The following builds have been pushed to Fedora EPEL 9 updates-testing
awstats-7.8-8.el9
lighttpd-1.4.66-1.el9
ntfs-3g-2022.5.17-2.el9
python-sqlalchemy-1.4.40-1.el9
Details about builds:
================================================================================
awstats-7.8-8.el9 (FEDORA-EPEL-2022-e42c41ed8c)
Advanced Web Statistics
--------------------------------------------------------------------------------
Update Information:
Do not require perl-Geo-IP which is EOL
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 1 2022 Petr Lautrbach <plautrba(a)redhat.com> - 7.8-8
- Do not require perl-Geo-IP which is EOL
--------------------------------------------------------------------------------
================================================================================
lighttpd-1.4.66-1.el9 (FEDORA-EPEL-2022-feda8cea72)
Lightning fast webserver with light system requirements
--------------------------------------------------------------------------------
Update Information:
1.4.66
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 9 2022 Gwyn Ciesla <gwync(a)protonmail.com> - 1.4.66-1
- 1.4.66
--------------------------------------------------------------------------------
================================================================================
ntfs-3g-2022.5.17-2.el9 (FEDORA-EPEL-2022-52aeb64bd7)
Linux NTFS userspace driver
--------------------------------------------------------------------------------
Update Information:
Update to 2022.5.17. Fixes: CVE-2021-46790, CVE-2022-30783, CVE-2022-30784,
CVE-2022-30785, CVE-2022-30786, CVE-2022-30787, CVE-2022-30788, CVE-2022-30789
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
2:2022.5.17-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Wed Jun 8 2022 Richard W.M. Jones <rjones(a)redhat.com> - 2:2022.5.17-1
- New upstream version 2022.5.17
- Fixes: CVE-2021-46790, CVE-2022-30783, CVE-2022-30784, CVE-2022-30785,
CVE-2022-30786, CVE-2022-30787, CVE-2022-30788, CVE-2022-30789
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
2:2021.8.22-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2093307 - CVE-2022-30783 ntfs-3g: invalid return code in fuse_kern_mount
enables intercepting of libfuse-lite protocol traffic [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2093307
[ 2 ] Bug #2093317 - CVE-2022-30784 ntfs-3g: crafted NTFS image can cause heap
exhaustion in ntfs_get_attribute_value [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2093317
[ 3 ] Bug #2093322 - CVE-2022-30785 ntfs-3g: a file handle created in fuse_lib_opendir,
and later used in fuse_lib_readdir, enables arbitrary memory read and write operations
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2093322
[ 4 ] Bug #2093330 - CVE-2022-30786 ntfs-3g: crafted NTFS image can cause a heap-based
buffer overflow in ntfs_names_full_collate [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2093330
[ 5 ] Bug #2093335 - CVE-2022-30787 ntfs-3g: integer underflow in fuse_lib_readdir
enables arbitrary memory read operations [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2093335
[ 6 ] Bug #2093342 - CVE-2022-30788 ntfs-3g: crafted NTFS image can cause a heap-based
buffer overflow in ntfs_mft_rec_alloc [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2093342
[ 7 ] Bug #2093350 - CVE-2022-30789 ntfs-3g: crafted NTFS image can cause a heap-based
buffer overflow in ntfs_check_log_client_array [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2093350
[ 8 ] Bug #2093362 - CVE-2021-46790 ntfs-3g: heap-based buffer overflow in ntfsck
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2093362
--------------------------------------------------------------------------------
================================================================================
python-sqlalchemy-1.4.40-1.el9 (FEDORA-EPEL-2022-0258424d1d)
Modular and flexible ORM library for Python
--------------------------------------------------------------------------------
Update Information:
This is a bugfix and enhancement release. The [upstream announcement](https://w
ww.sqlalchemy.org/blog/2022/08/08/sqlalchemy-1.4.40-released/) summarizes and
the [
changelog](https://docs.sqlalchemy.org/en/14/changelog/changelog_14.html#ch
ange-1.4.40) contains a detailed list of changes in version 1.4.40.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 9 2022 Nils Philippsen <nils(a)tiptoe.de> - 1.4.40-1
- Version 1.4.40
* Mon Jul 25 2022 Miro Hron��ok <miro(a)hroncok.cz>
- Remove obsolete cruft from the specfile, follow the packaging guidelines
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.4.39-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------