The following Fedora EPEL 9 Security updates need testing:
Age URL
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-917679773c
GitPython-3.1.32-1.el9
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-e2fcc4af81
llhttp-8.1.1-1.el9 python-aiohttp-3.8.5-1.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
SLOF-20210217-8.git33a7322d.el9
batctl-2023.2-1.el9
chromium-116.0.5845.96-1.el9
dl-fedora-0.9.6-1.el9
inxi-3.3.29-1.el9
nagios-4.4.14-1.el9
nagios-plugins-2.4.6-1.el9
pythoncapi-compat-0^20230818git1bb4e16-1.el9
rust-gix-object-0.34.0-1.el9
ytree-2.05-1.el9
Details about builds:
================================================================================
SLOF-20210217-8.git33a7322d.el9 (FEDORA-EPEL-2023-77af23107c)
Slimline Open Firmware
--------------------------------------------------------------------------------
Update Information:
Adjust conditionals for EPEL build
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 18 2023 Davide Cavalca <dcavalca(a)fedoraproject.org> -
20210217-8.git33a7322d
- Adjust conditionals for EPEL build
* Wed Jul 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> -
20210217-7.git33a7322d
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Jan 18 2023 Fedora Release Engineering <releng(a)fedoraproject.org> -
20210217-6.git33a7322d
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Wed Jul 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
20210217-5.git33a7322d
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Fri Jan 21 2022 Richard W.M. Jones <rjones(a)redhat.com> - 20210217-4.git33a7322d
- Unbreak build by undefining _auto_set_build_flags
See:
https://fedoraproject.org/wiki/Changes/SetBuildFlagsBuildCheck
* Wed Jan 19 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
20210217-3.git33a7322d
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2125333 - Please branch and build SLOF in epel9
https://bugzilla.redhat.com/show_bug.cgi?id=2125333
--------------------------------------------------------------------------------
================================================================================
batctl-2023.2-1.el9 (FEDORA-EPEL-2023-7e2ca457c3)
B.A.T.M.A.N. advanced control and management tool
--------------------------------------------------------------------------------
Update Information:
No code changes
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 17 2023 Felix Kaechele <heffer(a)fedoraproject.org> - 2023.2-1
- update to 2023.2
* Wed Jul 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 2023.1-1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed May 31 2023 John W. Linville <linville(a)tuxdriver.com> - 2023.1-1
- update to 2023.1
* Thu Jan 26 2023 John W. Linville <linville(a)tuxdriver.com> - 2023.0-1
- update to 2023.0
* Wed Jan 18 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 2022.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Thu Nov 10 2022 Felix Kaechele <heffer(a)fedoraproject.org> - 2022.3-1
- update to 2022.3
* Tue Jul 26 2022 John W. Linville <linville(a)tuxdriver.com> - 2022.2-1
- update to 2022.2
* Wed Jul 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2022.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2232408 - batctl-2023.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2232408
--------------------------------------------------------------------------------
================================================================================
chromium-116.0.5845.96-1.el9 (FEDORA-EPEL-2023-f08c8f0812)
A WebKit (Blink) powered web browser that Google doesn't want you to use
--------------------------------------------------------------------------------
Update Information:
update to 116.0.5845.96. Fixes following security issues: CVE-2023-2312
CVE-2023-4349 CVE-2023-4350 CVE-2023-4351 CVE-2023-4352 CVE-2023-4353
CVE-2023-4354 CVE-2023-4355 CVE-2023-4356 CVE-2023-4357 CVE-2023-4358
CVE-2023-4359 CVE-2023-4360 CVE-2023-4361 CVE-2023-4362
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 15 2023 Than Ngo <than(a)redhat.com> - 116.0.5845.96-1
- update to 116.0.5845.96
