The following Fedora EPEL 7 Security updates need testing: Age URL 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-4add1d3059 needrestart-3.6-1.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-d1317f7176 rubygem-git-1.3.0-2.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing rubygem-nokogiri-1.6.1-1.el7.2 Details about builds: ================================================================================ rubygem-nokogiri-1.6.1-1.el7.2 (FEDORA-EPEL-2022-b3575fc91b) An HTML, XML, SAX, and Reader parser -------------------------------------------------------------------------------- Update Information: Backport CVE-2022-24836 (#2074347), Backport CVE-2022-29181 (#2088685) -------------------------------------------------------------------------------- ChangeLog: * Wed May 25 2022 Troy Dawson <tdawson@xxxxxxxxxx> - 1.6.1-1.2 - Backport CVE-2022-24836 (#2074347) - Backport CVE-2022-29181 (#2088685) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2074347 - CVE-2022-24836 rubygem-nokogiri: nokogiri: ReDoS in HTML encoding detection [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2074347 [ 2 ] Bug #2088685 - CVE-2022-29181 rubygem-nokogiri: Improper Handling of Unexpected Data Type in Nokogiri [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2088685 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
