The following Fedora EPEL 8 Security updates need testing:
Age URL
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-58bc048b1a
upx-3.96-9.el8
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-a20d7c1ddd
rxvt-unicode-9.26-1.el8
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-bdd3e1ab81
opendmarc-1.4.1-1.el8
8
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-6c72c1c9a5
gromacs-2019.6-2.el8 kokkos-3.0.00-2.el8 slurm-20.11.7-2.el8
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-0e0c1a76c6
slurm-20.11.7-3.el8
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-c734316809
chromium-90.0.4430.212-1.el8
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-bb6ec0e942
singularity-3.7.4-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
eggdrop-1.9.1-1.el8
google-benchmark-1.5.4-1.el8
highway-0.12.1-2.el8
intel-ipsec-mb-1.0.0-1.el8
radsecproxy-1.9.0-1.el8
Details about builds:
================================================================================
eggdrop-1.9.1-1.el8 (FEDORA-EPEL-2021-bb11782548)
World's most popular Open Source IRC bot
--------------------------------------------------------------------------------
Update Information:
Eggdrop v1.9.1 ============== General changes --------------- - Fixed an
issue where an IP address was incorrectly overwritten after a `CTCP chat` was
received - Fixed an issue where Eggdrop would occassionally crash if no port
was provided when the server was added - Error, instead of silently change,
when adding a bot with invalid ASCII characters in the handle (`.+bot`) -
Removed an incorrect error message after restarting the bot with the PBKDF2
module loaded - Further improved error reporting for socket connections Tcl
API changes --------------- - Fixed the `isaway` command to properly track
`AWAY` server messages Eggdrop config file changes ---------------------------
- Added Libera Chat to the accepted server types
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 31 2021 Robert Scheck <robert(a)fedoraproject.org> 1.9.1-1
- Upgrade to 1.9.1 (#1958575)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1958575 - eggdrop-1.9.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1958575
--------------------------------------------------------------------------------
================================================================================
google-benchmark-1.5.4-1.el8 (FEDORA-EPEL-2021-995b0ae7eb)
A microbenchmark support library
--------------------------------------------------------------------------------
Update Information:
Updated to version 1.5.4.
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 31 2021 Vitaly Zaitsev <vitaly(a)easycoding.org> - 1.5.4-1
- Updated to version 1.5.4.
--------------------------------------------------------------------------------
================================================================================
highway-0.12.1-2.el8 (FEDORA-EPEL-2021-ce450116fd)
Efficient and performance-portable SIMD
--------------------------------------------------------------------------------
Update Information:
Add workaround for the lack of pkgconfig in RHEL8 gtest ---- Update to 0.12.0
---- Initial RPM
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1906980 - Review Request: highway - Efficient and performance-portable SIMD
https://bugzilla.redhat.com/show_bug.cgi?id=1906980
[ 2 ] Bug #1963675 - highway-0.12.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1963675
--------------------------------------------------------------------------------
================================================================================
intel-ipsec-mb-1.0.0-1.el8 (FEDORA-EPEL-2021-96c8a5d415)
IPSEC cryptography library optimized for Intel Architecture
--------------------------------------------------------------------------------
Update Information:
The Intel(R) Multi-Buffer Crypto for IPsec library provides software crypto
acceleration primarily targeting packet processing applications. It can be used
for application such as: IPsec, TLS, Wireless (RAN), Cable or MPEG DRM.
Source code can be found here:
https://github.com/intel/intel-ipsec-mb
Release notes for this version of the library: Library - CET enabling
(endbranch opcodes added) - ZUC-EIA3-256 support for SSE, AVX, AVX2 and AVX512
(VAES) - 4 byte tag length only - Chacha20 optimizations for SSE, AVX and
AVX2 - ZUC-EEA3-256 support for SSE, AVX, AVX2 and AVX512 (VAES) - SNOW-V
and SNOW-V-AEAD support for SSE - Poly1305 AVX512 and AVX512-IFMA
implementations added - Chacha20-Poly1305 AEAD implementations extended to
AVX512 and AVX512-IFMA - CBCS AVX512 optimizations - Extended CBCS to return
last cipher block to maintain context between calls - AVX/SSE transition fixes
- Added SGL support for AEAD Chacha20-Poly1305 - Poly1305 minor optimization
in the scalar code - GHASH API change - IFMA CPU feature detection - SGL
support added for AES-GCM through job API - Added CRC functions through job
API
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
radsecproxy-1.9.0-1.el8 (FEDORA-EPEL-2021-1dd57fe441)
Generic RADIUS proxy with RadSec support
--------------------------------------------------------------------------------
Update Information:
radsecproxy 1.9.0 (2021-05-28) ============================== New features
------------ - Accept multiple source* configs for IPv4/v6 - Specify source
per server - User configurable cipher-list and ciphersuites - User
configurable TLS versions - Config option for DH-file - Add rID and
otherName options to certifcateAttributeCheck - Allow multiple
matchCertificateAttribute - Option to start dynamic server in blocking mode
Misc ---- - Move radsecproxy manpage to section 8 - Log CUI and operator-
name if present - Log CN for incomming TLS connections Bug fixes ---------
- Fix overlapping log lines - Fix memory leak in logging - Fix dynidsc
example scripts input validation (CVE-2021-32642)
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 31 2021 Robert Scheck <robert(a)fedoraproject.org> 1.9.0-1
- Upgrade to 1.9.0 (#1959532, #1965675)
* Tue Mar 2 2021 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 1.8.2-4
- Rebuilt for updated systemd-rpm-macros
See
https://pagure.io/fesco/issue/2583.
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.8.2-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1965675 - CVE-2021-32642 radsecproxy: missing input validation in dynamic
discovery example scripts
https://bugzilla.redhat.com/show_bug.cgi?id=1965675
--------------------------------------------------------------------------------