The following Fedora EPEL 7 Security updates need testing:
 Age  URL
 765  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d   
condor-8.6.11-1.el7
 505  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b   
bubblewrap-0.3.3-2.el7
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-83bdeb2965   
ansible-2.9.13-1.el7
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-0a324e529d   
drupal7-7.72-1.el7
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-f9a066663b   
mbedtls-2.7.17-1.el7
   7  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-25e525a9ca   
seamonkey-2.53.4-1.el7
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-0f3f88c479   
nginx-1.16.1-2.el7
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-918ad695f6   
proftpd-1.3.5e-10.el7
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-d968abb383   
golang-1.15.2-1.el7
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-92064b5b2b   
singularity-3.6.3-1.el7


The following builds have been pushed to Fedora EPEL 7 updates-testing

    libuv-1.39.0-1.el7
    matio-1.5.18-1.el7
    nordugrid-arc-5.4.4-4.el7
    nordugrid-arc6-6.7.0-2.el7
    root-6.22.02-2.el7
    xrdcl-http-5.0.2-1.el7
    xrootd-5.0.2-1.el7
    xrootd-compat-4.12.4-1.el7
    yadifa-2.3.10-1.el7

Details about builds:


================================================================================
 libuv-1.39.0-1.el7 (FEDORA-EPEL-2020-6b04ee5c07)
 Platform layer for node.js
--------------------------------------------------------------------------------
Update Information:

Update to Node.js 12.18.4  September 2020 security release -
https://nodejs.org/en/blog/vulnerability/september-2020-security-releases/
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep  8 2020 Stephen Gallagher <sgall...@redhat.com> - 1.39.0-1
- Update to 1.39.0
* Fri Jul 31 2020 Stephen Gallagher <sgall...@redhat.com> - 1.38.1-1
- Update to 1.38.1
- https://github.com/libuv/libuv/blob/v1.38.1/ChangeLog
* Tue Jul 28 2020 Fedora Release Engineering <rel...@fedoraproject.org> - 
1:1.38.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 matio-1.5.18-1.el7 (FEDORA-EPEL-2020-e621d9ff68)
 Library for reading/writing Matlab MAT files
--------------------------------------------------------------------------------
Update Information:

1.5.18 https://github.com/tbeu/matio/releases/tag/v1.5.18
--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep 17 2020 Gwyn Ciesla <gw...@protonmail.com> - 1.5.18-1
- 1.5.18
* Tue Jul 28 2020 Fedora Release Engineering <rel...@fedoraproject.org> - 
1.5.17-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1769546 - CVE-2019-17533 matio: improper null termination in 
Mat_VarReadNextInfo4 in mat4.c leads to heap-based overflow [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1769546
  [ 2 ] Bug #1769548 - CVE-2019-17533 matio: improper null termination in 
Mat_VarReadNextInfo4 in mat4.c leads to heap-based overflow [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1769548
  [ 3 ] Bug #1769550 - CVE-2019-17533 matio: improper null termination in 
Mat_VarReadNextInfo4 in mat4.c leads to heap-based overflow [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1769550
  [ 4 ] Bug #1792008 - CVE-2019-20019 matio: excessive memory allocation in 
Mat_VarRead5 in mat5.c [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1792008
  [ 5 ] Bug #1792009 - CVE-2019-20019 matio: excessive memory allocation in 
Mat_VarRead5 in mat5.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1792009
  [ 6 ] Bug #1792295 - CVE-2019-20020 matio: stack-based buffer overflow in 
ReadNextStructField in mat5.c [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1792295
  [ 7 ] Bug #1792296 - CVE-2019-20020 matio: stack-based buffer overflow in 
ReadNextStructField in mat5.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1792296
  [ 8 ] Bug #1792301 - CVE-2019-20018 matio: stack-based buffer overflow in 
ReadNextCell in mat5.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1792301
  [ 9 ] Bug #1792303 - CVE-2019-20018 matio: stack-based buffer overflow in 
ReadNextCell in mat5.c [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1792303
  [ 10 ] Bug #1792333 - CVE-2019-20017 matio: stack-based buffer overflow in 
Mat_VarReadNextInfo5 in mat5.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1792333
  [ 11 ] Bug #1792336 - CVE-2019-20017 matio: stack-based buffer overflow in 
Mat_VarReadNextInfo5 in mat5.c [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1792336
  [ 12 ] Bug #1794726 - CVE-2019-20052 matio: memory leak in Mat_VarCalloc in 
mat.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1794726
  [ 13 ] Bug #1794727 - CVE-2019-20052 matio: memory leak in Mat_VarCalloc in 
mat.c [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1794727
  [ 14 ] Bug #1880167 - matio-1.5.18 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1880167
--------------------------------------------------------------------------------


