The following Fedora EPEL 8 Security updates need testing:
Age URL
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-2aa68c5f5e tor-0.4.3.7-1.el8
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-317c124dc0 rpki-client-6.8p1-1.el8
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-6c93c61069 pngcheck-2.4.0-2.el8
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-b3000c1eea seamonkey-2.53.5-2.el8
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-5b5debb24b chromium-86.0.4240.198-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
amavis-2.12.1-3.el8
munin-2.0.65-1.el8
perl-Fsdb-2.71-1.el8
Details about builds:
================================================================================
amavis-2.12.1-3.el8 (FEDORA-EPEL-2020-ca1ac5519e)
Email filter with virus scanner and spamassassin support
--------------------------------------------------------------------------------
Update Information:
Update to version 2.12.1 and disable snmp subpackage in epel8
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 17 2020 Juan Orti Alcaine <jortialc(a)redhat.com> - 2.12.1-3
- Change ports in configuration file and add a note about SELinux (#1891003)
* Tue Nov 17 2020 Juan Orti Alcaine <jortialc(a)redhat.com> - 2.12.1-2
- Disable snmp subpackage in epel8
* Tue Nov 17 2020 Juan Orti Alcaine <jortialc(a)redhat.com> - 2.12.1-1
- Version 2.12.1 (#1897574 #1851872)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1851872 - Wrong tag in comment line of DKIM record: 'i=' should be 's='
https://bugzilla.redhat.com/show_bug.cgi?id=1851872
[ 2 ] Bug #1890417 - amavisd-new-snmp can't be installed on EL8 because of dropped net-snmp-perl
https://bugzilla.redhat.com/show_bug.cgi?id=1890417
[ 3 ] Bug #1891003 - default configuration example for ORIGINATING related to ports is blocked by SELinux
https://bugzilla.redhat.com/show_bug.cgi?id=1891003
--------------------------------------------------------------------------------
================================================================================
munin-2.0.65-1.el8 (FEDORA-EPEL-2020-3aa0f92497)
Network-wide resource monitoring tool
--------------------------------------------------------------------------------
Update Information:
Upstream update to 2.0.65. Also fixes log file owners and plugin-state directory
owner.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 17 2020 Kim B. Heino <b(a)bbbs.net> - 2.0.65-1
- Upgrade to 2.0.65
- Improve plugin-state directory owners
- Don't require tmpwatch
- Change log file owner to root:adm or munin:adm
* Tue Jul 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.0.63-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
perl-Fsdb-2.71-1.el8 (FEDORA-EPEL-2020-dc56dfce78)
A set of commands for manipulating flat-text databases from the shell
--------------------------------------------------------------------------------
Update Information:
Some small quality-of-life enhancements and corner-case bugfixes.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 16 2020 John Heidemann <johnh(a)isi.edu> 2.71-1
- See http://www.isi.edu/~johnh/SOFTWARE/FSDB/
--------------------------------------------------------------------------------
The following Fedora EPEL 7 Security updates need testing:
Age URL
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-d69636a383 tor-0.3.5.12-1.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-0fe15b3c39 rpki-client-6.8p1-1.el7
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-339db397ad pngcheck-2.4.0-2.el7
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-62ef58ec56 openssl11-1.1.1g-1.el7
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-46fc6c7982 seamonkey-2.53.5-2.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-3097b2d5db chromium-86.0.4240.198-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
