The following Fedora EPEL 7 Security updates need testing:
Age URL
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-e1430e72de
wordpress-5.1.13-1.el7
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-bd2c412d62
zabbix40-4.0.39-1.el7
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-54fdcd70bd
zabbix50-5.0.21-1.el7
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-d009c17be8
abcm2ps-8.14.13-1.el7
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-03421505cb
libcaca-0.99-0.40.beta20.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
bird2-2.0.9-2.el7
xrdp-0.9.19-1.el7
Details about builds:
bird2-2.0.9-2.el7 (FEDORA-EPEL-2022-9dad453e24)
BIRD Internet Routing Daemon
Update Information:
- Added patch to fix bug in babel iface reconfiguration (#2064465)
ChangeLog:
* Thu Mar 17 2022 Robert Scheck - 2.0.9-2
- Added patch to fix bug in babel iface reconfiguration (#2064465)
References:
[ 1 ] Bug #2064465 - Babel protocol broken in bird-2.0.9
https://bugzilla.redhat.com/show_bug.cgi?id=2064465
xrdp-0.9.19-1.el7 (FEDORA-EPEL-2022-9acd1c151d)
Open source remote desktop protocol (RDP) server
Update Information:
Release notes for xrdp v0.9.19 (2022/03/17) General announcements - Running
xrdp and xrdp-sesman on separate hosts is still supported by this release, but
is now deprecated. This is not secure. A future release will replace the TCP
socket used between these processes with a Unix Domain Socket, and then cross-
host running will not be possible. New features - Both inbound and outbound
clipboards can now be restricted for text, files or images [Sponsored by
@CyberTrust @clear-code and @kenhys] (#2087) Bug fixes - CVE-2022-23613:
Privilege escalation on xrdp-sesman (This fix is also in the out-of-band
v0.9.18.1 release) - The versions of imlib2 used on RHEL 7 and 8 are now
detected correctly (#2118) - Some situations where zombie processes could exist
have been resolved (#2146, #2151, #2168) - Some null-pointer exceptions which
can happen in the logging module have been addressed (#2149) - Some minor
logging errors have been corrected (#2152) - The signal handling in sesman has
been reworked to prevent race conditions when a child exits. This has also made
it possible to reliably reload the sesman configuration with SIGHUP (#1729,
#2168) Internal changes - Versions 0.13 and later of checklib can undefine
the pre-processor symbol HAVE_STDINT_H. The xrdp tests now build successfully
against these versions (#2124) - OpenSSL packaging changes (#2130):- - The
OpenSSL 3 EVP interface is now fully supported - When building against OpenSSL
3, an internal implementation of the RC4 cipher is used instead of the
implementation from the OpenSSL legacy provider - The wrapping of the OpenSSL
library has been improved which should make it simpler to provide an alternative
cryptographic provider in the future, if required - The logging of TLS/non-TLS
security negotiation has been improved - cppcheck version used for CI bumped to
2.7 (#2140) - The s_check() macro which is easily mis-used has been removed
(#2144) - Status values for the DRDYNVC channel are now available in
libxrdp/xrdp_channel.h Changes for packagers or developers - On OpenSSL 3
systems, there is now no need to build with the -Wno-error=deprecated-
declarations flag Known issues - On-the-fly resolution change requires the
Microsoft Store version of Remote Desktop client but sometimes crashes on
connect (#1869) - xrdp's login dialog is not relocated at the center of the new
resolution after on-the-fly resolution change happens (#1867)
ChangeLog:
* Thu Mar 17 2022 Bojan Smojver - 1:0.9.19-1
- Bump up to 0.9.19
___
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org
Do not reply to spam on the list,
