The following Fedora EPEL 7 Security updates need testing: Age URL 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-fe3075d537 wordpress-5.1.9-1.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-044df87bd4 rust-1.51.0-3.el7 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-3c8a5a400b p7zip-16.02-20.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-a46e72f139 radare2-5.2.1-1.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-3370d4396b ansible-2.9.20-1.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-255f12d77d zarafa-7.1.14-5.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing afpfs-ng-0.8.1-35.el7 bgpq4-0.0.7-1.el7 google-benchmark-1.5.3-1.el7 lua-sec-1.0.1-1.el7 perl-Image-ExifTool-12.16-3.el7 pngcheck-2.4.0-8.el7 Details about builds: ================================================================================ afpfs-ng-0.8.1-35.el7 (FEDORA-EPEL-2021-0fab0cd8cf) Apple Filing Protocol client -------------------------------------------------------------------------------- Update Information: modernize spec, push the bugfix to active branches -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 26 2021 Michal Ambroz <rebus _AT seznam.cz> - 0.8.1-35 - modernize spec, push the bugfix to active branches * Fri Mar 12 2021 Michal Ambroz <rebus _AT seznam.cz> - 0.8.1-34 - fix issue 1507944 * Mon Jan 25 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.8.1-33 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Fri Jul 31 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.8.1-32 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Mon Jul 27 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.8.1-31 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1507944 - afpcmd may crash on long options parsing https://bugzilla.redhat.com/show_bug.cgi?id=1507944 -------------------------------------------------------------------------------- ================================================================================ bgpq4-0.0.7-1.el7 (FEDORA-EPEL-2021-ed1bbec328) Automate BGP filter generation based on routing database information -------------------------------------------------------------------------------- Update Information: bgpq4 0.0.7 =========== - Replace `AM_CONFIG_HEADER` bysuperseded `AC_CONFIG_HEADERS` - bgpq_expander: Increase the read select timeout to 30 seconds - Respect `-s` when there are no prefix lists - Multiple man page improvements - Arista EOS Support - Remove `select()`, use system default - Remove not-needed `shutdown()` - Revert conditional clauses around XR prefix list generation -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 26 2021 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 0.0.7-1 - Upgrade to 0.0.7 (#1953767) * Tue Jan 26 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.0.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Mon Jul 27 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.0.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1953767 - bgpq4-0.0.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1953767 -------------------------------------------------------------------------------- ================================================================================ google-benchmark-1.5.3-1.el7 (FEDORA-EPEL-2021-64a2b2f0e4) A microbenchmark support library -------------------------------------------------------------------------------- Update Information: Updated to version 1.5.3. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 26 2021 Vitaly Zaitsev <vitaly@xxxxxxxxxxxxxx> - 1.5.3-1 - Updated to version 1.5.3. * Tue Jan 26 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.5.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Wed Oct 14 2020 Jeff Law <law@xxxxxxxxxx> - 1.5.2-2 - Fix missing #include for gcc-11 -------------------------------------------------------------------------------- ================================================================================ lua-sec-1.0.1-1.el7 (FEDORA-EPEL-2021-c2c95de57a) Lua binding for OpenSSL library -------------------------------------------------------------------------------- Update Information: LuaSec 1.0.1 ============ * Fix `luaL_buffinit()` can use the stack and broke `buffer_meth_receive()` -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 26 2021 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.0.1-1 - Upgrade to 1.0.1 (#1953695) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1953695 - lua-sec-1.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1953695 -------------------------------------------------------------------------------- ================================================================================ perl-Image-ExifTool-12.16-3.el7 (FEDORA-EPEL-2021-b6ffea264a) Utility for reading and writing image meta info -------------------------------------------------------------------------------- Update Information: Fix CVE-2021-22204. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 26 2021 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 12.16-3 - apply upstream fix for CVE-2021-22204 * Wed Jan 27 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 12.16-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Fri Jan 22 2021 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 12.16-1 - update to latest stable (12.16) * Tue Jan 19 2021 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 12.00-3 - add arg_files as doc * Tue Jul 28 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 12.00-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1953616 - CVE-2021-22204 perl-Image-ExifTool: improper neutralization of user data in the DjVu file format allows arbitrary code execution when parsing a malicious image https://bugzilla.redhat.com/show_bug.cgi?id=1953616 -------------------------------------------------------------------------------- ================================================================================ pngcheck-2.4.0-8.el7 (FEDORA-EPEL-2021-2e7a5ece6a) Verifies the integrity of PNG, JNG and MNG files -------------------------------------------------------------------------------- Update Information: Backported fix for #1949800, in which certain invalid PNG data could cause an integer division-by-zero, invoking undefined behavior, from upstream release 3.0.3. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 26 2021 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 2.4.0-8 - Backport fix for RHBZ#1949800 from upstream release 3.0.3 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