munin-2.0.65-1.el7
perl-Fsdb-2.71-1.el7
prewikka-updatedb-5.2.0-1.el7
Details about builds:
================================================================================
munin-2.0.65-1.el7 (FEDORA-EPEL-2020-12c32f3949)
Network-wide resource monitoring tool
--------------------------------------------------------------------------------
Update Information:
Upstream update to 2.0.65. Also fixes log file owners and plugin-state directory
owner.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 17 2020 Kim B. Heino <b(a)bbbs.net> - 2.0.65-1
- Upgrade to 2.0.65
- Improve plugin-state directory owners
- Don't require tmpwatch
- Change log file owner to root:adm or munin:adm
* Tue Jul 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.0.63-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
perl-Fsdb-2.71-1.el7 (FEDORA-EPEL-2020-9f2fc742ae)
A set of commands for manipulating flat-text databases from the shell
--------------------------------------------------------------------------------
Update Information:
Some small quality-of-life enhancements and corner-case bugfixes.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 16 2020 John Heidemann <johnh(a)isi.edu> 2.71-1
- See http://www.isi.edu/~johnh/SOFTWARE/FSDB/
--------------------------------------------------------------------------------
================================================================================
prewikka-updatedb-5.2.0-1.el7 (FEDORA-EPEL-2020-e652281cc9)
Database update scripts for prewikka
--------------------------------------------------------------------------------
Update Information:
New package to update prewikka versions
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
The following Fedora EPEL 8 Security updates need testing:
Age URL
12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-a4ade35d32 java-latest-openjdk-15.0.1.9-1.rolling.el8
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-2aa68c5f5e tor-0.4.3.7-1.el8
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-317c124dc0 rpki-client-6.8p1-1.el8
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-6c93c61069 pngcheck-2.4.0-2.el8
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-b3000c1eea seamonkey-2.53.5-2.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
chromium-86.0.4240.198-1.el8
python-aioitertools-0.7.0-1.el8
python-aiolifx-0.6.8-1.el8
Details about builds:
================================================================================
chromium-86.0.4240.198-1.el8 (FEDORA-EPEL-2020-5b5debb24b)
A WebKit (Blink) powered web browser
--------------------------------------------------------------------------------
Update Information:
Update to 86.0.4240.198. Fixes the following security issues: CVE-2020-16013
CVE-2020-16016 CVE-2020-16017 ---- Update to 86.0.4240.183. Fixes the
following security issues: CVE-2020-16004 CVE-2020-16005 CVE-2020-16006
CVE-2020-16008 CVE-2020-16009 Also disables the very verbose output going to
stdout. ---- Update to Chromium 86. A few big things here: 1. Upstream has
made hardware accelerated video support (VAAPI) for Linux possible without
patches. One key difference is that the patchset used previously in Fedora
enabled it by default and upstream's approach disables it by default. To enable
Hardware accelerated video in chromium, open this link in chromium:
chrome://flags/#enable-accelerated-video-decode Be sure it is turned on. Note
that not all GPUs are supported. 2. All the security fixes you expect with a
major release: CVE-2020-15967 CVE-2020-15968 CVE-2020-15969 CVE-2020-15970
CVE-2020-15971 CVE-2020-15972 CVE-2020-15990 CVE-2020-15991 CVE-2020-15973
CVE-2020-15974 CVE-2020-15975 CVE-2020-15976 CVE-2020-6557 CVE-2020-15977
CVE-2020-15978 CVE-2020-15979 CVE-2020-15980 CVE-2020-15981 CVE-2020-15982
CVE-2020-15983 CVE-2020-15984 CVE-2020-15985 CVE-2020-15986 CVE-2020-15987
CVE-2020-15992 CVE-2020-15988 CVE-2020-15989 CVE-2020-16000 CVE-2020-16001
CVE-2020-16002 CVE-2020-16003 3. The EPEL-7 build no longer requires minizip,
because Red Hat removed that package in RHEL 7.9. 4. Without bats acting as
pollinators, agave and cacao plants would struggle. That means that bats are
responsible for tequila and chocolate.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 12 2020 Tom Callaway <spot(a)fedoraproject.org> - 86.0.4240.198-1
- update to 86.0.4240.198
* Tue Nov 10 2020 Tom Callaway <spot(a)fedoraproject.org> - 86.0.4240.193-1
- update to 86.0.4240.193
* Wed Nov 4 2020 Tom Callaway <spot(a)fedoraproject.org> - 86.0.4240.183-1
- update to 86.0.4240.183
* Mon Nov 2 2020 Tom Callaway <spot(a)fedoraproject.org> - 86.0.4240.111-2
- fix conditional typo that was causing console logging to be turned on
* Wed Oct 21 2020 Tom Callaway <spot(a)fedoraproject.org> - 86.0.4240.111-1
- update to 86.0.4240.111
* Tue Oct 20 2020 Tom Callaway <spot(a)fedoraproject.org> - 86.0.4240.75-2
- use bundled zlib/minizip on el7 (thanks Red Hat. :P)
* Wed Oct 14 2020 Tom Callaway <spot(a)fedoraproject.org> - 86.0.4240.75-1
- update to 86.0.4240.75
* Mon Sep 28 2020 Tom Callaway <spot(a)fedoraproject.org> - 85.0.4183.121-2
- rebuild for libevent
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1885883 - CVE-2020-15967 chromium-browser: Use after free in payments
https://bugzilla.redhat.com/show_bug.cgi?id=1885883
[ 2 ] Bug #1885884 - CVE-2020-15968 chromium-browser: Use after free in Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1885884
[ 3 ] Bug #1885885 - CVE-2020-15969 chromium-browser: Use after free in WebRTC
https://bugzilla.redhat.com/show_bug.cgi?id=1885885
[ 4 ] Bug #1885886 - CVE-2020-15970 chromium-browser: Use after free in NFC
https://bugzilla.redhat.com/show_bug.cgi?id=1885886
[ 5 ] Bug #1885887 - CVE-2020-15971 chromium-browser: Use after free in printing
https://bugzilla.redhat.com/show_bug.cgi?id=1885887
[ 6 ] Bug #1885888 - CVE-2020-15972 chromium-browser: Use after free in audio
https://bugzilla.redhat.com/show_bug.cgi?id=1885888
[ 7 ] Bug #1885889 - CVE-2020-15990 chromium-browser: Use after free in autofill
https://bugzilla.redhat.com/show_bug.cgi?id=1885889
[ 8 ] Bug #1885890 - CVE-2020-15991 chromium-browser: Use after free in password manager
https://bugzilla.redhat.com/show_bug.cgi?id=1885890
[ 9 ] Bug #1885891 - CVE-2020-15973 chromium-browser: Insufficient policy enforcement in extensions
https://bugzilla.redhat.com/show_bug.cgi?id=1885891
[ 10 ] Bug #1885892 - CVE-2020-15974 chromium-browser: Integer overflow in Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1885892
[ 11 ] Bug #1885893 - CVE-2020-15975 chromium-browser: Integer overflow in SwiftShader
https://bugzilla.redhat.com/show_bug.cgi?id=1885893
[ 12 ] Bug #1885894 - CVE-2020-15976 chromium-browser: Use after free in WebXR
https://bugzilla.redhat.com/show_bug.cgi?id=1885894
[ 13 ] Bug #1885896 - CVE-2020-6557 chromium-browser: Inappropriate implementation in networking
https://bugzilla.redhat.com/show_bug.cgi?id=1885896
[ 14 ] Bug #1885897 - CVE-2020-15977 chromium-browser: Insufficient data validation in dialogs
https://bugzilla.redhat.com/show_bug.cgi?id=1885897
[ 15 ] Bug #1885899 - CVE-2020-15978 chromium-browser: Insufficient data validation in navigation
https://bugzilla.redhat.com/show_bug.cgi?id=1885899
[ 16 ] Bug #1885901 - CVE-2020-15979 chromium-browser: Inappropriate implementation in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1885901
[ 17 ] Bug #1885902 - CVE-2020-15980 chromium-browser: Insufficient policy enforcement in Intents
https://bugzilla.redhat.com/show_bug.cgi?id=1885902
[ 18 ] Bug #1885903 - CVE-2020-15981 chromium-browser: Out of bounds read in audio
https://bugzilla.redhat.com/show_bug.cgi?id=1885903
[ 19 ] Bug #1885904 - CVE-2020-15982 chromium-browser: Side-channel information leakage in cache
https://bugzilla.redhat.com/show_bug.cgi?id=1885904
[ 20 ] Bug #1885905 - CVE-2020-15983 chromium-browser: Insufficient data validation in webUI
https://bugzilla.redhat.com/show_bug.cgi?id=1885905
[ 21 ] Bug #1885906 - CVE-2020-15984 chromium-browser: Insufficient policy enforcement in Omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1885906
[ 22 ] Bug #1885907 - CVE-2020-15985 chromium-browser: Inappropriate implementation in Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1885907
[ 23 ] Bug #1885908 - CVE-2020-15986 chromium-browser: Integer overflow in media
https://bugzilla.redhat.com/show_bug.cgi?id=1885908
[ 24 ] Bug #1885909 - CVE-2020-15987 chromium-browser: Use after free in WebRTC
https://bugzilla.redhat.com/show_bug.cgi?id=1885909
[ 25 ] Bug #1885910 - CVE-2020-15992 chromium-browser: Insufficient policy enforcement in networking
https://bugzilla.redhat.com/show_bug.cgi?id=1885910
[ 26 ] Bug #1885911 - CVE-2020-15988 chromium-browser: Insufficient policy enforcement in downloads
https://bugzilla.redhat.com/show_bug.cgi?id=1885911
[ 27 ] Bug #1885912 - CVE-2020-15989 chromium-browser: Uninitialized use in PDFium
https://bugzilla.redhat.com/show_bug.cgi?id=1885912
[ 28 ] Bug #1890266 - CVE-2020-16000 chromium-browser: Inappropriate implementation in Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1890266
[ 29 ] Bug #1890267 - CVE-2020-16001 chromium-browser: Use after free in media
https://bugzilla.redhat.com/show_bug.cgi?id=1890267
[ 30 ] Bug #1890268 - CVE-2020-16002 chromium-browser: Use after free in PDFium
https://bugzilla.redhat.com/show_bug.cgi?id=1890268
[ 31 ] Bug #1890269 - CVE-2020-16003 chromium-browser: Use after free in printing
https://bugzilla.redhat.com/show_bug.cgi?id=1890269
[ 32 ] Bug #1894197 - CVE-2020-16004 chromium-browser: Use after free in user interface
https://bugzilla.redhat.com/show_bug.cgi?id=1894197
[ 33 ] Bug #1894198 - CVE-2020-16005 chromium-browser: Insufficient policy enforcement in ANGLE
https://bugzilla.redhat.com/show_bug.cgi?id=1894198
[ 34 ] Bug #1894199 - CVE-2020-16006 chromium-browser: Inappropriate implementation in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1894199
[ 35 ] Bug #1894201 - CVE-2020-16008 chromium-browser: Stack buffer overflow in WebRTC
https://bugzilla.redhat.com/show_bug.cgi?id=1894201
[ 36 ] Bug #1894202 - CVE-2020-16009 chromium-browser: Inappropriate implementation in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1894202
[ 37 ] Bug #1896641 - CVE-2020-16016 chromium-browser: Inappropriate implementation in base
https://bugzilla.redhat.com/show_bug.cgi?id=1896641
[ 38 ] Bug #1897206 - CVE-2020-16013 chromium-browser: Inappropriate implementation in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1897206
[ 39 ] Bug #1897207 - CVE-2020-16017 chromium-browser: Use after free in site isolation
https://bugzilla.redhat.com/show_bug.cgi?id=1897207
--------------------------------------------------------------------------------
================================================================================
python-aioitertools-0.7.0-1.el8 (FEDORA-EPEL-2020-6f9a5a549b)
Itertools and builtins for AsyncIO and mixed iterables
--------------------------------------------------------------------------------
Update Information:
Initial package for Fedora
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
python-aiolifx-0.6.8-1.el8 (FEDORA-EPEL-2020-040068dbe8)
Python API for local communication with LIFX devices
--------------------------------------------------------------------------------
Update Information:
Initial package for Fedora
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
