The following Fedora EPEL 8 Security updates need testing: Age URL 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-c18d19cbdc fluidsynth-2.1.8-3.el8 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-0754fdd085 openvpn-2.4.11-1.el8 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-24ab212ee8 p7zip-16.02-20.el8 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-3a1aaec707 pngcheck-2.4.0-8.el8 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-b308580516 perl-Image-ExifTool-12.16-3.el8 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-bbc31e5925 java-latest-openjdk-16.0.1.0.9-1.rolling.el8 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-33433b2f22 python-yara-4.1.0-1.el8 yara-4.1.0-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
genders-1.27.2-6.el8 lazarus-2.0.12-1.el8 libopenmpt-0.5.8-1.el8 packit-0.29.0-1.el8 rpminspect-1.5-1.el8 rpminspect-data-fedora-1.5-1.el8 tmt-1.5.0-1.el8 xrdp-0.9.16-1.el8
Details about builds:
================================================================================ genders-1.27.2-6.el8 (FEDORA-EPEL-2021-0596d03e62) Static cluster configuration database -------------------------------------------------------------------------------- Update Information:
Add genders to EPEL8 -------------------------------------------------------------------------------- ChangeLog:
--------------------------------------------------------------------------------
================================================================================ lazarus-2.0.12-1.el8 (FEDORA-EPEL-2021-a252ab9b09) Lazarus Component Library and IDE for Freepascal -------------------------------------------------------------------------------- Update Information:
Update to 2.0.12 -------------------------------------------------------------------------------- ChangeLog:
* Fri Apr 30 2021 Artur Frenszek-Iwicki fedora@svgames.pl - 2.0.12-1 - Update to 2.0.12 - Use baserelease macro to fix the rpmdev-bumspec issues -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1946343 - Lazarus 2.0.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=1946343 --------------------------------------------------------------------------------
================================================================================ libopenmpt-0.5.8-1.el8 (FEDORA-EPEL-2021-a3a4866065) C/C++ library to decode tracker music module (MOD) files -------------------------------------------------------------------------------- Update Information:
libopenmpt 0.5.8 (2021-04-11) ============================= * [Sec] Possible null-pointer dereference read caused by a sequence of `openmpt::module::read`, `openmpt::module::set_position_order_row` pointing to an invalid pattern, and another `openmpt::module::read` call. To trigger the crash, pattern 0 must not exist in the file and the tick speed before the position jump must be lower than the initial speed of the module. (r14530) * [Bug] `libopenmpt.pc` did not list required system libraries `ole32.lib` and `rpcrt4.lib` on Windows in `Libs.Private` field for static builds. * [Bug] libopenmpt 0.5.7 broke seeking in some subsongs. * The built-in LFO plugin did not load the correct initial LFO frequency. * IT command S7x (instrument control) is now supported when seeking with sample sync enabled. * libopenmpt_ext `play_note` was cutting of channels even when there were plenty of free channels to use. * mpg123: Update to v1.26.5 (2021-03-22). -------------------------------------------------------------------------------- ChangeLog:
* Fri Apr 30 2021 Michael Schwendt mschwendt@fedoraproject.org - 0.5.8-1 - update to 0.5.8 (security release for the 0.5 series) --------------------------------------------------------------------------------
================================================================================ packit-0.29.0-1.el8 (FEDORA-EPEL-2021-664f88e61f) A tool for integrating upstream projects with Fedora operating system -------------------------------------------------------------------------------- Update Information:
New upstream release. -------------------------------------------------------------------------------- ChangeLog:
* Fri Apr 30 2021 Jiri Popelka jpopelka@redhat.com - 0.29.0-1 - Source-git: add info about sources to packit.yaml when initiating a new source-git repo and don't commit dist-git sources from the lookaside cache. (#1208, #1216) - Source-git: fix SRPM creation failing with duplicate Patch IDs. (#1206) - Support git repository cache. (#1214) - Reflect removed COPR chroots in a COPR project. (#1197) - Deprecate current_version_command and create_tarball_command. (#1212) - Fix crashing push-updates command. (#1170) - Improve fmf/tmt tests configuration. (#1192) * Wed Mar 31 2021 Packit Service user-cont-team+packit-service@redhat.com - 0.28.0-1 - Remove the no-op `--dry-run` option. - Handle `centos-stream` targets as `centos-stream-8`, in order to help with the name change in Copr. - `fmf_url` and `fmf_ref` can be used in a job's `metadata` to specify an external repository and reference to be used to test the package. - Introduce a `fedora-latest` alias for the latest _branched_ version of Fedora Linux. - Add a top-level option `-c, --config` to specify a custom path for the package configuration (aka `packit.yaml`). - Source-git: enable using CentOS Stream 9 dist-git as a source. - Source-git: rename the subdirectory to store downstream packaging files from `fedora` to the more general `.distro`. - Source-git: fix creating source-git repositories when Git is configured to call the default branch something other then `master`. --------------------------------------------------------------------------------
