Fedora EPEL 9 updates-testing report - epel-devel - Fedora mailing-lists

19 Aug 2023


      The following Fedora EPEL 9 Security updates need testing:
 Age  URL
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-917679773c   GitPython-3.1.32-1.el9
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-e2fcc4af81   llhttp-8.1.1-1.el9 python-aiohttp-3.8.5-1.el9
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-f08c8f0812   chromium-116.0.5845.96-1.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
clamav-1.0.2-1.el9
    libXISF-0.2.9-1.el9
    python-django-clacks-0.3.1-1.el9
Details about builds:
================================================================================
 clamav-1.0.2-1.el9 (FEDORA-EPEL-2023-e2f8cb1ee1)
 End-user tools for the Clam Antivirus scanner
--------------------------------------------------------------------------------
Update Information:
CVE-2023-20197 ClamAV File Scanning Infinite Loop Denial of Service
Vulnerability
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 18 2023 Orion Poplawski orion@nwra.com - 1.0.2-1
- Update to 1.0.2 CVE-2023-20197 (bz#2232508)
* Wed Jul 19 2023 Fedora Release Engineering releng@fedoraproject.org - 1.0.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Mon Feb 27 2023 Orion Poplawski orion@nwra.com - 1.0.1-4
- Mark cvd files is clamav-data as %config(noreplace) (bz#2170876)
- Rename clamav-update to clamav-freshclam
- Make clamav-freshclam supplement clamd
- Have clamav-freshclam ghost all of the .cld and .cvd files
- Update data files with help of Cisco-Talos/cvdupdate
- Update to 1.0.1
- Make sure RUSTFLAGS are passed to rustc (bz#2167194)
- Fix multilib install
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2232508 - CVE-2023-20197 fedora: ClamAV File Scanning Infinite Loop Denial of Service Vulnerability
        https://bugzilla.redhat.com/show_bug.cgi?id=2232508
--------------------------------------------------------------------------------
================================================================================
 libXISF-0.2.9-1.el9 (FEDORA-EPEL-2023-083644b9d3)
 Library to load and write XISF format
--------------------------------------------------------------------------------
Update Information:
- Upgrade to 0.2.9 - Enable zstd support
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 18 2023 Mattia Verga mattia.verga@proton.me - 0.2.9-1
- Update to 0.2.9 (fedora#2231736)
- Enable zstd support
* Thu Jul 20 2023 Fedora Release Engineering releng@fedoraproject.org - 0.2.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
 python-django-clacks-0.3.1-1.el9 (FEDORA-EPEL-2023-1b5b68c3d7)
 Django Middleware for X-Clacks-Overhead
--------------------------------------------------------------------------------
Update Information:
Initial import (fedora#2229551).
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 19 2023 Daniel Milnes daniel@daniel-milnes.uk - 0.3.1-1
- Initial import (fedora#2229551).
--------------------------------------------------------------------------------