The following Fedora EPEL 7 Security updates need testing: Age URL 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-e6c7b4cbec tcpreplay-4.3.3-3.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-284f18e5de lout-3.40-18.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-fd6ec50fa5 fastd-21-2.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-3b167ec2fa pngcheck-2.3.0-3.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-3157c3d291 chromium-86.0.4240.111-1.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-e816cf1fbc containerd-1.2.14-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing boinc-client-7.16.11-2.el7 dsniff-2.4-0.33.b1.el7 mlpack-3.4.2-1.el7 ufdbGuard-1.35.2-1.el7 wordpress-5.1.7-1.el7 Details about builds: ================================================================================ boinc-client-7.16.11-2.el7 (FEDORA-EPEL-2020-64fac4bf45) The BOINC client -------------------------------------------------------------------------------- Update Information: 7.16.11 release. Added /etc/boinc-client/config.properties ---- 7.16.11 release -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 30 2020 Germano Massullo <germano.massullo@xxxxxxxxx> - 7.16.11-2 - Added SOURCE4: config.properties * Fri Oct 30 2020 Germano Massullo <germano.massullo@xxxxxxxxx> - 7.16.11-1 - 7.16.11 release - Added 4071.patch Read https://github.com/BOINC/boinc/pull/4071 - -------------------------------------------------------------------------------- ================================================================================ dsniff-2.4-0.33.b1.el7 (FEDORA-EPEL-2020-eb0cb89d5c) Tools for network auditing and penetration testing -------------------------------------------------------------------------------- Update Information: * Build against OpenSSL 1.1 on RHEL 7 (for TLSv1.3 support) -------------------------------------------------------------------------------- ChangeLog: * Sat Aug 1 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.4-0.33.b1 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Mon Jul 27 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.4-0.32.b1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Tue Jan 28 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.4-0.31.b1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Wed Jul 24 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.4-0.30.b1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Thu Jan 31 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.4-0.29.b1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Thu Jul 12 2018 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.4-0.28.b1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Sun May 27 2018 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 2.4-0.27.b1 - Added patch to allow building dsniff against libtirpc (#1582770) * Wed Feb 7 2018 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.4-0.26.b1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Wed Aug 2 2017 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.4-0.25.b1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Wed Jul 26 2017 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.4-0.24.b1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ mlpack-3.4.2-1.el7 (FEDORA-EPEL-2020-590e1c48a7) Scalable, fast C++ machine learning library -------------------------------------------------------------------------------- Update Information: Update to latest stable version. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 28 2020 Ryan Curtin <ryan@xxxxxxxxx> - 3.4.2-1 - Update to latest stable version. -------------------------------------------------------------------------------- ================================================================================ ufdbGuard-1.35.2-1.el7 (FEDORA-EPEL-2020-2182bb02db) A URL filter for squid -------------------------------------------------------------------------------- Update Information: 1.35.2 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 30 2020 Gwyn Ciesla <gwync@xxxxxxxxxxxxxx> = 1.35.2-1 - 1.35.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1893326 - ufdbGuard-1.35.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1893326 -------------------------------------------------------------------------------- ================================================================================ wordpress-5.1.7-1.el7 (FEDORA-EPEL-2020-8a81579e37) Blog tool and publishing platform -------------------------------------------------------------------------------- Update Information: **WordPress 5.1.7 Security Release** **Security Updates** * Props to Alex Concha of the WordPress Security Team for their work in hardening deserialization requests. * Props to David Binovec on a fix to disable spam embeds from disabled sites on a multisite network. * Thanks to Marc Montas from Sucuri for reporting an issue that could lead to XSS from global variables. * Thanks to Justin Tran who reported an issue surrounding privilege escalation in XML-RPC. He also found and disclosed an issue around privilege escalation around post commenting via XML-RPC. * Props to Omar Ganiev who reported a method where a DoS attack could lead to RCE. * Thanks to Karim El Ouerghemmi from RIPS who disclosed a method to store XSS in post slugs. * Thanks to Slavco for reporting, and confirmation from Karim El Ouerghemmi, a method to bypass protected meta that could lead to arbitrary file deletion. * Thanks to Erwan LR from WPScan who responsibly disclosed a method that could lead to CSRF. * And a special thanks to @zieladam who was integral in many of the releases and patches during this release. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 30 2020 Remi Collet <remi@xxxxxxxxxxxx> - 5.1.7-1 - WordPress 5.1.7 Security Release -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
