[EPEL-devel] Fedora EPEL 6 updates-testing report

updates Sat, 05 Sep 2020 10:44:08 -0700

The following Fedora EPEL 6 Security updates need testing:
 Age  URL
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-1af9888c22   
golang-1.15-1.el6



The following builds have been pushed to Fedora EPEL 6 updates-testing

    drupal7-7.72-1.el6
    xrootd-4.12.4-1.el6

Details about builds:


================================================================================
 drupal7-7.72-1.el6 (FEDORA-EPEL-2020-972f57ea6d)
 An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:

- https://www.drupal.org/project/drupal/releases/7.72     - [Drupal core -
Critical - Cross Site Request Forgery - SA-
CORE-2020-004](https://www.drupal.org/sa-core-2020-004) / CVE-2020-13663 -
https://www.drupal.org/project/drupal/releases/7.71 -
https://www.drupal.org/project/drupal/releases/7.70     - [Drupal core -
Moderately critical - Cross Site Scripting - SA-
CORE-2020-002](https://www.drupal.org/sa-core-2020-002) / CVE-2020-11022 /
CVE-2020-11023     - [Drupal core - Moderately critical - Open Redirect - SA-
CORE-2020-003](https://www.drupal.org/sa-core-2020-003) / CVE-2020-13662
--------------------------------------------------------------------------------
ChangeLog:

* Fri Sep  4 2020 Shawn Iwinski <shawn.iwin...@gmail.com> - 7.72-1
- Update to 7.72
- SA-CORE-2020-004/CVE-2020-13663 (RHBZ #1860912, #1860913)
* Mon Jul 27 2020 Fedora Release Engineering <rel...@fedoraproject.org> - 7.70-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Sun May 31 2020 Shawn Iwinski <shawn.iwin...@gmail.com> - 7.70-2
- rpmbuild sub-pkg: Fix auto-provides for F32+
* Fri May 22 2020 Peter Borsa <pe...@asrob.eu> - 7.70-1
- Update to 7.70
- RHBZ #1837516 / SA-CORE-2020-003
- RHBZ #1828416 / SA-CORE-2020-002
* Fri May 22 2020 Peter Borsa <pe...@asrob.eu> - 7.69-3
- Remove php-recode as dependency
* Tue Jan 28 2020 Fedora Release Engineering <rel...@fedoraproject.org> - 7.69-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1828417 - CVE-2020-11022 drupal7: jquery: Cross-site scripting due 
to improper injQuery.htmlPrefilter method [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1828417
  [ 2 ] Bug #1850013 - CVE-2020-11023 drupal7: jQuery: passing HTML containing 
<option> elements to manipulation methods could result in untrusted code 
execution [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1850013
  [ 3 ] Bug #1850023 - CVE-2020-11023 drupal7: jQuery: passing HTML containing 
<option> elements to manipulation methods could result in untrusted code 
execution [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1850023
  [ 4 ] Bug #1860912 - CVE-2020-13663 drupal7: Form API does not properly 
handle certain form input from cross-site requests [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1860912
  [ 5 ] Bug #1860913 - CVE-2020-13663 drupal7: Form API does not properly 
handle certain form input from cross-site requests [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1860913
--------------------------------------------------------------------------------


================================================================================
 xrootd-4.12.4-1.el6 (FEDORA-EPEL-2020-2d734ca8fa)
 Extended ROOT file server
--------------------------------------------------------------------------------
Update Information:

xrootd 4.12.4
--------------------------------------------------------------------------------
ChangeLog:

* Fri Sep  4 2020 Mattias Ellert <mattias.ell...@physics.uu.se> - 1:4.12.4-1
- Update to version 4.12.4
- Drop patches (accepted upstream or previously backported)
* Wed Aug 26 2020 Mattias Ellert <mattias.ell...@physics.uu.se> - 1:4.12.3-5
- Use new CMake macros where available
- Backport minor fixes from upstream git
  - Correct flag reset code for ssq monitor option
  - Fix typo in xrootd-config help
- Prevent deadlock in Python bindings
- Fix plugin path in xrootd-http.cfg for 32 bit architectures
* Wed Jul 29 2020 Fedora Release Engineering <rel...@fedoraproject.org> - 
1:4.12.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri Jul 24 2020 Mattias Ellert <mattias.ell...@physics.uu.se> - 1:4.12.3-3
- Fix one definition rule (ODR) violation for LTO
- Disable LTO for 32 bit architectures due to the POSIX preload code
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org

[EPEL-devel] Fedora EPEL 6 updates-testing report

Reply via email to