The following Fedora EPEL 7 Security updates need testing: Age URL 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-1b4c7ee66c knot-resolver-5.5.3-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing dropbear-2017.75-2.el7 fts-3.12.0-1.el7 rlwrap-0.45.2-2.el7 Details about builds: ================================================================================ dropbear-2017.75-2.el7 (FEDORA-EPEL-2022-f0317a13d8) Lightweight SSH server and client -------------------------------------------------------------------------------- Update Information: - Backport fix for CVE-2018-15599, resolves rhbz#1623177 - Backport fix for CVE-2020-36254, resolves rhbz#1933067 -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 28 2022 Carl George <carl@george.computer> - 2017.75-2 - Backport fix for CVE-2018-15599, resolves rhbz#1623177 - Backport fix for CVE-2020-36254, resolves rhbz#1933067 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1623177 - CVE-2018-15599 dropbear: User enumeration via malformed packets in authentication requests [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1623177 [ 2 ] Bug #1933067 - CVE-2020-36254 dropbear: mishandles the filename of . or an empty filename [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1933067 -------------------------------------------------------------------------------- ================================================================================ fts-3.12.0-1.el7 (FEDORA-EPEL-2022-41b0d14048) File Transfer Service V3 -------------------------------------------------------------------------------- Update Information: The FTS v3.12.0 release -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 27 2022 Mihai Patrascoiu <mipatras@xxxxxxx> - 3.12.0-1 - Upstream release v3.12.0 -------------------------------------------------------------------------------- ================================================================================ rlwrap-0.45.2-2.el7 (FEDORA-EPEL-2022-04cccae3c4) Wrapper for GNU readline -------------------------------------------------------------------------------- Update Information: Fixes the version handling in rlwrapfilter to work with x.y.z version numbers -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 28 2022 Michel Alexandre Salim <salimma@xxxxxxxxxxxxxxxxx> 0.45.2-2 - Fix version parsing in rlwrapfilter.py (rhbz#2091749) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2091749 - rlwrap built for F36 sets a version number with a minor version to the env RLWRAP_VERSION https://bugzilla.redhat.com/show_bug.cgi?id=2091749 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
