The following Fedora EPEL 8 Security updates need testing: Age URL 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-fc5b08c7d5 engrampa-1.26.2-1.el8 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-829db80b8a mbedtls-2.28.7-1.el8 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-33416db1e4 python-bleach-3.3.0-1.el8 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-34c7addedb chromium-121.0.6167.160-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
fdupes-2.3.0-1.el8 libmodsecurity-3.0.12-1.el8
Details about builds:
================================================================================ fdupes-2.3.0-1.el8 (FEDORA-EPEL-2024-e5efe24928) Finds duplicate files in a given set of directories -------------------------------------------------------------------------------- Update Information:
Add --cache option to speed up file comparisons. Use nanosecond precision for file times, if available. Fix compilation issue on OpenBSD. Other changes like fixing typos, wording, etc. -------------------------------------------------------------------------------- ChangeLog:
* Sat Feb 10 2024 Richard Shaw hobbes1069@gmail.com - 1:2.3.0-1 - Update to 2.3.0. * Wed Jan 24 2024 Fedora Release Engineering releng@fedoraproject.org - 1:2.2.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jan 19 2024 Fedora Release Engineering releng@fedoraproject.org - 1:2.2.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Wed Jul 19 2023 Fedora Release Engineering releng@fedoraproject.org - 1:2.2.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Thu Jan 19 2023 Fedora Release Engineering releng@fedoraproject.org - 1:2.2.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2260756 - fdupes-2.3.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2260756 --------------------------------------------------------------------------------
================================================================================ libmodsecurity-3.0.12-1.el8 (FEDORA-EPEL-2024-4d3eb328e3) A library that loads/interprets rules written in the ModSecurity SecRules -------------------------------------------------------------------------------- Update Information:
Update to 3.0.12 Security fix for CVE-2024-1019 -------------------------------------------------------------------------------- ChangeLog:
* Sun Feb 11 2024 Mikel Olasagasti Uranga mikel@olasagasti.info - 3.0.12-1 - Update to 3.0.12 rhbz#2253518 - Fix CVE-2024-1019 rhbz#2262017 rhbz#2262018 rhbz#2262019 * Thu Jan 25 2024 Fedora Release Engineering releng@fedoraproject.org - 3.0.10-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sun Jan 21 2024 Fedora Release Engineering releng@fedoraproject.org - 3.0.10-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2262019 - CVE-2024-1019 libmodsecurity: WAF bypass for path-based payloads [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2262019 --------------------------------------------------------------------------------