The following Fedora EPEL 8 Security updates need testing:
Age URL
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-242bfc4463
cacti-1.2.19-1.el8 cacti-spine-1.2.19-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
botan2-2.12.1-4.el8
clamav-0.103.4-1.el8
dmlite-1.15.1-11.el8
grass-7.8.6-2.el8
js-jsroot-6.2.1-1.el8
kakoune-2021.11.08-1.el8
opensmtpd-6.8.0p2-2.el8
python-xlsxwriter-3.0.2-1.el8
root-6.24.06-1.el8
smtpping-1.1.4-1.el8
Details about builds:
================================================================================
botan2-2.12.1-4.el8 (FEDORA-EPEL-2021-f89c59b568)
Crypto and TLS for C++11
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2021-24115 (low severity) and CVE-2021-40529 (medium)
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 7 2021 Ben Kircher <bkircher(a)0xadd.de> - 2.12.1-4
- Backport patch for #2002829 (Avoid using short exponents with ElGamal) from 2.18.2.
* Sun Nov 7 2021 Ben Kircher <bkircher(a)0xadd.de> - 2.12.1-3
- Backport patch for #1934458 (Constant-time computations for base32, base58, base64, hex)
from 2.17.3.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1934453 - CVE-2021-24115 botan: constant-time computations are not used for
certain decoding and encoding operations (base32, base58, base64, and hex).
https://bugzilla.redhat.com/show_bug.cgi?id=1934453
[ 2 ] Bug #2002825 - CVE-2021-40529 botan: ElGamal implementation allows plaintext
recovery
https://bugzilla.redhat.com/show_bug.cgi?id=2002825
--------------------------------------------------------------------------------
================================================================================
clamav-0.103.4-1.el8 (FEDORA-EPEL-2021-c478b2b23d)
End-user tools for the Clam Antivirus scanner
--------------------------------------------------------------------------------
Update Information:
Update to 0.103.4
https://blog.clamav.net/2021/11/clamav-01034-and-01041-patch-
releases.html ---- Get rid of pkgdatadir variable %{_datadir}/%{name} is
more informative Get rid og milterlog variable %{_var}/log/clamav-milter.log is
more readable we can remove %{_var}/log/clamav-milter.log because journalctl -u
clamav-milter supersede it Fix substitution of /var/run/clamd/clamd.socket on
file clamav-milter.conf Get rid of scanstatedir and milterstatedir variables
smartsubst deleted since we notice does not replace anything more cleanups
$RPM_BUILD_ROOT + /home/sergio/rpmbuild/BUILDROOT/clamav-0.103.3-9.fc36.x86_64
all variavels with {} BR _chmod and chown only in oldfreshclam clean rpath clean
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 7 2021 S��rgio Basto <sergio(a)serjux.com> - 0.103.4-1
- Update to 0.103.4
* Sun Oct 3 2021 S��rgio Basto <sergio(a)serjux.com> - 0.103.3-9
- Get rid of pkgdatadir variable %{_datadir}/%{name} is more informative
- Get rid og milterlog variable %{_var}/log/clamav-milter.log is more readable
- we can remove %{_var}/log/clamav-milter.log because journalctl -u clamav-milter
supersede it
- Fix substitution of /var/run/clamd/clamd.socket on file clamav-milter.conf
- Get rid of scanstatedir and milterstatedir variables
- smartsubst deleted since we notice does not replace anything
- more cleanups
- $RPM_BUILD_ROOT + /builddir/build/BUILDROOT/clamav-0.103.4-1.el8.aarch64
- all variavels with {}
- BR _chmod and chown only in oldfreshclam
- clean rpath clean
--------------------------------------------------------------------------------
================================================================================
dmlite-1.15.1-11.el8 (FEDORA-EPEL-2021-e2f0d95128)
Lcgdm grid data management and storage framework
--------------------------------------------------------------------------------
Update Information:
Minor bugfixes and cleanups - Fix puppet db port configuration for legacy DPM -
Fail checksum calculation for incomplete replica - Code cleanup from clang
warnings - Support for old compilers - Cleanup gridmap files - Improve empty
pool fsinfo patch - Configurable database port - Allow SE token for base
directory
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2021 Petr Vokac <petr.vokac(a)cern.ch> - 1.15.1-11
- Fix puppet db port configuration for legacy DPM
- Fail checksum calculation for incomplete replica
- Code cleanup from clang warnings
- Support for old compilers
- Cleanup gridmap files
* Wed Oct 27 2021 Petr Vokac <petr.vokac(a)cern.ch> - 1.15.1-10
- Improve empty pool fsinfo patch
- Configurable database port
- Allow SE token for base directory
--------------------------------------------------------------------------------
================================================================================
grass-7.8.6-2.el8 (FEDORA-EPEL-2021-48eb5ae4e3)
GRASS GIS - Geographic Resources Analysis Support System
--------------------------------------------------------------------------------
Update Information:
New upstream version GRASS GIS 7.8.6 Add patch to fix installation path in
pkgconfig file
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 7 2021 Bj��rn Esser <besser82(a)fedoraproject.org> - 7.8.6-2
- Add patch to fix installation path in pkgconfig file
* Tue Nov 2 2021 Markus Neteler <neteler(a)mundialis.de> - 7.8.6-1
- New upstream version GRASS GIS 7.8.6
* Thu Oct 21 2021 Sandro Mani <manisandro(a)gmail.com> - 7.8.5-11
- Rebuild (geos)
* Tue Aug 10 2021 Orion Poplawski <orion(a)nwra.com> - 7.8.5-10
- Rebuild for netcdf 4.8.0
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 7.8.5-9
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Mon Jun 21 2021 Markus Neteler <neteler(a)mundialis.de> - 7.8.5-8
