The following Fedora EPEL 7 Security updates need testing:
Age URL
625
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d
condor-8.6.11-1.el7
367
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80
python-gnupg-0.4.4-1.el7
365
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b
bubblewrap-0.3.3-2.el7
74
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-fa8a2e97c6
python-waitress-1.4.3-1.el7
14
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-19d171a465
python34-3.4.10-5.el7
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-e3e05f0ce4
gnuchess-6.2.6-1.el7
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-a46aedd742
php-horde-horde-5.2.22-1.el7
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-23a94e6d3c
pxz-4.999.9-19.beta.20200421git.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-324f1b735d
chromium-81.0.4044.122-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-c4860b563d
openvpn-2.4.9-1.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-320cd2c3b5
java-latest-openjdk-14.0.1.7-2.rolling.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
koji-1.21.0-2.el7
nordugrid-arc6-6.6.0-1.el7
nrpe-4.0.3-1.el7
python-kubernetes-11.0.0-2.el7
python-openshift-0.11.0-3.el7
wordpress-5.1.5-1.el7
Details about builds:
================================================================================
koji-1.21.0-2.el7 (FEDORA-EPEL-2020-e9d34610c0)
Build system tools
--------------------------------------------------------------------------------
Update Information:
Add patch to fix admin --force tagging. ---- Update to bugfix and feature
upstream 1.21.0 version. See
https://docs.pagure.org/koji/release_notes/release_notes_1.21 for detailed
changes.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 30 2020 Kevin Fenzi <kevin(a)scrye.com> - 1.21.0-2
- Add patch to fix issue with admins not being able to force tagging.
- Fixes
https://pagure.io/koji/issue/2202 upstream.
* Tue Apr 21 2020 Kevin Fenzi <kevin(a)scrye.com> - 1.21.0-1
- Update to 1.21.1. Fixes bug #1826406
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1497923 - koji-web requires mod_auth_gssapi but that is not available in
RHEL6 or EPEL6
https://bugzilla.redhat.com/show_bug.cgi?id=1497923
[ 2 ] Bug #1806193 - koji-1.17 is not compatibile with python 2.6.6
https://bugzilla.redhat.com/show_bug.cgi?id=1806193
[ 3 ] Bug #1826343 - koji-1.21.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1826343
[ 4 ] Bug #1826406 - update to koji 1.21.0
https://bugzilla.redhat.com/show_bug.cgi?id=1826406
--------------------------------------------------------------------------------
================================================================================
nordugrid-arc6-6.6.0-1.el7 (FEDORA-EPEL-2020-8c54e3f600)
Advanced Resource Connector Middleware
--------------------------------------------------------------------------------
Update Information:
NorduGrid ARC 6.6.0
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 27 2020 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 6.6.0-1
- Update to version 6.6.0
- Split out package arcctl-service package from arcctl package
- Split out plugins-python from main ARC python module pacakage
--------------------------------------------------------------------------------
================================================================================
nrpe-4.0.3-1.el7 (FEDORA-EPEL-2020-9b022ba527)
Host/service/network monitoring agent for Nagios
--------------------------------------------------------------------------------
Update Information:
New upstream version ---- Fix regression with nasty_metacharacters
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 29 2020 Martin Jackson <mhjacks(a)swbell.net> - 4.0.3-1
- New upstream version
* Sun Apr 26 2020 Martin Jackson <mhjacks(a)swbell.net> - 4.0.2-2.20200423git4f7dd11
- Fix regression with nasty_metacharacters
- Update Patch3
--------------------------------------------------------------------------------
================================================================================
python-kubernetes-11.0.0-2.el7 (FEDORA-EPEL-2020-ace7d4cd5c)
Python client for the kubernetes API.
--------------------------------------------------------------------------------
Update Information:
Update to python-kubernetes 11.0.0 and python-openshift 0.11.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 30 2020 Jason Montleon <jmontleo(a)redhat.com> - 11.0.0-2
- Fix EPEL 7 and 8 builds
* Thu Apr 30 2020 Jason Montleon <jmontleo(a)redhat.com> - 11.0.0-1
- Update to 11.0.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1696532 - python-kubernetes-11.0.0b2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1696532
[ 2 ] Bug #1816888 - python-openshift-0.11.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1816888
--------------------------------------------------------------------------------
================================================================================
python-openshift-0.11.0-3.el7 (FEDORA-EPEL-2020-ace7d4cd5c)
Python client for the OpenShift API
--------------------------------------------------------------------------------
Update Information:
Update to python-kubernetes 11.0.0 and python-openshift 0.11.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 30 2020 Jason Montleon <jmontleo(a)redhat.com> 1:0.11.0-3
- Add missing changelog entries
* Thu Apr 30 2020 Jason Montleon <jmontleo(a)redhat.com> 1:0.11.0-2
- Fix el8 builds
* Thu Apr 30 2020 Jason Montleon <jmontleo(a)redhat.com> 1:0.11.0-1
- Update to 0.11.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1696532 - python-kubernetes-11.0.0b2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1696532
[ 2 ] Bug #1816888 - python-openshift-0.11.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1816888
--------------------------------------------------------------------------------
================================================================================
wordpress-5.1.5-1.el7 (FEDORA-EPEL-2020-12ba1ceddb)
Blog tool and publishing platform
--------------------------------------------------------------------------------
Update Information:
**WordPress 5.1.5** Security Updates Seven security issues affect WordPress
versions 5.4 and earlier. If you haven���t yet updated to 5.4, all WordPress
versions since 3.7 have also been updated to fix the following security issues:
* Props to Muaz Bin Abdus Sattar and Jannes who both independently reported
an issue where password reset tokens were not properly invalidated * Props to
ka1n4t for finding an issue where certain private posts can be viewed
unauthenticated * Props to Evan Ricafort for discovering an XSS issue in the
Customizer * Props to Ben Bidner from the WordPress Security Team who
discovered an XSS issue in the search block * Props to Nick Daugherty from
WordPress VIP / WordPress Security Team who discovered an XSS issue in wp-
object-cache * Props to Ronnie Goodrich (Kahoots) and Jason Medeiros who
independently reported an XSS issue in file uploads. * Props to Weston Ruter
for fixing a stored XSS vulnerability in the WordPress customizer.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 30 2020 Remi Collet <remi(a)remirepo.net> - 5.1.5-1
- WordPress 5.1.5 Security Release
--------------------------------------------------------------------------------