The following Fedora EPEL 8 Security updates need testing:
Age URL
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-8f073f9e87
opendmarc-1.4.1.1-3.el8
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-9ca0db533c
kitty-0.19.3-1.el8
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-8676850578
chromium-91.0.4472.164-1.el8
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-1b74f2e3ca
tor-0.4.5.9-1.el8
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-eafd1f0f4d
seamonkey-2.53.8.1-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
mbedtls-2.16.11-1.el8
pdns-4.5.0-1.el8
Details about builds:
================================================================================
mbedtls-2.16.11-1.el8 (FEDORA-EPEL-2021-659234979d)
Light-weight cryptographic and SSL/TLS library
--------------------------------------------------------------------------------
Update Information:
- Update to 2.16.11 Release notes:
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.11
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jul 24 2021 Morten Stevens <mstevens(a)fedoraproject.org> - 2.16.11-1
- Update to 2.16.11
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.16.9-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.16.9-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1943664 - mbedtls: multiple vulnerabilities fixed in mbedtls-2.26.0
https://bugzilla.redhat.com/show_bug.cgi?id=1943664
[ 2 ] Bug #1981510 - mbedtls: Local side channel attack on RSA
https://bugzilla.redhat.com/show_bug.cgi?id=1981510
[ 3 ] Bug #1981514 - mbedtls: Local side channel attack on static Diffie-Hellman with
Montgomery curves
https://bugzilla.redhat.com/show_bug.cgi?id=1981514
[ 4 ] Bug #1985311 - CVE-2021-24119 mbedtls: side-channel vulnerability allows
system-level-attacker information disclosure
https://bugzilla.redhat.com/show_bug.cgi?id=1985311
--------------------------------------------------------------------------------
================================================================================
pdns-4.5.0-1.el8 (FEDORA-EPEL-2021-f9fe8acf0e)
A modern, advanced and high performance authoritative-only nameserver
--------------------------------------------------------------------------------
Update Information:
- Update to 4.5.0 Release notes:
https://doc.powerdns.com/authoritative/changelog/4.5.html
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jul 24 2021 Morten Stevens <mstevens(a)fedoraproject.org> - 4.5.0-1
- Update to 4.5.0
- Upstream dropped support for 32-bit arches
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.4.1-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Wed Mar 31 2021 Jonathan Wakely <jwakely(a)redhat.com> - 4.4.1-3
- Rebuilt for removed libstdc++ symbols (#1937698)
* Tue Mar 2 2021 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 4.4.1-2
- Rebuilt for updated systemd-rpm-macros
See
https://pagure.io/fesco/issue/2583.
--------------------------------------------------------------------------------