The following Fedora EPEL 7 Security updates need testing:
Age URL
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-339db397ad pngcheck-2.4.0-2.el7
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-d69636a383 tor-0.3.5.12-1.el7
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-0fe15b3c39 rpki-client-6.8p1-1.el7
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-62ef58ec56 openssl11-1.1.1g-1.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-46fc6c7982 seamonkey-2.53.5-2.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
chromium-86.0.4240.198-1.el7
python-ldap3-2.8.1-2.el7
Details about builds:
================================================================================
chromium-86.0.4240.198-1.el7 (FEDORA-EPEL-2020-3097b2d5db)
A WebKit (Blink) powered web browser
--------------------------------------------------------------------------------
Update Information:
Update to 86.0.4240.198. Fixes the following security issues: CVE-2020-16013
CVE-2020-16016 CVE-2020-16017 ---- Update to 86.0.4240.183. Fixes the
following security issues: CVE-2020-16004 CVE-2020-16005 CVE-2020-16006
CVE-2020-16008 CVE-2020-16009 Also disables the very verbose output going to
stdout. ---- Update to Chromium 86. A few big things here: 1. Upstream has
made hardware accelerated video support (VAAPI) for Linux possible without
patches. One key difference is that the patchset used previously in Fedora
enabled it by default and upstream's approach disables it by default. To enable
Hardware accelerated video in chromium, open this link in chromium:
chrome://flags/#enable-accelerated-video-decode Be sure it is turned on. Note
that not all GPUs are supported. 2. All the security fixes you expect with a
major release: CVE-2020-15967 CVE-2020-15968 CVE-2020-15969 CVE-2020-15970
CVE-2020-15971 CVE-2020-15972 CVE-2020-15990 CVE-2020-15991 CVE-2020-15973
CVE-2020-15974 CVE-2020-15975 CVE-2020-15976 CVE-2020-6557 CVE-2020-15977
CVE-2020-15978 CVE-2020-15979 CVE-2020-15980 CVE-2020-15981 CVE-2020-15982
CVE-2020-15983 CVE-2020-15984 CVE-2020-15985 CVE-2020-15986 CVE-2020-15987
CVE-2020-15992 CVE-2020-15988 CVE-2020-15989 CVE-2020-16000 CVE-2020-16001
CVE-2020-16002 CVE-2020-16003 3. The EPEL-7 build no longer requires minizip,
because Red Hat removed that package in RHEL 7.9. 4. Without bats acting as
pollinators, agave and cacao plants would struggle. That means that bats are
responsible for tequila and chocolate.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 12 2020 Tom Callaway <spot(a)fedoraproject.org> - 86.0.4240.198-1
- update to 86.0.4240.198
* Tue Nov 10 2020 Tom Callaway <spot(a)fedoraproject.org> - 86.0.4240.193-1
- update to 86.0.4240.193
* Wed Nov 4 2020 Tom Callaway <spot(a)fedoraproject.org> - 86.0.4240.183-1
- update to 86.0.4240.183
* Mon Nov 2 2020 Tom Callaway <spot(a)fedoraproject.org> - 86.0.4240.111-2
- fix conditional typo that was causing console logging to be turned on
* Wed Oct 21 2020 Tom Callaway <spot(a)fedoraproject.org> - 86.0.4240.111-1
- update to 86.0.4240.111
* Tue Oct 20 2020 Tom Callaway <spot(a)fedoraproject.org> - 86.0.4240.75-2
- use bundled zlib/minizip on el7 (thanks Red Hat. :P)
* Wed Oct 14 2020 Tom Callaway <spot(a)fedoraproject.org> - 86.0.4240.75-1
- update to 86.0.4240.75
* Mon Sep 28 2020 Tom Callaway <spot(a)fedoraproject.org> - 85.0.4183.121-2
- rebuild for libevent
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1885883 - CVE-2020-15967 chromium-browser: Use after free in payments
https://bugzilla.redhat.com/show_bug.cgi?id=1885883
[ 2 ] Bug #1885884 - CVE-2020-15968 chromium-browser: Use after free in Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1885884
[ 3 ] Bug #1885885 - CVE-2020-15969 chromium-browser: Use after free in WebRTC
https://bugzilla.redhat.com/show_bug.cgi?id=1885885
