The following Fedora EPEL 7 Security updates need testing:
Age URL
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-4211889c5a
seamonkey-2.53.17.1-1.el7
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-981e9f53ff
chromium-117.0.5938.92-2.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
ckeditor-4.22.1-1.el7
conserver-8.2.1-4.el7
drupal7-7.98-1.el7
Details about builds:
================================================================================
ckeditor-4.22.1-1.el7 (FEDORA-EPEL-2023-c283911e27)
WYSIWYG text editor to be used inside web pages
--------------------------------------------------------------------------------
Update Information:
- [
4.22.0/4.22.1](https://ckeditor.com/cke4/release/CKEditor-4.22.0-4.22.1) -
[
4.21.0](https://ckeditor.com/cke4/release/CKEditor-4.21.0) - [GHSA-
vh5c-xwqv-cv9g /
CVE-2023-28439](https://github.com/ckeditor/ckeditor4/security/advisories...
vh5c-xwqv-cv9g) - [
4.20.2](https://ckeditor.com/cke4/release/CKEditor-4.20.2) -
[
4.20.1](https://ckeditor.com/cke4/release/CKEditor-4.20.1)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 26 2023 Shawn Iwinski <shawn(a)iwin.ski> - 4.22.1-1
- Update to 4.22.1 (RHBZ #2149680)
- GHSA-vh5c-xwqv-cv9g / CVE-2023-28439
* Wed Jul 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.20.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Jan 18 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.20.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2149680 - ckeditor-4.22.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2149680
--------------------------------------------------------------------------------
================================================================================
conserver-8.2.1-4.el7 (FEDORA-EPEL-2023-3f5461e90b)
Serial console server daemon/client
--------------------------------------------------------------------------------
Update Information:
do not strip debug symbols
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 26 2023 Luk���� Zaoral <lzaoral(a)redhat.com> - 8.2.1-4
- do not strip debug symbols
--------------------------------------------------------------------------------
================================================================================
drupal7-7.98-1.el7 (FEDORA-EPEL-2023-ffb6e04eb7)
An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:
- [
7.98](https://www.drupal.org/project/drupal/releases/7.98) -
[
7.97](https://www.drupal.org/project/drupal/releases/7.97) -
[
7.96](https://www.drupal.org/project/drupal/releases/7.96) - [SA-
CORE-2023-005](https://www.drupal.org/sa-core-2023-005) -
[
7.95](https://www.drupal.org/project/drupal/releases/7.95) - [SA-
CORE-2023-004](https://www.drupal.org/sa-core-2023-004) -
[
7.94](https://www.drupal.org/project/drupal/releases/7.94) -
[
7.93](https://www.drupal.org/project/drupal/releases/7.93)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 26 2023 Shawn Iwinski <shawn.iwinski(a)gmail.com> - 7.98-1
- Update to 7.98 (RHBZ #2217253)
- SA-CORE-2023-004
- SA-CORE-2023-005 (RHBZ #2188106, 2188107, 2188108)
* Wed Jul 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 7.92-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 7.92-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2188107 - drupal7: drupal: File download facility doesn't sufficiently
sanitize file paths [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2188107
[ 2 ] Bug #2188108 - drupal7: drupal: File download facility doesn't sufficiently
sanitize file paths [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=2188108
[ 3 ] Bug #2217253 - drupal7-7.98 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2217253
--------------------------------------------------------------------------------