The following Fedora EPEL 8 Security updates need testing: Age URL 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-109c5d3d12 gifsicle-1.95-1.el8 The following builds have been pushed to Fedora EPEL 8 updates-testing cpp-jwt-1.4-7.el8 dr_libs-0-0.24.20240227gitda35f9d.el8 suricata-6.0.16-1.el8 Details about builds: ================================================================================ cpp-jwt-1.4-7.el8 (FEDORA-EPEL-2024-16cf23e0e6) JSON Web Token library for C++ -------------------------------------------------------------------------------- Update Information: Fix side channel vulnerability -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 27 2024 Jonathan Wright <jonathan@xxxxxxxxxxxxx> - 1.4-7 - Fix side channel vulnerability rhbz#2263329 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2263329 - Side-channel in cpp-jwt https://bugzilla.redhat.com/show_bug.cgi?id=2263329 -------------------------------------------------------------------------------- ================================================================================ dr_libs-0-0.24.20240227gitda35f9d.el8 (FEDORA-EPEL-2024-402d963e0b) Single-file audio decoding libraries for C/C++ -------------------------------------------------------------------------------- Update Information: dr_flac v0.12.42 - 2023-11-02 Fix build for ARMv6-M. Fix a compilation warning with GCC. dr_mp3 v0.6.39 - 2024-02-27 Fix a Wdouble-promotion warning. v0.6.38 - 2023-11-02 Fix build for ARMv6-M. dr_wav v0.13.16 - 2024-02-27 Fix a Wdouble-promotion warning. v0.13.15 - 2024-01-23 Relax some unnecessary validation that prevented some files from loading. v0.13.14 - 2023-12-02 Fix a warning about an unused variable. v0.13.13 - 2023-11-02 Fix a warning when compiling with Clang. -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 27 2024 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0-0.24 - Update to 0^20240226gitda35f9d (dr_wav 0.13.15, dr_mp3 0.6.39, dr_flac 0.12.42) -------------------------------------------------------------------------------- ================================================================================ suricata-6.0.16-1.el8 (FEDORA-EPEL-2024-5d281b1780) Intrusion Detection System -------------------------------------------------------------------------------- Update Information: This update fixes: CVE-2024-23835, CVE-2024-23836, CVE-2024-23837, CVE-2024-23839, CVE-2024-24568. -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 26 2024 Steve Grubb <sgrubb@xxxxxxxxxx> 6.0.16-1 - New security and bugfix release -------------------------------------------------------------------------------- References: [ 1 ] Bug #2266171 - CVE-2024-24568 suricata: potential bypass of rules inspecting HTTP2 headers [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2266171 [ 2 ] Bug #2266172 - CVE-2024-24568 suricata: potential bypass of rules inspecting HTTP2 headers [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2266172 -------------------------------------------------------------------------------- -- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
