The following Fedora EPEL 7 Security updates need testing:
Age URL
700
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d
condor-8.6.11-1.el7
439
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b
bubblewrap-0.3.3-2.el7
149
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-fa8a2e97c6
python-waitress-1.4.3-1.el7
89
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-19d171a465
python34-3.4.10-5.el7
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-afd5c42fd6
coturn-4.5.1.3-1.el7
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-6949cf3502
xrdp-0.9.13.1-1.el7
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-2f70f49092
putty-0.74-1.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-0f25da8099
python-rsa-3.4.2-1.el7
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-28cc1451e0
python-gnupg-0.4.6-2.el7
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-8dd45257ad
seamonkey-2.53.3-1.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-2f9c63b80c
php-horde-kronolith-4.2.29-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
bdsync-0.11.2-1.el7
cacti-1.2.13-1.el7
cacti-spine-1.2.13-1.el7
mbedtls-2.7.16-1.el7
nnn-3.3-1.el7
singularity-3.6.0-1.el7
sipcalc-1.1.6-17.el7
ufdbGuard-1.34.5-2.el7
wsdd-0.6.1-1.el7
yubico-piv-tool-2.1.0-1.el7
Details about builds:
================================================================================
bdsync-0.11.2-1.el7 (FEDORA-EPEL-2020-aaf9bd1359)
Remote sync for block devices
--------------------------------------------------------------------------------
Update Information:
Initial pacakge for EPEL 7
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
cacti-1.2.13-1.el7 (FEDORA-EPEL-2020-dab5d98f39)
An rrd based graphing tool
--------------------------------------------------------------------------------
Update Information:
- Update to 1.2.13 Release notes:
https://www.cacti.net/release_notes.php?version=1.2.13
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 14 2020 Morten Stevens <mstevens(a)fedoraproject.org> - 1.2.13-1
- Update to 1.2.13
- CVE-2020-11022, CVE-2020-11023, CVE-2020-13625, CVE-2020-14295
--------------------------------------------------------------------------------
================================================================================
cacti-spine-1.2.13-1.el7 (FEDORA-EPEL-2020-dab5d98f39)
Threaded poller for Cacti written in C
--------------------------------------------------------------------------------
Update Information:
- Update to 1.2.13 Release notes:
https://www.cacti.net/release_notes.php?version=1.2.13
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 14 2020 Morten Stevens <mstevens(a)fedoraproject.org> - 1.2.13-1
- Update to 1.2.13
--------------------------------------------------------------------------------
================================================================================
mbedtls-2.7.16-1.el7 (FEDORA-EPEL-2020-07adc005e6)
Light-weight cryptographic and SSL/TLS library
--------------------------------------------------------------------------------
Update Information:
- Update to 2.7.16 Security advisory:
https://tls.mbed.org/tech-
updates/security-advisories/mbedtls-security-advisory-2020-07
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 14 2020 Morten Stevens <mstevens(a)fedoraproject.org> - 2.7.16-1
- Update to 2.7.16
- Security Advisory 2020-07
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1851867 - CVE-2020-10941 mbedtls: cache attack against RSA key import in SGX
https://bugzilla.redhat.com/show_bug.cgi?id=1851867
--------------------------------------------------------------------------------
================================================================================
nnn-3.3-1.el7 (FEDORA-EPEL-2020-dacfc41f5b)
The missing terminal file browser for X
--------------------------------------------------------------------------------
Update Information:
Update to 3.3 (#1856600)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 14 2020 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 3.3-1
- Update to 3.3 (#1856600)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1856600 - nnn-3.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1856600
--------------------------------------------------------------------------------
================================================================================
singularity-3.6.0-1.el7 (FEDORA-EPEL-2020-30513f3084)
Application and environment virtualization
--------------------------------------------------------------------------------
Update Information:
Upgrade to upstream 3.6.0. Remove patch #4679 for el8.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 14 2020 Dave Dykstra <dwd(a)fedoraproject.org> - 3.6.0-1
- Upgrade to upstream 3.6.0. Remove patch #4679 for el8, since
golang-12 is now available for that build machine.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1828680 - singularity-3.6.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1828680
--------------------------------------------------------------------------------
================================================================================
sipcalc-1.1.6-17.el7 (FEDORA-EPEL-2020-6a014228a6)
An "advanced" console based ip subnet calculator
--------------------------------------------------------------------------------
Update Information:
Initial EPEL 7 package
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1412939 - sipcalc package missing from el7
https://bugzilla.redhat.com/show_bug.cgi?id=1412939
--------------------------------------------------------------------------------
================================================================================
ufdbGuard-1.34.5-2.el7 (FEDORA-EPEL-2020-0964ecd023)
A URL filter for squid
--------------------------------------------------------------------------------
Update Information:
Initial build.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1426863 - unmaintained? package ufdbguard instead?
https://bugzilla.redhat.com/show_bug.cgi?id=1426863
[ 2 ] Bug #1856464 - Review Request: ufdbGuard - A URL filter for squid
https://bugzilla.redhat.com/show_bug.cgi?id=1856464
--------------------------------------------------------------------------------
================================================================================
wsdd-0.6.1-1.el7 (FEDORA-EPEL-2020-e035ef097f)
Web Services Dynamic Discovery host daemon
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release. Copied from
https://github.com/christgau/wsdd/releases : Version 0.6.1 - ignore unknown
interface indexes from Netlink message on Linux (caused "error in main loop") -
prevent hosts from not being discovered due to misplaced socket registration at
selector Version 0.6 - new operation 'discovery' operation mode to scan for
other hosts, exposed via minimalistic socket-based API - improved handling of
address changes (prevents termination when system is currently starting up but
no IP address has been assigned) - usage of tentative IPv6 addresses is avoided
on Linux - chroot now works also an machines with international domain/host name
- fixed handling of invalid messages - improved FreeBSD rc.d script - code
heavily refactored
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 13 2020 Sam P <survient(a)fedoraproject.org> - 0.6.1-1
- Updated to upstream latest release
--------------------------------------------------------------------------------
================================================================================
yubico-piv-tool-2.1.0-1.el7 (FEDORA-EPEL-2020-82740df319)
Tool for interacting with the PIV applet on a YubiKey NEO
--------------------------------------------------------------------------------
Update Information:
New upstream release (#1855024)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 13 2020 Jakub Jelen <jjelen(a)redhat.com> - 2.1.0-1
- New upstream release (#1855024)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1855024 - yubico-piv-tool-2.1.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1855024
--------------------------------------------------------------------------------