The following Fedora EPEL 8 Security updates need testing:
Age URL
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-83ab5bb91b
opensmtpd-6.8.0p2-1.el8
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-b68969af8c
chromium-88.0.4324.96-1.el8
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-403074b7e0
seamonkey-2.53.6-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
R-qtl-1.47.9-1.el8
lua-readline-2.8-1.el8
monitorix-3.13.1-1.el8
nx-libs-3.5.99.25-4.el8
rlwrap-0.44-1.el8
youtube-dl-2021.01.24.1-1.el8
yubico-piv-tool-2.2.0-1.el8
Details about builds:
================================================================================
R-qtl-1.47.9-1.el8 (FEDORA-EPEL-2021-b797df647f)
Tools for analyzing QTL experiments
--------------------------------------------------------------------------------
Update Information:
R-qtl 1.47-9
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 27 2021 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 1.47.9-1
- Update to 1.47-9
* Mon Jan 25 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.46.2-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Mon Aug 10 2020 Tom Callaway <spot(a)fedoraproject.org> - 1.46.2-5
- rebuild for FlexiBLAS R
* Sat Aug 1 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.46.2-4
- Second attempt - Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Mon Jul 27 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.46.2-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
lua-readline-2.8-1.el8 (FEDORA-EPEL-2021-21532ad9b8)
Lua interface to the readline and history libraries
--------------------------------------------------------------------------------
Update Information:
- Update to 2.8 - Fix the reported version, it was not bumped for 2.8 - Use
Fedora-specific linker flags (thanks to Robert Scheck
<robert(a)fedoraproject.org>) - Add basic loadability checks (Robert) - Pull in
lua-rpm-macros explicitly on EL <= 7
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 26 2021 Michel Alexandre Salim <salimma(a)fedoraproject.org> - 2.8-1
- Update to 2.8
- Fix the reported version, it was not bumped for 2.8
- Use Fedora-specific linker flags (thanks to Robert Scheck
<robert(a)fedoraproject.org>)
- Add basic loadability checks (Robert)
- Pull in lua-rpm-macros explicitly on EL <= 7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1914667 - Lack of Fedora-specific linker flags
https://bugzilla.redhat.com/show_bug.cgi?id=1914667
[ 2 ] Bug #1914686 - lua-readline-2.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1914686
--------------------------------------------------------------------------------
================================================================================
monitorix-3.13.1-1.el8 (FEDORA-EPEL-2021-aadbebf090)
A free, open source, lightweight system monitoring tool
--------------------------------------------------------------------------------
Update Information:
This new version fixes a security bug introduced in the 3.13.0 version that lead
the HTTP built-in server to bypass the Basic Authentication when the option
hosts_deny is not defined, which is the default. Besides this fix, this version
also updates the main configuration file to add the option hosts_deny = all by
default inside the auth subsection, in an attempt to make the default behaviour
more clear. All users using the 3.13.0 version are advised and encouraged to
upgrade to this new version, which resolves the security issue. ---- This
new version introduces three new modules: the long-awaited pgsql.pm capable of
monitoring up to 9 databases of an unlimited number of PostgreSQL servers, the
redis.pm and tinyproxy.pm which are both also capable of monitoring an unlimited
number of Redis and Tinyproxy servers respectively. This version also includes
some interesting new features. The new CSS theming support will allow people to
create their own color themes. The new support for the ss command in port.pm and
nginx.pm modules. The ability to map the device names and also to include a
title name in disk.pm module. The new stacked visualization of network stats
available on a number of modules, and more. Also with this new version,
Monitorix is able to be executed as a regular user instead of root. This is of
course subject to the capabilities of each module to get statistics without
using the superuser. The rest of new features, changes and bugs fixed are, as
always, reflected in the Changes file.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 27 2021 Jordi Sanfeliu <jordi(a)fibranet.cat> - 3.13.1-1
- Updated to 3.13.1.
* Fri Jan 22 2021 Jordi Sanfeliu <jordi(a)fibranet.cat> - 3.13.0-1
- Updated to 3.13.0.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1919169 - monitorix-3.13.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1919169
[ 2 ] Bug #1920998 - monitorix-3.13.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1920998
--------------------------------------------------------------------------------
================================================================================
nx-libs-3.5.99.25-4.el8 (FEDORA-EPEL-2021-3b4b144e1b)
NX X11 protocol compression libraries
--------------------------------------------------------------------------------
Update Information:
Disable extraneous debug logging that can fill disks
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 26 2021 Orion Poplawski <orion(a)nwra.com> - 3.5.99.25-4
- Add upstream patch to quiet logging
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
3.5.99.25-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1916491 - nxagent logs exessively to session.log
https://bugzilla.redhat.com/show_bug.cgi?id=1916491
--------------------------------------------------------------------------------
================================================================================
rlwrap-0.44-1.el8 (FEDORA-EPEL-2021-92f4e70166)
Wrapper for GNU readline
--------------------------------------------------------------------------------
Update Information:
## New Features - rlwrap is now aware of multi-byte characters and correctly
handles prompts (or things that look like prompts, e.g. progress indicators)
that contain them. - rlwrap filters can now also filter signals (see
RlwrapFilter(3pm)), changing them, or providing extra input to the rlwrapped
command. - Key sequences can now be bound to rlwrap-direct-keypress (using a new
readline command rlwrap-direct-prefix) (contributed by Yuri d'Elia) ## Bug
fixes - now works with the readline 8.1 (which exposed an old bug caused by
rlwrap mis-handling enabled bracketed-paste) - binding accept-line to a key
would make pressing that key mess up the display
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 26 2021 Michel Alexandre Salim <salimma(a)fedoraproject.org> - 0.44-1
- Update to 0.44
* Fri Dec 4 2020 Jeff Law <law(a)redhat.com> - 0.43-8
- Fix out of bounds read in configure generated code caught by gcc-11
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1918577 - upgrade rlwrap
https://bugzilla.redhat.com/show_bug.cgi?id=1918577
[ 2 ] Bug #1920859 - rlwrap-7c1e432 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1920859
--------------------------------------------------------------------------------
================================================================================
youtube-dl-2021.01.24.1-1.el8 (FEDORA-EPEL-2021-417125ab38)
A small command-line program to download online videos
--------------------------------------------------------------------------------
Update Information:
Update to version 2021.01.24.1 ---- Update to version 2021.01.16
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 27 2021 David Schw��rer <davidsch(a)fedoraproject.org> - 2021.01.24.1-1
- Update to 2021.01.24.1
* Mon Jan 18 2021 David Schw��rer <davidsch(a)fedoraproject.org> - 2021.01.16-1
- Update to 2021.01.16
* Fri Jan 8 2021 David Schw��rer <davidsch(a)fedoraproject.org> - 2021.01.08-1
- Update to 2021.01.08
* Tue Jan 5 2021 David Schw��rer <davidsch(a)fedoraproject.org> - 2021.01.03-2
- Update to 2021.01.03
* Sun Jan 3 2021 David Schw��rer <davidsch(a)fedoraproject.org> - 2021.01.03-1
- Update to 2021.01.03
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1916977 - youtube-dl-2021.01.16 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1916977
[ 2 ] Bug #1920080 - youtube-dl-2021.01.24.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1920080
--------------------------------------------------------------------------------
================================================================================
yubico-piv-tool-2.2.0-1.el8 (FEDORA-EPEL-2021-60c6c91676)
Tool for interacting with the PIV applet on a YubiKey
--------------------------------------------------------------------------------
Update Information:
Finally EPEL8 release!
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1918362 - yubico-piv-tool-2.2.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1918362
--------------------------------------------------------------------------------