The following Fedora EPEL 8 Security updates need testing:
Age URL
18
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-17ae719cb2
syncthing-1.18.6-3.el8
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-d431be322b
zabbix40-4.0.39-1.el8
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-0dca326d43
abcm2ps-8.14.13-1.el8
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-ad126686cf
python-paramiko-2.4.3-2.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
csdiff-2.3.0-1.el8
csmock-3.3.1-1.el8
epel-release-8-15.el8
libcaca-0.99-0.59.beta20.el8
yubihsm-shell-2.3.1-1.el8
Details about builds:
================================================================================
csdiff-2.3.0-1.el8 (FEDORA-EPEL-2022-afeb3deb5a)
Non-interactive tools for processing code scan results in plain-text
--------------------------------------------------------------------------------
Update Information:
- update to latest upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 15 2022 Kamil Dudka <kdudka(a)redhat.com> 2.3.0-1
- update to latest upstream release
--------------------------------------------------------------------------------
================================================================================
csmock-3.3.1-1.el8 (FEDORA-EPEL-2022-afeb3deb5a)
A mock wrapper for Static Analysis tools
--------------------------------------------------------------------------------
Update Information:
- update to latest upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 15 2022 Kamil Dudka <kdudka(a)redhat.com> 3.3.1-1
- update to latest upstream release
--------------------------------------------------------------------------------
================================================================================
epel-release-8-15.el8 (FEDORA-EPEL-2022-9c9fab6933)
Extra Packages for Enterprise Linux repository configuration
--------------------------------------------------------------------------------
Update Information:
Remove the use of $releasever ( rhbz#1969500 )
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 14 2022 Troy Dawson <tdawson(a)redhat.com> - 8-15
- Remove the use of $releasever ( rhbz#1969500 )
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1969500 - EPEL 8 should not contain the $releasever variable which fails when
the "releasever" is set to anything other than 8
https://bugzilla.redhat.com/show_bug.cgi?id=1969500
--------------------------------------------------------------------------------
================================================================================
libcaca-0.99-0.59.beta20.el8 (FEDORA-EPEL-2022-42af0c4375)
Library for Colour AsCii Art, text mode graphics
--------------------------------------------------------------------------------
Update Information:
- Clean up SPEC file. - Update to beta20. - CVE-2018-20545, CVE-2018-20546,
CVE-2018-20547, CVE-2018-20548, CVE-2018-20549 (#1687860). - CVE-2021-30498
(#1948677). - CVE-2021-30499 (#1948681). - CVE-2021-3410 (#1931971).
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 14 2022 Simone Caronni <negativo17(a)gmail.com> - 0.99-0.59.beta20
- Clean up SPEC file.
* Wed Jan 26 2022 V��t Ondruch <vondruch(a)redhat.com> - 0.99-0.58.beta20
- Rebuilt for
https://fedoraproject.org/wiki/Changes/Ruby_3.1
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
0.99-0.57.beta20
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Mon Nov 8 2021 Xavier Bachelot <xaver(a)bachelot.org> - 0.99-0.56.beta20
- Update to 0.99.beta20. Fixes :
- CVE-2018-20544, CVE-2018-20545, CVE-2018-20546, CVE-2018-20547,
CVE-2018-20548, CVE-2018-20549 (RHBZ#1687860)
- CVE-2021-3410 (RHBZ#1928437)
- CVE-2021-30498 (RHBZ#1948676, RHBZ#1948677)
- CVE-2021-30499 (RHBZ#1948680, RHBZ#1948681)
- Update Source0 to github
- Don't glob soname to avoid spurious bump
- Fix bogus date in changelog
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
0.99-0.55.beta19
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Fri Jun 4 2021 Python Maint <python-maint(a)redhat.com> - 0.99-0.54.beta19
- Rebuilt for Python 3.10
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
0.99-0.53.beta19
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Thu Jan 7 2021 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 0.99-0.52.beta19
- F-34: rebuild against ruby 3.0
* Fri Aug 21 2020 Jeff Law <aw(a)redhat.com> - 0.99-0.51.beta19
- Re-enable LTO
* Tue Jul 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> -
0.99-0.50.beta19
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jul 14 2020 Jeff Law <aw(a)redhat.com> - 0.99-0.49.beta19
- Disable LTO
* Tue May 26 2020 Miro Hron��ok <mhroncok(a)redhat.com> - 0.99-0.48.beta19
- Rebuilt for Python 3.9
* Wed Jan 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> -
0.99-0.47.beta19
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Sat Jan 18 2020 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 0.99-0.46.beta19
- F-32: rebuild against ruby27
* Fri Oct 4 2019 Gwyn Ciesla <gwync(a)protonmail.com> - 0.99-0.45.beta19
- Rebuilt for new freeglut
* Thu Oct 3 2019 Miro Hron��ok <mhroncok(a)redhat.com> - 0.99-0.44.beta19
- Rebuilt for Python 3.8.0rc1 (#1748018)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1687860 - CVE-2018-20544 CVE-2018-20545 CVE-2018-20546 CVE-2018-20547
CVE-2018-20548 CVE-2018-20549 libcaca: various flaws [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1687860
[ 2 ] Bug #1931971 - libcaca: Illegal write memory access in caca_resize function in
caca/canvas.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1931971
[ 3 ] Bug #1948677 - CVE-2021-30498 libcaca: Heap buffer overflow of export.c in
function export_tga [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1948677
[ 4 ] Bug #1948681 - CVE-2021-30499 libcaca: Global buffer overflow of export.c in
function export_troff [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1948681
--------------------------------------------------------------------------------
================================================================================
yubihsm-shell-2.3.1-1.el8 (FEDORA-EPEL-2022-a459645822)
Tools to interact with YubiHSM 2
--------------------------------------------------------------------------------
Update Information:
New upstream release (#2050104)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 22 2022 Veronika Hanulikova <vhanulik(a)redhat.com> - 2.3.1-1
- New upstream release (#2050104)
* Sat Jan 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.3.0b-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Mon Jan 3 2022 Jakub Jelen <jjelen(a)redhat.com> - 2.3.0b-1
- New upstream release (#2035159)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2050104 - yubihsm-shell-2.3.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2050104
--------------------------------------------------------------------------------