The following Fedora EPEL 7 Security updates need testing:
Age URL
407
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d
condor-8.6.11-1.el7
183
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-d2c1368294
cinnamon-3.6.7-5.el7
149
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80
python-gnupg-0.4.4-1.el7
146
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b
bubblewrap-0.3.3-2.el7
83
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-12067fc897
dosbox-0.74.3-2.el7
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-5fce3c9dd9
bird-1.6.8-1.el7
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-3da69c71ad
bird2-2.0.6-1.el7
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c9e955fd21
libebml-1.3.9-1.el7 libmatroska-1.5.2-1.el7 mkvtoolnix-37.0.0-1.el7
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-57cf200dc6
seamonkey-2.49.5-2.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-330b323bb6
golang-1.13-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-209b03a8a4
cryptopp-5.6.5-1.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-7410520bec
blis-0.6.0-4.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-81572ab529
chromium-77.0.3865.90-2.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
mosquitto-1.6.7-1.el7
recap-2.1.0-3.el7
suricata-4.1.5-2.el7
xl2tpd-1.3.14-1.el7
Details about builds:
================================================================================
mosquitto-1.6.7-1.el7 (FEDORA-EPEL-2019-1c8bc2bf57)
An Open Source MQTT v3.1/v3.1.1 Broker
--------------------------------------------------------------------------------
Update Information:
1.6.7 ===== Broker: * Add workaround for working with libwebsockets 3.2.0. *
Fix potential crash when reloading config. Client library: * Don't use / in
autogenerated client ids, to avoid confusing with topics. * Fix
mosquitto_max_inflight_messages_set() and mosquitto_int_option(...,
MOSQ_OPT_*_MAX, ...) behaviour. * Fix regression on use of
mosquitto_connect_async() not working. Clients: * mosquitto_sub: Fix -E
incorrectly not working unless -d was also specified. * Updated documentation
around automatic client ids. 1.6.6 ===== Security: * CVE-2019-11779 *
Restrict topic hierarchy to 200 levels to prevent possible stack overflow.
Broker: * Restrict topic hierarchy to 200 levels to prevent possible stack
overflow. * mosquitto_passwd now returns 1 when attempting to update a user that
does not exist. 1.6.5 ===== Broker: * Fix v5 DISCONNECT packets with
remaining length == 2 being treated as a protocol error. * Fix support for
libwebsockets 3.x. * Fix slow websockets performance when sending large
messages. * Fix bridges potentially not connecting on Windows. * Fix clients
authorised using `use_identity_as_username` or `use_subject_as_username` being
disconnected on SIGHUP. * Improve error messages in some situations when clients
disconnect. Reduces the number of "Socket error on client X, disconnecting"
messages. * Fix Will for v5 clients not being sent if will delay interval was
greater than the session expiry interval. * Fix CRL file not being reloaded on
HUP. * Fix repeated "Error in poll" messages on Windows when only websockets
listeners are defined. Client library: * Fix reconnect backoff for the
situation where connections are dropped rather than refused. * Fix missing locks
on `mosq->state`. Documentation: * Improve details on global/per listener
options in the mosquitto.conf man page. * Clarify behaviour when clients exceed
the `message_size_limit`. * Improve documentation for `max_inflight_bytes`,
`max_inflight_messages`, and `max_queued_messages`.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 25 2019 Peter Robinson <pbrobinson(a)fedoraproject.org> 1.6.7-1
- 1.6.7 release
* Tue Sep 24 2019 Fabian Affolter <mail(a)fabian-affolter.ch> - 1.6.6-1
- Update to new upstream version 1.6.6
* Sat Sep 14 2019 Peter Robinson <pbrobinson(a)fedoraproject.org> 1.6.5-1
- 1.6.5 release
* Mon Sep 2 2019 Peter Robinson <pbrobinson(a)fedoraproject.org> 1.6.4-2
- Rebuild for libwebsockets 3.2
* Fri Aug 2 2019 Peter Robinson <pbrobinson(a)fedoraproject.org> 1.6.4-1
- 1.6.4 release
* Thu Jul 25 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.6.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Tue Jun 18 2019 Fabian Affolter <mail(a)fabian-affolter.ch> - 1.6.3-1
- Update to new upstream version 1.6.3
* Tue Apr 30 2019 Peter Robinson <pbrobinson(a)fedoraproject.org> 1.6.2-1
- 1.6.2 release
* Sat Apr 27 2019 Peter Robinson <pbrobinson(a)fedoraproject.org> 1.6.1-1
- 1.6.1 release
* Thu Apr 18 2019 Peter Robinson <pbrobinson(a)fedoraproject.org> 1.6.0-1
- Major new 1.6.0 release
- Support for MQTT 5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1753846 - CVE-2019-11779 mosquitto: malicious MQTT sends SUBSCRIBE packet
leads to stack over flow
https://bugzilla.redhat.com/show_bug.cgi?id=1753846
--------------------------------------------------------------------------------
================================================================================
recap-2.1.0-3.el7 (FEDORA-EPEL-2019-98b1e19aaa)
Generates reports of various system information
--------------------------------------------------------------------------------
Update Information:
Adding two new packages: f31 and epel8, both now use timers.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 20 2019 Tony Garcia <tony.garcia(a)rackspace.com> - 2.1.0-3
- Update dependencies when using timers
* Fri Jul 26 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.1.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
suricata-4.1.5-2.el7 (FEDORA-EPEL-2019-0740d6c6a4)
Intrusion Detection System
--------------------------------------------------------------------------------
Update Information:
This is a bugfix release where some of the bugs fixed are security bugs. Please
update. ---- This is a bugfix release where some of the bugs fixed are
security bugs. Please update.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 25 2019 Steve Grubb <sgrubb(a)redhat.com> 4.1.5-2
- Hardcode python 2
- Breakup service patch so epel 7 can avoid unsupported security hardening (#1736756)
* Tue Sep 24 2019 Steve Grubb <sgrubb(a)redhat.com> 4.1.5-1
- New upstream bug and security release.
* Thu Aug 1 2019 Steve Grubb <sgrubb(a)redhat.com> 4.1.4-4
- Fix FTBFS bz 1736727
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1736756 - suricata.service file uses unknown options on EL7
https://bugzilla.redhat.com/show_bug.cgi?id=1736756
--------------------------------------------------------------------------------
================================================================================
xl2tpd-1.3.14-1.el7 (FEDORA-EPEL-2019-67a9c13b38)
Layer 2 Tunnelling Protocol Daemon (RFC 2661)
--------------------------------------------------------------------------------
Update Information:
Minor bugfixes from upstream
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 25 2019 Paul Wouters <pwouters(a)redhat.com> - 1.3.14-1
- Resolves: rhbz#1322190 Updated to 1.3.14
- Resolves: rhbz#1722121 Use proper /run directory
- Resolves: rhbz#1399648 Review Request: xl2tpd
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1322190 - xl2tpd-1.3.12 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1322190
[ 2 ] Bug #1722121 - tmpfiles warning
https://bugzilla.redhat.com/show_bug.cgi?id=1722121
[ 3 ] Bug #1399648 - Review Request: xl2tpd - Updated to 1.3.8 using github release
https://bugzilla.redhat.com/show_bug.cgi?id=1399648
--------------------------------------------------------------------------------