The following Fedora EPEL 7 Security updates need testing:
Age URL
639
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d
condor-8.6.11-1.el7
381
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80
python-gnupg-0.4.4-1.el7
379
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b
bubblewrap-0.3.3-2.el7
88
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-fa8a2e97c6
python-waitress-1.4.3-1.el7
28
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-19d171a465
python34-3.4.10-5.el7
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-12ba1ceddb
wordpress-5.1.5-1.el7
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-76347da426
seamonkey-2.53.2-1.el7
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-ec788c8a86
viewvc-1.1.28-1.el7
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-c9c5ded31b
pure-ftpd-1.0.47-4.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-32b3a77f8c
sleuthkit-4.9.0-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-cd30b5b1cf
chromium-81.0.4044.138-1.el7
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-e6847d3b59
perl-Mojolicious-7.94-3.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-ff94ccbdec
openssl11-1.1.1c-2.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-624f38e579
qbittorrent-3.3.16-2.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
clamav-0.102.3-1.el7
python-jsonpickle-0.9.4-3.el7
python-uritemplate-3.0.1-1.el7
python3-rpm-4.11.3-8.el7
uwsgi-2.0.18-8.el7
wireguard-tools-1.0.20200513-1.el7
xrdp-0.9.13-2.el7
Details about builds:
================================================================================
clamav-0.102.3-1.el7 (FEDORA-EPEL-2020-235a51a239)
End-user tools for the Clam Antivirus scanner
--------------------------------------------------------------------------------
Update Information:
ClamAV 0.102.3 is a bug patch release to address the following issues. -
CVE-2020-3327: Fix a vulnerability in the ARJ archive parsing module in ClamAV
0.102.2 that could cause a Denial-of-Service (DoS) condition. Improper bounds
checking of an unsigned variable results in an out-of-bounds read which causes a
crash. Special thanks to Daehui Chang and Fady Othman for helping identify the
ARJ parsing vulnerability. - CVE-2020-3341: Fix a vulnerability in the PDF
parsing module in ClamAV 0.101 - 0.102.2 that could cause a Denial-of-Service
(DoS) condition. Improper size checking of a buffer used to initialize AES
decryption routines results in an out-of-bounds read which may cause a crash.
Bug found by OSS-Fuzz. - Fix "Attempt to allocate 0 bytes" error when parsing
some PDF documents. - Fix a couple of minor memory leaks. ---- - Add upstream
patch to fix "Attempt to allocate 0 bytes" errors while scanning certain
PDFs - Do not log freshclam output to syslog by default - creates double
entries in the journal (bz#1822012) - (#1820069) add try-restart clamav-
freshclam.service on logrotate - Enable prelude support (bz#1829726) - Move
/etc/clamd.d/scan.conf to clamav-filesystem - Add patch to build with EL7
libcurl - re-enable on-access scanning (bz#1820395)
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 14 2020 Orion Poplawski <orion(a)nwra.com> - 0.102.3-1
- Update to 0.102.3 (bz#1834910)
- Security fixes CVE-2020-3341
* Sat May 2 2020 Orion Poplawski <orion(a)nwra.com> - 0.102.2-9
- Add upstream patch to fix "Attempt to allocate 0 bytes" errors while scanning
certain PDFs
* Thu Apr 30 2020 Orion Poplawski <orion(a)nwra.com> - 0.102.2-8
- Enable prelude support (bz#1829726)
* Wed Apr 29 2020 Orion Poplawski <orion(a)nwra.com> - 0.102.2-7
- Move /etc/clamd.d/scan.conf to clamav-filesystem
- Add patch to build with EL7 libcurl - re-enable on-access scanning
(bz#1820395)
- Add clamonacc.service
* Tue Apr 21 2020 Bj��rn Esser <besser82(a)fedoraproject.org> - 0.102.2-6
- Rebuild (json-c)
* Wed Apr 8 2020 Orion Poplawski <orion(a)nwra.com> - 0.102.2-5
- Do not log freshclam output to syslog by default - creates double entries
in the journal (bz#1822012)
- (#1820069) add try-restart clamav-freshclam.service on logrotate
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1820069 - freshclam's logrotate settings incorrect because daemon is not
restarted/nofitifed
https://bugzilla.redhat.com/show_bug.cgi?id=1820069
[ 2 ] Bug #1820395 - Clamav OnAccessScanning disabled
https://bugzilla.redhat.com/show_bug.cgi?id=1820395
[ 3 ] Bug #1822012 - When using the clamav-freshclam.service all log messages are
logged twice
https://bugzilla.redhat.com/show_bug.cgi?id=1822012
[ 4 ] Bug #1829726 - ClamAV: Enable Prelude support
https://bugzilla.redhat.com/show_bug.cgi?id=1829726
[ 5 ] Bug #1834910 - clamav-0.102.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1834910
--------------------------------------------------------------------------------
================================================================================
python-jsonpickle-0.9.4-3.el7 (FEDORA-EPEL-2020-bbeead1050)
A module that allows any object to be serialized into JSON
--------------------------------------------------------------------------------
Update Information:
Python 3 subpackage, etc.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 14 2020 Felix Schwarz <fschwarz(a)fedoraproject.org> - 0.9.4-3
- add Python 3 subpackage (rhbz #1828910)
