[EPEL-devel] Fedora EPEL 7 updates-testing report

updates Sat, 25 Nov 2023 19:12:16 -0800

The following Fedora EPEL 7 Security updates need testing:
 Age  URL
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-7e5dc8aef7   
chromium-119.0.6045.159-1.el7
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-1c906d04ee   
golang-1.20.10-3.el7



The following builds have been pushed to Fedora EPEL 7 updates-testing

    openssl11-1.1.1k-6.el7

Details about builds:


================================================================================
 openssl11-1.1.1k-6.el7 (FEDORA-EPEL-2023-a371f42add)
 Utilities from the general purpose cryptography library with TLS implementation
--------------------------------------------------------------------------------
Update Information:

  - backport from 1.1.1k-11: Fix CVE-2023-5678: Generating excessively long
X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be
very slow      Resolves: RHEL-16538    - backport from 1.1.1k-10: Fix
CVE-2023-3446: Excessive time spent checking DH keys and parameters
Resolves: RHEL-14245    - backport from 1.1.1k-10: Fix CVE-2023-3817: Excessive
time spent checking DH q parameter value      Resolves: RHEL-14239
--------------------------------------------------------------------------------
ChangeLog:

* Sat Nov 25 2023 Robert Scheck <rob...@fedoraproject.org> 1.1.1k-6
- backport from 1.1.1k-11: Fix CVE-2023-5678: Generating excessively long X9.42 
DH keys or checking
  excessively long X9.42 DH keys or parameters may be very slow
  Resolves: RHEL-16538
- backport from 1.1.1k-10: Fix CVE-2023-3446: Excessive time spent checking DH 
keys and parameters
  Resolves: RHEL-14245
- backport from 1.1.1k-10: Fix CVE-2023-3817: Excessive time spent checking DH 
q parameter value
  Resolves: RHEL-14239
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2224962 - CVE-2023-3446 openssl: Excessive time spent checking DH 
keys and parameters
        https://bugzilla.redhat.com/show_bug.cgi?id=2224962
  [ 2 ] Bug #2227852 - CVE-2023-3817 OpenSSL: Excessive time spent checking DH 
q parameter value
        https://bugzilla.redhat.com/show_bug.cgi?id=2227852
  [ 3 ] Bug #2248616 - CVE-2023-5678 openssl: Generating excessively long X9.42 
DH keys or checking excessively long X9.42 DH keys or parameters may be very 
slow
        https://bugzilla.redhat.com/show_bug.cgi?id=2248616
--------------------------------------------------------------------------------

--
_______________________________________________
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[EPEL-devel] Fedora EPEL 7 updates-testing report

Reply via email to