[ 4 ] Bug #1885886 - CVE-2020-15970 chromium-browser: Use after free in NFC
https://bugzilla.redhat.com/show_bug.cgi?id=1885886
[ 5 ] Bug #1885887 - CVE-2020-15971 chromium-browser: Use after free in printing
https://bugzilla.redhat.com/show_bug.cgi?id=1885887
[ 6 ] Bug #1885888 - CVE-2020-15972 chromium-browser: Use after free in audio
https://bugzilla.redhat.com/show_bug.cgi?id=1885888
[ 7 ] Bug #1885889 - CVE-2020-15990 chromium-browser: Use after free in autofill
https://bugzilla.redhat.com/show_bug.cgi?id=1885889
[ 8 ] Bug #1885890 - CVE-2020-15991 chromium-browser: Use after free in password manager
https://bugzilla.redhat.com/show_bug.cgi?id=1885890
[ 9 ] Bug #1885891 - CVE-2020-15973 chromium-browser: Insufficient policy enforcement in extensions
https://bugzilla.redhat.com/show_bug.cgi?id=1885891
[ 10 ] Bug #1885892 - CVE-2020-15974 chromium-browser: Integer overflow in Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1885892
[ 11 ] Bug #1885893 - CVE-2020-15975 chromium-browser: Integer overflow in SwiftShader
https://bugzilla.redhat.com/show_bug.cgi?id=1885893
[ 12 ] Bug #1885894 - CVE-2020-15976 chromium-browser: Use after free in WebXR
https://bugzilla.redhat.com/show_bug.cgi?id=1885894
[ 13 ] Bug #1885896 - CVE-2020-6557 chromium-browser: Inappropriate implementation in networking
https://bugzilla.redhat.com/show_bug.cgi?id=1885896
[ 14 ] Bug #1885897 - CVE-2020-15977 chromium-browser: Insufficient data validation in dialogs
https://bugzilla.redhat.com/show_bug.cgi?id=1885897
[ 15 ] Bug #1885899 - CVE-2020-15978 chromium-browser: Insufficient data validation in navigation
https://bugzilla.redhat.com/show_bug.cgi?id=1885899
[ 16 ] Bug #1885901 - CVE-2020-15979 chromium-browser: Inappropriate implementation in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1885901
[ 17 ] Bug #1885902 - CVE-2020-15980 chromium-browser: Insufficient policy enforcement in Intents
https://bugzilla.redhat.com/show_bug.cgi?id=1885902
[ 18 ] Bug #1885903 - CVE-2020-15981 chromium-browser: Out of bounds read in audio
https://bugzilla.redhat.com/show_bug.cgi?id=1885903
[ 19 ] Bug #1885904 - CVE-2020-15982 chromium-browser: Side-channel information leakage in cache
https://bugzilla.redhat.com/show_bug.cgi?id=1885904
[ 20 ] Bug #1885905 - CVE-2020-15983 chromium-browser: Insufficient data validation in webUI
https://bugzilla.redhat.com/show_bug.cgi?id=1885905
[ 21 ] Bug #1885906 - CVE-2020-15984 chromium-browser: Insufficient policy enforcement in Omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1885906
[ 22 ] Bug #1885907 - CVE-2020-15985 chromium-browser: Inappropriate implementation in Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1885907
[ 23 ] Bug #1885908 - CVE-2020-15986 chromium-browser: Integer overflow in media
https://bugzilla.redhat.com/show_bug.cgi?id=1885908
[ 24 ] Bug #1885909 - CVE-2020-15987 chromium-browser: Use after free in WebRTC
https://bugzilla.redhat.com/show_bug.cgi?id=1885909
[ 25 ] Bug #1885910 - CVE-2020-15992 chromium-browser: Insufficient policy enforcement in networking
https://bugzilla.redhat.com/show_bug.cgi?id=1885910
[ 26 ] Bug #1885911 - CVE-2020-15988 chromium-browser: Insufficient policy enforcement in downloads
https://bugzilla.redhat.com/show_bug.cgi?id=1885911
[ 27 ] Bug #1885912 - CVE-2020-15989 chromium-browser: Uninitialized use in PDFium
https://bugzilla.redhat.com/show_bug.cgi?id=1885912
[ 28 ] Bug #1890266 - CVE-2020-16000 chromium-browser: Inappropriate implementation in Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1890266
[ 29 ] Bug #1890267 - CVE-2020-16001 chromium-browser: Use after free in media
https://bugzilla.redhat.com/show_bug.cgi?id=1890267
[ 30 ] Bug #1890268 - CVE-2020-16002 chromium-browser: Use after free in PDFium
https://bugzilla.redhat.com/show_bug.cgi?id=1890268
