Fedora EPEL 7 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora EPEL 7 Security updates need testing:
 Age  URL
 765  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d   condor-8.6.11-1.el7
 505  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b   bubblewrap-0.3.3-2.el7
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-83bdeb2965   ansible-2.9.13-1.el7
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-0a324e529d   drupal7-7.72-1.el7
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-f9a066663b   mbedtls-2.7.17-1.el7
   7  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-25e525a9ca   seamonkey-2.53.4-1.el7
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-0f3f88c479   nginx-1.16.1-2.el7
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-918ad695f6   proftpd-1.3.5e-10.el7
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-d968abb383   golang-1.15.2-1.el7
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-92064b5b2b   singularity-3.6.3-1.el7


The following builds have been pushed to Fedora EPEL 7 updates-testing

    libuv-1.39.0-1.el7
    matio-1.5.18-1.el7
    nordugrid-arc-5.4.4-4.el7
    nordugrid-arc6-6.7.0-2.el7
    root-6.22.02-2.el7
    xrdcl-http-5.0.2-1.el7
    xrootd-5.0.2-1.el7
    xrootd-compat-4.12.4-1.el7
    yadifa-2.3.10-1.el7

Details about builds:


================================================================================
 libuv-1.39.0-1.el7 (FEDORA-EPEL-2020-6b04ee5c07)
 Platform layer for node.js
--------------------------------------------------------------------------------
Update Information:

Update to Node.js 12.18.4  September 2020 security release -
https://nodejs.org/en/blog/vulnerability/september-2020-security-releases/
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep  8 2020 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 1.39.0-1
- Update to 1.39.0
* Fri Jul 31 2020 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 1.38.1-1
- Update to 1.38.1
- https://github.com/libuv/libuv/blob/v1.38.1/ChangeLog
* Tue Jul 28 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1:1.38.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 matio-1.5.18-1.el7 (FEDORA-EPEL-2020-e621d9ff68)
 Library for reading/writing Matlab MAT files
--------------------------------------------------------------------------------
Update Information:

1.5.18 https://github.com/tbeu/matio/releases/tag/v1.5.18
--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep 17 2020 Gwyn Ciesla <gwync@xxxxxxxxxxxxxx> - 1.5.18-1
- 1.5.18
* Tue Jul 28 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.5.17-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1769546 - CVE-2019-17533 matio: improper null termination in Mat_VarReadNextInfo4 in mat4.c leads to heap-based overflow [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1769546
  [ 2 ] Bug #1769548 - CVE-2019-17533 matio: improper null termination in Mat_VarReadNextInfo4 in mat4.c leads to heap-based overflow [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1769548
  [ 3 ] Bug #1769550 - CVE-2019-17533 matio: improper null termination in Mat_VarReadNextInfo4 in mat4.c leads to heap-based overflow [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1769550
  [ 4 ] Bug #1792008 - CVE-2019-20019 matio: excessive memory allocation in Mat_VarRead5 in mat5.c [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1792008
  [ 5 ] Bug #1792009 - CVE-2019-20019 matio: excessive memory allocation in Mat_VarRead5 in mat5.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1792009
  [ 6 ] Bug #1792295 - CVE-2019-20020 matio: stack-based buffer overflow in ReadNextStructField in mat5.c [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1792295
  [ 7 ] Bug #1792296 - CVE-2019-20020 matio: stack-based buffer overflow in ReadNextStructField in mat5.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1792296
  [ 8 ] Bug #1792301 - CVE-2019-20018 matio: stack-based buffer overflow in ReadNextCell in mat5.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1792301
  [ 9 ] Bug #1792303 - CVE-2019-20018 matio: stack-based buffer overflow in ReadNextCell in mat5.c [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1792303
  [ 10 ] Bug #1792333 - CVE-2019-20017 matio: stack-based buffer overflow in Mat_VarReadNextInfo5 in mat5.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1792333
  [ 11 ] Bug #1792336 - CVE-2019-20017 matio: stack-based buffer overflow in Mat_VarReadNextInfo5 in mat5.c [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1792336
  [ 12 ] Bug #1794726 - CVE-2019-20052 matio: memory leak in Mat_VarCalloc in mat.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1794726
  [ 13 ] Bug #1794727 - CVE-2019-20052 matio: memory leak in Mat_VarCalloc in mat.c [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1794727
  [ 14 ] Bug #1880167 - matio-1.5.18 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1880167
--------------------------------------------------------------------------------