- fix ctypes for Python 3.10 (RHBZ #1973621)
* Fri May 7 2021 Sandro Mani <manisandro(a)gmail.com> - 7.8.5-7
- Rebuild (gdal)
* Wed Mar 24 2021 Sandro Mani <manisandro(a)gmail.com> - 7.8.5-6
- Bump
* Sun Mar 7 2021 Sandro Mani <manisandro(a)gmail.com> - 7.8.5-5
- Rebuild (proj)
* Sat Feb 13 2021 Sandro Mani <manisandro(a)gmail.com> - 7.8.5-4
- Rebuild (geos)
* Mon Feb 8 2021 Pavel Raiskup <praiskup(a)redhat.com> - 7.8.5-3
- rebuild for libpq ABI fix rhbz#1908268
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 7.8.5-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2012725 - grass-7.8.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2012725
[ 2 ] Bug #2020907 - pkgconfig file for 7.8.6-1 contains invalid path
https://bugzilla.redhat.com/show_bug.cgi?id=2020907
--------------------------------------------------------------------------------
================================================================================
js-jsroot-6.2.1-1.el8 (FEDORA-EPEL-2021-fa408bc712)
JavaScript ROOT - Interactive numerical data analysis graphics
--------------------------------------------------------------------------------
Update Information:
ROOT 6.24.06 jsroot 6.2.1
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 5 2021 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 6.2.1-1
- Update to version 6.2.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2018162 - root-6.24.06 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2018162
--------------------------------------------------------------------------------
================================================================================
kakoune-2021.11.08-1.el8 (FEDORA-EPEL-2021-3ea58e8f47)
Code editor heavily inspired by Vim
--------------------------------------------------------------------------------
Update Information:
Update to 2021.11.08
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 7 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> - 2021.11.08-1
- chore(update): 2021.11.08
* Thu Oct 28 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> - 2021.10.28-1
- chore(update): 2021.10.28
--------------------------------------------------------------------------------
================================================================================
opensmtpd-6.8.0p2-2.el8 (FEDORA-EPEL-2021-722ae0740b)
Free implementation of the server-side SMTP protocol as defined by RFC 5321
--------------------------------------------------------------------------------
Update Information:
opensmtpd: hardened security settings
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 5 2021 Denis Fateyev <denis(a)fateyev.com> - 6.8.0p2-2
- Add hardened security settings to service
- Set "mbox" delivery method usage by default
--------------------------------------------------------------------------------
================================================================================
python-xlsxwriter-3.0.2-1.el8 (FEDORA-EPEL-2021-ff911d5308)
Python module for writing files in the Excel 2007+ XLSX file format
--------------------------------------------------------------------------------
Update Information:
Updated to version 3.0.2
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 7 2021 Rajeesh K V <rajeeshknambiar(a)gmail.com> - 3.0.2-1
- New release 3.0.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2019125 - python-xlsxwriter-3.0.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2019125
--------------------------------------------------------------------------------
================================================================================
root-6.24.06-1.el8 (FEDORA-EPEL-2021-fa408bc712)
Numerical data analysis framework
--------------------------------------------------------------------------------
Update Information:
ROOT 6.24.06 jsroot 6.2.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 4 2021 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 6.24.06-1
- Update to 6.24.06
* Tue Sep 14 2021 Sahana Prasad <sahana(a)redhat.com> - 6.24.04-2
- Rebuilt with OpenSSL 3.0.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2018162 - root-6.24.06 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2018162
--------------------------------------------------------------------------------
================================================================================
smtpping-1.1.4-1.el8 (FEDORA-EPEL-2021-dae883c7b8)
Small tool for measuring SMTP parameters
--------------------------------------------------------------------------------
Update Information:
smtpping: release v1.1.4
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 5 2021 Denis Fateyev <denis(a)fateyev.com> - 1.1.4-1
- Update to 1.1.4 release
* Fri Jul 23 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1.3-14
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1.3-13
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Aug 11 2020 Denis Fateyev <denis(a)fateyev.com> - 1.1.3-12
- Spec file upgrade and cleanup
* Sat Aug 1 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1.3-11
- Second attempt - Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jul 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1.3-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Thu Jan 30 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1.3-9
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2019648 - smtpping-1.1.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2019648
--------------------------------------------------------------------------------