Fedora EPEL 6 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora EPEL 6 Security updates need testing:
 Age  URL
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-1af9888c22   golang-1.15-1.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

    drupal7-7.72-1.el6
    xrootd-4.12.4-1.el6

Details about builds:


================================================================================
 drupal7-7.72-1.el6 (FEDORA-EPEL-2020-972f57ea6d)
 An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:

- https://www.drupal.org/project/drupal/releases/7.72     - [Drupal core -
Critical - Cross Site Request Forgery - SA-
CORE-2020-004](https://www.drupal.org/sa-core-2020-004) / CVE-2020-13663 -
https://www.drupal.org/project/drupal/releases/7.71 -
https://www.drupal.org/project/drupal/releases/7.70     - [Drupal core -
Moderately critical - Cross Site Scripting - SA-
CORE-2020-002](https://www.drupal.org/sa-core-2020-002) / CVE-2020-11022 /
CVE-2020-11023     - [Drupal core - Moderately critical - Open Redirect - SA-
CORE-2020-003](https://www.drupal.org/sa-core-2020-003) / CVE-2020-13662
--------------------------------------------------------------------------------
ChangeLog:

* Fri Sep  4 2020 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 7.72-1
- Update to 7.72
- SA-CORE-2020-004/CVE-2020-13663 (RHBZ #1860912, #1860913)
* Mon Jul 27 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 7.70-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Sun May 31 2020 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 7.70-2
- rpmbuild sub-pkg: Fix auto-provides for F32+
* Fri May 22 2020 Peter Borsa <peter@xxxxxxxx> - 7.70-1
- Update to 7.70
- RHBZ #1837516 / SA-CORE-2020-003
- RHBZ #1828416 / SA-CORE-2020-002
* Fri May 22 2020 Peter Borsa <peter@xxxxxxxx> - 7.69-3
- Remove php-recode as dependency
* Tue Jan 28 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 7.69-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1828417 - CVE-2020-11022 drupal7: jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1828417
  [ 2 ] Bug #1850013 - CVE-2020-11023 drupal7: jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1850013
  [ 3 ] Bug #1850023 - CVE-2020-11023 drupal7: jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1850023
  [ 4 ] Bug #1860912 - CVE-2020-13663 drupal7: Form API does not properly handle certain form input from cross-site requests [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1860912
  [ 5 ] Bug #1860913 - CVE-2020-13663 drupal7: Form API does not properly handle certain form input from cross-site requests [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1860913
--------------------------------------------------------------------------------


================================================================================
 xrootd-4.12.4-1.el6 (FEDORA-EPEL-2020-2d734ca8fa)
 Extended ROOT file server
--------------------------------------------------------------------------------
Update Information:

xrootd 4.12.4
--------------------------------------------------------------------------------
ChangeLog:

* Fri Sep  4 2020 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 1:4.12.4-1
- Update to version 4.12.4
- Drop patches (accepted upstream or previously backported)
* Wed Aug 26 2020 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 1:4.12.3-5
- Use new CMake macros where available
- Backport minor fixes from upstream git
  - Correct flag reset code for ssq monitor option
  - Fix typo in xrootd-config help
- Prevent deadlock in Python bindings
- Fix plugin path in xrootd-http.cfg for 32 bit architectures
* Wed Jul 29 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1:4.12.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri Jul 24 2020 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 1:4.12.3-3
- Fix one definition rule (ODR) violation for LTO
- Disable LTO for 32 bit architectures due to the POSIX preload code
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux