Fedora EPEL 7 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora EPEL 7 Security updates need testing:
 Age  URL
 466  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-3c9292b62d   condor-8.6.11-1.el7
 207  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-c499781e80   python-gnupg-0.4.4-1.el7
 205  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-bc0182548b   bubblewrap-0.3.3-2.el7
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-136fa99185   limnoria-20191109-2.el7
  10  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-5fecd4c331   libmodbus-3.0.8-1.el7
   8  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-d8f3c6a443   chromium-78.0.3904.97-1.el7
   8  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-58be818bb4   thunderbird-enigmail-2.1.3-1.el7
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-8a7207a341   libidn2-2.3.0-1.el7
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-aff200699c   mingw-libidn2-2.3.0-1.el7
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-b1761c2898   imapfilter-2.6.15-1.el7


The following builds have been pushed to Fedora EPEL 7 updates-testing

    fail2ban-0.10.4-1.el7
    jhead-3.04-1.el7
    radsecproxy-1.8.0-1.el7

Details about builds:


================================================================================
 fail2ban-0.10.4-1.el7 (FEDORA-EPEL-2019-dac149ad76)
 Daemon to ban hosts that cause multiple authentication errors
--------------------------------------------------------------------------------
Update Information:

Update to 0.10.4 ---  Incompatibility list (compared to v.0.9):  * Filter (or
`failregex`) internal capture-groups:    - If you've your own `failregex` or
custom filters using conditional match `(?P=host)`, you should rewrite the regex
like in example below resp. using `(?:(?P=ip4)|(?P=ip6)` instead of `(?P=host)`
(or `(?:(?P=ip4)|(?P=ip6)|(?P=dns))` corresponding your `usedns` and `raw`
settings).      Of course you can always define your own capture-group (like
below `_cond_ip_`) to do this.     ```     testln="1500000000 failure from
192.0.2.1: bad host 192.0.2.1"     fail2ban-regex "$testln" "^\s*failure from
(?P<_cond_ip_><HOST>): bad host (?P=_cond_ip_)$"     ```   - New internal groups
(currently reserved for internal usage):     `ip4`, `ip6`, `dns`, `fid`,
`fport`, additionally `user` and another captures in lower case if mapping from
tag `<F-*>` used in failregex (e. g. `user` by `<F-USER>`).  * v.0.10 uses more
precise date template handling, that can be theoretically incompatible to some
user configurations resp. `datepattern`.  * Since v0.10 fail2ban supports the
matching of IPv6 addresses, but not all ban actions are IPv6-capable now.
Also:  - Define banaction_allports for firewalld, update banaction (bz#1775175)
- Update sendmail-reject with TLSMTA & MSA port IDs (bz#1722625) - Remove config
files for other distros (bz#1533113)
--------------------------------------------------------------------------------
ChangeLog:

* Sat Nov 23 2019 Orion Poplawski <orion@xxxxxxxx> - 0.10.4-1
- Update to 0.10.4
- Define banaction_allports for firewalld, update banaction (bz#1775175)
- Update sendmail-reject with TLSMTA & MSA port IDs (bz#1722625)
- Remove config files for other distros (bz#1533113)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1725975 - ssh jail bans the same IP for all log messages
        https://bugzilla.redhat.com/show_bug.cgi?id=1725975
  [ 2 ] Bug #1733363 - The default ssd filter file /etc/fail2ban/filter.d/sshd.conf does not protect against brute force password guessing if using pam_sss for authentication.
        https://bugzilla.redhat.com/show_bug.cgi?id=1733363
  [ 3 ] Bug #1401360 - postfix-rbl.conf regex for "454 4.7.1" should be "554 5.7.1" for default postfix reject_rbl_client
        https://bugzilla.redhat.com/show_bug.cgi?id=1401360
  [ 4 ] Bug #1775175 - fail2ban-firewalld should define banaction_allports
        https://bugzilla.redhat.com/show_bug.cgi?id=1775175
--------------------------------------------------------------------------------


================================================================================
 jhead-3.04-1.el7 (FEDORA-EPEL-2019-1a5ac407f8)
 Tool for displaying EXIF data embedded in JPEG images
--------------------------------------------------------------------------------
Update Information:

updated to 3.04 (CVE-2019-19035)
--------------------------------------------------------------------------------
ChangeLog:

* Fri Nov 22 2019 Adrian Reber <adrian@xxxxxxxx> - 3.04-1
- updated to 3.04 (CVE-2019-19035)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1775098 - CVE-2019-19035 jhead: heap based over-read in ReadJpegSections and process_SOFn in jpgfile.c leads to denial of service
        https://bugzilla.redhat.com/show_bug.cgi?id=1775098
--------------------------------------------------------------------------------


================================================================================
 radsecproxy-1.8.0-1.el7 (FEDORA-EPEL-2019-34fead3896)
 Generic RADIUS proxy with RadSec support
--------------------------------------------------------------------------------
Update Information:

radsecproxy is a generic RADIUS proxy that in addition to usual RADIUS UDP
transport, also supports TLS (RadSec), as well as RADIUS over TCP and DTLS. The
aim is for the proxy to have sufficient features to be flexible, while at the
same time to be small, efficient and easy to configure.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 17 2019 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.8.0-1
- Upgrade to 1.8.0 (#1753052)
- Initial spec file for Fedora and Red Hat Enterprise Linux
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux