[ 4 ] Bug #2207859 - CVE-2023-2721 CVE-2023-2722 CVE-2023-2723 CVE-2023-2724
CVE-2023-2725 CVE-2023-2726 chromium: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2207859
[ 5 ] Bug #2207860 - CVE-2023-2721 CVE-2023-2722 CVE-2023-2723 CVE-2023-2724
CVE-2023-2725 CVE-2023-2726 chromium: various flaws [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2207860
--------------------------------------------------------------------------------
================================================================================
eccodes-2.30.0-1.el7 (FEDORA-EPEL-2023-af32eed15c)
WMO data format decoding and encoding
--------------------------------------------------------------------------------
Update Information:
Upgrade to upstream version 2.30.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 18 2023 Jos de Kloe <josdekloe(a)gmail.com> - 2.30.0-1
- Upgrade to upstream version 2.30.0
- explicitly switch on ENABLE_AEC
- migrated to SPDX license
* Wed Jun 1 2022 Jos de Kloe <josdekloe(a)gmail.com> - 2.26.0-1
- Upgrade to upstream version 2.26.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2208249 - eccodes-2.23.0-1.el7
https://bugzilla.redhat.com/show_bug.cgi?id=2208249
--------------------------------------------------------------------------------
================================================================================
liblxi-1.20-1.el7 (FEDORA-EPEL-2023-5b3d11803f)
Library with simple API for communication with LXI devices
--------------------------------------------------------------------------------
Update Information:
# liblxi v1.20 * refactor(bonjour): Fix typo & refine browse default domain *
feat(bonjour): Add mdns support for macOS
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 20 2023 Robert Scheck <robert(a)fedoraproject.org> 1.20-1
- Upgrade to 1.20 (#2208790)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2208790 - liblxi-1.20 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2208790
--------------------------------------------------------------------------------