The following Fedora EPEL 8 Security updates need testing: Age URL 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-5f230957f1 duktape-2.2.0-6.el8 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-cf1c0e2ced strongswan-5.9.10-1.el8 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-40e1d58afe dcmtk-3.6.4-11.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
heimdal-7.7.1-7.el8 pack-0.29.0~rc1-1.el8 rdiff-backup-2.2.4-2.el8 vim-nerdtree-git-plugin-0-9.20210818gite1fe727.el8 zeromq-4.3.4-3.el8
Details about builds:
================================================================================ heimdal-7.7.1-7.el8 (FEDORA-EPEL-2023-8a559f9c70) A Kerberos 5 implementation without export restrictions -------------------------------------------------------------------------------- Update Information:
Move libraries to a lib subdirectory and include pkgconfig files in the devel subpackage (#1525462) (#1565954) (#1931072). -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 8 2023 Alexander Bostr��m abo@root.snowtree.se - 7.7.1-7 - Add compatibility symlinks for moved libraries. * Wed Mar 8 2023 Alexander Bostr��m abo@root.snowtree.se - 7.7.1-6 - Remove conditionals prior to RHEL7 * Wed Mar 8 2023 Alexander Bostr��m abo@root.snowtree.se - 7.7.1-5 - remove _with_systemd conditional - remove unused source files * Wed Mar 8 2023 Alexander Bostr��m abo@root.snowtree.se - 7.7.1-4 - Move libraries to a lib subdirectory - Include pkgconfig files (#1525462) (#1565954) (#1931072) * Mon Nov 21 2022 Alexander Bostr��m abo@root.snowtree.se - 7.7.1-3 - Restart services on upgrade * Mon Nov 21 2022 Alexander Bostr��m abo@root.snowtree.se - 7.7.1-2 - Delay service starts until after network is online (rhbz#2005501) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1525462 - pkgconfig files missing in the devel sub package https://bugzilla.redhat.com/show_bug.cgi?id=1525462 [ 2 ] Bug #1565954 - pkgconfig files missing in the devel sub package https://bugzilla.redhat.com/show_bug.cgi?id=1565954 [ 3 ] Bug #1931072 - The pkgconfig support is missing https://bugzilla.redhat.com/show_bug.cgi?id=1931072 --------------------------------------------------------------------------------
================================================================================ pack-0.29.0~rc1-1.el8 (FEDORA-EPEL-2023-cd5e934713) Convert code into runnable images -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2022-41717, CVE-2022-24675, CVE-2022-28327 ---- Resolves: #2161300 - set _fortify_level 3 -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 8 2023 Lokesh Mandvekar lsm5@fedoraproject.org - 0.29.0~rc1-1 - bump to v0.29.0-rc1 * Wed Mar 8 2023 Lokesh Mandvekar lsm5@fedoraproject.org - 0.28.0-3 - Revert "Resolves: #2161300 - set _fortify_level 3" * Mon Mar 6 2023 Lokesh Mandvekar lsm5@fedoraproject.org - 0.28.0-2 - Resolves: #2161300 - set _fortify_level 3 * Mon Mar 6 2023 Lokesh Mandvekar lsm5@fedoraproject.org - 0.28.0-1 - bump to v0.28.0 * Mon Mar 6 2023 Lokesh Mandvekar lsm5@fedoraproject.org - 0.28.0~rc2-4 - fix build flags specification * Mon Mar 6 2023 Lokesh Mandvekar lsm5@fedoraproject.org - 0.28.0~rc2-3 - migrated to SPDX license * Thu Jan 19 2023 Fedora Release Engineering releng@fedoraproject.org - 0.28.0~rc2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Mon Dec 12 2022 RH Container Bot rhcontainerbot@fedoraproject.org - 0.28.0~rc2-1 - auto bump to v0.28.0-rc2 * Mon Oct 10 2022 Lokesh Mandvekar lsm5@fedoraproject.org - 0.27.0-7 - update autosetup * Mon Oct 10 2022 Lokesh Mandvekar lsm5@fedoraproject.org - 0.27.0-6 - add macros for getting correct version and add comment about Source0 tarball * Wed Aug 17 2022 Lokesh Mandvekar lsm5@fedoraproject.org - 0.27.0-5 - use built_tag_strip macro instead of built_tag for rhcontainerbot autobuilder * Fri Jul 22 2022 Fedora Release Engineering releng@fedoraproject.org - 0.27.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Tue Jul 19 2022 Maxwell G gotmax@e.email - 0.27.0-3 - Rebuild for CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang * Sun Jul 10 2022 Robert-Andr�� Mauchin zebob.m@gmail.com - 0.27.0-2 - Rebuild for CVE-2022-{24675,28327,29526 in golang} -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2077688 - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode https://bugzilla.redhat.com/show_bug.cgi?id=2077688 [ 2 ] Bug #2077689 - CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized scalar https://bugzilla.redhat.com/show_bug.cgi?id=2077689 [ 3 ] Bug #2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests https://bugzilla.redhat.com/show_bug.cgi?id=2161274 --------------------------------------------------------------------------------
================================================================================ rdiff-backup-2.2.4-2.el8 (FEDORA-EPEL-2023-db4f9228df) Convenient and transparent local/remote incremental mirror/backup -------------------------------------------------------------------------------- Update Information:
Small Fix Release v2.2.4 - Fedora/EPEL Release -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 8 2023 Frank Crawford frank@crawford.emu.id.au - 2.2.4-2 - Small Fix Release v2.2.4 - Fedora/EPEL Release * Tue Feb 28 2023 Frank Crawford frank@crawford.emu.id.au - 2.2.4-1 - Small Fix Release v2.2.4 - COPR Release -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2173670 - rdiff-backup-2.2.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2173670 --------------------------------------------------------------------------------
================================================================================ vim-nerdtree-git-plugin-0-9.20210818gite1fe727.el8 (FEDORA-EPEL-2023-80c6b5c727) Plugin of NERDTree showing git status -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 8 2023 Artem Polishchuk ego.cordatus@gmail.com - 0-9.20210818gite1fe727 - chore: Update to latest version * Sat Jan 21 2023 Fedora Release Engineering releng@fedoraproject.org - 0-8.20191024gitf522a09 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 0-7.20191024gitf522a09 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Sat Jan 22 2022 Fedora Release Engineering releng@fedoraproject.org - 0-6.20191024gitf522a09 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Fri Jul 23 2021 Fedora Release Engineering releng@fedoraproject.org - 0-5.20191024gitf522a09 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Wed Jan 27 2021 Fedora Release Engineering releng@fedoraproject.org - 0-4.20191024gitf522a09 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Wed Jul 29 2020 Fedora Release Engineering releng@fedoraproject.org - 0-3.20191024gitf522a09 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Fri Jan 31 2020 Fedora Release Engineering releng@fedoraproject.org - 0-2.20191024gitf522a09 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ zeromq-4.3.4-3.el8 (FEDORA-EPEL-2023-69b98a0072) Software library for fast, message-based applications -------------------------------------------------------------------------------- Update Information:
Disable building with libunwind to fix C++ exceptions when a C application loads -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 7 2023 Ben Woodard woodard@redhat.com - 4.3.4-3 - disable building with libunwind to fix C++ exceptions when a C applicaion loads a module written in C++ #2175966 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2175966 - zeromq includes libunwind https://bugzilla.redhat.com/show_bug.cgi?id=2175966 --------------------------------------------------------------------------------