[ 31 ] Bug #1890269 - CVE-2020-16003 chromium-browser: Use after free in printing
https://bugzilla.redhat.com/show_bug.cgi?id=1890269
[ 32 ] Bug #1894197 - CVE-2020-16004 chromium-browser: Use after free in user interface
https://bugzilla.redhat.com/show_bug.cgi?id=1894197
[ 33 ] Bug #1894198 - CVE-2020-16005 chromium-browser: Insufficient policy enforcement in ANGLE
https://bugzilla.redhat.com/show_bug.cgi?id=1894198
[ 34 ] Bug #1894199 - CVE-2020-16006 chromium-browser: Inappropriate implementation in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1894199
[ 35 ] Bug #1894201 - CVE-2020-16008 chromium-browser: Stack buffer overflow in WebRTC
https://bugzilla.redhat.com/show_bug.cgi?id=1894201
[ 36 ] Bug #1894202 - CVE-2020-16009 chromium-browser: Inappropriate implementation in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1894202
[ 37 ] Bug #1896641 - CVE-2020-16016 chromium-browser: Inappropriate implementation in base
https://bugzilla.redhat.com/show_bug.cgi?id=1896641
[ 38 ] Bug #1897206 - CVE-2020-16013 chromium-browser: Inappropriate implementation in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1897206
[ 39 ] Bug #1897207 - CVE-2020-16017 chromium-browser: Use after free in site isolation
https://bugzilla.redhat.com/show_bug.cgi?id=1897207
--------------------------------------------------------------------------------
================================================================================
python-ldap3-2.8.1-2.el7 (FEDORA-EPEL-2020-0217e30a40)
Strictly RFC 4511 conforming LDAP V3 pure Python client
--------------------------------------------------------------------------------
Update Information:
Use available pyasn1 version for epel7
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 16 2020 Avram Lubkin <aviso(a)rockhopper.net> - 2.8.1-2
- Use available pyasn1 version for epel7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1896892 - python2-ldap3--2.8.1-1.el7 doesn't work due to pyasn1 version in rhel7
https://bugzilla.redhat.com/show_bug.cgi?id=1896892
--------------------------------------------------------------------------------
The following Fedora EPEL 7 Security updates need testing:
Age URL
12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-a5abe545c6 wordpress-5.1.8-1.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-f16789146a chromium-86.0.4240.183-1.el7
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-d69636a383 tor-0.3.5.12-1.el7
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-0fe15b3c39 rpki-client-6.8p1-1.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-339db397ad pngcheck-2.4.0-2.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-62ef58ec56 openssl11-1.1.1g-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
MUMPS-5.3.5-1.el7
seamonkey-2.53.5-2.el7
Details about builds:
================================================================================
MUMPS-5.3.5-1.el7 (FEDORA-EPEL-2020-1ee66e794e)
A MUltifrontal Massively Parallel sparse direct Solver
--------------------------------------------------------------------------------
Update Information:
- Release 5.3.5
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 14 2020 Antonio Trande <sagitter(a)fedoraproject.org> - 5.3.5-1
- Release 5.3.5
* Tue Oct 6 2020 Antonio Trande <sagitter(a)fedoraproject.org> - 5.3.4-1
- Release 5.3.4
* Sat Aug 15 2020 Antonio Trande <sagitter(a)fedoraproject.org> - 5.3.3-2
- Add an RPM macro for checking MUMPS version
* Tue Aug 4 2020 Antonio Trande <sagitter(a)fedoraproject.org> - 5.3.3-1
- Release 5.3.3
* Sat Aug 1 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 5.3.1-6
- Second attempt - Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Mon Jul 27 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 5.3.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Sat Jul 25 2020 I��aki ��car <iucar(a)fedoraproject.org> - 5.3.1-4
