The following Fedora EPEL 7 Security updates need testing: Age URL 571 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d condor-8.6.11-1.el7 312 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80 python-gnupg-0.4.4-1.el7 310 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b bubblewrap-0.3.3-2.el7 20 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-fa8a2e97c6 python-waitress-1.4.3-1.el7 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-b57b954fde openfortivpn-1.12.0-1.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-1f5dbc1cd7 cacti-1.2.10-1.el7 cacti-spine-1.2.10-1.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-471d8a7abd sympa-6.2.54-1.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-b3684de763 mbedtls-2.7.14-1.el7 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-4fdca9429c seamonkey-2.53.1-2.el7 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-fbd804208a monit-5.26.0-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing ansible-2.9.6-1.el7 koji-1.20.1-1.el7 Details about builds: ================================================================================ ansible-2.9.6-1.el7 (FEDORA-EPEL-2020-9d0b57e90e) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information: Update to upstream 2.9.6 and fix for 2 CVES: CVE-2020-1737, CVE-2020-1739 ---- Update to bugfix version 2.9.5. See https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst for details -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2020 Kevin Fenzi <kevin@xxxxxxxxx> - 2.9.6-1 - Update to 2.9.6. Fixes bug #1810373 - fixes for CVE-2020-1737, CVE-2020-1739 * Thu Feb 13 2020 Kevin Fenzi <kevin@xxxxxxxxx> - 2.9.5-1 - Update to 2.9.5 * Tue Jan 21 2020 Kevin Fenzi <kevin@xxxxxxxxx> - 2.9.4-1 - Update to 2.9.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1805322 - CVE-2020-1739 ansible: svn module leaks password when specified as a parameter [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1805322 [ 2 ] Bug #1810373 - ansible-2.9.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1810373 [ 3 ] Bug #1805329 - CVE-2020-1737 ansible: Extract-Zip function in win_unzip module does not check extracted path [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1805329 [ 4 ] Bug #1802725 - ansible-2.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1802725 -------------------------------------------------------------------------------- ================================================================================ koji-1.20.1-1.el7 (FEDORA-EPEL-2020-8468336499) Build system tools -------------------------------------------------------------------------------- Update Information: Update to 1.20.1 upstream bugfix minor release. -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2020 Kevin Fenzi <kevin@xxxxxxxxx> - 1.20.1-1 - Update to 1.20.1 * Wed Jan 29 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.20.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
