The following Fedora EPEL 8 Security updates need testing: Age URL 19 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-1e00c3d01e cutter-re-2.2.0-1.el8 rizin-0.5.1-1.el8 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-95d6efd5d6 seamonkey-2.53.16-1.el8 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-711f25dbbf netatalk-3.1.14-3.el8 The following builds have been pushed to Fedora EPEL 8 updates-testing inxi-3.3.26-1.el8 pdns-4.7.3-1.el8 pdns-recursor-4.8.4-1.el8 zchunk-1.3.1-1.el8 Details about builds: ================================================================================ inxi-3.3.26-1.el8 (FEDORA-EPEL-2023-26f3bbde8a) A full featured system information script -------------------------------------------------------------------------------- Update Information: Update to 3.3.26. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 3 2023 Vasiliy N. Glazov <vascom2@xxxxxxxxx> - 3.3.26-1 - Update to 3.3.26 * Sat Mar 11 2023 Fabio Valentini <decathorpe@xxxxxxxxx> - 3.3.25-2 - Rebuild for https://pagure.io/releng/issue/11327 -------------------------------------------------------------------------------- ================================================================================ pdns-4.7.3-1.el8 (FEDORA-EPEL-2023-c28f233c6b) A modern, advanced and high performance authoritative-only nameserver -------------------------------------------------------------------------------- Update Information: - Update to 4.7.3 Release notes: https://doc.powerdns.com/authoritative/changelog/4.7.html#change-4.7.3 -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 4 2023 Morten Stevens <mstevens@xxxxxxxxxxxxxxxxx> - 4.7.3-1 - Update to 4.7.3 * Mon Feb 20 2023 Jonathan Wakely <jwakely@xxxxxxxxxx> - 4.7.2-5 - Rebuilt for Boost 1.81 * Mon Jan 23 2023 Morten Stevens <mstevens@xxxxxxxxxxxxxxxxx> - 4.7.2-4 - Fix missing include for gcc13 * Thu Jan 19 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.7.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Tue Nov 8 2022 Richard Shaw <hobbes1069@xxxxxxxxx> - 4.7.2-2 - Rebuild for yaml-cpp 0.7.0. * Tue Nov 1 2022 Morten Stevens <mstevens@xxxxxxxxxxxxxxxxx> - 4.7.2-1 - Update to 4.7.2 * Mon Oct 31 2022 Morten Stevens <mstevens@xxxxxxxxxxxxxxxxx> - 4.7.1-1 - Update to 4.7.1 * Sat Oct 22 2022 Morten Stevens <mstevens@xxxxxxxxxxxxxxxxx> - 4.7.0-1 - Update to 4.7.0 * Fri Jul 22 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.6.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Wed May 4 2022 Thomas Rodgers <trodgers@xxxxxxxxxx> - 4.6.2-2 - Rebuilt for Boost 1.78 -------------------------------------------------------------------------------- ================================================================================ pdns-recursor-4.8.4-1.el8 (FEDORA-EPEL-2023-d4a7c0e04e) Modern, advanced and high performance recursing/non authoritative name server -------------------------------------------------------------------------------- Update Information: - Update to 4.8.4 Release notes: https://doc.powerdns.com/recursor/changelog/4.8.html -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 4 2023 Morten Stevens <mstevens@xxxxxxxxxxxxxxxxx> - 4.8.4-1 - Update to 4.8.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2069403 - CVE-2022-27227 pdns-recursor: pdns,pdns-recursor: Incomplete zone transfers handled as successful [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2069403 [ 2 ] Bug #2120865 - CVE-2022-37428 pdns-recursor: DoS when protobuf logging is enabled [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2120865 [ 3 ] Bug #2182851 - CVE-2023-26437 pdns-recursor: Deterred spoofing attempts can lead to authoritative servers being marked unavailable [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2182851 -------------------------------------------------------------------------------- ================================================================================ zchunk-1.3.1-1.el8 (FEDORA-EPEL-2023-9215c40764) Compressed file format that allows easy deltas -------------------------------------------------------------------------------- Update Information: Fix several low severity security bugs. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 4 2023 Jonathan Dieter <jdieter@xxxxxxxxx> - 1.3.1-1 - Fix a few low severity security bugs including - An off-by-one overflow when reading compressed integers from a malicious zchunk file - Error handling being skipped when the number of bytes read doesn't match what's expected - Not freeing memory when attempting to reallocate to size 0 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
