The following Fedora EPEL 9 Security updates need testing:
Age URL
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-917679773c
GitPython-3.1.32-1.el9
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-e2fcc4af81
llhttp-8.1.1-1.el9 python-aiohttp-3.8.5-1.el9
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-f08c8f0812
chromium-116.0.5845.96-1.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
clamav-1.0.2-1.el9
libXISF-0.2.9-1.el9
python-django-clacks-0.3.1-1.el9
Details about builds:
================================================================================
clamav-1.0.2-1.el9 (FEDORA-EPEL-2023-e2f8cb1ee1)
End-user tools for the Clam Antivirus scanner
--------------------------------------------------------------------------------
Update Information:
CVE-2023-20197 ClamAV File Scanning Infinite Loop Denial of Service
Vulnerability
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 18 2023 Orion Poplawski <orion(a)nwra.com> - 1.0.2-1
- Update to 1.0.2 CVE-2023-20197 (bz#2232508)
* Wed Jul 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.1-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Mon Feb 27 2023 Orion Poplawski <orion(a)nwra.com> - 1.0.1-4
- Mark cvd files is clamav-data as %config(noreplace) (bz#2170876)
- Rename clamav-update to clamav-freshclam
- Make clamav-freshclam supplement clamd
- Have clamav-freshclam ghost all of the .cld and .cvd files
- Update data files with help of Cisco-Talos/cvdupdate
- Update to 1.0.1
- Make sure RUSTFLAGS are passed to rustc (bz#2167194)
- Fix multilib install
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2232508 - CVE-2023-20197 fedora: ClamAV File Scanning Infinite Loop Denial of
Service Vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=2232508
--------------------------------------------------------------------------------
================================================================================
libXISF-0.2.9-1.el9 (FEDORA-EPEL-2023-083644b9d3)
Library to load and write XISF format
--------------------------------------------------------------------------------
Update Information:
- Upgrade to 0.2.9 - Enable zstd support
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 18 2023 Mattia Verga <mattia.verga(a)proton.me> - 0.2.9-1
- Update to 0.2.9 (fedora#2231736)
- Enable zstd support
* Thu Jul 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.2.8-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-django-clacks-0.3.1-1.el9 (FEDORA-EPEL-2023-1b5b68c3d7)
Django Middleware for X-Clacks-Overhead
--------------------------------------------------------------------------------
Update Information:
Initial import (fedora#2229551).
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 19 2023 Daniel Milnes <daniel(a)daniel-milnes.uk> - 0.3.1-1
- Initial import (fedora#2229551).
--------------------------------------------------------------------------------