- https://fedoraproject.org/wiki/Changes/FlexiBLAS_as_BLAS/LAPACK_manager
* Fri Jul 17 2020 Merlin Mathesius <mmathesi(a)redhat.com> - 5.3.1-3
- Minor conditional fixes for ELN
* Sat Jun 13 2020 Antonio Trande <sagitter(a)fedoraproject.org> - 5.3.1-2
- Modified for building on ELN
* Mon Apr 13 2020 Antonio Trande <sagitter(a)fedoraproject.org> - 5.3.1-1
- Release 5.3.1
* Wed Apr 8 2020 Antonio Trande <sagitter(a)fedoraproject.org> - 5.3.0-1
- Release 5.3.0
* Wed Apr 8 2020 Antonio Trande <sagitter(a)fedoraproject.org> - 5.2.1-8
- Fix rhbz#1819796 on epel8
--------------------------------------------------------------------------------
================================================================================
seamonkey-2.53.5-2.el7 (FEDORA-EPEL-2020-46fc6c7982)
Web browser, e-mail, news, IRC client, HTML editor
--------------------------------------------------------------------------------
Update Information:
Additional fixes for AV1 codec and svg icon. ---- Update to 2.53.5 AV1 media
codec now supported. Some fixes and improvements.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 15 2020 Dmitry Butskoy <Dmitry(a)Butskoy.name> 2.53.5-2
- fix for av1 (mozbz#1490877)
- fix main svg icon
* Thu Nov 12 2020 Dmitry Butskoy <Dmitry(a)Butskoy.name> 2.53.5-1
- update to 2.53.5
- add patch to build with system libaom and libdav1d
- add official logo icon in svg format
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1868764 - SeaMonkey Web Browser icon on LXQt Quick Launch bar is smaller than the rest of the icons
https://bugzilla.redhat.com/show_bug.cgi?id=1868764
--------------------------------------------------------------------------------
The following Fedora EPEL 6 Security updates need testing:
Age URL
12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-6bc42544ca wordpress-5.1.8-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
pcsc-cyberjack-3.99.5final.SP14-1.el6
python-regex-2020.11.13-1.el6
Details about builds:
================================================================================
pcsc-cyberjack-3.99.5final.SP14-1.el6 (FEDORA-EPEL-2020-9f32d634cf)
PC/SC driver for REINER SCT cyberjack USB chip card reader
--------------------------------------------------------------------------------
Update Information:
* Update to new upstream version SP14 (rev cyberJack@1454) * Add support for
cyberJack wave HUN
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 14 2020 Robert Scheck <robert(a)fedoraproject.org> - 3.99.5final.SP14-1
- Update to new upstream version SP14 (#1847488)
* Tue Jul 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.99.5final.SP13-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jan 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.99.5final.SP13-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Sat Dec 14 2019 Jeff law <law(a)redhta.com> - 3.99.5final.SP13-2
- Fix narrowing convesion problem caught by gcc-10
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1847488 - pcsc-cyberjack-3.99.5final.SP14 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1847488
--------------------------------------------------------------------------------
================================================================================
python-regex-2020.11.13-1.el6 (FEDORA-EPEL-2020-6a0cd15913)
Alternative regular expression module, to replace re
--------------------------------------------------------------------------------
Update Information:
Update python-regex to the latest release.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 14 2020 Thomas Moschny <thomas.moschny(a)gmx.de> - 2020.11.13-1
- Update to 2020.11.13.
--------------------------------------------------------------------------------