The following Fedora EPEL 8 Security updates need testing:
Age URL
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-0128b1edbe
chromium-122.0.6261.111-1.el8
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-d241ea2238
libuev-2.4.1-1.el8
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-d7cc38dee9
apptainer-1.3.0-1.el8
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-d521530f6a
amavis-2.13.1-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
centpkg-0.8.3-1.el8
tcpreplay-4.4.4-5.el8
Details about builds:
================================================================================
centpkg-0.8.3-1.el8 (FEDORA-EPEL-2024-a2a98e04d1)
CentOS utility for working with dist-git
--------------------------------------------------------------------------------
Update Information:
Update branch detection for c10s
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 15 2024 Troy Dawson <tdawson(a)redhat.com> - 0.8.3-1
- Update branch detection for c10s
--------------------------------------------------------------------------------
================================================================================
tcpreplay-4.4.4-5.el8 (FEDORA-EPEL-2024-ac18018db8)
Replay captured network traffic
--------------------------------------------------------------------------------
Update Information:
Patch CVE-2023-4256 and CVE-2023-43279
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 16 2024 Bojan Smojver <bojan@rexursive com> - 4.4.1-5
- Patch CVE-2023-4256
* Sat Mar 16 2024 Bojan Smojver <bojan@rexursive com> - 4.4.1-4
- Patch CVE-2023-43279
* Sat Jan 27 2024 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.4.4-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sat Jul 22 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.4.4-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2255213 - CVE-2023-4256 tcpreplay: tcprewrite: double free in
tcpedit_dlt_cleanup() in plugins/dlt_plugins.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2255213
[ 2 ] Bug #2255214 - CVE-2023-4256 tcpreplay: tcprewrite: double free in
tcpedit_dlt_cleanup() in plugins/dlt_plugins.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2255214
[ 3 ] Bug #2269309 - CVE-2023-43279 tcpreplay: null pointer dereference in mask_cidr6
component at cidr.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2269309
[ 4 ] Bug #2269310 - CVE-2023-43279 tcpreplay: null pointer dereference in mask_cidr6
component at cidr.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2269310
--------------------------------------------------------------------------------