Yesterday, ClamAV announced CVE-2022-37434 as critical
(
https://blog.clamav.net/2022/10/new-packages-for-clamav-01037-01044.html).
Redhat only seem to classify the issue as Moderate in EL7 -
https://access.redhat.com/security/cve/cve-2022-37434. It looks like
that, unless Redhat classify it as Critical, zlib and zlib-devel
won't get updated so ClamAV can't be rebuilt against the updated
zlib-devel. What is the EPEL take on the issue?
_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