================================================================================
 nordugrid-arc-5.4.4-4.el7 (FEDORA-EPEL-2020-44ad46e846)
 Advanced Resource Connector Grid Middleware
--------------------------------------------------------------------------------
Update Information:

xrootd 5
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug 28 2020 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 5.4.4-4
- xrootd 5 compatibility
--------------------------------------------------------------------------------


================================================================================
 nordugrid-arc6-6.7.0-2.el7 (FEDORA-EPEL-2020-44ad46e846)
 Advanced Resource Connector Middleware
--------------------------------------------------------------------------------
Update Information:

xrootd 5
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug 28 2020 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 6.7.0-2
- xrootd 5 compatibility
--------------------------------------------------------------------------------


================================================================================
 root-6.22.02-2.el7 (FEDORA-EPEL-2020-44ad46e846)
 Numerical data analysis framework
--------------------------------------------------------------------------------
Update Information:

xrootd 5
--------------------------------------------------------------------------------
ChangeLog:

* Sun Aug 30 2020 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 6.22.02-2
- Adapt to xrootd 5 (Fedora 33+, EPEL 7+)
  - Don't build the old proof client (xproofd)
  - Don't build the old NetX module
--------------------------------------------------------------------------------


================================================================================
 xrdcl-http-5.0.2-1.el7 (FEDORA-EPEL-2020-44ad46e846)
 HTTP client plug-in for XRootD
--------------------------------------------------------------------------------
Update Information:

xrootd 5
--------------------------------------------------------------------------------
ChangeLog:

* Fri Sep 18 2020 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 5.0.2-1
- Update to version 5.0.2
- Drop patches (accepted upstream or previously backported)
* Thu Aug 27 2020 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 5.0.1-1
- Update to version 5.0.1
- Don't use versioned plugin names in configuration
- Backport plugin version change from git master
* Sat Aug  1 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.12.2-3
- Second attempt - Rebuilt for
  https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jul 29 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.12.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 xrootd-5.0.2-1.el7 (FEDORA-EPEL-2020-44ad46e846)
 Extended ROOT file server
--------------------------------------------------------------------------------
Update Information:

xrootd 5
--------------------------------------------------------------------------------
ChangeLog:

* Fri Sep 18 2020 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 1:5.0.2-1
- Update to version 5.0.2
- Drop patches (accepted upstream or previously backported)
- Obsolete xrdhttpvoms in xrootd-voms package
* Thu Aug 27 2020 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 1:5.0.1-1
- Update to version 5.0.1
- Remove conditionals for building on EPEL 6
- Drop patches (accepted upstream or previously backported)
- Fix 32 bit compilation (format error)
- Fix compilation on ARM, PPC and S390X (char is unsigned)
--------------------------------------------------------------------------------


================================================================================
 xrootd-compat-4.12.4-1.el7 (FEDORA-EPEL-2020-44ad46e846)
 Extended ROOT file server - compat version 4
--------------------------------------------------------------------------------
Update Information:

xrootd 5
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------


================================================================================
 yadifa-2.3.10-1.el7 (FEDORA-EPEL-2020-77bf4fd2ff)
 Lightweight authoritative Name Server with DNSSEC capabilities
--------------------------------------------------------------------------------
Update Information:

20200915:      YADIFA 2.3.10  -       Added an autogen.sh script, as we did for
YADIFA 2.4.x -        Fixes an issue with IPv6 aliases. -        Fixes an issue
that would happen when building with a gcc version 10 or above. -        Fixes
an issue with FreeBSD aliases. -        Fixes an issue with strncpy on FreeBSD.
-        Fixes an issue with CNAME queries incorrectly answered with an error
code.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep 17 2020 Denis Fateyev <denis@xxxxxxxxxxx> - 2.3.10-1
- Update to 2.3.10 release
* Wed Jul 29 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.3.9-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri Feb 28 2020 Denis Fateyev <denis@xxxxxxxxxxx> - 2.3.9-4
- Add "legacy_common_support" build option
* Fri Jan 31 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.3.9-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Sat Jul 27 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.3.9-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1879172 - yadifa-2.3.10 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1879172
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux