The following Fedora EPEL 8 Security updates need testing: Age URL 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-5660594875 python-markdown2-2.3.9-1.el8 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-c3fca161ee netdata-1.22.1-3.el8 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-38309f9f6f transmission-2.94-9.el8 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-06e970da9c knot-resolver-5.1.1-1.el8 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-383149ca50 perl-Email-MIME-1.949-1.el8 perl-Email-MIME-ContentType-1.024-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
cacti-1.2.12-1.el8 cacti-spine-1.2.12-1.el8 icewm-1.6.6-1.el8 mbedtls-2.16.6-1.el8 pdns-4.3.0-2.el8 perl-File-KeePass-2.03-21.el8 python-xlsxwriter-1.2.9-1.el8
Details about builds:
================================================================================ cacti-1.2.12-1.el8 (FEDORA-EPEL-2020-5b6f780725) An rrd based graphing tool -------------------------------------------------------------------------------- Update Information:
- Update to 1.2.12 Release notes: https://www.cacti.net/release_notes.php?version=1.2.12 -------------------------------------------------------------------------------- ChangeLog:
* Wed May 27 2020 Morten Stevens mstevens@fedoraproject.org - 1.2.12-1 - Update to 1.2.12 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1840313 - CVE-2020-13231 cacti: CSRF at admin email [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1840313 [ 2 ] Bug #1840318 - CVE-2020-13230 cacti: improper access control on disabling a user [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1840318 --------------------------------------------------------------------------------
================================================================================ cacti-spine-1.2.12-1.el8 (FEDORA-EPEL-2020-5b6f780725) Threaded poller for Cacti written in C -------------------------------------------------------------------------------- Update Information:
- Update to 1.2.12 Release notes: https://www.cacti.net/release_notes.php?version=1.2.12 -------------------------------------------------------------------------------- ChangeLog:
* Wed May 27 2020 Morten Stevens mstevens@fedoraproject.org - 1.2.12-1 - Update to 1.2.12 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1840313 - CVE-2020-13231 cacti: CSRF at admin email [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1840313 [ 2 ] Bug #1840318 - CVE-2020-13230 cacti: improper access control on disabling a user [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1840318 --------------------------------------------------------------------------------
================================================================================ icewm-1.6.6-1.el8 (FEDORA-EPEL-2020-556f772b6e) Window manager designed for speed, usability, and consistency -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Sat May 30 2020 Artem Polishchuk ego.cordatus@gmail.com - 1.6.6-1 - Update to 1.6.6 * Wed May 27 2020 Artem Polishchuk ego.cordatus@gmail.com - 1.6.5-2 - Drop more weak deps and simpilfy SPEC file - Disable LTO --------------------------------------------------------------------------------
================================================================================ mbedtls-2.16.6-1.el8 (FEDORA-EPEL-2020-3943d14499) Light-weight cryptographic and SSL/TLS library -------------------------------------------------------------------------------- Update Information:
- Update to 2.16.6 Release notes: https://tls.mbed.org/tech- updates/releases/mbedtls-2.16.6-and-2.7.15-released Security Advisory: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security- advisory-2020-04 -------------------------------------------------------------------------------- ChangeLog:
* Wed May 27 2020 Morten Stevens mstevens@fedoraproject.org - 2.16.6-1 - Update to 2.16.6 - Security Advisory 2020-04 (CVE-2020-10932) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1838552 - CVE-2020-10932 mbedtls: side channel attack possibly leading to information disclosure [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1838552 --------------------------------------------------------------------------------
================================================================================ pdns-4.3.0-2.el8 (FEDORA-EPEL-2020-429fc91efb) A modern, advanced and high performance authoritative-only nameserver -------------------------------------------------------------------------------- Update Information:
- Updated file permissions -------------------------------------------------------------------------------- ChangeLog:
* Wed May 27 2020 Morten Stevens mstevens@fedoraproject.org - 4.3.0-2 - Updated file permissions --------------------------------------------------------------------------------
================================================================================ perl-File-KeePass-2.03-21.el8 (FEDORA-EPEL-2020-abd130a355) Interface to KeePass V1 and V2 database files -------------------------------------------------------------------------------- Update Information:
Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- ChangeLog:
--------------------------------------------------------------------------------
================================================================================ python-xlsxwriter-1.2.9-1.el8 (FEDORA-EPEL-2020-7294e9861e) Python module for writing files in the Excel 2007+ XLSX file format -------------------------------------------------------------------------------- Update Information:
Added support for stacked and percent_stacked Line charts -------------------------------------------------------------------------------- ChangeLog:
* Sat May 30 2020 Rajeesh K V rajeeshknambiar@gmail.com - 1.2.9-1 - Added support for stacked and percent_stacked Line charts -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1841933 - python-xlsxwriter-1.2.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1841933 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org