* Wed Aug 9 2023 Than Ngo <than(a)redhat.com> - 115.0.5790.170-2
- set use_all_cpus=1 for aarch64
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2232176 - CVE-2023-2312 chromium-browser: Use after free in Offline
https://bugzilla.redhat.com/show_bug.cgi?id=2232176
[ 2 ] Bug #2232177 - CVE-2023-4349 chromium-browser: Use after free in Device Trust
Connectors
https://bugzilla.redhat.com/show_bug.cgi?id=2232177
[ 3 ] Bug #2232178 - CVE-2023-4350 chromium-browser: Inappropriate implementation in
Fullscreen
https://bugzilla.redhat.com/show_bug.cgi?id=2232178
[ 4 ] Bug #2232179 - CVE-2023-4351 chromium-browser: Use after free in Network
https://bugzilla.redhat.com/show_bug.cgi?id=2232179
[ 5 ] Bug #2232180 - CVE-2023-4352 chromium-browser: Type Confusion in V8
https://bugzilla.redhat.com/show_bug.cgi?id=2232180
[ 6 ] Bug #2232181 - CVE-2023-4353 chromium-browser: Heap buffer overflow in ANGLE
https://bugzilla.redhat.com/show_bug.cgi?id=2232181
[ 7 ] Bug #2232182 - CVE-2023-4354 chromium-browser: Heap buffer overflow in Skia
https://bugzilla.redhat.com/show_bug.cgi?id=2232182
[ 8 ] Bug #2232183 - CVE-2023-4355 chromium-browser: Out of bounds memory access in V8
https://bugzilla.redhat.com/show_bug.cgi?id=2232183
[ 9 ] Bug #2232184 - CVE-2023-4356 chromium-browser: Use after free in Audio
https://bugzilla.redhat.com/show_bug.cgi?id=2232184
[ 10 ] Bug #2232185 - CVE-2023-4357 chromium-browser: Insufficient validation of
untrusted input in XML
https://bugzilla.redhat.com/show_bug.cgi?id=2232185
[ 11 ] Bug #2232186 - CVE-2023-4358 chromium-browser: Use after free in DNS
https://bugzilla.redhat.com/show_bug.cgi?id=2232186
[ 12 ] Bug #2232187 - CVE-2023-4359 chromium-browser: Inappropriate implementation in
App Launcher
https://bugzilla.redhat.com/show_bug.cgi?id=2232187
[ 13 ] Bug #2232188 - CVE-2023-4360 chromium-browser: Inappropriate implementation in
Color
https://bugzilla.redhat.com/show_bug.cgi?id=2232188
[ 14 ] Bug #2232189 - CVE-2023-4361 chromium-browser: Inappropriate implementation in
Autofill
https://bugzilla.redhat.com/show_bug.cgi?id=2232189
[ 15 ] Bug #2232190 - CVE-2023-4362 chromium-browser: Heap buffer overflow in Mojom IDL
https://bugzilla.redhat.com/show_bug.cgi?id=2232190
[ 16 ] Bug #2232191 - CVE-2023-4363 chromium-browser: Inappropriate implementation in
WebShare
https://bugzilla.redhat.com/show_bug.cgi?id=2232191
[ 17 ] Bug #2232192 - CVE-2023-4364 chromium-browser: Inappropriate implementation in
Permission Prompts
https://bugzilla.redhat.com/show_bug.cgi?id=2232192
[ 18 ] Bug #2232193 - CVE-2023-4365 chromium-browser: Inappropriate implementation in
Fullscreen
https://bugzilla.redhat.com/show_bug.cgi?id=2232193
[ 19 ] Bug #2232194 - CVE-2023-4366 chromium-browser: Use after free in Extensions
https://bugzilla.redhat.com/show_bug.cgi?id=2232194
[ 20 ] Bug #2232195 - CVE-2023-4367 chromium-browser: Insufficient policy enforcement in
Extensions API
https://bugzilla.redhat.com/show_bug.cgi?id=2232195
[ 21 ] Bug #2232196 - CVE-2023-4368 chromium-browser: Insufficient policy enforcement in
Extensions API
https://bugzilla.redhat.com/show_bug.cgi?id=2232196
--------------------------------------------------------------------------------
================================================================================
dl-fedora-0.9.6-1.el9 (FEDORA-EPEL-2023-6b73de25a1)
Fedora image download tool
--------------------------------------------------------------------------------
Update Information:
https://hackage.haskell.org/package/dl-fedora-0.9.6/changelog
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 18 2023 Jens Petersen <petersen(a)redhat.com> - 0.9.6-1
-
https://hackage.haskell.org/package/dl-fedora-0.9.6/changelog
* Mon Jul 24 2023 Jens Petersen <petersen(a)redhat.com> - 0.9.5.1-1
-
https://hackage.haskell.org/package/dl-fedora-0.9.5.1/changelog
* Wed Jul 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.9.5-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
inxi-3.3.29-1.el9 (FEDORA-EPEL-2023-1b5b80c206)
A full featured system information script
--------------------------------------------------------------------------------
