The following Fedora EPEL 7 Security updates need testing: Age URL 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-6395a45cb3 perl-Image-ExifTool-12.38-1.el7 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-4069001f10 miniupnpc-2.0-3.el7

The following builds have been pushed to Fedora EPEL 7 updates-testing

phoronix-test-suite-10.8.1-2.el7 proxychains-ng-4.16-1.el7 python3-ncclient-0.6.12-3.el7

Details about builds:

================================================================================ phoronix-test-suite-10.8.1-2.el7 (FEDORA-EPEL-2022-90efec73a3) An Automated, Open-Source Testing Framework -------------------------------------------------------------------------------- Update Information:

Security fix for: - CVE-2022-0157 - CVE-2022-0196 - CVE-2022-0197 - CVE-2022-0238 -------------------------------------------------------------------------------- ChangeLog:

* Tue Feb 1 2022 Michel Alexandre Salim salimma@fedoraproject.org 10.8.1-1 - Update to 10.8.1 * Fri Jan 21 2022 Fedora Release Engineering releng@fedoraproject.org 10.6.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Fri Dec 3 2021 Michel Alexandre Salim salimma@fedoraproject.org - 10.6.1-1 - Update to 10.6.1 - Opt in to rpmautospec * Fri Jul 23 2021 Fedora Release Engineering releng@fedoraproject.org - 9.0.1-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Tue Mar 2 2021 Zbigniew J��drzejewski-Szmek zbyszek@in.waw.pl - 9.0.1-5 - Rebuilt for updated systemd-rpm-macros See https://pagure.io/fesco/issue/2583. * Wed Jan 27 2021 Fedora Release Engineering releng@fedoraproject.org - 9.0.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Tue Jul 28 2020 Fedora Release Engineering releng@fedoraproject.org - 9.0.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Thu Jan 30 2020 Fedora Release Engineering releng@fedoraproject.org - 9.0.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- References:

[ 1 ] Bug #2039837 - CVE-2022-0157 phoronix-test-suite: stored xss in group name [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2039837 [ 2 ] Bug #2039838 - CVE-2022-0157 phoronix-test-suite: stored xss in group name [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=2039838 [ 3 ] Bug #2043434 - CVE-2022-0196 phoronix-test-suite: phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2043434 [ 4 ] Bug #2043435 - CVE-2022-0196 phoronix-test-suite: phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=2043435 [ 5 ] Bug #2043442 - CVE-2022-0197 phoronix-test-suite: phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2043442 [ 6 ] Bug #2043443 - CVE-2022-0197 phoronix-test-suite: phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=2043443 [ 7 ] Bug #2046238 - CVE-2022-0238 phoronix-test-suite: CSRF in the phoromatic component [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2046238 [ 8 ] Bug #2046239 - CVE-2022-0238 phoronix-test-suite: CSRF in the phoromatic component [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=2046239 --------------------------------------------------------------------------------

================================================================================ proxychains-ng-4.16-1.el7 (FEDORA-EPEL-2022-9fcc62292a) Redirect connections through proxy servers -------------------------------------------------------------------------------- Update Information:

Relevant parts from the [release notes](https://github.com/rofl0r/proxychains- ng/releases/tag/v4.16): - fix regression in configure script linker flag detection - remove 10 year old workaround for wrong glibc getnameinfo signature - support IPv6 localnets - more user-friendly error message when execvp fails - proxy_getaddrinfo(): fill in ai_socktype if requested -------------------------------------------------------------------------------- ChangeLog:

* Mon Jan 31 2022 Michel Alexandre Salim salimma@fedoraproject.org 4.16-1 - Update to 4.16 (resolves: rhbz#2044459) * Fri Jan 21 2022 Fedora Release Engineering releng@fedoraproject.org - 4.15-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Tue Jul 27 2021 Michel Alexandre Salim salimma@fedoraproject.org - 4.15-1 - Update to 4.15 - Use relative symlink for `proxychains`, not absolute * Fri Jul 23 2021 Fedora Release Engineering releng@fedoraproject.org - 4.14-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild -------------------------------------------------------------------------------- References:

[ 1 ] Bug #2044459 - proxychains-ng-4.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=2044459 [ 2 ] Bug #2048817 - Branch and build proxychains-ng for EPEL 9 https://bugzilla.redhat.com/show_bug.cgi?id=2048817 --------------------------------------------------------------------------------

================================================================================ python3-ncclient-0.6.12-3.el7 (FEDORA-EPEL-2022-b63d2bd67f) Python library for the NETCONF protocol -------------------------------------------------------------------------------- Update Information:

Add missing runtime dependencies -------------------------------------------------------------------------------- ChangeLog:

* Tue Feb 1 2022 Benjamin A. Beasley code@musicinmybrain.net - 0.6.12-3 - Add missing runtime dependencies -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1816038 - error in rpc when using filters with manager get function https://bugzilla.redhat.com/show_bug.cgi?id=1816038 --------------------------------------------------------------------------------