================================================================================ rpminspect-1.5-1.el8 (FEDORA-EPEL-2021-fc6f7264e7) Build deviation compliance tool -------------------------------------------------------------------------------- Update Information:
Upgrade to rpminspect-1.5 -------------------------------------------------------------------------------- ChangeLog:
* Fri Apr 30 2021 David Cantrell dcantrell@redhat.com - 1.5-1 - Begin work on version 1.5 - Use llabs() instead of labs() in the filesize inspection - Improve has invalid execstack flags reporting - Use long unsigned int to report size changes in patches - Fix some errors in the changedfiles inspection - Update the changedfiles test cases - Check DT_SONAME in is_elf_shared_library() - Skip debuginfo and debugsource files in abidiff - Make sure abidiff test cases add a DT_SONAME to the test lib - Report INFO level for patches findings by default - Python black fixes in test/test_abidiff.py - Update the test/test_patches.py cases for patches changes - Generate regular changelog in utils/srpm.h - Skip branches without targets in submit-koji-builds.sh - Fedora and CentOS systems in ci need diffstat - opensuse-leap CI job requires diffstat - Fix the Debian CI jobs in GitHub Actions - Fix and enable the Ubuntu extra-ci job in GitHub Actions - Use pip instead of pip3 for the Ubuntu command - Use apt-get -y install in - Enable the opensuse-tumbleweed GHA job again - Make sure the Gentoo GHA job has diffstat - Get the Arch Linux GHA job working again - Use ubuntu:latest for the ubuntu GHA image - Simplify the utils/determine-os.sh script - Update license table in README.md - Allow any number of builds specified for fetch only mode - Handle old or broken versions of libmagic in changedfiles - Update GitHub Action status badges in README.md - Fix $(OS) check in the Makefile - Fix the ubuntu GitHub Actions extra-ci job - Make sure the centos8 job has git available before cloning - Change strappend() to work as a variadic function - Use json_tokener_parse_ex() to get better error reporting - Fix reading of the javabytecode block in the config file - Catch missing/losing -fPIC correctly on .a ELF objects (#352) - Refactor elf_archive_tests() and its helper functions - Followup fix for find_no_pic, find_pic, and find_all - Install cpp-coveralls using pacman on Arch Linux - Install cpp-coveralls using pip on Arch Linux - Install cpp-coveralls in pre.sh on Arch Linux - Install required Python modules in pre.sh on Arch Linux - Do not upgrade pip on Arch Linux, go back to using pip.txt - Drop DEBUG_PRINT from source generated by pic_bits.sh - Do not run apt-get update as a second time on Debians systems - The lost PIC tests need to invoke gcc with -fno-PIC - Update the OpenSUSE Tumbleweed files, but disable it anyway - Define inspection_ignores in struct rpminspect - Clean up the config file section reading code - Add add_ignore() to init.c - Fix fetch only mode download directory - Stub out libcurl download progress callback function - Perform symbolic owner and group matching in ownership (#364) - Restrict download_progress() to systems with CURLOPT_XFERINFOFUNCTION - Read per-inspection ignore lists from the config file. - Add commented out per-inspection ignore blocks - Implement per-inspection path ignore support (#351) - Report annocheck failures correctly in librpminspect. - Note all regular expression settings use regex(7) syntax - Allow size_threshold: info in the config file (#261) - Check ignore list in files for path prefixes to ignore (#360) - Support a list of expected empty RPMs in the config file (#355) - Call mparse_reset() before mparse_readfd() - Do not crash with the -c option specifies a non-existent file - Update TODO list - Make sure brp-compress is disabled in test_manpage.py - Require/Recommend /usr/bin/annocheck - Note size_threshold can be the keyword info - Ensure ctxt->lastError.message is not NULL before strdup (#382) - Handle corrupt compressed files in changedfiles (#382) - Disable debugging output for the ignore lists in init.c - Drop debugging output in the xml inspection - Remove what working directories we can - Correctly find icons for desktop files in subpackages (#367) - Followup to the Icon= check in the desktop inspection (#367) - BuildRequires libmandoc-devel >= 1.14.5 - Manually install mandoc on centos7 for now --------------------------------------------------------------------------------
================================================================================ rpminspect-data-fedora-1.5-1.el8 (FEDORA-EPEL-2021-d4b9b0b98c) Build deviation compliance tool data files -------------------------------------------------------------------------------- Update Information:
Upgrade to rpminspect-1.5 -------------------------------------------------------------------------------- ChangeLog:
* Fri Apr 30 2021 David Cantrell dcantrell@redhat.com - 1.5-1 - Add a 'rawhide' profile to disable a lot of inspections - Add missing ID value to the npsl license entry - /usr/lib/dracut and /usr/lib/udev are valid paths - Update fedora.yaml with all current configuration file changes - Explain size_threshold can be 'info' * Wed Feb 24 2021 David Cantrell dcantrell@redhat.com - 1.4-1 - Increment the development tree version to 1.4. - Document the release process and add another helper target to the Makefile - 'make koji' skips branches that lack Koji build targets - Set VENDORBLD to the vendor build too in submit-koji-builds.sh - Add NPSL - Update fedora.yaml for the new 'badfuncs' inspection. - The badfuncs inspection is in rpminspect >= 1.3, update spec file - Add MIT-0 license - Add runpath section to fedora.yaml --------------------------------------------------------------------------------
================================================================================ tmt-1.5.0-1.el8 (FEDORA-EPEL-2021-955d05bf7e) Test Management Tool -------------------------------------------------------------------------------- Update Information:
Run progress, tmt clean, docs enhancements... -------------------------------------------------------------------------------- ChangeLog:
* Fri Apr 30 2021 Petr ��pl��chal psplicha@redhat.com - 1.5.0-1 - Enable and document `pre-commit` and `autopep8` - Reorganize feature stories, fix title duplication - Prepare/install story for package development. - Add package preparation scenarios from Fedora CI - Prepare/install story for released packages - Add new stories related to package preparation - Fix login not working for cloud images - Work around a seccomp podman issue on centos-8 - Tag multihost tests during import from Makefile - Adjust the simple test for ansible prepare - Remove hardcoded ansible_python_interpreter=auto - Fix lint and use it on the tmt repo itself - Obsolete the minute provision plugin - Update the documentation for contributors - Do not assert installed packages for recommend - Show link to the full debug log in the html report - Implement tmt clean command - Require a newer fmf which supports storing data - Allow to specify port in provision.connect - Surround classes and functions with 2 blank lines - Fix order of imports, sort them alphabetically - Update the provision step hardware specification - Fix tmt plan lint for multiple configurations - Add tmt status examples section - Add a context adjust example for the prepare step - Adjust the git suffix stripping for known forges - Strip git suffix from pagure/gitlab/github repos - Enable install plans for pull request testing - Adjust the essential attributes description - Document the essential class attributes - Improve the prepare step documentation - Correctly convert relevancy with the `!=` operator - Print note in report.html if it exists - Add note about error for beakerlib results - Adjust progress bar for the internal executor - Add test progress bar to non-verbose mode - Adjust the attribute linting for tests - Lint attribute names for test - Human friendly names for VMs --------------------------------------------------------------------------------
================================================================================ xrdp-0.9.16-1.el8 (FEDORA-EPEL-2021-59d1c3d1c6) Open source remote desktop protocol (RDP) server -------------------------------------------------------------------------------- Update Information:
Release notes for xrdp v0.9.15 (2020/12/28) New features - Allow token sign in without autologon for SSO (#1667 #1668) - Norwegian keyboard support (#1675) - Improved config support for chansrv (#1635) - Unified chansrv, sesman and libxrdp logging (#1633 #1708 #1738) - thanks to @aquesnel - Support SUSE move to /usr/etc (#1702) - Parameters may now be specified for user-specified shell (#1270 #1695) - xrdp executables now allow alternative config files to be specified with -c (#1588 #1650 #1651) - sesrun improvements (#1741) - Drive redirection location can now be specified (#1048) - Now compiles on RISC-V (#1761) Bug fixes - Additional buffer overflow checks (#1662) - FUSE support now builds on 32-bit platforms (#1682) - genkeymap array size conflict fixed (#1691) - Buffering issue with neutrinordp over a slow link fixed (#1608 1634) - Various documentation fixes (#1704 #1741 #1755 #1759) - Prevent PAM info message from causing authentication failure (#1727) - Cosmetic fixes for minor issues (#1751 #1755 #1749) - Try harder to clean up socket files on session exit (#1740 #1756) - xrdp-chansrv become defunct in docker while file copy (#1658) Internal changes - Compilation warnings with newer compilers (#1659 #1680) - Continuation Integration checks on 32-bit platforms now include FUSE support (#1682) - Continuation Integration builds now default to the Ubuntu Focal platform (#1666) - FUSE type tidy-ups (#1686) - Switch from Travis CI to GitHub Actions (#1728 #1732) - Easier to set up console logging for utilities (#1711) -------------------------------------------------------------------------------- ChangeLog:
* Sat May 1 2021 Bojan Smojver bojan@rexurive.com - 1:0.9.16-1 - Bump up to 0.9.16 * Thu Jan 28 2021 Fedora Release Engineering releng@fedoraproject.org - 1:0.9.15-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org