The following Fedora EPEL 8 Security updates need testing:
Age URL
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-4cc86adbd2 chromium-116.0.5845.179-1.el8
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-9c17eb827f borgbackup-1.1.18-2.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
appx-util-0.5-2.el8
icewm-3.4.2-2.el8
openscap-report-0.2.5-1.el8
rust-difftastic-0.51.1-1.el8
Details about builds:
================================================================================
appx-util-0.5-2.el8 (FEDORA-EPEL-2023-b28c63ddc3)
Utility to create Microsoft .appx packages
--------------------------------------------------------------------------------
Update Information:
New release with OpenSSL 3.x support included
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 11 2023 Neal Gompa <ngompa(a)fedoraproject.org> - 0.5-2
- Fix BR for Python 3 for EL8 (RH#2237698)
* Mon Sep 11 2023 Neal Gompa <ngompa(a)fedoraproject.org> - 0.5-1
- Update to 0.5
- Migrate to SPDX license identifiers
* Wed Jul 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.4-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Jan 18 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.4-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Wed Jul 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.4-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Wed Jan 19 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.4-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Thu Dec 30 2021 Neal Gompa <ngompa(a)fedoraproject.org> - 0.4-5
- Backport fix for OpenSSL 3.0 compatibility (RH#2018887)
* Tue Sep 14 2021 Sahana Prasad <sahana(a)redhat.com> - 0.4-4
- Rebuilt with OpenSSL 3.0.0
* Wed Jul 21 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2237698 - appx-util should not BuildRequire /usr/bin/python3
https://bugzilla.redhat.com/show_bug.cgi?id=2237698
[ 2 ] Bug #2238252 - appx-util-0.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2238252
--------------------------------------------------------------------------------
================================================================================
icewm-3.4.2-2.el8 (FEDORA-EPEL-2023-5e0fafc2f7)
Window manager designed for speed, usability, and consistency
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 11 2023 Artem Polishchuk <ego.cordatus(a)gmail.com> - 3.4.2-1
- chore: Update to 3.4.2 (rh#2238422)
--------------------------------------------------------------------------------
================================================================================
openscap-report-0.2.5-1.el8 (FEDORA-EPEL-2023-1542786b65)
A tool for generating human-readable reports from (SCAP) XCCDF and ARF results
--------------------------------------------------------------------------------
Update Information:
0.2.5 (Jan Rodak)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 11 2023 Packit <hello(a)packit.dev> - 0.2.5-1
- 0.2.5 (Jan Rodak)
- Show referenced OVAL State (Jan Rodak)
- Parse reference in filter (Jan Rodak)
- Show OVAL Variables and referenced OVAL endpoints in report (Jan Rodak)
- Remove UUID from headings (Jan Rodak)
- Move function (Jan Rodak)
- Display in report OVAL object that references to other OVAL Objects (Jan Rodak)
- Resolve parsing of referenced OVAL Objects and OVAL Variables (Jan Rodak)
- Add OVAL Variable structure and parser (Jan Rodak)
- Rework OVAL Object and State (Jan Rodak)
- Parse mapping between OVAL var and values and propagate them (Jan Rodak)
- Remove namesapace for attributes (Jan Rodak)
- Show OVAL states in report (Jan Rodak)
- Parse attributes of elements in OVAL state and Parse all OVAL states in OVAL test (Jan Rodak)
- Show OVAL objects in report (Jan Rodak)
- Parse attributes of elements in OVAL object (Jan Rodak)
- Removing the processing of collected objects (Jan Rodak)
- Use an empty string instead of None when the text of the set-value element is empty (Jan Rodak)
- Fix deprecation warning (Jan Rodak)
- Remove product detection from the tmt plan (Jan Rodak)
- Increase vm memory (Jan Rodak)
- Add python3 dependency (Jan Rodak)
- Adjust the build of content (Jan Rodak)
- Automatic product detection to build content by CPE identifier (Jan Rodak)
- Remove whitespaces (Jan Rodak)
- Show explanation of score computation in report (Jan Rodak)
- Add explanation of score computation (Jan Rodak)
- Parse system attribute from score element (Jan Rodak)
--------------------------------------------------------------------------------
================================================================================
rust-difftastic-0.51.1-1.el8 (FEDORA-EPEL-2023-12c63cd9d1)
Structural diff that understands syntax
--------------------------------------------------------------------------------
Update Information:
### Parsing Updated Bash, Python and Rust parsers. ### Display Added a JSON
display option. This is currently unstable, and requires you to set
DFT_UNSTABLE. The JSON structure may change in future. Please give it a try and
give feedback on GitHub issues. ### Build Added support for Linux with musl,
Linux on aarch64, and macOS on aarch64. Note that Difftastic already worked on
these platforms, but they are now tested in CI and will be included in prebuilt
binaries in releases.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 31 2023 Michel Lind <salimma(a)fedoraproject.org> - 0.51.1-1
- Update to 0.51.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2234879 - rust-difftastic-0.51.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2234879
--------------------------------------------------------------------------------
The following Fedora EPEL 7 Security updates need testing:
Age URL
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-e9ce7bf135 chromium-116.0.5845.179-1.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-f552ecb2a6 borgbackup-1.1.18-2.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
c-icap-0.5.11-16.20230905git49b6801.el7
Details about builds:
================================================================================
c-icap-0.5.11-16.20230905git49b6801.el7 (FEDORA-EPEL-2023-36dec88801)
An implementation of an ICAP server
--------------------------------------------------------------------------------
Update Information:
Update to latest snapshot to fix InterProcessLockingScheme pthread.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 10 2023 Simone Caronni <negativo17(a)gmail.com> - 0.5.11-16.20230905git49b6801
- Update to latest snapshot.
--------------------------------------------------------------------------------
The following Fedora EPEL 9 Security updates need testing:
Age URL
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-d9153eda95 salt-3005.2-1.el9
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-d7c164b6bb borgbackup-1.2.6-1.el9
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-3efeaee7e4 chromium-116.0.5845.179-1.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
c-icap-0.5.11-16.20230905git49b6801.el9
python-fastavro-1.8.3-2.el9
python-xlsxwriter-3.1.3-1.el9
safekeep-1.5.1^20230910git75e66fe-1.el9
Details about builds:
================================================================================
c-icap-0.5.11-16.20230905git49b6801.el9 (FEDORA-EPEL-2023-835ead0e55)
An implementation of an ICAP server
--------------------------------------------------------------------------------
Update Information:
Update to latest snapshot to fix InterProcessLockingScheme pthread.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 10 2023 Simone Caronni <negativo17(a)gmail.com> - 0.5.11-16.20230905git49b6801
- Update to latest snapshot.
--------------------------------------------------------------------------------
================================================================================
python-fastavro-1.8.3-2.el9 (FEDORA-EPEL-2023-480ca7c172)
Fast Avro for Python
--------------------------------------------------------------------------------
Update Information:
## 2023-09-07 version 1.8.3 - Add `return_named_type` and
`return_named_type_override`
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 10 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 1.8.3-2
- Drop the manual Cython BuildRequires
* Sun Sep 10 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 1.8.3-1
- Update to 1.8.3 (close RHBZ#2238056)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2238056 - python-fastavro-1.8.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2238056
--------------------------------------------------------------------------------
================================================================================
python-xlsxwriter-3.1.3-1.el9 (FEDORA-EPEL-2023-e423638551)
Python module for writing files in the Excel 2007+ XLSX file format
--------------------------------------------------------------------------------
Update Information:
Version 3.1.3: Added support for custom total formulas to worksheet tables
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 10 2023 Rajeesh K V <rajeeshknambiar(a)gmail.com> - 3.1.3-1
- New release 3.1.3
* Fri Jul 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.1.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Tue Jun 13 2023 Python Maint <python-maint(a)redhat.com> - 3.1.2-2
- Rebuilt for Python 3.12
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2238037 - python-xlsxwriter-3.1.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2238037
--------------------------------------------------------------------------------
================================================================================
safekeep-1.5.1^20230910git75e66fe-1.el9 (FEDORA-EPEL-2023-b40dad83cc)
The SafeKeep backup system
--------------------------------------------------------------------------------
Update Information:
Update with latest patches for rdiff-backup 2.2
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 10 2023 Frank Crawford <frank(a)crawford.emu.id.au> - 1.5.1^20230910git75e66fe-1
- Update with latest patches for rdiff-backup 2.2
- Pull latest git version
* Sat Jul 22 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.5.1-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Sat Jan 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.5.1-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Mon Nov 21 2022 Frank Crawford <frank(a)crawford.emu.id.au> - 1.5.1-6
- SPDX license update
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.5.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Sat Jan 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.5.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
The following Fedora EPEL 8 Security updates need testing:
Age URL
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-1d852648ca libssh2-1.10.0-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
borgbackup-1.1.18-2.el8
calceph-3.5.3-2.el8
chromium-116.0.5845.179-1.el8
eccodes-2.31.0-1.el8
gitqlient-1.6.2-1.el8
lexertl14-0.1.0-18.20230904git86c90c3.el8
python-calcephpy-3.5.3-2.el8
rdiff-backup-2.2.6-1.el8
Details about builds:
================================================================================
borgbackup-1.1.18-2.el8 (FEDORA-EPEL-2023-9c17eb827f)
A deduplicating backup program with compression and authenticated encryption
--------------------------------------------------------------------------------
Update Information:
fix for CVE-2023-36811: spoofed archive leads to data loss This version
contains additional patches on top of 1.1.18 to fix the CVE mentioned above. The
release notes for borgbackup 1.2.5+ regarding TAM authentication apply to this
version as well:
https://github.com/borgbackup/borg/blob/1.2.6/docs/changes.rst#pre-125-arch…
spoofing-vulnerability-cve-2023-36811
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 8 2023 Felix Schwarz <fschwarz(a)fedoraproject.org> - 1.1.18-2
- add patches to fix CVE-2023-36811
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2236304 - CVE-2023-36811 borgbackup: spoofed archive leads to data loss [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2236304
--------------------------------------------------------------------------------
================================================================================
calceph-3.5.3-2.el8 (FEDORA-EPEL-2023-71a0ccc267)
Astronomical library to access planetary ephemeris files
--------------------------------------------------------------------------------
Update Information:
Update to 3.5.3
--------------------------------------------------------------------------------
ChangeLog:
* Sat Sep 9 2023 Mattia Verga <mattia.verga(a)proton.me> - 3.5.3-2
- Correctly disable static libs building
* Wed Sep 6 2023 Mattia Verga <mattia.verga(a)proton.me> - 3.5.3-1
- Update to 3.5.3 (fedora#2237641)
* Wed Jul 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.5.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
chromium-116.0.5845.179-1.el8 (FEDORA-EPEL-2023-4cc86adbd2)
A WebKit (Blink) powered web browser that Google doesn't want you to use
--------------------------------------------------------------------------------
Update Information:
update to 116.0.5845.179. Fixes following security issues: CVE-2023-4427
CVE-2023-4428 CVE-2023-4429 CVE-2023-4430 CVE-2023-4431 CVE-2023-4572
CVE-2023-4761 CVE-2023-4762 CVE-2023-4763 CVE-2023-4764
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 8 2023 Than Ngo <than(a)redhat.com> - 116.0.5845.179-1
- update to 116.0.5845.179
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2234749 - CVE-2023-4427 CVE-2023-4428 CVE-2023-4429 CVE-2023-4430 CVE-2023-4431 chromium: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2234749
[ 2 ] Bug #2234750 - CVE-2023-4427 CVE-2023-4428 CVE-2023-4429 CVE-2023-4430 CVE-2023-4431 chromium: various flaws [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2234750
[ 3 ] Bug #2235800 - CVE-2023-4572 chromium: chromium-browser: Use after free in MediaStream [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2235800
[ 4 ] Bug #2235801 - CVE-2023-4572 chromium: chromium-browser: Use after free in MediaStream [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2235801
[ 5 ] Bug #2236152 - CVE-2021-29390 chromium: libjpeg-turbo: heap-buffer-overflow vulnerability in decompress_smooth_data in jdcoefct.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2236152
[ 6 ] Bug #2237509 - CVE-2023-4761 CVE-2023-4762 CVE-2023-4763 CVE-2023-4764 chromium: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2237509
[ 7 ] Bug #2237510 - CVE-2023-4761 CVE-2023-4762 CVE-2023-4763 CVE-2023-4764 chromium: various flaws [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2237510
--------------------------------------------------------------------------------
================================================================================
eccodes-2.31.0-1.el8 (FEDORA-EPEL-2023-a05ffd9a53)
WMO data format decoding and encoding
--------------------------------------------------------------------------------
Update Information:
Upgrade to upstream version 2.31.0
--------------------------------------------------------------------------------
ChangeLog:
* Sat Sep 9 2023 Jos de Kloe <josdekloe(a)gmail.com> - 2.31.0-1
- Upgrade to upstream version 2.31.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2236797 - request to upgrade to upstream version 2.31.0
https://bugzilla.redhat.com/show_bug.cgi?id=2236797
--------------------------------------------------------------------------------
================================================================================
gitqlient-1.6.2-1.el8 (FEDORA-EPEL-2023-c2cce018da)
Multi-platform Git client written with Qt
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Sat Sep 9 2023 Artem Polishchuk <ego.cordatus(a)gmail.com> - 1.6.2-1
- chore: Update to 1.6.2
* Wed Jul 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.6.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.6.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
lexertl14-0.1.0-18.20230904git86c90c3.el8 (FEDORA-EPEL-2023-c85dc6eac3)
The Modular Lexical Analyser Generator
--------------------------------------------------------------------------------
Update Information:
Update to the latest commit
--------------------------------------------------------------------------------
ChangeLog:
* Sat Sep 9 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.1.0-18
- Use a proper patch to fix multilib paths, and offer it upstream
* Sat Sep 9 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.1.0-16
- Improve the Summary
* Sat Sep 9 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.1.0-15
- Update to 86c90c3 (Restore the ability to run tests with BUILD_TESTING
and ctest)
* Sat Sep 9 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.1.0-14
- Update to 5bd3180
- Changed from std::size_t to uint16_t for ease of use
- Added missing #include and functions
- regex macro BOL and EOL fixes
- Added exit state syntax check for missing right chevron
* Sat Sep 9 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.1.0-13
- Update to c4bcaf8
- More SonarLint etc changes
- Applied SA changes
- Added tests
* Sat Sep 9 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.1.0-12
- Update to 2e2893c
- Added replace.hpp
- Now throwing exception in case of stack underflow
- Updated serialization support
- More use of auto
- Use cend()
- More UTF-32 support
- Added stream_num.hpp
- Fixed #include
* Sat Sep 9 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.1.0-11
- Update to aeddda8 (Unicode 15.1.0 and other minor enhancements)
* Sat Sep 9 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.1.0-10
- Indicate dirs. in files list with trailing slashes
* Sat Sep 9 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.1.0-9
- Update to 8b8ead2 (Update to the latest Unicode standard)
* Sat Sep 9 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.1.0-8
- Update License to SPDX
* Sat Sep 9 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.1.0-7
- Update to cd5a1f1 (Unicode 15)
--------------------------------------------------------------------------------
================================================================================
python-calcephpy-3.5.3-2.el8 (FEDORA-EPEL-2023-71a0ccc267)
Astronomical library to access planetary ephemeris files
--------------------------------------------------------------------------------
Update Information:
Update to 3.5.3
--------------------------------------------------------------------------------
ChangeLog:
* Sat Sep 9 2023 Mattia Verga <mattia.verga(a)protonm.me> - 3.5.3-2
- Fix build flags
* Wed Sep 6 2023 Mattia Verga <mattia.verga(a)protonm.me> - 3.5.3-1
- Update to 3.5.3 (fedora#2237640)
- Fix compatibility with Cython 3.x (fedora#2226167)
* Fri Jul 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.5.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Tue Jun 13 2023 Python Maint <python-maint(a)redhat.com> - 3.5.2-2
- Rebuilt for Python 3.12
--------------------------------------------------------------------------------
================================================================================
rdiff-backup-2.2.6-1.el8 (FEDORA-EPEL-2023-6c95ab5e24)
Convenient and transparent local/remote incremental mirror/backup
--------------------------------------------------------------------------------
Update Information:
Final minor release v2.2.6 - Fedora/EPEL Release
--------------------------------------------------------------------------------
ChangeLog:
* Sat Sep 9 2023 Frank Crawford <frank(a)crawford.emu.id.au> - 2.2.6-2
- Final minor release v2.2.6 - Fedora/EPEL Release
* Fri Sep 8 2023 Frank Crawford <frank(a)crawford.emu.id.au> - 2.2.6-1
- Final minor release v2.2.6 - COPR Release
* Fri Jul 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.2.5-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Tue Jun 13 2023 Python Maint <python-maint(a)redhat.com> - 2.2.5-3
- Rebuilt for Python 3.12
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2238101 - rdiff-backup-2.2.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2238101
--------------------------------------------------------------------------------