The following Fedora EPEL 8 Security updates need testing:
Age URL
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-fc5b08c7d5
engrampa-1.26.2-1.el8
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-829db80b8a
mbedtls-2.28.7-1.el8
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-33416db1e4
python-bleach-3.3.0-1.el8
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-34c7addedb
chromium-121.0.6167.160-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
fdupes-2.3.0-1.el8
libmodsecurity-3.0.12-1.el8
Details about builds:
================================================================================
fdupes-2.3.0-1.el8 (FEDORA-EPEL-2024-e5efe24928)
Finds duplicate files in a given set of directories
--------------------------------------------------------------------------------
Update Information:
Add --cache option to speed up file comparisons.
Use nanosecond precision for file times, if available.
Fix compilation issue on OpenBSD.
Other changes like fixing typos, wording, etc.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 10 2024 Richard Shaw <hobbes1...@gmail.com> - 1:2.3.0-1
- Update to 2.3.0.
* Wed Jan 24 2024 Fedora Release Engineering <rel...@fedoraproject.org> -
1:2.2.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jan 19 2024 Fedora Release Engineering <rel...@fedoraproject.org> -
1:2.2.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Jul 19 2023 Fedora Release Engineering <rel...@fedoraproject.org> -
1:2.2.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu Jan 19 2023 Fedora Release Engineering <rel...@fedoraproject.org> -
1:2.2.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2260756 - fdupes-2.3.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2260756
--------------------------------------------------------------------------------
================================================================================
libmodsecurity-3.0.12-1.el8 (FEDORA-EPEL-2024-4d3eb328e3)
A library that loads/interprets rules written in the ModSecurity SecRules
--------------------------------------------------------------------------------
Update Information:
Update to 3.0.12
Security fix for CVE-2024-1019
--------------------------------------------------------------------------------
ChangeLog:
* Sun Feb 11 2024 Mikel Olasagasti Uranga <mi...@olasagasti.info> - 3.0.12-1
- Update to 3.0.12 rhbz#2253518
- Fix CVE-2024-1019 rhbz#2262017 rhbz#2262018 rhbz#2262019
* Thu Jan 25 2024 Fedora Release Engineering <rel...@fedoraproject.org> -
3.0.10-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <rel...@fedoraproject.org> -
3.0.10-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2262019 - CVE-2024-1019 libmodsecurity: WAF bypass for path-based
payloads [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2262019
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
