The following Fedora EPEL 7 Security updates need testing: Age URL 752 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d condor-8.6.11-1.el7 492 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b bubblewrap-0.3.3-2.el7 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-89ad58d02c golang-1.15-1.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-49c5f31e92 python-pip-epel-8.1.2-14.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-864bc6779e chromium-85.0.4183.83-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing ansible-2.9.13-1.el7 batctl-2020.3-1.el7 drupal7-7.72-1.el7 Details about builds: ================================================================================ ansible-2.9.13-1.el7 (FEDORA-EPEL-2020-83bdeb2965) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information: Update to new bugfix and security update 2.9.13 ---- Update to upstream bugfix release 2.9.11. See https://github.com/ansible/ansible/blob/stable-2.9/changelog s/CHANGELOG-v2.9.rst#v2-9-11 for details. -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 3 2020 Kevin Fenzi <kevin@xxxxxxxxx> - 2.9.13-1 - Update to 2.9.13. * Tue Jul 21 2020 Kevin Fenzi <kevin@xxxxxxxxx> - 2.9.11-1 - Update to 2.9.11. -------------------------------------------------------------------------------- ================================================================================ batctl-2020.3-1.el7 (FEDORA-EPEL-2020-ac9c73e20d) B.A.T.M.A.N. advanced control and management tool -------------------------------------------------------------------------------- Update Information: Update to 2020.3 -------------------------------------------------------------------------------- ChangeLog: * Fri Sep 4 2020 Felix Kaechele <heffer@xxxxxxxxxxxxxxxxx> - 2020.3-1 - update to 2020.3 * Mon Jul 27 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2020.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Tue Jul 7 2020 Felix Kaechele <heffer@xxxxxxxxxxxxxxxxx> - 2020.2-1 - update to 2020.2 -------------------------------------------------------------------------------- ================================================================================ drupal7-7.72-1.el7 (FEDORA-EPEL-2020-0a324e529d) An open-source content-management platform -------------------------------------------------------------------------------- Update Information: - https://www.drupal.org/project/drupal/releases/7.72 - [Drupal core - Critical - Cross Site Request Forgery - SA- CORE-2020-004](https://www.drupal.org/sa-core-2020-004) / CVE-2020-13663 - https://www.drupal.org/project/drupal/releases/7.71 - https://www.drupal.org/project/drupal/releases/7.70 - [Drupal core - Moderately critical - Cross Site Scripting - SA- CORE-2020-002](https://www.drupal.org/sa-core-2020-002) / CVE-2020-11022 / CVE-2020-11023 - [Drupal core - Moderately critical - Open Redirect - SA- CORE-2020-003](https://www.drupal.org/sa-core-2020-003) / CVE-2020-13662 -------------------------------------------------------------------------------- ChangeLog: * Fri Sep 4 2020 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 7.72-1 - Update to 7.72 - SA-CORE-2020-004/CVE-2020-13663 (RHBZ #1860912, #1860913) * Mon Jul 27 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 7.70-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Sun May 31 2020 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 7.70-2 - rpmbuild sub-pkg: Fix auto-provides for F32+ * Fri May 22 2020 Peter Borsa <peter@xxxxxxxx> - 7.70-1 - Update to 7.70 - RHBZ #1837516 / SA-CORE-2020-003 - RHBZ #1828416 / SA-CORE-2020-002 * Fri May 22 2020 Peter Borsa <peter@xxxxxxxx> - 7.69-3 - Remove php-recode as dependency * Tue Jan 28 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 7.69-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1828417 - CVE-2020-11022 drupal7: jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1828417 [ 2 ] Bug #1850013 - CVE-2020-11023 drupal7: jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1850013 [ 3 ] Bug #1850023 - CVE-2020-11023 drupal7: jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1850023 [ 4 ] Bug #1860912 - CVE-2020-13663 drupal7: Form API does not properly handle certain form input from cross-site requests [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1860912 [ 5 ] Bug #1860913 - CVE-2020-13663 drupal7: Form API does not properly handle certain form input from cross-site requests [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1860913 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