Update Information:
Update to 3.3.29.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 17 2023 Vasiliy N. Glazov <vascom2(a)gmail.com> - 3.3.29-1
- Update to 3.3.29
* Thu Jul 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.3.27-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
nagios-4.4.14-1.el9 (FEDORA-EPEL-2023-c0f4cf3d4b)
Host/service/network monitoring program
--------------------------------------------------------------------------------
Update Information:
Update to 4.4.14
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 16 2023 Guido Aulisi <guido.aulisi(a)gmail.com> - 4.4.14-1
- Update to 4.4.14
* Thu Jul 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.4.10-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2186848 - nagios-4.4.14 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2186848
--------------------------------------------------------------------------------
================================================================================
nagios-plugins-2.4.6-1.el9 (FEDORA-EPEL-2023-55282ffc43)
Host/service/network monitoring program plugins for Nagios
--------------------------------------------------------------------------------
Update Information:
Update to 2.4.6
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 16 2023 Guido Aulisi <guido.aulisi(a)gmail.com> - 2.4.6-1
- Update to 2.4.6
* Thu Jul 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.4.4-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2030297 - nagios-plugins for EPEL 9
https://bugzilla.redhat.com/show_bug.cgi?id=2030297
[ 2 ] Bug #2211764 - nagios-plugins-2.4.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2211764
--------------------------------------------------------------------------------
================================================================================
pythoncapi-compat-0^20230818git1bb4e16-1.el9 (FEDORA-EPEL-2023-fbdd4e94f7)
Python C API compatibility
--------------------------------------------------------------------------------
Update Information:
Add `Py_IsFinalizing()` function. ---- Minor enhancements, and several new API
functions
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 18 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> -
0^20230818git1bb4e16-1
- Update to 0^20230818git1bb4e16 (Add `Py_IsFinalizing()` function.)
* Wed Aug 16 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> -
0^20230816git91e323f-1
- Update to 0^20230816git91e323f
--------------------------------------------------------------------------------
================================================================================
rust-gix-object-0.34.0-1.el9 (FEDORA-EPEL-2023-a251320e25)
Immutable and mutable git objects with decoding and encoding support
--------------------------------------------------------------------------------
Update Information:
Update to version 0.34.0.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 18 2023 Fabio Valentini <decathorpe(a)gmail.com> - 0.34.0-1
- Update to version 0.34.0; Fixes RHBZ#2229632
--------------------------------------------------------------------------------
================================================================================
ytree-2.05-1.el9 (FEDORA-EPEL-2023-992dad58d0)
A filemanager similar to XTree
--------------------------------------------------------------------------------
Update Information:
update to 2.05
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 18 2023 Filipe Rosset <rosset.filipe(a)gmail.com> - 2.05-1
- update to ytree-2.05
* Sat Jul 22 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.04-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Sat Jan 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.04-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.04-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Wed Mar 30 2022 Filipe Rosset <rosset.filipe(a)gmail.com> - 2.04-1
- Update to 2.04 fixes rhbz#2020860
* Sat Jan 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.03-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------