The following Fedora EPEL 7 Security updates need testing:
Age URL
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-14d598751d
libbson-1.3.5-7.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-4a24f39c87
blender-2.68a-9.el7
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-10b278795b
cacti-1.2.20-1.el7 cacti-spine-1.2.20-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
composer-1.10.26-1.el7
csdiff-2.4.0-1.el7
distgen-1.12-1.el7
lua-sec-1.1.0-1.el7
openbgpd-7.3-1.el7
Details about builds:
================================================================================
composer-1.10.26-1.el7 (FEDORA-EPEL-2022-a970a526cb)
Dependency Manager for PHP
--------------------------------------------------------------------------------
Update Information:
**Version 1.10.26** - 2022-04-13 * Security: Fixed command injection
vulnerability in HgDriver/GitDriver (GHSA-x7cr-6qr6-2hh6 / CVE-2022-24828) ----
**Version 1.10.25** - 2022-01-21 * Fixed selfupdate on Windows + PHP 8.1
regression (#10446) ---- **Version 1.10.24** - 2021-12-09 * Added v1
deprecation warning when running install. Please make sure you upgrade to
Composer 2, see https://blog.packagist.com/deprecating-composer-1-support/ *
Fixed PHP 8.1 compatibility * Fixed some more Windows CLI parameter escaping
edge cases ---- **Version 1.10.23** - 2021-10-05 * Security: Fixed command
injection vulnerability on Windows (GHSA-frqg-7g38-6gcf / CVE-2021-41116)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 14 2022 Remi Collet <[email protected]> - 1.10.26-1
- update to 1.10.26
--------------------------------------------------------------------------------
================================================================================
csdiff-2.4.0-1.el7 (FEDORA-EPEL-2022-68e1cadb32)
Non-interactive tools for processing code scan results in plain-text
--------------------------------------------------------------------------------
Update Information:
- update to latest upstream release - add support for the `SARIF` data format
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 13 2022 Kamil Dudka <[email protected]> 2.4.0-1
- update to latest upstream release
--------------------------------------------------------------------------------
================================================================================
distgen-1.12-1.el7 (FEDORA-EPEL-2022-cf99083f9c)
Templating system/generator for distributions
--------------------------------------------------------------------------------
Update Information:
Rebase to upstream version 1.12
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 14 2022 Zuzana Miklankova <[email protected]> - 1.12-1
- new upstream release, https://github.com/devexp-db/distgen/releases/tag/v1.12
--------------------------------------------------------------------------------
================================================================================
lua-sec-1.1.0-1.el7 (FEDORA-EPEL-2022-2bc1596aa7)
Lua binding for OpenSSL library
--------------------------------------------------------------------------------
Update Information:
# LuaSec 1.1.0 * Fix missing DANE flag * Remove unused parameter in
`https.lua`
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 14 2022 Robert Scheck <[email protected]> 1.1.0-1
- Upgrade to 1.1.0 (#2075354)
* Thu Jan 20 2022 Fedora Release Engineering <[email protected]> -
1.0.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Tue Sep 14 2021 Sahana Prasad <[email protected]> - 1.0.2-2
- Rebuilt with OpenSSL 3.0.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2075354 - lua-sec-1.1.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2075354
--------------------------------------------------------------------------------
================================================================================
openbgpd-7.3-1.el7 (FEDORA-EPEL-2022-f216f61bfd)
OpenBGPD Routing Daemon
--------------------------------------------------------------------------------
Update Information:
# OpenBGPD 7.3 This release includes the following changes to the previous
release: * Macro expansion in the config file is improved. It is now possible
to expand `set large-community $myAS:$location:$transit`. * Add initial FIB
support for Linux. Routes can be added and removed. Nexthop tracking and dynamic
interface detection are not yet implemented. * Major refactoring in the RIB
codebase to add multipath support in an upcoming release.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 13 2022 Robert Scheck <[email protected]> 7.3-1
- Upgrade to 7.3 (#2075138)
* Thu Jan 20 2022 Fedora Release Engineering <[email protected]> - 7.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2075138 - openbgpd-7.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2075138
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
