The following Fedora EPEL 7 Security updates need testing: Age URL 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-e1430e72de wordpress-5.1.13-1.el7 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-bd2c412d62 zabbix40-4.0.39-1.el7 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-54fdcd70bd zabbix50-5.0.21-1.el7 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-d009c17be8 abcm2ps-8.14.13-1.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-03421505cb libcaca-0.99-0.40.beta20.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing bird2-2.0.9-2.el7 xrdp-0.9.19-1.el7 Details about builds: ================================================================================ bird2-2.0.9-2.el7 (FEDORA-EPEL-2022-9dad453e24) BIRD Internet Routing Daemon -------------------------------------------------------------------------------- Update Information: - Added patch to fix bug in babel iface reconfiguration (#2064465) -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 17 2022 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> - 2.0.9-2 - Added patch to fix bug in babel iface reconfiguration (#2064465) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2064465 - Babel protocol broken in bird-2.0.9 https://bugzilla.redhat.com/show_bug.cgi?id=2064465 -------------------------------------------------------------------------------- ================================================================================ xrdp-0.9.19-1.el7 (FEDORA-EPEL-2022-9acd1c151d) Open source remote desktop protocol (RDP) server -------------------------------------------------------------------------------- Update Information: Release notes for xrdp v0.9.19 (2022/03/17) General announcements - Running xrdp and xrdp-sesman on separate hosts is still supported by this release, but is now deprecated. This is not secure. A future release will replace the TCP socket used between these processes with a Unix Domain Socket, and then cross- host running will not be possible. New features - Both inbound and outbound clipboards can now be restricted for text, files or images [Sponsored by @CyberTrust @clear-code and @kenhys] (#2087) Bug fixes - CVE-2022-23613: Privilege escalation on xrdp-sesman (This fix is also in the out-of-band v0.9.18.1 release) - The versions of imlib2 used on RHEL 7 and 8 are now detected correctly (#2118) - Some situations where zombie processes could exist have been resolved (#2146, #2151, #2168) - Some null-pointer exceptions which can happen in the logging module have been addressed (#2149) - Some minor logging errors have been corrected (#2152) - The signal handling in sesman has been reworked to prevent race conditions when a child exits. This has also made it possible to reliably reload the sesman configuration with SIGHUP (#1729, #2168) Internal changes - Versions 0.13 and later of checklib can undefine the pre-processor symbol HAVE_STDINT_H. The xrdp tests now build successfully against these versions (#2124) - OpenSSL packaging changes (#2130):- - The OpenSSL 3 EVP interface is now fully supported - When building against OpenSSL 3, an internal implementation of the RC4 cipher is used instead of the implementation from the OpenSSL legacy provider - The wrapping of the OpenSSL library has been improved which should make it simpler to provide an alternative cryptographic provider in the future, if required - The logging of TLS/non-TLS security negotiation has been improved - cppcheck version used for CI bumped to 2.7 (#2140) - The s_check() macro which is easily mis-used has been removed (#2144) - Status values for the DRDYNVC channel are now available in libxrdp/xrdp_channel.h Changes for packagers or developers - On OpenSSL 3 systems, there is now no need to build with the -Wno-error=deprecated- declarations flag Known issues - On-the-fly resolution change requires the Microsoft Store version of Remote Desktop client but sometimes crashes on connect (#1869) - xrdp's login dialog is not relocated at the center of the new resolution after on-the-fly resolution change happens (#1867) -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 17 2022 Bojan Smojver <bojan@xxxxxxxxxxxx> - 1:0.9.19-1 - Bump up to 0.9.19 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
