The following Fedora EPEL 8 Security updates need testing: Age URL 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-f52b6219ca python39-jinja2-epel-3.1.3-1.2.el8 The following builds have been pushed to Fedora EPEL 8 updates-testing dummy-package-canary-2-1.el8 openssl3-3.2.2-2.1.el8 voms-2.1.0-0.35.rc5.el8 Details about builds: ================================================================================ dummy-package-canary-2-1.el8 (FEDORA-EPEL-2024-0b3b721744) Dummy package to exercise the packaging stack -------------------------------------------------------------------------------- Update Information: Initial import; Fixes: RHBZ#2075583 -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 18 2024 Davide Cavalca <dcavalca@xxxxxxxxxxxxxxxxx> - 2-1 - Initial import; Fixes: RHBZ#2075583 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2075583 - Review Request: dummy-package-canary - Dummy package to exercise the packaging stack https://bugzilla.redhat.com/show_bug.cgi?id=2075583 -------------------------------------------------------------------------------- ================================================================================ openssl3-3.2.2-2.1.el8 (FEDORA-EPEL-2024-c58045d54f) Utilities from the general purpose cryptography library with TLS implementation -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2024-4741 openssl3: openssl: Use After Free with SSL_free_buffers -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 17 2024 Michel Lind <salimma@xxxxxxxxxxxxxxxxx> - 3.2.2-2.1 - Merge c9s openssl changes to pick up CVE fixes * Wed Jun 12 2024 Daiki Ueno <dueno@xxxxxxxxxx> - 1:3.2.2-2 - Add workaround for EVP_PKEY_CTX_add1_hkdf_info with older providers Resolves: RHEL-40823 * Wed Jun 5 2024 Dmitry Belyavskiy <dbelyavs@xxxxxxxxxx> - 1:3.2.2-1 - Rebase to OpenSSL 3.2.2. Fixes CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, and Minerva attack. Resolves: RHEL-32148 Resolves: RHEL-36792 Resolves: RHEL-38514 Resolves: RHEL-39111 * Thu May 23 2024 Dmitry Belyavskiy <dbelyavs@xxxxxxxxxx> - 1:3.2.1-2 - Update RNG changing for FIPS purpose Resolves: RHEL-35380 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2283763 - CVE-2024-4741 openssl3: openssl: Use After Free with SSL_free_buffers [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2283763 -------------------------------------------------------------------------------- ================================================================================ voms-2.1.0-0.35.rc5.el8 (FEDORA-EPEL-2024-1ae5d490cd) Virtual Organization Membership Service -------------------------------------------------------------------------------- Update Information: VOMS 2.1.0rc5 -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 18 2024 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 2.1.0-0.35.rc5 - Update to version 2.1.0-rc5 -------------------------------------------------------------------------------- -- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
