[EPEL-devel] Fedora EPEL 8 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The following Fedora EPEL 8 Security updates need testing:
 Age  URL
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-5ba84d0c64   seamonkey-2.53.19-1.el8


The following builds have been pushed to Fedora EPEL 8 updates-testing

    apptainer-1.3.4-1.el8
    clamav-1.0.7-1.el8
    tio-3.7-1.el8

Details about builds:


================================================================================
 apptainer-1.3.4-1.el8 (FEDORA-EPEL-2024-36d69b7195)
 Application and environment virtualization formerly known as Singularity
--------------------------------------------------------------------------------
Update Information:

Update to upstream 1.3.4
--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep  5 2024 Dave Dykstra <dwd@xxxxxxx> - 1.3.4
- Update to upstream 1.3.4
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2310334 - apptainer-1.3.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2310334
--------------------------------------------------------------------------------


================================================================================
 clamav-1.0.7-1.el8 (FEDORA-EPEL-2024-cef1a533b1)
 End-user tools for the Clam Antivirus scanner
--------------------------------------------------------------------------------
Update Information:

Update to 1.0.7
CVE-2024-20506: Changed the logging module to disable following symlinks on
Linux and Unix systems so as to prevent an attacker with existing access to the
'clamd' or 'freshclam' services from using a symlink to corrupt system files.
CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file parser
that could cause a denial-of-service (DoS) condition.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep  5 2024 Yaakov Selkowitz <yselkowi@xxxxxxxxxx> - 1.0.7-1
- Update to 1.0.7
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2310063 - CVE-2024-20506 clamav: ClamD process writes to log file while privileged without checking if its been replaced with a symlink [epel-8]
        https://bugzilla.redhat.com/show_bug.cgi?id=2310063
  [ 2 ] Bug #2310071 - CVE-2024-20505 clamav: out-of-bounds read bug in the PDF file parser [epel-8]
        https://bugzilla.redhat.com/show_bug.cgi?id=2310071
--------------------------------------------------------------------------------


================================================================================
 tio-3.7-1.el8 (FEDORA-EPEL-2024-ec3978b44d)
 Simple TTY terminal I/O application
--------------------------------------------------------------------------------
Update Information:

tio v3.7
Remove unnecessary sync in line input mode
This caused a problem for some highly timing sensitive modem read-eval-print
loops because the input line and line termination characters (cr/nl) would be
shifted out on the UART with too big delay inbetween because of two syncs.
Fix socket send call on platforms without MSG_NOSIGNAL
To fix build issue encountered on MacOS Catalina but may apply to other
platforms.
Add "epoch" timestamp option
Add an option that prints the timestamp as the number of seconds since the Unix
epoch.
The log-directory options is not read from the configuration file.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Sep  6 2024 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 3.7-1
- Upgrade to 3.7 (#2309659)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2309659 - tio-3.7 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2309659
--------------------------------------------------------------------------------


-- 
_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux