The following Fedora EPEL 8 Security updates need testing:
Age URL
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-40e1d58afe dcmtk-3.6.4-11.el8
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-cd5e934713 pack-0.29.0~rc1-1.el8
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-1dc713f355 chromium-111.0.5563.64-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
fedora-license-data-1.15-1.el8
gsi-openssh-8.0p1-12.el8
Details about builds:
================================================================================
fedora-license-data-1.15-1.el8 (FEDORA-EPEL-2023-e279178a57)
Fedora Linux license data
--------------------------------------------------------------------------------
Update Information:
- Update Spencer-94.toml - Add Spencer-94 - Update public-domain-text.txt for
ImageJ - Add GPL-2.0-or-later WITH SWI-exception - Add Info-ZIP
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 12 2023 Miroslav Such�� <msuchy(a)redhat.com> 1.15-1
- Update Spencer-94.toml
- Add Spencer-94
- Update public-domain-text.txt for ImageJ
- Add GPL-2.0-or-later WITH SWI-exception
- Add Info-ZIP
--------------------------------------------------------------------------------
================================================================================
gsi-openssh-8.0p1-12.el8 (FEDORA-EPEL-2023-9b79476ecb)
An implementation of the SSH protocol with GSI authentication
--------------------------------------------------------------------------------
Update Information:
Sync patches with openssh package.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 11 2023 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 8.0p1-12
- Based on openssh-8.0p1-17.el8_7
--------------------------------------------------------------------------------
The following Fedora EPEL 7 Security updates need testing:
Age URL
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-21f43b7076 python-OWSLib-0.9.2-2.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-7b23e5a4b3 chromium-111.0.5563.64-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
csdiff-3.0.0-1.el7
mathjax3-3.2.2-1.el7
rpkg-1.66-4.el7
rust-1.68.0-1.el7
Details about builds:
================================================================================
csdiff-3.0.0-1.el7 (FEDORA-EPEL-2023-6a092190ef)
Non-interactive tools for processing code scan results in plain-text
--------------------------------------------------------------------------------
Update Information:
- update to latest upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 10 2023 Kamil Dudka <kdudka(a)redhat.com> 3.0.0-1
- update to latest upstream release
* Thu Feb 23 2023 Luk���� Zaoral <lzaoral(a)redhat.com> - 2.9.0-2
- Rebuilt for Boost 1.81 (rhbz#2172687)
--------------------------------------------------------------------------------
================================================================================
mathjax3-3.2.2-1.el7 (FEDORA-EPEL-2023-594467371e)
JavaScript library to render math in the browser
--------------------------------------------------------------------------------
Update Information:
mathjax version 3 for Fedora and EPEL.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 9 2023 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 3.2.2-1
- Initial mathjax version 3 package for Fedora and EPEL
--------------------------------------------------------------------------------
================================================================================
rpkg-1.66-4.el7 (FEDORA-EPEL-2023-26a72238e7)
Python library for interacting with rpm+git
--------------------------------------------------------------------------------
Update Information:
Patch: Do not generate pre-push hook script in some cases
https://pagure.io/rpkg/issue/665
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 10 2023 Ond��ej Nosek <onosek(a)redhat.com> - 1.66-4
- Patch: Do not generate pre-push hook script in some cases
--------------------------------------------------------------------------------
================================================================================
rust-1.68.0-1.el7 (FEDORA-EPEL-2023-22714e0906)
The Rust Programming Language
--------------------------------------------------------------------------------
Update Information:
Update to Rust 1.68.0: * Cargo's sparse protocol * Local `Pin` construction *
Default `alloc` error handler * Stabilized APIs See the [blog
post](https://blog.rust-lang.org/2023/03/09/Rust-1.68.0.html) and [release
notes](https://github.com/rust-
lang/rust/blob/stable/RELEASES.md#version-1680-2023-03-09) for more details.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 9 2023 Josh Stone <jistone(a)redhat.com> - 1.68.0-1
- Update to 1.68.0.
* Tue Mar 7 2023 David Michael <fedora.dm0(a)gmail.com> - 1.67.1-3
- Add a virtual Provides to rust-std-static containing the target triple.
* Mon Feb 20 2023 Orion Poplawski <orion(a)nwra.com> - 1.67.1-2
- Ship rust-toolset for EPEL7
--------------------------------------------------------------------------------
The following builds have been pushed to Fedora EPEL 7 updates-testing
heimdal-7.7.1-7.el7
python-OWSLib-0.9.2-2.el7
Details about builds:
================================================================================
heimdal-7.7.1-7.el7 (FEDORA-EPEL-2023-a9c7824b71)
A Kerberos 5 implementation without export restrictions
--------------------------------------------------------------------------------
Update Information:
Move libraries to a lib subdirectory and include pkgconfig files in the devel
subpackage (#1525462) (#1565954) (#1931072).
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 8 2023 Alexander Bostr��m <abo(a)root.snowtree.se> - 7.7.1-7
- Add compatibility symlinks for moved libraries.
* Wed Mar 8 2023 Alexander Bostr��m <abo(a)root.snowtree.se> - 7.7.1-6
- Remove conditionals prior to RHEL7
* Wed Mar 8 2023 Alexander Bostr��m <abo(a)root.snowtree.se> - 7.7.1-5
- remove _with_systemd conditional
- remove unused source files
* Wed Mar 8 2023 Alexander Bostr��m <abo(a)root.snowtree.se> - 7.7.1-4
- Move libraries to a lib subdirectory
- Include pkgconfig files (#1525462) (#1565954) (#1931072)
* Mon Nov 21 2022 Alexander Bostr��m <abo(a)root.snowtree.se> - 7.7.1-3
- Restart services on upgrade
* Mon Nov 21 2022 Alexander Bostr��m <abo(a)root.snowtree.se> - 7.7.1-2
- Delay service starts until after network is online (rhbz#2005501)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1525462 - pkgconfig files missing in the devel sub package
https://bugzilla.redhat.com/show_bug.cgi?id=1525462
[ 2 ] Bug #1565954 - pkgconfig files missing in the devel sub package
https://bugzilla.redhat.com/show_bug.cgi?id=1565954
[ 3 ] Bug #1931072 - The pkgconfig support is missing
https://bugzilla.redhat.com/show_bug.cgi?id=1931072
--------------------------------------------------------------------------------
================================================================================
python-OWSLib-0.9.2-2.el7 (FEDORA-EPEL-2023-21f43b7076)
Client library for OGC web services
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2023-27476
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 8 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.9.2-2
- Backport upstream PR#863 (���use only lxml for XML handling���)
- Fixes CVE-2023-27476 https://nvd.nist.gov/vuln/detail/CVE-2023-27476
- Fixes GHSA-8h9c-r582-mggc
https://github.com/geopython/OWSLib/security/advisories/GHSA-8h9c-r582-
mggc
- Fixes RHBZ#2176417 https://bugzilla.redhat.com/show_bug.cgi?id=2176417
* Wed Mar 8 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.9.2-1
- Update to 0.9.2
- Drop the Python 3 subpackage (which was never actually built as an
update) since pyproj is not available
* Wed Mar 8 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.9.0-2
- Generally ���modernize��� packaging (by EPEL7 standards)
- Update License to SPDX
- Build the Python 3 sub-package on EPEL7
- Switch to the GitHub source archive and run the offline tests
- Install more text documentation files
- Add dependency version bounds
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2176416 - CVE-2023-27476 python-OWSLib: XML External Entity (XXE) Injection
https://bugzilla.redhat.com/show_bug.cgi?id=2176416
--------------------------------------------------------------------------------