The following Fedora EPEL 8 Security updates need testing: Age URL 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-5660594875 python-markdown2-2.3.9-1.el8 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-c3fca161ee netdata-1.22.1-3.el8 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-38309f9f6f transmission-2.94-9.el8 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-06e970da9c knot-resolver-5.1.1-1.el8 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-383149ca50 perl-Email-MIME-1.949-1.el8 perl-Email-MIME-ContentType-1.024-1.el8 The following builds have been pushed to Fedora EPEL 8 updates-testing cacti-1.2.12-1.el8 cacti-spine-1.2.12-1.el8 icewm-1.6.6-1.el8 mbedtls-2.16.6-1.el8 pdns-4.3.0-2.el8 perl-File-KeePass-2.03-21.el8 python-xlsxwriter-1.2.9-1.el8 Details about builds: ================================================================================ cacti-1.2.12-1.el8 (FEDORA-EPEL-2020-5b6f780725) An rrd based graphing tool -------------------------------------------------------------------------------- Update Information: - Update to 1.2.12 Release notes: https://www.cacti.net/release_notes.php?version=1.2.12 -------------------------------------------------------------------------------- ChangeLog: * Wed May 27 2020 Morten Stevens <mstevens@xxxxxxxxxxxxxxxxx> - 1.2.12-1 - Update to 1.2.12 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1840313 - CVE-2020-13231 cacti: CSRF at admin email [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1840313 [ 2 ] Bug #1840318 - CVE-2020-13230 cacti: improper access control on disabling a user [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1840318 -------------------------------------------------------------------------------- ================================================================================ cacti-spine-1.2.12-1.el8 (FEDORA-EPEL-2020-5b6f780725) Threaded poller for Cacti written in C -------------------------------------------------------------------------------- Update Information: - Update to 1.2.12 Release notes: https://www.cacti.net/release_notes.php?version=1.2.12 -------------------------------------------------------------------------------- ChangeLog: * Wed May 27 2020 Morten Stevens <mstevens@xxxxxxxxxxxxxxxxx> - 1.2.12-1 - Update to 1.2.12 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1840313 - CVE-2020-13231 cacti: CSRF at admin email [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1840313 [ 2 ] Bug #1840318 - CVE-2020-13230 cacti: improper access control on disabling a user [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1840318 -------------------------------------------------------------------------------- ================================================================================ icewm-1.6.6-1.el8 (FEDORA-EPEL-2020-556f772b6e) Window manager designed for speed, usability, and consistency -------------------------------------------------------------------------------- Update Information: Update to latest version -------------------------------------------------------------------------------- ChangeLog: * Sat May 30 2020 Artem Polishchuk <ego.cordatus@xxxxxxxxx> - 1.6.6-1 - Update to 1.6.6 * Wed May 27 2020 Artem Polishchuk <ego.cordatus@xxxxxxxxx> - 1.6.5-2 - Drop more weak deps and simpilfy SPEC file - Disable LTO -------------------------------------------------------------------------------- ================================================================================ mbedtls-2.16.6-1.el8 (FEDORA-EPEL-2020-3943d14499) Light-weight cryptographic and SSL/TLS library -------------------------------------------------------------------------------- Update Information: - Update to 2.16.6 Release notes: https://tls.mbed.org/tech- updates/releases/mbedtls-2.16.6-and-2.7.15-released Security Advisory: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security- advisory-2020-04 -------------------------------------------------------------------------------- ChangeLog: * Wed May 27 2020 Morten Stevens <mstevens@xxxxxxxxxxxxxxxxx> - 2.16.6-1 - Update to 2.16.6 - Security Advisory 2020-04 (CVE-2020-10932) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1838552 - CVE-2020-10932 mbedtls: side channel attack possibly leading to information disclosure [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1838552 -------------------------------------------------------------------------------- ================================================================================ pdns-4.3.0-2.el8 (FEDORA-EPEL-2020-429fc91efb) A modern, advanced and high performance authoritative-only nameserver -------------------------------------------------------------------------------- Update Information: - Updated file permissions -------------------------------------------------------------------------------- ChangeLog: * Wed May 27 2020 Morten Stevens <mstevens@xxxxxxxxxxxxxxxxx> - 4.3.0-2 - Updated file permissions -------------------------------------------------------------------------------- ================================================================================ perl-File-KeePass-2.03-21.el8 (FEDORA-EPEL-2020-abd130a355) Interface to KeePass V1 and V2 database files -------------------------------------------------------------------------------- Update Information: Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ python-xlsxwriter-1.2.9-1.el8 (FEDORA-EPEL-2020-7294e9861e) Python module for writing files in the Excel 2007+ XLSX file format -------------------------------------------------------------------------------- Update Information: Added support for stacked and percent_stacked Line charts -------------------------------------------------------------------------------- ChangeLog: * Sat May 30 2020 Rajeesh K V <rajeeshknambiar@xxxxxxxxx> - 1.2.9-1 - Added support for stacked and percent_stacked Line charts -------------------------------------------------------------------------------- References: [ 1 ] Bug #1841933 - python-xlsxwriter-1.2.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1841933 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
