The following Fedora EPEL 7 Security updates need testing:
Age URL
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-f005e1b879
debmirror-2.35-1.el7
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-2f9b2cf4af
ckeditor-4.16.2-1.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-d179a438bc
libspf2-1.2.11-1.20210922git4915c308.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-37f81a6244
golang-github-prometheus-2.26.1-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
openbgpd-7.2-1.el7
rpki-client-7.3-1.el7
Details about builds:
================================================================================
openbgpd-7.2-1.el7 (FEDORA-EPEL-2021-d380aed307)
OpenBGPD Routing Daemon
--------------------------------------------------------------------------------
Update Information:
OpenBGPD 7.2 ============ This release includes the following changes to the
previous release: * Support for RFC 9072 - Extended Optional Parameters
Length for `BGP OPEN` Message * Support for RFC 8050 - MRT Format with BGP
Additional Path Extensions * Implement receive side of RFC 7911 -
Advertisement of Multiple Paths in BGP. OpenBGPD is currently not able to send
multiple paths out. * Improve checks of VRPs loaded via RTR or from the roa-
set table. * Allow to optionally specify an expiry time for `roa-set` entries
to mitigate BGP route decision making based on outdated RPKI data. OpenBGPD's
companion `rpki-client` produces `roa-set`s with the new `expires` property.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 23 2021 Robert Scheck <robert(a)fedoraproject.org> 7.2-1
- Upgrade to 7.2 (#2007210)
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 7.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2007210 - openbgpd-7.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2007210
--------------------------------------------------------------------------------
================================================================================
rpki-client-7.3-1.el7 (FEDORA-EPEL-2021-dab7665591)
RPKI validator to support BGP Origin Validation
--------------------------------------------------------------------------------
Update Information:
rpki-client 7.3 =============== * Improve the HTTP client code (status code
handling, http proxy support, keep-alive). * In RRDP, do not access URI with
userinfo (`@`-sign). * Improve RRDP syncing by considering a notification file
serial jumping backwards as synced repository. * Make `-R` (`rsync` only) also
apply to the fetching of TA files. * Only sync `*.{cer,crl,gbr,mft,roa}` files
via `rsync` and exclude all others. * When producing output for OpenBGPd, make
use of the `roa-set expires` attribute to prevent machines from loading outdated
`roa-set`s. * In RRDP, limit the number of deltas to 300 per repo. If more
deltas exist, downloading a full snapshot is faster. * Limit the validation
depth of X509 certificate chains to 12, double the current depth seen in RPKI.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 23 2021 Robert Scheck <robert(a)fedoraproject.org> 7.3-1
- Upgrade to 7.3 (#2007447)
* Tue Sep 14 2021 Sahana Prasad <sahana(a)redhat.com> - 7.2-2
- Rebuilt with OpenSSL 3.0.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2007447 - rpki-client-7.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2007447
--------------------------------------------------------------------------------