The following Fedora EPEL 7 Security updates need testing: Age URL 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-14d598751d libbson-1.3.5-7.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-4a24f39c87 blender-2.68a-9.el7 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-10b278795b cacti-1.2.20-1.el7 cacti-spine-1.2.20-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing composer-1.10.26-1.el7 csdiff-2.4.0-1.el7 distgen-1.12-1.el7 lua-sec-1.1.0-1.el7 openbgpd-7.3-1.el7 Details about builds: ================================================================================ composer-1.10.26-1.el7 (FEDORA-EPEL-2022-a970a526cb) Dependency Manager for PHP -------------------------------------------------------------------------------- Update Information: **Version 1.10.26** - 2022-04-13 * Security: Fixed command injection vulnerability in HgDriver/GitDriver (GHSA-x7cr-6qr6-2hh6 / CVE-2022-24828) ---- **Version 1.10.25** - 2022-01-21 * Fixed selfupdate on Windows + PHP 8.1 regression (#10446) ---- **Version 1.10.24** - 2021-12-09 * Added v1 deprecation warning when running install. Please make sure you upgrade to Composer 2, see https://blog.packagist.com/deprecating-composer-1-support/ * Fixed PHP 8.1 compatibility * Fixed some more Windows CLI parameter escaping edge cases ---- **Version 1.10.23** - 2021-10-05 * Security: Fixed command injection vulnerability on Windows (GHSA-frqg-7g38-6gcf / CVE-2021-41116) -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 14 2022 Remi Collet <remi@xxxxxxxxxxxx> - 1.10.26-1 - update to 1.10.26 -------------------------------------------------------------------------------- ================================================================================ csdiff-2.4.0-1.el7 (FEDORA-EPEL-2022-68e1cadb32) Non-interactive tools for processing code scan results in plain-text -------------------------------------------------------------------------------- Update Information: - update to latest upstream release - add support for the `SARIF` data format -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 13 2022 Kamil Dudka <kdudka@xxxxxxxxxx> 2.4.0-1 - update to latest upstream release -------------------------------------------------------------------------------- ================================================================================ distgen-1.12-1.el7 (FEDORA-EPEL-2022-cf99083f9c) Templating system/generator for distributions -------------------------------------------------------------------------------- Update Information: Rebase to upstream version 1.12 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 14 2022 Zuzana Miklankova <zmiklank@xxxxxxxxxx> - 1.12-1 - new upstream release, https://github.com/devexp-db/distgen/releases/tag/v1.12 -------------------------------------------------------------------------------- ================================================================================ lua-sec-1.1.0-1.el7 (FEDORA-EPEL-2022-2bc1596aa7) Lua binding for OpenSSL library -------------------------------------------------------------------------------- Update Information: # LuaSec 1.1.0 * Fix missing DANE flag * Remove unused parameter in `https.lua` -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 14 2022 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.1.0-1 - Upgrade to 1.1.0 (#2075354) * Thu Jan 20 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.0.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Tue Sep 14 2021 Sahana Prasad <sahana@xxxxxxxxxx> - 1.0.2-2 - Rebuilt with OpenSSL 3.0.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2075354 - lua-sec-1.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2075354 -------------------------------------------------------------------------------- ================================================================================ openbgpd-7.3-1.el7 (FEDORA-EPEL-2022-f216f61bfd) OpenBGPD Routing Daemon -------------------------------------------------------------------------------- Update Information: # OpenBGPD 7.3 This release includes the following changes to the previous release: * Macro expansion in the config file is improved. It is now possible to expand `set large-community $myAS:$location:$transit`. * Add initial FIB support for Linux. Routes can be added and removed. Nexthop tracking and dynamic interface detection are not yet implemented. * Major refactoring in the RIB codebase to add multipath support in an upcoming release. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 13 2022 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 7.3-1 - Upgrade to 7.3 (#2075138) * Thu Jan 20 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 7.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2075138 - openbgpd-7.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2075138 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
