The following Fedora EPEL 7 Security updates need testing: Age URL 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-2b4c6176d0 davix-0.8.3-1.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-c57a51c195 rxvt-unicode-9.30-2.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing signify-31-1.el7 tio-2.5-1.el7 trafficserver-9.1.4-1.el7 Details about builds: ================================================================================ signify-31-1.el7 (FEDORA-EPEL-2022-4b79bb9a3d) Sign and verify signatures on files -------------------------------------------------------------------------------- Update Information: - Update to release v31 -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 24 2022 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> - 31-1 - Update to release v31 * Sat Jul 23 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 30-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ tio-2.5-1.el7 (FEDORA-EPEL-2022-2327dece4b) Simple TTY terminal I/O application -------------------------------------------------------------------------------- Update Information: # tio v2.5 * Update configuration file documentation Rename `.tiorc` to `.tioconfig`, `tiorc` to `config`, etc. * Add support for `$HOME/.tioconfig` Replaces what used to be `$HOME/.tiorc * Fix double prefix key regression * Better error checking in config file, rename the file Accept `true`, `enable`, `on`, `yes`, `1` as true values, their counterparts as false ones. Check integer values for errors and range. Warn about ignored (e.g. misspelled) options. Check `getenv()` return value for `NULL`. Rename `tiorc` to `config`, as it's a static INI file, not an executable "run commands". -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 20 2022 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 2.5-1 - Upgrade to 2.5 (#2154614) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2154614 - tio-2.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2154614 -------------------------------------------------------------------------------- ================================================================================ trafficserver-9.1.4-1.el7 (FEDORA-EPEL-2022-8362ddfe7c) Fast, scalable and extensible HTTP/1.1 and HTTP/2 caching proxy server -------------------------------------------------------------------------------- Update Information: Update to 9.1.4, resolves CVE-2022-32749, CVE-2022-37392, CVE-2022-40743 -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 19 2022 Jered Floyd <jered@xxxxxxxxxx> 9.1.4-1 - Update to 9.1.4, resolves CVE-2022-32749, CVE-2022-37392, CVE-2022-40743 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2154123 - trafficserver-9.1.4-rc0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2154123 [ 2 ] Bug #2154896 - CVE-2022-32749 trafficserver: server crash under certain conditions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2154896 [ 3 ] Bug #2154897 - CVE-2022-32749 trafficserver: server crash under certain conditions [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2154897 [ 4 ] Bug #2154899 - CVE-2022-37392 trafficserver: ATS is vulnerable to smuggle, cache poison, and DOS attacks [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2154899 [ 5 ] Bug #2154900 - CVE-2022-37392 trafficserver: ATS is vulnerable to smuggle, cache poison, and DOS attacks [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2154900 [ 6 ] Bug #2154902 - CVE-2022-40743 trafficserver: Security issues with the xdebug plugin [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2154902 [ 7 ] Bug #2154903 - CVE-2022-40743 trafficserver: Security issues with the xdebug plugin [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2154903 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
