The following Fedora EPEL 8 Security updates need testing: Age URL 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-5cb6798308 clamav-0.103.8-3.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
openssh-ldap-authkeys-0.2.0^git20230224.62ece4b-1.el8 python-django3-3.2.18-1.el8 yascreen-1.97-1.el8
Details about builds:
================================================================================ openssh-ldap-authkeys-0.2.0^git20230224.62ece4b-1.el8 (FEDORA-EPEL-2023-c28b765e00) Python script to generate SSH authorized_keys files using an LDAP directory -------------------------------------------------------------------------------- Update Information:
Add SELinux policy module subpackage to make it work in SELinux-enabled environments -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 24 2023 Neal Gompa ngompa@fedoraproject.org - 0.2.0^git20230224.62ece4b-1 - Update to post-release snapshot - Add SELinux subpackage --------------------------------------------------------------------------------
================================================================================ python-django3-3.2.18-1.el8 (FEDORA-EPEL-2023-934b856e97) A high-level Python Web framework -------------------------------------------------------------------------------- Update Information:
Security fixes for CVE-2022-24580 and CVE-2023-41323 -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 24 2023 Michel Alexandre Salim salimma@fedoraproject.org - 3.2.18-1 - Update to 3.2.18 - convert to SPDX license identifier -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2136134 - CVE-2022-41323 python-django3: python-django: Potential denial-of-service vulnerability in internationalized URLs [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2136134 [ 2 ] Bug #2136137 - CVE-2022-41323 python-django3: python-django: Potential denial-of-service vulnerability in internationalized URLs [fedora-36] https://bugzilla.redhat.com/show_bug.cgi?id=2136137 [ 3 ] Bug #2169742 - CVE-2023-24580 python-django3: python-django: Potential denial-of-service vulnerability in file uploads [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2169742 [ 4 ] Bug #2169744 - CVE-2023-24580 python-django3: python-django: Potential denial-of-service vulnerability in file uploads [fedora-36] https://bugzilla.redhat.com/show_bug.cgi?id=2169744 [ 5 ] Bug #2169746 - CVE-2023-24580 python-django3: python-django: Potential denial-of-service vulnerability in file uploads [fedora-37] https://bugzilla.redhat.com/show_bug.cgi?id=2169746 --------------------------------------------------------------------------------
================================================================================ yascreen-1.97-1.el8 (FEDORA-EPEL-2023-602a2ea74f) Yet Another Screen Library (lib(n)curses alternative) -------------------------------------------------------------------------------- Update Information:
Update to latest ver 1.97 -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 17 2023 Boian Bonev bbonev@ipacct.com - 1.97-1 - Update to latest ver 1.97 * Tue Feb 14 2023 Boian Bonev bbonev@ipacct.com - 1.96-2 - SPDX migration * Sun Feb 5 2023 Boian Bonev bbonev@ipacct.com - 1.96-1 - Update to latest ver 1.96 * Sat Jan 21 2023 Fedora Release Engineering releng@fedoraproject.org - 1.92-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Mon Jan 2 2023 Boian Bonev bbonev@ipacct.com - 1.92-1 - Update to latest ver 1.92 * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 1.86-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Sat Jan 22 2022 Fedora Release Engineering releng@fedoraproject.org - 1.86-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org