The following Fedora EPEL 8 Security updates need testing: Age URL 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-1e00c3d01e cutter-re-2.2.0-1.el8 rizin-0.5.1-1.el8 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-921342768a python-cairosvg-2.7.0-1.el8 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-347df5dde7 netconsd-0.2-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
ImageMagick-6.9.12.82-1.el8 chromium-111.0.5563.110-1.el8 fakeroot-1.31-1.el8 fastfetch-1.11.0-1.el8 libffado-2.4.7-1.el8 python-bitstruct-8.17.0-1.el8 xrootd-5.5.4-1.el8
Details about builds:
================================================================================ ImageMagick-6.9.12.82-1.el8 (FEDORA-EPEL-2023-30fee0c2cb) An X application for displaying and manipulating images -------------------------------------------------------------------------------- Update Information:
Update ImageMagick to 6.9.12.82 (#2176863,2176861,2176860) -------------------------------------------------------------------------------- ChangeLog:
* Sat Mar 25 2023 S��rgio Basto sergio@serjux.com - 1:6.9.12.82-1 - Update ImageMagick to 6.9.12.82 (#2176863,2176861,2176860) * Tue Mar 14 2023 Mamoru TASAKA mtasaka@fedoraproject.org - 1:6.9.12.77-2 - Backport upstream fix for GetPageGeometry misbehavior (bug 2177631) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2176860 - ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", possible to leverage DoS [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2176860 [ 2 ] Bug #2176861 - ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", possible to leverage DoS [fedora-36] https://bugzilla.redhat.com/show_bug.cgi?id=2176861 [ 3 ] Bug #2176863 - ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", possible to leverage DoS [fedora-37] https://bugzilla.redhat.com/show_bug.cgi?id=2176863 --------------------------------------------------------------------------------
================================================================================ chromium-111.0.5563.110-1.el8 (FEDORA-EPEL-2023-d1cb530fbd) A WebKit (Blink) powered web browser that Google doesn't want you to use -------------------------------------------------------------------------------- Update Information:
update to 111.0.5563.110. Fixes the following security issues: CVE-2023-1528 CVE-2023-1529 CVE-2023-1530 CVE-2023-1531 CVE-2023-1532 CVE-2023-1533 CVE-2023-1534 -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 22 2023 Than Ngo than@redhat.com - 111.0.5563.110-1 - update to 111.0.5563.110 * Sun Mar 12 2023 Neal Gompa ngompa@fedoraproject.org - 111.0.5563.64-2 - Rebuild for ffmpeg 6.0 --------------------------------------------------------------------------------
================================================================================ fakeroot-1.31-1.el8 (FEDORA-EPEL-2023-96440c9d78) Gives a fake root environment -------------------------------------------------------------------------------- Update Information:
Update fakeroot to 1.31 (#2167522) -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 15 2023 S��rgio Basto sergio@serjux.com - 1.31-1 - Update fakeroot to 1.31 (#2167522) - Add fix from Debian - Drop fakeroot-inttypes.patch which had almost 10 year old and I dont know what his purpose - Drop relax_tartest.patch we don't need it anymore * Thu Jan 19 2023 Fedora Release Engineering releng@fedoraproject.org - 1.30.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2167522 - fakeroot-1.31 is available https://bugzilla.redhat.com/show_bug.cgi?id=2167522 --------------------------------------------------------------------------------
================================================================================ fastfetch-1.11.0-1.el8 (FEDORA-EPEL-2023-6aac4ac9d6) Like neofetch, but much faster because written in c -------------------------------------------------------------------------------- Update Information:
update to 1.11 -------------------------------------------------------------------------------- ChangeLog:
* Sat Mar 25 2023 Jonathan Wright jonathan@almalinux.org - 1.11.0-1 - Update to 1.11.0 rhbz#2181737 --------------------------------------------------------------------------------
================================================================================ libffado-2.4.7-1.el8 (FEDORA-EPEL-2023-cb7329ac68) Free firewire audio driver library -------------------------------------------------------------------------------- Update Information:
update to 2.4.7 -------------------------------------------------------------------------------- ChangeLog:
* Mon Feb 6 2023 Nils Philippsen nils@tiptoe.de - 2.4.7-1 - Version 2.4.7 * Thu Jan 19 2023 Fedora Release Engineering releng@fedoraproject.org - 2.4.6-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Sat Sep 3 2022 Nils Philippsen nils@tiptoe.de - 2.4.6-3 - Fix yet another int/float crash, this time in the crossbar router * Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org - 2.4.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Mon Jul 18 2022 Nils Philippsen nils@tiptoe.de - 2.4.6-1 - Version 2.4.6 * Mon Jun 13 2022 Python Maint python-maint@redhat.com - 2.4.5-3 - Rebuilt for Python 3.11 * Thu Apr 7 2022 Nils Philippsen nils@tiptoe.de - 2.4.5-2 - Cast more float values to int to avoid crashes * Sat Mar 12 2022 Nils Philippsen nils@tiptoe.de - 2.4.5-1 - Version 2.4.5 * Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 2.4.4-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Thu Jul 22 2021 Fedora Release Engineering releng@fedoraproject.org - 2.4.4-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Fri Jun 4 2021 Python Maint python-maint@redhat.com - 2.4.4-4 - Rebuilt for Python 3.10 * Tue Jan 26 2021 Fedora Release Engineering releng@fedoraproject.org - 2.4.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ python-bitstruct-8.17.0-1.el8 (FEDORA-EPEL-2023-ec028e75a4) Interpret strings as packed binary data -------------------------------------------------------------------------------- Update Information:
update to 8.17.0 -------------------------------------------------------------------------------- ChangeLog:
* Sat Mar 25 2023 Jonathan Wright jonathan@almalinux.org - 8.17.0-1 - Update to 8.17.0 rhbz#2170634 * Fri Jan 20 2023 Fedora Release Engineering releng@fedoraproject.org - 8.15.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ xrootd-5.5.4-1.el8 (FEDORA-EPEL-2023-68f7bbce6e) Extended ROOT file server -------------------------------------------------------------------------------- Update Information:
xrootd 5.5.4 -------------------------------------------------------------------------------- ChangeLog:
* Fri Mar 24 2023 Mattias Ellert mattias.ellert@physics.uu.se - 1:5.5.4-1 - Update to version 5.5.4 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org