The following Fedora EPEL 7 Security updates need testing:
Age URL
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-0859a9d61e
x11vnc-0.9.13-12.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-9fbe0750f7
privoxy-3.0.32-1.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-580891d7f4
chromium-88.0.4324.182-2.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-f1e9ccd247
zabbix40-4.0.29-1.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-04cc5bcb08
nagios-4.4.6-4.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-780cd884ad
cabextract-1.9-7.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-32d4f4a583
python3-pillow-6.2.2-2.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
js-jquery-ui-1.12.1-1.el7
js-jquery-ui-touch-punch-0.2.3-0.10.20141219git4bc0091.el7
js-jsroot-5.9.1-1.el7
nrpe-4.0.3-6.el7
upx-3.96-8.el7
Details about builds:
================================================================================
js-jquery-ui-1.12.1-1.el7 (FEDORA-EPEL-2021-a8ba75a9b4)
jQuery user interface
--------------------------------------------------------------------------------
Update Information:
New js-jquery-ui package. (Replacing retired xstatic-jquery-ui-common.)
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1933419 - Review Request: js-jquery-ui - jQuery user interface
https://bugzilla.redhat.com/show_bug.cgi?id=1933419
--------------------------------------------------------------------------------
================================================================================
js-jquery-ui-touch-punch-0.2.3-0.10.20141219git4bc0091.el7 (FEDORA-EPEL-2021-e6cd367687)
Touch Event Support for jQuery UI
--------------------------------------------------------------------------------
Update Information:
Requires new js-jquery-ui package instead of retired xstatic-jquery-ui-common.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 11 2021 Mattias Ellert <mattias.ellert(a)physics.uu.se> -
0.2.3-0.10.20141219git4bc0091
- Change Requires to new js-jquery-ui package (also for EPEL 8)
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
0.2.3-0.9.20141219git4bc0091
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Jul 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> -
0.2.3-0.8.20141219git4bc0091
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jul 15 2020 Mattias Ellert <mattias.ellert(a)physics.uu.se> -
0.2.3-0.7.20141219git4bc0091
- Drop jquery-ui dependency for EPEL 8, package not available.
* Wed Jan 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> -
0.2.3-0.6.20141219git4bc0091
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Jul 25 2019 Fedora Release Engineering <releng(a)fedoraproject.org> -
0.2.3-0.5.20141219git4bc0091
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> -
0.2.3-0.4.20141219git4bc0091
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> -
0.2.3-0.3.20141219git4bc0091
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Feb 7 2018 Fedora Release Engineering <releng(a)fedoraproject.org> -
0.2.3-0.2.20141219git4bc0091
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1929637 - F35FailsToInstall: js-jquery-ui-touch-punch
https://bugzilla.redhat.com/show_bug.cgi?id=1929637
[ 2 ] Bug #1933032 - F34FailsToInstall: js-jquery-ui-touch-punch
https://bugzilla.redhat.com/show_bug.cgi?id=1933032
--------------------------------------------------------------------------------
================================================================================
js-jsroot-5.9.1-1.el7 (FEDORA-EPEL-2021-3b3652e53a)
JavaScript ROOT - Interactive numerical data analysis graphics
--------------------------------------------------------------------------------
Update Information:
jsroot 5.9.1 Requires new js-jquery-ui package instead of retired xstatic-
jquery-ui-common.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 11 2021 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 5.9.1-1
- Update to version 5.9.1
- Change Requires to new js-jquery-ui package (also for EPEL 8)
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 5.8.0-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Sat Sep 26 2020 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 5.8.0-5
- Compatibility with uglifyjs v3 (no --preamble option)
* Tue Jul 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 5.8.0-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Thu Jul 23 2020 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 5.8.0-3
- Do not use closure-compiler for Fedora 33+ - it is orphaned and
uninstallable with broken deps.
* Wed Jul 15 2020 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 5.8.0-2
- No longer bundle js-jquery, js-jquery-mousewheel and
js-jquery-ui-touch-punch for EPEL 8.
- Still bundle js-jquery-ui which is not available in EPEL 8.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1929638 - F35FailsToInstall: js-jsroot
https://bugzilla.redhat.com/show_bug.cgi?id=1929638
[ 2 ] Bug #1933033 - F34FailsToInstall: js-jsroot
https://bugzilla.redhat.com/show_bug.cgi?id=1933033
--------------------------------------------------------------------------------
================================================================================
nrpe-4.0.3-6.el7 (FEDORA-EPEL-2021-f8025180be)
Host/service/network monitoring agent for Nagios
--------------------------------------------------------------------------------
Update Information:
Wait for network-online.target. Apply /etc/sysconfig/nrpe settings. Changed
/var/run to /run.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 11 2021 J��n ONDREJ (SAL) <ondrejj(at)salstar.sk> - 4.0.3-6
- Fix build for EPEL7.
* Tue Mar 9 2021 J��n ONDREJ (SAL) <ondrejj(at)salstar.sk> - 4.0.3-5
- Wait for network-online.target (bz#1898469).
- Apply /etc/sysconfig/nrpe settings (bz#1806659).
- Changed /var/run to /run (bz#1870146).
* Tue Mar 2 2021 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 4.0.3-4
- Rebuilt for updated systemd-rpm-macros
See
https://pagure.io/fesco/issue/2583.
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.0.3-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1806659 - /etc/sysconfig/nrpe is ignored
https://bugzilla.redhat.com/show_bug.cgi?id=1806659
[ 2 ] Bug #1870146 - systemd-tmpfiles issue with /usr/lib/tmpfiles.d/nrpe.conf
https://bugzilla.redhat.com/show_bug.cgi?id=1870146
[ 3 ] Bug #1898469 - NRPE not starting at boot on physical servers
https://bugzilla.redhat.com/show_bug.cgi?id=1898469
--------------------------------------------------------------------------------
================================================================================
upx-3.96-8.el7 (FEDORA-EPEL-2021-d7ae32a6da)
Ultimate Packer for eXecutables
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2021-20285
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 11 2021 Gwyn Ciesla <gwync(a)protonmail.com> - 3.96-8
- PAtch for CVE-2021-20285
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.96-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1937789 - CVE-2021-20285 upx: Illegal memory access in canPack function in
p_lx_elf.cpp [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1937789
--------------------------------------------------------------------------------