The following Fedora EPEL 8 Security updates need testing: Age URL 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-8f073f9e87 opendmarc-1.4.1.1-3.el8 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-9ca0db533c kitty-0.19.3-1.el8 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-8676850578 chromium-91.0.4472.164-1.el8 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-1b74f2e3ca tor-0.4.5.9-1.el8 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-eafd1f0f4d seamonkey-2.53.8.1-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
mbedtls-2.16.11-1.el8 pdns-4.5.0-1.el8
Details about builds:
================================================================================ mbedtls-2.16.11-1.el8 (FEDORA-EPEL-2021-659234979d) Light-weight cryptographic and SSL/TLS library -------------------------------------------------------------------------------- Update Information:
- Update to 2.16.11 Release notes: https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.11 -------------------------------------------------------------------------------- ChangeLog:
* Sat Jul 24 2021 Morten Stevens mstevens@fedoraproject.org - 2.16.11-1 - Update to 2.16.11 * Thu Jul 22 2021 Fedora Release Engineering releng@fedoraproject.org - 2.16.9-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Tue Jan 26 2021 Fedora Release Engineering releng@fedoraproject.org - 2.16.9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1943664 - mbedtls: multiple vulnerabilities fixed in mbedtls-2.26.0 https://bugzilla.redhat.com/show_bug.cgi?id=1943664 [ 2 ] Bug #1981510 - mbedtls: Local side channel attack on RSA https://bugzilla.redhat.com/show_bug.cgi?id=1981510 [ 3 ] Bug #1981514 - mbedtls: Local side channel attack on static Diffie-Hellman with Montgomery curves https://bugzilla.redhat.com/show_bug.cgi?id=1981514 [ 4 ] Bug #1985311 - CVE-2021-24119 mbedtls: side-channel vulnerability allows system-level-attacker information disclosure https://bugzilla.redhat.com/show_bug.cgi?id=1985311 --------------------------------------------------------------------------------
================================================================================ pdns-4.5.0-1.el8 (FEDORA-EPEL-2021-f9fe8acf0e) A modern, advanced and high performance authoritative-only nameserver -------------------------------------------------------------------------------- Update Information:
- Update to 4.5.0 Release notes: https://doc.powerdns.com/authoritative/changelog/4.5.html -------------------------------------------------------------------------------- ChangeLog:
* Sat Jul 24 2021 Morten Stevens mstevens@fedoraproject.org - 4.5.0-1 - Update to 4.5.0 - Upstream dropped support for 32-bit arches * Thu Jul 22 2021 Fedora Release Engineering releng@fedoraproject.org - 4.4.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Wed Mar 31 2021 Jonathan Wakely jwakely@redhat.com - 4.4.1-3 - Rebuilt for removed libstdc++ symbols (#1937698) * Tue Mar 2 2021 Zbigniew J��drzejewski-Szmek zbyszek@in.waw.pl - 4.4.1-2 - Rebuilt for updated systemd-rpm-macros See https://pagure.io/fesco/issue/2583. --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org