================================================================================
 nordugrid-arc-5.4.4-4.el7 (FEDORA-EPEL-2020-44ad46e846)
 Advanced Resource Connector Grid Middleware
--------------------------------------------------------------------------------
Update Information:

xrootd 5
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug 28 2020 Mattias Ellert <mattias.ell...@physics.uu.se> - 5.4.4-4
- xrootd 5 compatibility
--------------------------------------------------------------------------------


================================================================================
 nordugrid-arc6-6.7.0-2.el7 (FEDORA-EPEL-2020-44ad46e846)
 Advanced Resource Connector Middleware
--------------------------------------------------------------------------------
Update Information:

xrootd 5
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug 28 2020 Mattias Ellert <mattias.ell...@physics.uu.se> - 6.7.0-2
- xrootd 5 compatibility
--------------------------------------------------------------------------------


================================================================================
 root-6.22.02-2.el7 (FEDORA-EPEL-2020-44ad46e846)
 Numerical data analysis framework
--------------------------------------------------------------------------------
Update Information:

xrootd 5
--------------------------------------------------------------------------------
ChangeLog:

* Sun Aug 30 2020 Mattias Ellert <mattias.ell...@physics.uu.se> - 6.22.02-2
- Adapt to xrootd 5 (Fedora 33+, EPEL 7+)
  - Don't build the old proof client (xproofd)
  - Don't build the old NetX module
--------------------------------------------------------------------------------


================================================================================
 xrdcl-http-5.0.2-1.el7 (FEDORA-EPEL-2020-44ad46e846)
 HTTP client plug-in for XRootD
--------------------------------------------------------------------------------
Update Information:

xrootd 5
--------------------------------------------------------------------------------
ChangeLog:

* Fri Sep 18 2020 Mattias Ellert <mattias.ell...@physics.uu.se> - 5.0.2-1
- Update to version 5.0.2
- Drop patches (accepted upstream or previously backported)
* Thu Aug 27 2020 Mattias Ellert <mattias.ell...@physics.uu.se> - 5.0.1-1
- Update to version 5.0.1
- Don't use versioned plugin names in configuration
- Backport plugin version change from git master
* Sat Aug  1 2020 Fedora Release Engineering <rel...@fedoraproject.org> - 
4.12.2-3
- Second attempt - Rebuilt for
  https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jul 29 2020 Fedora Release Engineering <rel...@fedoraproject.org> - 
4.12.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 xrootd-5.0.2-1.el7 (FEDORA-EPEL-2020-44ad46e846)
 Extended ROOT file server
--------------------------------------------------------------------------------
Update Information:

xrootd 5
--------------------------------------------------------------------------------
ChangeLog:

* Fri Sep 18 2020 Mattias Ellert <mattias.ell...@physics.uu.se> - 1:5.0.2-1
- Update to version 5.0.2
- Drop patches (accepted upstream or previously backported)
- Obsolete xrdhttpvoms in xrootd-voms package
* Thu Aug 27 2020 Mattias Ellert <mattias.ell...@physics.uu.se> - 1:5.0.1-1
- Update to version 5.0.1
- Remove conditionals for building on EPEL 6
- Drop patches (accepted upstream or previously backported)
- Fix 32 bit compilation (format error)
- Fix compilation on ARM, PPC and S390X (char is unsigned)
--------------------------------------------------------------------------------


================================================================================
 xrootd-compat-4.12.4-1.el7 (FEDORA-EPEL-2020-44ad46e846)
 Extended ROOT file server - compat version 4
--------------------------------------------------------------------------------
Update Information:

xrootd 5
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------


================================================================================
 yadifa-2.3.10-1.el7 (FEDORA-EPEL-2020-77bf4fd2ff)
 Lightweight authoritative Name Server with DNSSEC capabilities
--------------------------------------------------------------------------------
Update Information:

20200915:      YADIFA 2.3.10  -       Added an autogen.sh script, as we did for
YADIFA 2.4.x -        Fixes an issue with IPv6 aliases. -        Fixes an issue
that would happen when building with a gcc version 10 or above. -        Fixes
an issue with FreeBSD aliases. -        Fixes an issue with strncpy on FreeBSD.
-        Fixes an issue with CNAME queries incorrectly answered with an error
code.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep 17 2020 Denis Fateyev <de...@fateyev.com> - 2.3.10-1
- Update to 2.3.10 release
* Wed Jul 29 2020 Fedora Release Engineering <rel...@fedoraproject.org> - 
2.3.9-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri Feb 28 2020 Denis Fateyev <de...@fateyev.com> - 2.3.9-4
- Add "legacy_common_support" build option
* Fri Jan 31 2020 Fedora Release Engineering <rel...@fedoraproject.org> - 
2.3.9-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Sat Jul 27 2019 Fedora Release Engineering <rel...@fedoraproject.org> - 
2.3.9-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1879172 - yadifa-2.3.10 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1879172
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org

Reply via email to