[EPEL-devel] Fedora EPEL 7 updates-testing report

updates Tue, 20 Dec 2022 18:03:39 -0800

The following Fedora EPEL 7 Security updates need testing:
 Age  URL
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-2b4c6176d0   
davix-0.8.3-1.el7
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-c57a51c195   
rxvt-unicode-9.30-2.el7



The following builds have been pushed to Fedora EPEL 7 updates-testing

    signify-31-1.el7
    tio-2.5-1.el7
    trafficserver-9.1.4-1.el7

Details about builds:


================================================================================
 signify-31-1.el7 (FEDORA-EPEL-2022-4b79bb9a3d)
 Sign and verify signatures on files
--------------------------------------------------------------------------------
Update Information:

- Update to release v31
--------------------------------------------------------------------------------
ChangeLog:

* Thu Nov 24 2022 Robert Scheck <rob...@fedoraproject.org> - 31-1
- Update to release v31
* Sat Jul 23 2022 Fedora Release Engineering <rel...@fedoraproject.org> - 30-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 tio-2.5-1.el7 (FEDORA-EPEL-2022-2327dece4b)
 Simple TTY terminal I/O application
--------------------------------------------------------------------------------
Update Information:

# tio v2.5    * Update configuration file documentation      Rename `.tiorc` to
`.tioconfig`, `tiorc` to `config`, etc.    * Add support for `$HOME/.tioconfig`
Replaces what used to be `$HOME/.tiorc    * Fix double prefix key regression
* Better error checking in config file, rename the file      Accept `true`,
`enable`, `on`, `yes`, `1` as true values, their counterparts as false ones.
Check integer values for errors and range. Warn about ignored (e.g. misspelled)
options.      Check `getenv()` return value for `NULL`.      Rename `tiorc` to
`config`, as it's a static INI file, not an executable "run commands".
--------------------------------------------------------------------------------
ChangeLog:

* Tue Dec 20 2022 Robert Scheck <rob...@fedoraproject.org> 2.5-1
- Upgrade to 2.5 (#2154614)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2154614 - tio-2.5 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2154614
--------------------------------------------------------------------------------


================================================================================
 trafficserver-9.1.4-1.el7 (FEDORA-EPEL-2022-8362ddfe7c)
 Fast, scalable and extensible HTTP/1.1 and HTTP/2 caching proxy server
--------------------------------------------------------------------------------
Update Information:

Update to 9.1.4, resolves CVE-2022-32749, CVE-2022-37392, CVE-2022-40743
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 19 2022 Jered Floyd <je...@redhat.com> 9.1.4-1
- Update to 9.1.4, resolves CVE-2022-32749, CVE-2022-37392, CVE-2022-40743
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2154123 - trafficserver-9.1.4-rc0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2154123
  [ 2 ] Bug #2154896 - CVE-2022-32749 trafficserver: server crash under certain 
conditions [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2154896
  [ 3 ] Bug #2154897 - CVE-2022-32749 trafficserver: server crash under certain 
conditions [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2154897
  [ 4 ] Bug #2154899 - CVE-2022-37392 trafficserver: ATS is vulnerable to 
smuggle, cache poison, and DOS attacks [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2154899
  [ 5 ] Bug #2154900 - CVE-2022-37392 trafficserver: ATS is vulnerable to 
smuggle, cache poison, and DOS attacks [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2154900
  [ 6 ] Bug #2154902 - CVE-2022-40743 trafficserver: Security issues with the 
xdebug plugin [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2154902
  [ 7 ] Bug #2154903 - CVE-2022-40743 trafficserver: Security issues with the 
xdebug plugin [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2154903
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[EPEL-devel] Fedora EPEL 7 updates-testing report

Reply via email to