The following Fedora EPEL 7 Security updates need testing: Age URL 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-01179f6b9f suricata-4.1.9-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing inxi-3.1.08-1.el7 openbgpd-6.8p0-1.el7 rpki-client-6.8p0-1.el7 tcpreplay-4.3.3-3.el7 Details about builds: ================================================================================ inxi-3.1.08-1.el7 (FEDORA-EPEL-2020-b6467c15d0) A full featured system information script -------------------------------------------------------------------------------- Update Information: Update to 3.1.08. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 21 2020 Vasiliy N. Glazov <vascom2@xxxxxxxxx> - 3.1.08-1 - Update to 3.1.08 -------------------------------------------------------------------------------- ================================================================================ openbgpd-6.8p0-1.el7 (FEDORA-EPEL-2020-725bd5179b) OpenBGPD Routing Daemon -------------------------------------------------------------------------------- Update Information: OpenBGPD 6.8p0 ============== Portable release based on OpenBSD 6.8. It includes the following changes to the previous release: * In `bgpctl(8)`, the `reload` command now takes a 'reason' argument to use as Administrative Shutdown Communication to its neighbors. * Added `bgpctl(8)` support for VPNv6 in the family option of the `show rib` command. * Added `bgpctl(8)` support for JSON formatted output in various `show` commands. * Support to build OpenBGPD on Alpine Linux added. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 20 2020 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 6.8p0-1 - Upgrade to 6.8p0 (#1889826) * Tue Jul 28 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 6.7p0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1889826 - openbgpd-6.8p0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1889826 -------------------------------------------------------------------------------- ================================================================================ rpki-client-6.8p0-1.el7 (FEDORA-EPEL-2020-ead590bb76) RPKI validator to support BGP Origin Validation -------------------------------------------------------------------------------- Update Information: rpki-client 6.8p0 ================= Portable release based on OpenBSD 6.8. It includes the following changes to the previous release: * Improve how repositories are downloaded: do not fetch symlinks and clean extraneous files in the repositories after download using the cryptographically signed RPKI manifest listings. * Fix a bug where `rpki-client` could hang after calling `rsync`. * Remove the `-f` option, no longer needed. * Improved validation of the trust anchors. * Add new option `-s timeout` to make `rpki-client` automatically terminate after a timeout (default 1 hour). This helps when `rpki-client` is run via `cron` to prevent a hanging process to cause problems. Portability improvements: * Replace `warnc()` with `warnx()` + `strerror()` * Replace `b64_pton()` with code using the `libcrypto EVP_Decode*` functionality. * Adjust for OpenSSL 1.1.x compatible use of the `EVP_ENCODE_CTX` struct. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 20 2020 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 6.8p0-1 - Upgrade to 6.8p0 (#1889618) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1889618 - rpki-client-6.8p0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1889618 -------------------------------------------------------------------------------- ================================================================================ tcpreplay-4.3.3-3.el7 (FEDORA-EPEL-2020-e6c7b4cbec) Replay captured network traffic -------------------------------------------------------------------------------- Update Information: Patch CVE-2020-24265 and CVE-2020-24266. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 21 2020 Bojan Smojver <bojan@rexursive com> - 4.3.3-2 - CVE-2020-24265 * Wed Jul 29 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.3.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1889806 - CVE-2020-24265 tcpreplay: heap buffer overflow could result in a crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1889806 [ 2 ] Bug #1889807 - CVE-2020-24265 tcpreplay: heap buffer overflow could result in a crash [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1889807 [ 3 ] Bug #1889809 - CVE-2020-24266 tcpreplay: heap buffer overflow in get_l2len() could result in a crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1889809 [ 4 ] Bug #1889810 - CVE-2020-24266 tcpreplay: heap buffer overflow in get_l2len() could result in a crash [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1889810 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
