The following Fedora EPEL 8 Security updates need testing: Age URL 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-f9c76d4c79 ansible-2.9.27-1.el8 The following builds have been pushed to Fedora EPEL 8 updates-testing rpki-client-7.4-1.el8 thttpd-2.29-4.el8 Details about builds: ================================================================================ rpki-client-7.4-1.el8 (FEDORA-EPEL-2021-51a1d774bf) RPKI validator to support BGP Origin Validation -------------------------------------------------------------------------------- Update Information: rpki-client 7.4 =============== * Added support for validating BGPsec Router Public Keys. * Fix issues with chunked transfer encoding in the RRDP HTTP client. * Cleanup and improvement of how IO is handled. * Improvements in the way X509 certificates are verified. * Make rpki-client more resilient regarding untrusted input: - Limit the allowed character set for filename listings on Manifests. - Limit the length of SIA URIs. - Limit the size of certain untrusted inputs. - Don't exit on failures to parse x509 objects. - Limit the size of objects retreived via RRDP or RSYNC. - Limit the number of FileAndHash entries on a manifest. - Constrain RRDP such that the delta/snapshot files must be hosted at the same host as the notification file. -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 30 2021 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 7.4-1 - Upgrade to 7.4 (#2018729) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2018729 - rpki-client-7.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2018729 -------------------------------------------------------------------------------- ================================================================================ thttpd-2.29-4.el8 (FEDORA-EPEL-2021-668ff1041f) A tiny, turbo, throttleable lightweight HTTP server -------------------------------------------------------------------------------- Update Information: New release for EPEL8 -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #2016844 - thttpd for EL8 wanted https://bugzilla.redhat.com/show_bug.cgi?id=2016844 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