- add source file verification
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1828910 - python-jsonpickle: provide Python 3 package for EPEL 7
https://bugzilla.redhat.com/show_bug.cgi?id=1828910
--------------------------------------------------------------------------------
================================================================================
python-uritemplate-3.0.1-1.el7 (FEDORA-EPEL-2020-51e576edf1)
Simple python library to deal with URI Templates (RFC 6570)
--------------------------------------------------------------------------------
Update Information:
- add Python 3 subpackage for EPEL 7 (rhbz #1829473) - Update to 3.0.1 - declare
licensing correctly and include actual license files
--------------------------------------------------------------------------------
ChangeLog:
* Sun May 3 2020 Felix Schwarz <fschwarz(a)fedoraproject.org> - 3.0.1-1
- update to 3.0.1
- declare licensing correctly and include actual license files
- add Python 3 subpackage for EPEL 7 (rhbz #1829473)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1829473 - python-uritemplate: please provide a Python 3 version in EPEL 7
https://bugzilla.redhat.com/show_bug.cgi?id=1829473
--------------------------------------------------------------------------------
================================================================================
python3-rpm-4.11.3-8.el7 (FEDORA-EPEL-2020-3ef1e07e82)
Python 3 bindings for apps which will manipulate RPM packages
--------------------------------------------------------------------------------
Update Information:
Sync with rpm-4.11.3-43.el7 (RHEL 7.8).
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 14 2020 Miro Hron��ok <mhroncok(a)redhat.com> - 4.11.3-8
- Sync with rpm-4.11.3-43.el7 (RHEL 7.8)
- Fix packages getting removed on failed update via dnf (#1710691)
- Fix segfault on fingerprint symlink (#1660232)
- Fix bogus if-condition in find-debuginfo.sh (#1720590)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1660232 - segfault when installing package with invalid signature
https://bugzilla.redhat.com/show_bug.cgi?id=1660232
[ 2 ] Bug #1710691 - Package gets removed on failed update via dnf
https://bugzilla.redhat.com/show_bug.cgi?id=1710691
[ 3 ] Bug #1720590 - fix bogus if-condition in find-debuginfo.sh
https://bugzilla.redhat.com/show_bug.cgi?id=1720590
--------------------------------------------------------------------------------
================================================================================
uwsgi-2.0.18-8.el7 (FEDORA-EPEL-2020-fa7b2f5f4a)
Fast, self-healing, application container server
--------------------------------------------------------------------------------
Update Information:
Patching PHP plugin to fix Zend framework
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 12 2020 Jorge A Gallegos <kad(a)blegh.net> - 2.0.18-8
- Patching PHP plugin to fix Zend framework
--------------------------------------------------------------------------------
================================================================================
wireguard-tools-1.0.20200513-1.el7 (FEDORA-EPEL-2020-baf3fdd3d3)
Fast, modern, secure VPN tunnel
--------------------------------------------------------------------------------
Update Information:
- Update to 1.0.20200513 - Makefile: remember to install all systemd units -
ipc: openbsd: switch to array ioctl interface ---- Update to 1.0.20200510
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 13 2020 Joe Doss <joe(a)solidadmin.com> - 1.0.20200513-1
- Update to 1.0.20200513
- Makefile: remember to install all systemd units
- ipc: openbsd: switch to array ioctl interface
* Mon May 11 2020 Joe Doss <joe(a)solidadmin.com> - 1.0.20200510-1
- Update to 1.0.20200510
- ipc: add support for openbsd kernel implementation
- ipc: cleanup openbsd support
- wg-quick: add support for openbsd kernel implementation
- wg-quick: cleanup openbsd support
- wg-quick: support dns search domains
- Makefile: simplify silent cleaning
- ipc: remove extra space
- git: add gitattributes so tarball doesn't have gitignore files
- terminal: specialize color_mode to stdout only
- wg-quick: android: support application whitelist
- systemd: add wg-quick.target
* Wed Apr 15 2020 Leigh Scott <leigh123linux(a)gmail.com> - 1.0.20200319-2
- Add missing config directory
- Remove default buildroot BuildRequires
- Simplify doc install
- Remove commented lines
- Use correct macro for bash-completion
--------------------------------------------------------------------------------
================================================================================
xrdp-0.9.13-2.el7 (FEDORA-EPEL-2020-fcf52fc3c8)
Open source remote desktop protocol (RDP) server
--------------------------------------------------------------------------------
Update Information:
Move socket directory to /run/xrdp.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 14 2020 Bojan Smojver <bojan(a)rexurive.com> - 1:0.9.13-2
- Move sockets to /run/xrdp, bug #1834178
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1834178 - Existing build not compatible with pam_namespace.so
https://bugzilla.redhat.com/show_bug.cgi?id=1834178
--------------------------------------------------------------------------------