On Tue, 1 Nov 2022 10:50:02 +0000 Nick Howitt via epel-devel <epel-devel@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > Yesterday, ClamAV announced CVE-2022-37434 as critical > (https://blog.clamav.net/2022/10/new-packages-for-clamav-01037-01044.html). > Redhat only seem to classify the issue as Moderate in EL7 - > https://access.redhat.com/security/cve/cve-2022-37434. It looks like > that, unless Redhat classify it as Critical, zlib and zlib-devel > won't get updated so ClamAV can't be rebuilt against the updated > zlib-devel. What is the EPEL take on the issue? Question was about update of bundled libraries which are not used by epel package. -- Tuomo Soini <tis@xxxxxxxxx> Foobar Linux services +358 40 5240030 Foobar Oy <https://foobar.fi/> _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
