The following Fedora EPEL 7 Security updates need testing: Age URL 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-e9a9c081af novnc-1.3.0-5.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-96ef72f1b2 viewvc-1.1.30-1.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-afa80a1455 cacti-1.2.23-1.el7 cacti-spine-1.2.23-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
chromium-108.0.5359.124-3.el7 distribution-gpg-keys-1.81-1.el7 moin-1.9.11-1.el7
Details about builds:
================================================================================ chromium-108.0.5359.124-3.el7 (FEDORA-EPEL-2023-2099adac21) A WebKit (Blink) powered web browser that Google doesn't want you to use -------------------------------------------------------------------------------- Update Information:
Update to 108.0.5359.124. Fixes the following security issues: CVE-2022-4174, CVE-2022-4175, CVE-2022-4176, CVE-2022-4177, CVE-2022-4178, CVE-2022-4179, CVE-2022-4180, CVE-2022-4181, CVE-2022-4182, CVE-2022-4183, CVE-2022-4184, CVE-2022-4185, CVE-2022-4186, CVE-2022-4187, CVE-2022-4188, CVE-2022-4189, CVE-2022-4190, CVE-2022-4191, CVE-2022-4192, CVE-2022-4193, CVE-2022-4194, CVE-2022-4195, CVE-2022-4436, CVE-2022-4437, CVE-2022-4438, CVE-2022-4439 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Than Ngo than@redhat.com - 108.0.5359.124-3 - build with system ffmpeg-free and system libaom - fix widewine extension issue - vaapi, disable UseChromeOSDirectVideoDecoder - workaround for linking issue in clang <= 14 * Sun Jan 1 2023 Tom Callaway spot@fedoraproject.org - 108.0.5359.124-2 - turn headless back on (chrome-remote-desktop will stay off, probably forever) * Wed Dec 28 2022 Than Ngo than@redhat.com - 108.0.5359.124-1 - update to 108.0.5359.124 - switch to clang * Tue Nov 29 2022 Than Ngo than@redhat.com - 107.0.5304.121-1 - update to 107.0.5304.121 * Fri Nov 11 2022 Than Ngo than@redhat.com - 107.0.5304.110-1 - update to 107.0.5304.110 * Fri Sep 23 2022 Tom Callaway spot@fedoraproject.org - 105.0.5195.125-2 - apply upstream fix for wayland menu misplacement bug * Mon Sep 19 2022 Tom Callaway spot@fedoraproject.org - 105.0.5195.125-1 - update to 105.0.5195.125 * Thu Sep 1 2022 Tom Callaway spot@fedoraproject.org - 105.0.5195.52-1 - update to 105.0.5195.52 * Thu Aug 18 2022 Tom Callaway spot@fedoraproject.org - 104.0.5112.101-1 - update to 104.0.5112.101 * Wed Jul 20 2022 Fedora Release Engineering releng@fedoraproject.org - 103.0.5060.114-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ distribution-gpg-keys-1.81-1.el7 (FEDORA-EPEL-2023-09f754c974) GPG keys of various Linux distributions -------------------------------------------------------------------------------- Update Information:
- update copr keys - Add remi 2023 key - add TeamViewer key -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 6 2023 Miroslav Such�� msuchy@redhat.com 1.81-1 - update copr keys - Add remi 2023 key - add TeamViewer key --------------------------------------------------------------------------------
================================================================================ moin-1.9.11-1.el7 (FEDORA-EPEL-2023-6569f44fa5) MoinMoin is a WikiEngine to collaborate on easily editable web pages -------------------------------------------------------------------------------- Update Information:
Security update -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 6 2023 Nicolas Chauvet kwizart@gmail.com - 1.9.11-1 - Update to 1.9.11 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1897190 - CVE-2020-15275 moin: malicious SVG attachment causing stored XSS vulnerability [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1897190 [ 2 ] Bug #1897193 - CVE-2020-25074 moin: remote code execution via cache action [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1897193 [ 3 ] Bug #1920346 - Update to 1.9.11 / CVE fixes https://bugzilla.redhat.com/show_bug.cgi?id=1920346 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org