Fedora EPEL 8 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora EPEL 8 Security updates need testing:
 Age  URL
  20  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-89ad385971   chromium-103.0.5060.114-1.el8


The following builds have been pushed to Fedora EPEL 8 updates-testing

    gsi-openssh-8.0p1-10.el8
    ntfs-3g-2022.5.17-2.el8

Details about builds:


================================================================================
 gsi-openssh-8.0p1-10.el8 (FEDORA-EPEL-2022-394ad1e696)
 An implementation of the SSH protocol with GSI authentication
--------------------------------------------------------------------------------
Update Information:

Sync patches with openssh
--------------------------------------------------------------------------------
ChangeLog:

* Tue Aug  9 2022 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 8.0p1-10
- Based on openssh-8.0p1-13.el8
--------------------------------------------------------------------------------


================================================================================
 ntfs-3g-2022.5.17-2.el8 (FEDORA-EPEL-2022-111c0bd3f5)
 Linux NTFS userspace driver
--------------------------------------------------------------------------------
Update Information:

Update to 2022.5.17.  Fixes: CVE-2021-46790, CVE-2022-30783, CVE-2022-30784,
CVE-2022-30785, CVE-2022-30786, CVE-2022-30787, CVE-2022-30788, CVE-2022-30789
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 22 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2:2022.5.17-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Wed Jun  8 2022 Richard W.M. Jones <rjones@xxxxxxxxxx> - 2:2022.5.17-1
- New upstream version 2022.5.17
- Fixes: CVE-2021-46790, CVE-2022-30783, CVE-2022-30784, CVE-2022-30785,
  CVE-2022-30786, CVE-2022-30787, CVE-2022-30788, CVE-2022-30789
* Thu Jan 20 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2:2021.8.22-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Wed Sep 15 2021 Neal Gompa <ngompa@xxxxxxxxx> - 2:2021.8.22-4
- Restyle the spec for legibility
* Mon Sep 13 2021 Richard W.M. Jones <rjones@xxxxxxxxxx> - 2:2021.8.22-3
- Remove unused ntfsprogs/boot.c replacement
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2093307 - CVE-2022-30783 ntfs-3g: invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2093307
  [ 2 ] Bug #2093317 - CVE-2022-30784 ntfs-3g: crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2093317
  [ 3 ] Bug #2093322 - CVE-2022-30785 ntfs-3g: a file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2093322
  [ 4 ] Bug #2093330 - CVE-2022-30786 ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2093330
  [ 5 ] Bug #2093335 - CVE-2022-30787 ntfs-3g: integer underflow in fuse_lib_readdir enables arbitrary memory read operations [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2093335
  [ 6 ] Bug #2093342 - CVE-2022-30788 ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2093342
  [ 7 ] Bug #2093350 - CVE-2022-30789 ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2093350
  [ 8 ] Bug #2093362 - CVE-2021-46790 ntfs-3g: heap-based buffer overflow in ntfsck [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2093362
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue




[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux