PaulHowarth/Blog/2019-04-18

Thursday 18th April 2019

Fedora Project

  • Updated perl-Module-Metadata to 1.000035 in F-30 and Rawhide:

    • Fix how relative paths are absolutized, so they work properly on MSWin32 (GH#24)

    • Quieten noisy tests (GH#31)

  • Updated perl-Net-CIDR to 0.20 in F-30 and Rawhide:

    • _ipcmp: Handle comparison of mixed IPv4 and IPv6-specified addresses, allowing cidrlookup() to look up IPv6-mapped IPv4 addresses in IPv4 address ranges, and vice versa

Local Packages

  • Updated dovecot to 2.3.5.2:

    • CVE-2019-10691: Trying to login with 8bit username containing invalid UTF8 input causes auth process to crash if auth policy is enabled; this could be used rather easily to cause a DoS (similar crash also happens during mail delivery when using invalid UTF8 in From or Subject header when OX push notification driver is used)

  • Updated java-1.8.0-oracle to Java SE 8 Update 212

  • Updated perl-Module-Metadata to 1.000035 as per the Fedora version

  • Updated perl-Net-CIDR to 0.20 as per the Fedora version

  • Updated perl-Net-SSLeay (1.86_09) to replace expired test certificates (CPAN RT#129201)

Recent