The following Fedora EPEL 7 Security updates need testing: Age URL 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-a08edbaebf amavis-2.12.3-1.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-27eced8f48 tcpreplay-4.4.4-5.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-5253d48b14 w3m-0.5.3-63.git20230121.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-6e2c9aa156 chromium-122.0.6261.128-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-1c85d457ef perl-Data-UUID-1.227-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing csmock-3.5.3-1.el7 nagios-plugins-2.4.8-2.el7 Details about builds: ================================================================================ csmock-3.5.3-1.el7 (FEDORA-EPEL-2024-346421d49b) A mock wrapper for Static Analysis tools -------------------------------------------------------------------------------- Update Information: update to latest upstream (fixes CVE-2024-2243) -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 20 2024 Kamil Dudka <kdudka@xxxxxxxxxx> 3.5.3-1 - update to latest upstream (fixes CVE-2024-2243) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2270495 - TRIAGE CVE-2024-2243 csmock: command injection vulnerability in csmock-plugin-snyk [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2270495 [ 2 ] Bug #2270496 - TRIAGE CVE-2024-2243 csmock: command injection vulnerability in csmock-plugin-snyk [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2270496 -------------------------------------------------------------------------------- ================================================================================ nagios-plugins-2.4.8-2.el7 (FEDORA-EPEL-2024-113ba5a084) Host/service/network monitoring program plugins for Nagios -------------------------------------------------------------------------------- Update Information: Remove ssl_validity because package perl-Crypt-X509 is not available It was mistakenly readded some time ago -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 20 2024 Guido Aulisi <guido.aulisi@xxxxxxx> - 2.4.8-2 - Remove ssl_validity because package perl-Crypt-X509 is not available - Fix #2270251 #2270252 #2270329 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2270251 - nagios-plugins-ssl_validity-2.4.8-1.el7.x86_64 requires non-existent perl-Crypt-X509 package https://bugzilla.redhat.com/show_bug.cgi?id=2270251 [ 2 ] Bug #2270252 - 2.4.8 update broken in epel 7 https://bugzilla.redhat.com/show_bug.cgi?id=2270252 [ 3 ] Bug #2270329 - yum update broken due to nagios-plugins-ssl_validity in EPEL7 https://bugzilla.redhat.com/show_bug.cgi?id=2270329 -------------------------------------------------------------------------------- -- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
