The following Fedora EPEL 7 Security updates need testing:
Age URL
641
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d
condor-8.6.11-1.el7
383
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80
python-gnupg-0.4.4-1.el7
381
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b
bubblewrap-0.3.3-2.el7
90
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-fa8a2e97c6
python-waitress-1.4.3-1.el7
30
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-19d171a465
python34-3.4.10-5.el7
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-76347da426
seamonkey-2.53.2-1.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-ec788c8a86
viewvc-1.1.28-1.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-c9c5ded31b
pure-ftpd-1.0.47-4.el7
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-32b3a77f8c
sleuthkit-4.9.0-1.el7
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-cd30b5b1cf
chromium-81.0.4044.138-1.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-e6847d3b59
perl-Mojolicious-7.94-3.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-ff94ccbdec
openssl11-1.1.1c-2.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-624f38e579
qbittorrent-3.3.16-2.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-235a51a239
clamav-0.102.3-1.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-ae83e43288
log4net-2.0.8-10.el7
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-567eda5296
exim-4.93-3.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
coturn-4.5.1.2-1.el7
gjots2-3.1.6-2.el7
json-c12-0.12.1-4.el7
librsync-2.3.0-1.el7
python-regex-2020.5.14-1.el7
rkhunter-1.4.6-2.el7
Details about builds:
================================================================================
coturn-4.5.1.2-1.el7 (FEDORA-EPEL-2020-ebecd0eb91)
TURN/STUN & ICE Server
--------------------------------------------------------------------------------
Update Information:
Coturn 4.5.1.2 ============== - merge regression fix: * Do not display
empty CLI passwd alert if CLI is not enabled - merge PR #359: * Remove
`turn_free_simple()` * Remove `turn_malloc()` * Remove `turn_realloc()`
* Remove `turn_free()` * Remove `turn_calloc()` * Remove `turn_strdup()`
* Remove `SSL_NEW()` and `SSL_FREE()` * Remove pointer debugging machinery
* Remove `ns_bzero()`, `ns_bcopy()`, and `ns_bcmp()` * Remove
`[su]{08,16,32,64}bits` type defines - merge PR #327 * Strip white-spaces
from config file lines end - merge PR #386 * fix the webadmin ip
permission add/delete sql injection - merge PR #390 * fix mongo driver
crash when invalid connection string is used - merge PR #392 enhanced fread
return length check - merge PR #367 disconnect database gracefully - merge
PR #382 * Using `SSL_get_version` method for BoringSSL compatibility *
Now we put in `turn_session_info->tls_method` the real TLS version. Earlier we
put UNKNOWN in this field if it was a TLS protocol that was not defined
supportel TLS protocol during compile time. - merge PR #276 Add systemd
service example - merge PR #284 Add bandwidth usage reporting packet/bandwidth
usage by peers - merge PR #381 Modifying configure to enable compile with
private libraries - merge PR #455 Typo corrected - merge PR #417 Append only
to log files rather to override them - merge PR #442 Updated incorrect string
length check for 'ssh' - merge PR #449 Fix Dockerfile for latest Debian -
http server NULL dereference * Reported (by
quarkslab.com, cisco/talos)
* CVE-2020-6061 / TALOS-2020-0984 - http server out of bound read *
Reported (by
quarkslab.com, cisco/talos) * CVE-2020-6061 / TALOS-2020-0984
- merge PR #472 STUN input validation - merge PR #398 FIPS - merge PR #478
prod - merge PR #463 fix typos and grammar - update travis config ubuntu/mac
images - merge PR #466 added null check for second char - merge PR #470
compiler warning fixes - merge PR #475 Update `README.docker` - merge PR
#471 Fix a memory leak when an SHATYPE isn't supported - merge PR #488 Fix
typos about `INSTALL` filenames - fix compiler warning comparison between
signed and unsigned integer expressions - fix compiler warning string
truncation - change Diffie Hellman default key length from 1066 to 2066 -
merge PR #522 drop of supplementary group IDs - merge PR #514 Unify spelling
of Coturn - merge PR#506 Rename "prod" config option to "no-software-
attribute" - merge PR #519 fix config extension in `README.docker` - merge
PR #516 change sql data dir in `docker-compose-all.yml` - merge PR #513 remove
trailing spaces from `README`s - merge PR #525 add flags to disable periodic
use of dynamic tables
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 16 2020 Robert Scheck <robert(a)fedoraproject.org> - 4.5.1.2-1
- Update to 4.5.1.2
--------------------------------------------------------------------------------
================================================================================
gjots2-3.1.6-2.el7 (FEDORA-EPEL-2020-239a92e692)
A hierarchical note jotter - organize your ideas, notes, facts in a tree
--------------------------------------------------------------------------------
Update Information:
unretire package
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1823599 - Review Request: gjots2 - A heirarchical note jotter. Organise your
ideas, notes, facts in a tree
https://bugzilla.redhat.com/show_bug.cgi?id=1823599
--------------------------------------------------------------------------------
================================================================================
json-c12-0.12.1-4.el7 (FEDORA-EPEL-2020-134c471656)
JSON implementation in C (0.12 compatibility package)
--------------------------------------------------------------------------------
Update Information:
- Fix CVE-2020-12762. - Drop the unneeded `%pretrans` scriptlet.
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 16 2020 Bj��rn Esser <besser82(a)fedoraproject.org> - 0.12.1-4
- Drop the unneeded %pretrans scriptlet
* Fri May 15 2020 Bj��rn Esser <besser82(a)fedoraproject.org> - 0.12.1-3
- Fix CVE-2020-12762
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1835253 - CVE-2020-12762 json-c: integer overflow and out-of-bounds write via
a large JSON file
https://bugzilla.redhat.com/show_bug.cgi?id=1835253
--------------------------------------------------------------------------------
================================================================================
librsync-2.3.0-1.el7 (FEDORA-EPEL-2020-5bd056a025)
Rsync remote-delta algorithm library
--------------------------------------------------------------------------------
Update Information:
librsync 2.3.0 ============== * Bump minor version from 2.2.1 to 2.3.0 to
reflect additional `rs_sig_args()` and `strong_len=-1` support. * Add public
`rs_sig_args()` function for getting the recommend signature args from the file
size. Added support to rdiff for `--sum-size=-1` to indicate "use minimum size
safe against random block collisions". Added warning output for sum-sizes that
are too small to be safe. Fixed possible rdiff bug affecting popt parsing on
non-little-endian platforms. * Fixed yet more compiler warnings for various
platforms/compilers. * Improved cmake popt handling to find popt dependencies
using PkgConfig. * Tidied internal code and improved tests for `netint.[ch]`,
`tube.c`, and `hashtable.h`. * Improved C99 compatibility. Add `-std=c99
-pedantic` to `CMAKE_C_FLAGS` for gcc and clang. Fix all C99 warnings by making
all code C99 compliant. Tidy all CMake checks, #cmakedefines, and #includes. Fix
64bit support for mdfour checksums. * Usage clarified in rdiff (1) man page.
librsync 2.2.1 ============== * Fix #176 hangs calculating deltas for files
larger than 4GB. librsync 2.2.0 ============== * Bump minor version from
2.1.0 to 2.2.0 to reflect additional RabinKarp rollsum support. * Fix MSVC
builds by adding missing `LIBRSYNC_EXPORT` to variables in `librsync.h`, add
`-DLIBRSYNC_STATIC_DEFINE` to the sumset_test target, and correctly install
`.dll` files in the bin directory. * Add RabinKarp rollsum support and make it
the default. RabinKarp is a much better rolling hash, which reduces the risk of
hash collision corruption and speeds up delta calculations. The rdiff cmd gets a
new `-R (rollsum|rabinkarp)` argument with the default being `rabinkarp`, Use
`-R rollsum` to generate backwards-compatible signatures. * Use single-byte
literal commands for small inserts in deltas. This makes each small insert use 1
less byte in deltas. * Fix multiple warnings (cross-)compiling for windows.
* Change `rs_file_size()` to report -1 instead of 0 for unknown file sizes (not
a regular file). * Add cmake `BUILD_SHARED_LIBS` option for static library
support. `BUILD_SHARED_LIBS` defaults to `ON`, and can be set to `OFF` using
`ccmake .` to build librsync as a static library. * Fix compile errors and add
`.gitignore` entries for MSVS 2019. Fixes `hashtable.h` to be C99 compliant.
librsync 2.1.0 ============== * Bump minor version from 2.0.3 to 2.1.0 to
reflect additions to `librsync.h`. * Fix exporting of private symbols from
librsync library. Add export of useful large file functions `rs_file_open()`,
`rs_file_close()`, and `rs_file_size()` to `librsync.h`. Add export of
`rs_signature_log_stats()` to log signature hashtable hit/miss stats. Improve
rdiff error output. * Updated release process to include stable tarballs. *
Remove redundant and broken `--paranoia` argument from rdiff. * Fix memory
leak of `rs_signature_t->block_sigs` when freeing signatures. * Document delta
file format. * Fix up doxygen comments.
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 16 2020 Robert Scheck <robert(a)fedoraproject.org> 2.3.0-1
- Upgrade to 2.3.0
* Wed Jan 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.0.2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-regex-2020.5.14-1.el7 (FEDORA-EPEL-2020-4cb6f7796b)
Alternative regular expression module, to replace re
--------------------------------------------------------------------------------
Update Information:
Update to 2020.5.14.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 15 2020 Thomas Moschny <thomas.moschny(a)gmx.de> - 2020.5.14-1
- Update to 2020.5.14.
--------------------------------------------------------------------------------
================================================================================
rkhunter-1.4.6-2.el7 (FEDORA-EPEL-2020-eee1e0c90b)
A host-based tool to scan for rootkits, backdoors and local exploits
--------------------------------------------------------------------------------
Update Information:
Exclude podman /dev/shm files from checks.
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 16 2020 Kevin Fenzi <kevin(a)scrye.com> - 1.4.6-2
- Add allow for podman's /dev/shm files (fixes bug #1828698 )
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1828698 - Suspicious file types found in /dev: /dev/shm/libpod_lock
https://bugzilla.redhat.com/show_bug.cgi?id=1828698
--------------------------------------------------------------------------------