The following Fedora EPEL 8 Security updates need testing: Age URL 18 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-17ae719cb2 syncthing-1.18.6-3.el8 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-d431be322b zabbix40-4.0.39-1.el8 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-0dca326d43 abcm2ps-8.14.13-1.el8 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-ad126686cf python-paramiko-2.4.3-2.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
csdiff-2.3.0-1.el8 csmock-3.3.1-1.el8 epel-release-8-15.el8 libcaca-0.99-0.59.beta20.el8 yubihsm-shell-2.3.1-1.el8
Details about builds:
================================================================================ csdiff-2.3.0-1.el8 (FEDORA-EPEL-2022-afeb3deb5a) Non-interactive tools for processing code scan results in plain-text -------------------------------------------------------------------------------- Update Information:
- update to latest upstream release -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 15 2022 Kamil Dudka kdudka@redhat.com 2.3.0-1 - update to latest upstream release --------------------------------------------------------------------------------
================================================================================ csmock-3.3.1-1.el8 (FEDORA-EPEL-2022-afeb3deb5a) A mock wrapper for Static Analysis tools -------------------------------------------------------------------------------- Update Information:
- update to latest upstream release -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 15 2022 Kamil Dudka kdudka@redhat.com 3.3.1-1 - update to latest upstream release --------------------------------------------------------------------------------
================================================================================ epel-release-8-15.el8 (FEDORA-EPEL-2022-9c9fab6933) Extra Packages for Enterprise Linux repository configuration -------------------------------------------------------------------------------- Update Information:
Remove the use of $releasever ( rhbz#1969500 ) -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 14 2022 Troy Dawson tdawson@redhat.com - 8-15 - Remove the use of $releasever ( rhbz#1969500 ) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1969500 - EPEL 8 should not contain the $releasever variable which fails when the "releasever" is set to anything other than 8 https://bugzilla.redhat.com/show_bug.cgi?id=1969500 --------------------------------------------------------------------------------
================================================================================ libcaca-0.99-0.59.beta20.el8 (FEDORA-EPEL-2022-42af0c4375) Library for Colour AsCii Art, text mode graphics -------------------------------------------------------------------------------- Update Information:
- Clean up SPEC file. - Update to beta20. - CVE-2018-20545, CVE-2018-20546, CVE-2018-20547, CVE-2018-20548, CVE-2018-20549 (#1687860). - CVE-2021-30498 (#1948677). - CVE-2021-30499 (#1948681). - CVE-2021-3410 (#1931971). -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 14 2022 Simone Caronni negativo17@gmail.com - 0.99-0.59.beta20 - Clean up SPEC file. * Wed Jan 26 2022 V��t Ondruch vondruch@redhat.com - 0.99-0.58.beta20 - Rebuilt for https://fedoraproject.org/wiki/Changes/Ruby_3.1 * Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 0.99-0.57.beta20 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Mon Nov 8 2021 Xavier Bachelot xaver@bachelot.org - 0.99-0.56.beta20 - Update to 0.99.beta20. Fixes : - CVE-2018-20544, CVE-2018-20545, CVE-2018-20546, CVE-2018-20547, CVE-2018-20548, CVE-2018-20549 (RHBZ#1687860) - CVE-2021-3410 (RHBZ#1928437) - CVE-2021-30498 (RHBZ#1948676, RHBZ#1948677) - CVE-2021-30499 (RHBZ#1948680, RHBZ#1948681) - Update Source0 to github - Don't glob soname to avoid spurious bump - Fix bogus date in changelog * Thu Jul 22 2021 Fedora Release Engineering releng@fedoraproject.org - 0.99-0.55.beta19 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Fri Jun 4 2021 Python Maint python-maint@redhat.com - 0.99-0.54.beta19 - Rebuilt for Python 3.10 * Tue Jan 26 2021 Fedora Release Engineering releng@fedoraproject.org - 0.99-0.53.beta19 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Thu Jan 7 2021 Mamoru TASAKA mtasaka@fedoraproject.org - 0.99-0.52.beta19 - F-34: rebuild against ruby 3.0 * Fri Aug 21 2020 Jeff Law aw@redhat.com - 0.99-0.51.beta19 - Re-enable LTO * Tue Jul 28 2020 Fedora Release Engineering releng@fedoraproject.org - 0.99-0.50.beta19 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Tue Jul 14 2020 Jeff Law aw@redhat.com - 0.99-0.49.beta19 - Disable LTO * Tue May 26 2020 Miro Hron��ok mhroncok@redhat.com - 0.99-0.48.beta19 - Rebuilt for Python 3.9 * Wed Jan 29 2020 Fedora Release Engineering releng@fedoraproject.org - 0.99-0.47.beta19 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Sat Jan 18 2020 Mamoru TASAKA mtasaka@fedoraproject.org - 0.99-0.46.beta19 - F-32: rebuild against ruby27 * Fri Oct 4 2019 Gwyn Ciesla gwync@protonmail.com - 0.99-0.45.beta19 - Rebuilt for new freeglut * Thu Oct 3 2019 Miro Hron��ok mhroncok@redhat.com - 0.99-0.44.beta19 - Rebuilt for Python 3.8.0rc1 (#1748018) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1687860 - CVE-2018-20544 CVE-2018-20545 CVE-2018-20546 CVE-2018-20547 CVE-2018-20548 CVE-2018-20549 libcaca: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1687860 [ 2 ] Bug #1931971 - libcaca: Illegal write memory access in caca_resize function in caca/canvas.c [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1931971 [ 3 ] Bug #1948677 - CVE-2021-30498 libcaca: Heap buffer overflow of export.c in function export_tga [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1948677 [ 4 ] Bug #1948681 - CVE-2021-30499 libcaca: Global buffer overflow of export.c in function export_troff [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1948681 --------------------------------------------------------------------------------
================================================================================ yubihsm-shell-2.3.1-1.el8 (FEDORA-EPEL-2022-a459645822) Tools to interact with YubiHSM 2 -------------------------------------------------------------------------------- Update Information:
New upstream release (#2050104) -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 22 2022 Veronika Hanulikova vhanulik@redhat.com - 2.3.1-1 - New upstream release (#2050104) * Sat Jan 22 2022 Fedora Release Engineering releng@fedoraproject.org - 2.3.0b-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Mon Jan 3 2022 Jakub Jelen jjelen@redhat.com - 2.3.0b-1 - New upstream release (#2035159) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2050104 - yubihsm-shell-2.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2050104 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org