The following builds have been pushed to Fedora EPEL 9 updates-testing

awstats-7.8-8.el9 lighttpd-1.4.66-1.el9 ntfs-3g-2022.5.17-2.el9 python-sqlalchemy-1.4.40-1.el9

Details about builds:

================================================================================ awstats-7.8-8.el9 (FEDORA-EPEL-2022-e42c41ed8c) Advanced Web Statistics -------------------------------------------------------------------------------- Update Information:

Do not require perl-Geo-IP which is EOL -------------------------------------------------------------------------------- ChangeLog:

* Mon Aug 1 2022 Petr Lautrbach plautrba@redhat.com - 7.8-8 - Do not require perl-Geo-IP which is EOL --------------------------------------------------------------------------------

================================================================================ lighttpd-1.4.66-1.el9 (FEDORA-EPEL-2022-feda8cea72) Lightning fast webserver with light system requirements -------------------------------------------------------------------------------- Update Information:

1.4.66 -------------------------------------------------------------------------------- ChangeLog:

* Tue Aug 9 2022 Gwyn Ciesla gwync@protonmail.com - 1.4.66-1 - 1.4.66 --------------------------------------------------------------------------------

================================================================================ ntfs-3g-2022.5.17-2.el9 (FEDORA-EPEL-2022-52aeb64bd7) Linux NTFS userspace driver -------------------------------------------------------------------------------- Update Information:

Update to 2022.5.17. Fixes: CVE-2021-46790, CVE-2022-30783, CVE-2022-30784, CVE-2022-30785, CVE-2022-30786, CVE-2022-30787, CVE-2022-30788, CVE-2022-30789 -------------------------------------------------------------------------------- ChangeLog:

* Fri Jul 22 2022 Fedora Release Engineering releng@fedoraproject.org - 2:2022.5.17-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Wed Jun 8 2022 Richard W.M. Jones rjones@redhat.com - 2:2022.5.17-1 - New upstream version 2022.5.17 - Fixes: CVE-2021-46790, CVE-2022-30783, CVE-2022-30784, CVE-2022-30785, CVE-2022-30786, CVE-2022-30787, CVE-2022-30788, CVE-2022-30789 * Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 2:2021.8.22-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- References:

[ 1 ] Bug #2093307 - CVE-2022-30783 ntfs-3g: invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2093307 [ 2 ] Bug #2093317 - CVE-2022-30784 ntfs-3g: crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2093317 [ 3 ] Bug #2093322 - CVE-2022-30785 ntfs-3g: a file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2093322 [ 4 ] Bug #2093330 - CVE-2022-30786 ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2093330 [ 5 ] Bug #2093335 - CVE-2022-30787 ntfs-3g: integer underflow in fuse_lib_readdir enables arbitrary memory read operations [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2093335 [ 6 ] Bug #2093342 - CVE-2022-30788 ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2093342 [ 7 ] Bug #2093350 - CVE-2022-30789 ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2093350 [ 8 ] Bug #2093362 - CVE-2021-46790 ntfs-3g: heap-based buffer overflow in ntfsck [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2093362 --------------------------------------------------------------------------------

================================================================================ python-sqlalchemy-1.4.40-1.el9 (FEDORA-EPEL-2022-0258424d1d) Modular and flexible ORM library for Python -------------------------------------------------------------------------------- Update Information:

This is a bugfix and enhancement release. The [upstream announcement](https://w ww.sqlalchemy.org/blog/2022/08/08/sqlalchemy-1.4.40-released/) summarizes and the [changelog](https://docs.sqlalchemy.org/en/14/changelog/changelog_14.html#ch ange-1.4.40) contains a detailed list of changes in version 1.4.40. -------------------------------------------------------------------------------- ChangeLog:

* Tue Aug 9 2022 Nils Philippsen nils@tiptoe.de - 1.4.40-1 - Version 1.4.40 * Mon Jul 25 2022 Miro Hron��ok miro@hroncok.cz - Remove obsolete cruft from the specfile, follow the packaging guidelines * Fri Jul 22 2022 Fedora Release Engineering releng@fedoraproject.org - 1.4.39-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------