Fedora EPEL 7 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora EPEL 7 Security updates need testing:
 Age  URL
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-1388277bf4   chromium-113.0.5672.126-1.el7
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-2455ae47ae   godot-3.1.2-2.el7


The following builds have been pushed to Fedora EPEL 7 updates-testing

    golang-1.19.9-1.el7
    radsecproxy-1.10.0-1.el7

Details about builds:


================================================================================
 golang-1.19.9-1.el7 (FEDORA-EPEL-2023-efd9bbf67e)
 The Go Programming Language
--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2023-24538, CVE-2023-24536 , CVE-2023-24537,
CVE-2023-24534, CVE-2023-24539, CVE-2023-29400, and CVE-2023-24540
--------------------------------------------------------------------------------
ChangeLog:

* Fri May 26 2023 Dave Dykstra <dwd@xxxxxxxxxxxxxxxxx> - 1.19.9-1
- Update to 1.19.9 by doing the equivalent changes as centos8-stream.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2184481 - CVE-2023-24538 golang: html/template: backticks not treated as string delimiters
        https://bugzilla.redhat.com/show_bug.cgi?id=2184481
  [ 2 ] Bug #2184482 - CVE-2023-24536 golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption
        https://bugzilla.redhat.com/show_bug.cgi?id=2184482
  [ 3 ] Bug #2184483 - CVE-2023-24534 golang: net/http, net/textproto: denial of service from excessive memory allocation
        https://bugzilla.redhat.com/show_bug.cgi?id=2184483
  [ 4 ] Bug #2184484 - CVE-2023-24537 golang: go/parser: Infinite loop in parsing
        https://bugzilla.redhat.com/show_bug.cgi?id=2184484
  [ 5 ] Bug #2196026 - CVE-2023-24539 golang: html/template: improper sanitization of CSS values
        https://bugzilla.redhat.com/show_bug.cgi?id=2196026
  [ 6 ] Bug #2196027 - CVE-2023-24540 golang: html/template: improper handling of JavaScript whitespace
        https://bugzilla.redhat.com/show_bug.cgi?id=2196027
  [ 7 ] Bug #2196029 - CVE-2023-29400 golang: html/template: improper handling of empty HTML attributes
        https://bugzilla.redhat.com/show_bug.cgi?id=2196029
--------------------------------------------------------------------------------


================================================================================
 radsecproxy-1.10.0-1.el7 (FEDORA-EPEL-2023-3c32763fc0)
 Generic RADIUS proxy with RadSec support
--------------------------------------------------------------------------------
Update Information:

# radsecproxy 1.10.0 (2023-05-26)  ## New features - Native dynamic discovery
for NAPTR and SRV records - Optionally log accounting requests when respoinding
directly - SNI support for outgoing connections - Optionally specify server name
for certificate name check - Manual MTU setting for DTLS on non-linux platforms
## Misc - Don't require server type to be set by dyndisc scripts - Improve
locating openssl lib using pkg-config  ## Bug Fixes - Fix radius message length
handling
--------------------------------------------------------------------------------
ChangeLog:

* Fri May 26 2023 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.10.0-1
- Upgrade to 1.10.0 (#2207652)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2207652 - radsecproxy-1.10.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2207652
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue




[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux