The following Fedora EPEL 7 Security updates need testing:
Age URL
490
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d
condor-8.6.11-1.el7
232
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80
python-gnupg-0.4.4-1.el7
229
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b
bubblewrap-0.3.3-2.el7
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-eb770d67f7
knot-resolver-4.3.0-1.el7
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-de07c8591e
cacti-1.2.8-1.el7 cacti-spine-1.2.8-1.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-39eb4afe6e
libuv-1.34.0-1.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-ad1ffea646
chromium-79.0.3945.79-1.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-936f369393
wordpress-5.1.4-1.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-b3b252ad49
drupal7-l10n_update-2.3-1.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c44b218d4a
drupal7-webform-4.21-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
conda-4.6.14-1.el7
htmldoc-1.8.28-6.el7
python-openshift-0.10.1-3.el7
singularity-3.5.2-1.1.el7
xrootd-4.11.1-1.el7
Details about builds:
================================================================================
conda-4.6.14-1.el7 (FEDORA-EPEL-2019-a6e87b96c1)
Cross-platform, Python-agnostic binary package manager
--------------------------------------------------------------------------------
Update Information:
- Update to 4.6.14 - Make "conda shell.bash hook" work (bz#1737165)
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 15 2019 Orion Poplawski <orion(a)nwra.com> - 4.6.14-1
- Update 4.6.14
- Make "conda shell.bash hook" work (bz#1737165)
- Unbundle more libraries
--------------------------------------------------------------------------------
================================================================================
htmldoc-1.8.28-6.el7 (FEDORA-EPEL-2019-3221ff1dea)
Converter from HTML into indexed HTML, PostScript, or PDF
--------------------------------------------------------------------------------
Update Information:
Backport fix for CVE-2019-19630
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 17 2019 Rex Dieter <rdieter(a)fedoraproject.org> - 1.8.28-6
- backport fix for CVE-2019-19630 (#1783941)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1783941 - CVE-2019-19630 htmldoc: crafted HTML document allows for a
stack-based buffer overflow in the hd_strlcpy() function in string.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1783941
--------------------------------------------------------------------------------
================================================================================
python-openshift-0.10.1-3.el7 (FEDORA-EPEL-2019-b509a50c8e)
Python client for the OpenShift API
--------------------------------------------------------------------------------
Update Information:
Update to 0.10.1
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 17 2019 Jason Montleon <jmontleo(a)redhat.com> 0.10.1-3
- work around BZ 1759100
* Tue Dec 17 2019 Jason Montleon <jmontleo(a)redhat.com> 0.10.1-2
- remove exclude possibly causing problems
* Tue Dec 17 2019 Jason Montleon <jmontleo(a)redhat.com> 0.10.1-1
- Update to upstream 0.10.1
--------------------------------------------------------------------------------
================================================================================
singularity-3.5.2-1.1.el7 (FEDORA-EPEL-2019-0ac439f69e)
Application and environment virtualization
--------------------------------------------------------------------------------
Update Information:
Upgrade to upstream 3.5.2, still using golang-1.11 on epel8 ---- Upgrade to
upstream 3.5.1, use golang-1.11 on epel8 ---- Upgrade to upstream 3.5.0
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 17 2019 Dave Dykstra <dwd(a)fedoraproject.org> - 3.5.2-1.1
- Upgrade to upstream 3.5.2, keeping #4768 patch only on el8
* Thu Dec 5 2019 Dave Dykstra <dwd(a)fedoraproject.org> - 3.5.1-1.1
- Upgrade to upstream 3.5.1, keeping #4768 patch only on el8
* Wed Nov 20 2019 Dave Dykstra <dwd(a)fedoraproject.org> - 3.5.0-1.1
- Apply patch from PR #4769 to build with golang-1.11 on el8 only
* Wed Nov 13 2019 Dave Dykstra <dwd(a)fedoraproject.org> - 3.5.0-1
- Upgrade to upstream 3.5.0
* Thu Nov 7 2019 Dave Dykstra <dwd(a)fedoraproject.org> - 3.5.0~rc.2-1
- Upgrade to upstream 3.5.0~rc.2.
* Wed Oct 30 2019 Dave Dykstra <dwd(a)fedoraproject.org> - 3.5.0~rc.1-1
- Upgrade to upstream 3.5.0~rc.1. Drop PR #4522 patch.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1777565 - singularity-3.5.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1777565
--------------------------------------------------------------------------------
================================================================================
xrootd-4.11.1-1.el7 (FEDORA-EPEL-2019-2dc1958ff6)
Extended ROOT file server
--------------------------------------------------------------------------------
Update Information:
xrootd 4.11.1
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 17 2019 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 1:4.11.1-1
- Update to version 4.11.1
--------------------------------------------------------------------------------