The following Fedora EPEL 6 Security updates need testing: Age URL 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-b1a8a3c29a putty-0.74-1.el6 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-8c3e76982e python-rsa-3.4.2-1.el6 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-7b550f6ce5 python-gnupg-0.4.6-1.el6 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-e44380bc7a php-horde-kronolith-4.2.29-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
mbedtls-2.7.16-1.el6 singularity-3.6.0-1.el6
Details about builds:
================================================================================ mbedtls-2.7.16-1.el6 (FEDORA-EPEL-2020-f275c3fe6a) Light-weight cryptographic and SSL/TLS library -------------------------------------------------------------------------------- Update Information:
- Update to 2.7.16 Security advisory: https://tls.mbed.org/tech- updates/security-advisories/mbedtls-security-advisory-2020-07 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jul 14 2020 Morten Stevens mstevens@fedoraproject.org - 2.7.16-1 - Update to 2.7.16 - Security Advisory 2020-07 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1851867 - CVE-2020-10941 mbedtls: cache attack against RSA key import in SGX https://bugzilla.redhat.com/show_bug.cgi?id=1851867 --------------------------------------------------------------------------------
================================================================================ singularity-3.6.0-1.el6 (FEDORA-EPEL-2020-e54cfb4880) Application and environment virtualization -------------------------------------------------------------------------------- Update Information:
Upgrade to upstream 3.6.0. Remove patch #4679 for el8. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jul 14 2020 Dave Dykstra dwd@fedoraproject.org - 3.6.0-1 - Upgrade to upstream 3.6.0. Remove patch #4679 for el8, since golang-12 is now available for that build machine. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1828680 - singularity-3.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1828680 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org
-
updates@fedoraproject.org