The following Fedora EPEL 9 Security updates need testing: Age URL 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-eb5d8834c8 chromium-127.0.6533.99-1.el9 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-c3521d114d libsass-3.6.6-1.el9 python-libsass-0.23.0-2.el9 python-qtsass-0.4.0-4.el9 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-cfb384f493 iaito-5.9.4-1.el9 radare2-5.9.4-1.el9 The following builds have been pushed to Fedora EPEL 9 updates-testing distribution-gpg-keys-1.105-1.el9 fira-code-fonts-6.2-6.el9 glfw-3.3.10-1.el9 mock-core-configs-41.2-1.el9 python-webob-1.8.8-1.el9 zabbix-6.0.33-1.el9 Details about builds: ================================================================================ distribution-gpg-keys-1.105-1.el9 (FEDORA-EPEL-2024-56dce0b598) GPG keys of various Linux distributions -------------------------------------------------------------------------------- Update Information: keys for f43 -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 12 2024 Miroslav Suchý <msuchy@xxxxxxxxxx> 1.105-1 - update copr keys - add fedora 43 keys and change rawhide symlink - Refresh GPG keys for Dell -------------------------------------------------------------------------------- ================================================================================ fira-code-fonts-6.2-6.el9 (FEDORA-EPEL-2024-afb6ecc10b) Monospaced font with programming ligatures -------------------------------------------------------------------------------- Update Information: Initial EPEL 9 release -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 20 2023 Matej Focko <mfocko@xxxxxxxxxx> - 6.2-6 - migrated to SPDX license * Wed Jul 19 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 6.2-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Thu Jan 19 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 6.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Thu Jul 21 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 6.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Thu Jan 20 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 6.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Tue Dec 7 2021 Michael Kuhn <suraia@xxxxxxxxxxxxxxxxx> - 6.2-1 - Update to 6.2 * Fri Dec 3 2021 Michael Kuhn <suraia@xxxxxxxxxxxxxxxxx> - 6.1-1 - Update to 6.1 * Mon Nov 29 2021 Michael Kuhn <suraia@xxxxxxxxxxxxxxxxx> - 6-1 - Update to 6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2262602 - Please branch and build fira-code-fonts in epel9 https://bugzilla.redhat.com/show_bug.cgi?id=2262602 -------------------------------------------------------------------------------- ================================================================================ glfw-3.3.10-1.el9 (FEDORA-EPEL-2024-fb247a0956) A cross-platform multimedia library -------------------------------------------------------------------------------- Update Information: update to 3.3.10 -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 15 2024 Jonathan Wright <jonathan@xxxxxxxxxxxxx> - 1:3.3.10-1 - update to 3.3.10 * Thu Jul 18 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1:3.3.8-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Wed Jan 24 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1:3.3.8-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jan 19 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1:3.3.8-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Wed Jul 19 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1:3.3.8-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Fri Jun 23 2023 Till Hofmann <thofmann@xxxxxxxxxxxxxxxxx> - 1:3.3.8-3 - Migrate to SPDX license tag * Thu Jan 19 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1:3.3.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ mock-core-configs-41.2-1.el9 (FEDORA-EPEL-2024-7b363812c8) Mock core config files basic chroots -------------------------------------------------------------------------------- Update Information: https://rpm-software-management.github.io/mock/Release-Notes-Configs-41.1 -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 15 2024 Pavel Raiskup <praiskup@xxxxxxxxxx> 41.2-1 - fix centos-stream+epel-10-s390x /bin/sed typo * Wed Aug 14 2024 Pavel Raiskup <praiskup@xxxxxxxxxx> 41.1-1 - branch F41 from Rawhide (frostyx@xxxxxxxx) - added centos-stream+epel-10 configs - Enable RPM sysusers integration (j1.kyjovsky@xxxxxxxxx) - Rawhide to accept GPG key from future Fedora Rawhide+1 - openEuler 24.03 LTS (nucleo@xxxxxxxxxxxxxxxxx) - drop fedora-eln-i386 (yselkowi@xxxxxxxxxx) - Switch CentOS 7 to vault.centos.org (robert@xxxxxxxxxxxxxxxxx) - Fix GPG keys for CentOS Stream 10 repositories (daan.j.demeyer@xxxxxxxxx) - EOL epel-7 configuration - CentOS 7 is EOL - Fedora 41+ configuration images are "dnf5 ready" - Use metalinks for c10s {baseos,appstream,crb}-{source,debuginfo} (miro@xxxxxxxxxx) -------------------------------------------------------------------------------- ================================================================================ python-webob-1.8.8-1.el9 (FEDORA-EPEL-2024-f9387068fe) WSGI request and response object -------------------------------------------------------------------------------- Update Information: Update to upstream. Fix open redirect issue in 1.8-branch rhbz#2305065 -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 15 2024 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> - 1.8.8-1 - Update to upstream. Fix open redirect issue in 1.8-branch rhbz#2305065 - pypi_source constructed manually according to project/name case inconsistency - only require legacy-cgi on on systems where it's present - remove python3.9 patch (applied upstream) * Fri Jul 19 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.8.7-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Sat Jun 15 2024 Mattia Verga <mattia.verga@xxxxxxxxx> - 1.8.7-14 - Explicitly require python3-cgi at runtime (Fedora#2245641) * Fri Jun 14 2024 Mattia Verga <mattia.verga@xxxxxxxxx> - 1.8.7-13 - Require legacy-cgi as build dependency - Fix FTB with Python 3.13 (Fedora#2245641) * Fri Jun 7 2024 Python Maint <python-maint@xxxxxxxxxx> - 1.8.7-12 - Rebuilt for Python 3.13 * Fri Jan 26 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.8.7-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Mon Jan 22 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.8.7-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jul 21 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.8.7-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Tue Jun 13 2023 Python Maint <python-maint@xxxxxxxxxx> - 1.8.7-8 - Rebuilt for Python 3.12 * Fri Jan 20 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.8.7-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2305065 - CVE-2024-42353 python-webob: WebOb's location header normalization during redirect leads to open redirect [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2305065 -------------------------------------------------------------------------------- ================================================================================ zabbix-6.0.33-1.el9 (FEDORA-EPEL-2024-e76322a49b) Open-source monitoring solution for your IT infrastructure -------------------------------------------------------------------------------- Update Information: Multiple security fixes. -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 15 2024 Gwyn Ciesla <gwync@xxxxxxxxxxxxxx> - 1:6.0.33-1 - 6.0.33 * Mon Jul 29 2024 Miroslav Suchý <msuchy@xxxxxxxxxx> - 1:6.0.30-3 - convert license to SPDX * Sat Jul 20 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1:6.0.30-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2305138 - CVE-2024-36460 zabbix:6.0/zabbix: Front-end auditlog shows passwords in plaintext [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2305138 [ 2 ] Bug #2305142 - CVE-2024-22123 zabbix:6.0/zabbix: Zabbix Arbitrary File Read [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2305142 [ 3 ] Bug #2305146 - CVE-2024-22122 zabbix:6.0/zabbix: AT(GSM) Command Injection [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2305146 [ 4 ] Bug #2305154 - CVE-2024-22114 zabbix:6.0/zabbix: System Information Widget in Global View Dashboard exposes information about Hosts to Users without Permission [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2305154 --------------------------------------------------------------------------------
-- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
