[EPEL-devel] Fedora EPEL 7 updates-testing report

updates Thu, 06 Oct 2022 08:12:20 -0700

The following Fedora EPEL 7 Security updates need testing:
 Age  URL
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-de23d337b0   
libopenmpt-0.6.6-1.el7
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-66467c33ea   
seamonkey-2.53.14-3.el7
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-d8f75949c3   
git-lfs-2.10.0-2.el7



The following builds have been pushed to Fedora EPEL 7 updates-testing

    luajit-2.0.5-1.20220913.46e62cd.el7
    python3-mod_wsgi-4.7.1-3.el7

Details about builds:


================================================================================
 luajit-2.0.5-1.20220913.46e62cd.el7 (FEDORA-EPEL-2022-f174e47230)
 Just-In-Time Compiler for Lua
--------------------------------------------------------------------------------
Update Information:

- Update to latest snapshot of 2.0 branch - Fixes CVE-2020-15890, resolves
rhbz#1860331 - Fixes CVE-2020-24372, resolves rhbz#1870308
--------------------------------------------------------------------------------
ChangeLog:

* Mon Oct  3 2022 Carl George <carl@george.computer> - 2.0.5-1.20220914.46e62cd
- Update to latest snapshot of 2.0 branch
- Fixes CVE-2020-15890, resolves rhbz#1860331
- Fixes CVE-2020-24372, resolves rhbz#1870308
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1860331 - CVE-2020-15890 luajit: out-of-bounds read because __gc 
handler frame traversal is mishandled [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1860331
  [ 2 ] Bug #1870308 - CVE-2020-24372 luajit: out-of-bounds read in lj_err_run 
function in lj_err.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1870308
--------------------------------------------------------------------------------


================================================================================
 python3-mod_wsgi-4.7.1-3.el7 (FEDORA-EPEL-2022-3f600666f9)
 A WSGI interface for Python web applications in Apache
--------------------------------------------------------------------------------
Update Information:

- Backported fix for CVE-2022-2255
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct  5 2022 Diego Herrera <dherr...@redhat.com> - 4.7.1-3
- Backported fix for CVE-2022-2255
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2108272 - CVE-2022-2255 python3-mod_wsgi: mod_wsgi: Trusted Proxy 
Headers Removing Bypass [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=2108272
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[EPEL-devel] Fedora EPEL 7 updates-testing report

Reply via email to