The following Fedora EPEL 9 Security updates need testing:
Age URL
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-0d642b2dde
caddy-2.4.6-6.el9
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-95d098a2d9
strongswan-5.9.10-1.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
dcmtk-3.6.6-12.el9
iptables-epel-1.8.8-6.el9.1
munin-2.0.72-1.el9
pack-0.28.0-2.el9
rust-io-lifetimes-1.0.6-1.el9
scons-4.5.1-1.el9
Details about builds:
================================================================================
dcmtk-3.6.6-12.el9 (FEDORA-EPEL-2023-c14f77e922)
Offis DICOM Toolkit (DCMTK)
--------------------------------------------------------------------------------
Update Information:
This update contains several high and critical security fixes. -
CVE-2021-41687/CVE-2021-41688/CVE-2021-41690 - CVE-2021-41689 -
CVE-2022-2119/CVE-2022-2120/CVE-2022-2121 - CVE-2022-43272 It also switches to
use bundled charls v1 to match the behavior in Fedora.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 2 2023 Carl George <carl(a)george.computer> - 3.6.6-12
- Backport fix for CVE-2021-41687/CVE-2021-41688/CVE-2021-41690, resolves
rhbz#2106336/rhbz#2106315/rhbz#2106332
- Backport fix for CVE-2021-41689, resolves rhbz#2106340
- Backport fix for CVE-2022-2119/CVE-2022-2120/CVE-2022-2121, resolves
rhbz#2173039/rhbz#2173042/rhbz#2173045
- Backport fix for CVE-2022-43272, resolves rhbz#2150931
- Disable dcmtls tests on all architectures
* Mon Apr 25 2022 Ankur Sinha <ankursinha AT fedoraproject DOT org> - 3.6.6-11
- Disable sporadically failing test on s390x also
* Mon Apr 25 2022 Ankur Sinha <ankursinha AT fedoraproject DOT org> - 3.6.6-10
- Use bundled charls
* Mon Apr 25 2022 Ankur Sinha <ankursinha AT fedoraproject DOT org> - 3.6.6-9
- Temporarily allow use of deprecated flags to fix build with openssl 3.0
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.6.6-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2106315 - CVE-2021-41688 dcmtk: a double free allows for a DoS [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2106315
[ 2 ] Bug #2106332 - CVE-2021-41690 dcmtk: sending specific requests to the dcmqrdb
program can incur a memory leak [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2106332
[ 3 ] Bug #2106336 - CVE-2021-41687 dcmtk: a memory leak allows a DoS [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2106336
[ 4 ] Bug #2106340 - CVE-2021-41689 dcmtk: a head-based overflow may lead to DoS
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2106340
[ 5 ] Bug #2150931 - CVE-2022-43272 dcmtk: memory leak via the T_ASC_Association object.
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2150931
[ 6 ] Bug #2173039 - CVE-2022-2119 dcmtk: path traversal [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2173039
[ 7 ] Bug #2173042 - CVE-2022-2120 dcmtk: relative path traversal [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2173042
[ 8 ] Bug #2173045 - CVE-2022-2121 dcmtk: NULL pointer dereference that could lead to a
DoS [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2173045
--------------------------------------------------------------------------------
================================================================================
iptables-epel-1.8.8-6.el9.1 (FEDORA-EPEL-2023-19e08df042)
Tools for managing Linux kernel packet filtering capabilities
--------------------------------------------------------------------------------
Update Information:
Rebuild to match the latest iptables
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 7 2023 Michel Alexandre Salim <salimma(a)fedoraproject.org> - 1.8.8-6.1
- Rebase iptables-epel on c9s' iptables-1.8.8-6
* Wed Dec 7 2022 Phil Sutter <psutter(a)redhat.com> - 1.8.8-6
- Add expected testsuite result
* Tue Dec 6 2022 Phil Sutter <psutter(a)redhat.com> - 1.8.8-5
- nft: un-break among match with concatenation
- nft: fix ebtables among match when mac+ip addresses are used
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2175900 - Needs a rebuild against newer iptables-lib
https://bugzilla.redhat.com/show_bug.cgi?id=2175900
--------------------------------------------------------------------------------
================================================================================
munin-2.0.72-1.el9 (FEDORA-EPEL-2023-bcdf80d3fe)
Network-wide resource monitoring tool
--------------------------------------------------------------------------------
Update Information:
Upstream update to 2.0.72. This version also adds support for munin-get to
download and install plugins from contrib.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 7 2023 Kim B. Heino <b(a)bbbs.net> - 2.0.72-1
- Upgrade to 2.0.72
- Add munin-get plugin directory
- Mangle /var/lib/munin-node SELinux
- Fix service startup order
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.0.69-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
pack-0.28.0-2.el9 (FEDORA-EPEL-2023-c094a94031)
Convert code into runnable images
--------------------------------------------------------------------------------
Update Information:
Resolves: #2161300 - set _fortify_level 3
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 6 2023 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.28.0-2
- Resolves: #2161300 - set _fortify_level 3
* Mon Mar 6 2023 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.28.0-1
- bump to v0.28.0
* Mon Mar 6 2023 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.28.0~rc2-4
- fix build flags specification
* Mon Mar 6 2023 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.28.0~rc2-3
- migrated to SPDX license
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> -
0.28.0~rc2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Mon Dec 12 2022 RH Container Bot <rhcontainerbot(a)fedoraproject.org> -
0.28.0~rc2-1
- auto bump to v0.28.0-rc2
* Mon Oct 10 2022 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.27.0-7
- update autosetup
* Mon Oct 10 2022 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.27.0-6
- add macros for getting correct version and add comment about Source0
tarball
* Wed Aug 17 2022 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.27.0-5
- use built_tag_strip macro instead of built_tag for rhcontainerbot
autobuilder
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.27.0-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jul 19 2022 Maxwell G <gotmax(a)e.email> - 0.27.0-3
- Rebuild for
CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang
* Sun Jul 10 2022 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 0.27.0-2
- Rebuild for CVE-2022-{24675,28327,29526 in golang}
--------------------------------------------------------------------------------
================================================================================
rust-io-lifetimes-1.0.6-1.el9 (FEDORA-EPEL-2023-1076e86904)
Low-level I/O ownership and borrowing library
--------------------------------------------------------------------------------
Update Information:
Update to version 1.0.6.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 7 2023 Fabio Valentini <decathorpe(a)gmail.com> - 1.0.6-1
- Update to version 1.0.6; Fixes RHBZ#2175912
--------------------------------------------------------------------------------
================================================================================
scons-4.5.1-1.el9 (FEDORA-EPEL-2023-aaf224a9ac)
An Open Source software construction tool
--------------------------------------------------------------------------------
Update Information:
- Release 4.5.1
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 7 2023 Antonio Trande <sagitter(a)fedoraproject.org> - 4.5.1-1
- Release 4.5.1
* Mon Mar 6 2023 Antonio Trande <sagitter(a)fedoraproject.org> - 4.5.0-1
- Release 4.5.0
- Use Python-3.9 in EPEL8
* Sat Jan 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.4.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Thu Sep 1 2022 Antonio Trande <sagitter(a)fedoraproject.org> - 4.4.0-2
- Build documentation
* Wed Aug 3 2022 Antonio Trande <sagitter(a)fedoraproject.org> - 4.4.0-1
- Release 4.4.0
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.3.0-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Mon Jun 13 2022 Python Maint <python-maint(a)redhat.com> - 4.3.0-4
- Rebuilt for Python 3.11
* Sat Jan 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.3.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------