The following Fedora EPEL 6 Security updates need testing: Age URL 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-c3bf4a8f31 php-horde-Horde-Data-2.1.5-1.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing tomcat-7.0.99-1.el6 Details about builds: ================================================================================ tomcat-7.0.99-1.el6 (FEDORA-EPEL-2020-06ccd2148b) Apache Servlet/JSP Engine, RI for Servlet 3.0/JSP 2.2 API -------------------------------------------------------------------------------- Update Information: This update includes a rebase from 7.0.96 up to 7.0.99 which resolves two CVEs along with various other bugs/features: * rhbz#1785700 CVE-2019-12418 tomcat: local privilege escalation * rhbz#1785712 CVE-2019-17563 tomcat: session fixation when using FORM authentication -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 6 2020 Coty Sutherland <csutherl@xxxxxxxxxx> - 1:7.0.99-1 - Update to 7.0.99 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1785700 - CVE-2019-12418 tomcat: local privilege escalation [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1785700 [ 2 ] Bug #1785712 - CVE-2019-17563 tomcat: session fixation when using FORM authentication [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1785712 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
