The following Fedora EPEL 7 Security updates need testing: Age URL 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-c5ad3565aa libmodsecurity-3.0.9-2.el7

The following builds have been pushed to Fedora EPEL 7 updates-testing

golang-1.19.10-1.el7 netdata-1.40.1-1.el7

Details about builds:

================================================================================ golang-1.19.10-1.el7 (FEDORA-EPEL-2023-560bc00f33) The Go Programming Language -------------------------------------------------------------------------------- Update Information:

Security fix for CVE-2023-29402, CVE-2023-29403,CVE-2023-29404, CVE-2023-29405, and CVE-2022-32149 -------------------------------------------------------------------------------- ChangeLog:

* Thu Jun 29 2023 Dave Dykstra dwd@fedoraproject.org - 1.19.10-1 - Update to 1.19.10 by doing the equivalent changes done in RedHat ubi8. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #2134010 - CVE-2022-32149 golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags https://bugzilla.redhat.com/show_bug.cgi?id=2134010 [ 2 ] Bug #2216965 - CVE-2023-29403 golang: runtime: unexpected behavior of setuid/setgid binaries https://bugzilla.redhat.com/show_bug.cgi?id=2216965 [ 3 ] Bug #2217562 - CVE-2023-29402 golang: cmd/go: go command may generate unexpected code at build time when using cgo https://bugzilla.redhat.com/show_bug.cgi?id=2217562 [ 4 ] Bug #2217565 - CVE-2023-29404 golang: cmd/go: go command may execute arbitrary code at build time when using cgo https://bugzilla.redhat.com/show_bug.cgi?id=2217565 [ 5 ] Bug #2217569 - CVE-2023-29405 golang: cmd/cgo: Arbitratry code execution triggered by linker flags https://bugzilla.redhat.com/show_bug.cgi?id=2217569 --------------------------------------------------------------------------------

================================================================================ netdata-1.40.1-1.el7 (FEDORA-EPEL-2023-a55d62b450) Real-time performance monitoring -------------------------------------------------------------------------------- Update Information:

Update from upstream -------------------------------------------------------------------------------- ChangeLog:

* Thu Jun 29 2023 Didier Fabert didier.fabert@gmail.com 1.40.1-1 - Update from upstream -------------------------------------------------------------------------------- References:

[ 1 ] Bug #2215364 - netdata-1.40.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2215364 --------------------------------------------------------------------------------