The following Fedora EPEL 8 Security updates need testing:
Age URL
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-d5cf26cbeb
python-rsa-4.7.2-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
charliecloud-0.25-1.el8
golang-github-prometheus-2.26.1-1.el8
libspf2-1.2.11-1.20210922git4915c308.el8
libwbxml-0.11.7-5.el8
supybot-meetbot-0.4-1.el8
wireguard-tools-1.0.20210914-1.el8
Details about builds:
================================================================================
charliecloud-0.25-1.el8 (FEDORA-EPEL-2021-0ec207f547)
Lightweight user-defined software stacks for high-performance computing
--------------------------------------------------------------------------------
Update Information:
New version. Bundle working lark-parser.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 20 2021 Jordan Ogas <jogas(a)lanl.gov 0.25-1
- bundle python lark parser
- new version
--------------------------------------------------------------------------------
================================================================================
golang-github-prometheus-2.26.1-1.el8 (FEDORA-EPEL-2021-3dbdaa5f12)
Prometheus monitoring system and time series database
--------------------------------------------------------------------------------
Update Information:
Update to 2.26.1
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 20 2021 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 2.26.1-1
- Update to 2.26.1
- Add additional variable to pass options to the service
- Security fix for CVE-2021-29622
- Close: rhbz#1928323, rhbz#2005296, rhbz#1962720, rhbz#1962718
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1962718 - CVE-2021-29622 prometheus: open redirect under the /new endpoint
https://bugzilla.redhat.com/show_bug.cgi?id=1962718
--------------------------------------------------------------------------------
================================================================================
libspf2-1.2.11-1.20210922git4915c308.el8 (FEDORA-EPEL-2021-7d0a7b6146)
An implementation of the SPF specification
--------------------------------------------------------------------------------
Update Information:
Update to latest in git.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 22 2021 Bojan Smojver <bojan(a)rexursive.com> -
1.2.11-1.20210922git4915c308
- Build latest upstream git HEAD
- CVE-2021-20314
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
1.2.10-30.20150405gitd57d79fd
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Fri May 21 2021 Jitka Plesnikova <jplesnik(a)redhat.com> -
1.2.10-29.20150405gitd57d79fd
- Perl 5.34 rebuild
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
1.2.10-28.20150405gitd57d79fd
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Jul 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> -
1.2.10-27.20150405gitd57d79fd
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jun 23 2020 Jitka Plesnikova <jplesnik(a)redhat.com> -
1.2.10-26.20150405gitd57d79fd
- Perl 5.32 rebuild
* Wed Jan 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> -
1.2.10-25.20150405gitd57d79fd
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1993071 - CVE-2021-20314 libspf2: stack buffer overflow when processing SPF
explanation macros [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1993071
[ 2 ] Bug #1993072 - CVE-2021-20314 libspf2: stack buffer overflow when processing SPF
explanation macros [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1993072
--------------------------------------------------------------------------------
================================================================================
libwbxml-0.11.7-5.el8 (FEDORA-EPEL-2021-5f7c1954dc)
Library and tools to parse, encode and handle WBXML documents
--------------------------------------------------------------------------------
Update Information:
This update brings a new libwbxml package for handling WBXML documents.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2006152 - Please build libwbxml for EPEL 8
https://bugzilla.redhat.com/show_bug.cgi?id=2006152
--------------------------------------------------------------------------------
================================================================================
supybot-meetbot-0.4-1.el8 (FEDORA-EPEL-2021-e681cb1233)
Plugin for Supybot for handling IRC meetings
--------------------------------------------------------------------------------
Update Information:
Update to upstream version 0.4 This is a bugfix release that fixes the
following issues: * Previously, the body format of the message sent out via
Fedora Messaging was not complete. The URL was not including the prefix, and the
details key did not include the nick. This caused FMN to not parse the message
correctly. [see commit
1151b06](https://github.com/fedora-infra/supybot-
meetbot/commit/1151b06fe61931e65bc2a3f346705f47b989c6ed) * Previously when the
MeetBot plugin was installed, any command that was not recognised by Supybot or
its plugins would result in an exception being thrown
[#18](https://github.com/fedora-infra/supybot-meetbot/issues/18). Additionally,
none of the non-meeting commands (like .listmeetings and .recent) were working
[#20](https://github.com/fedora-infra/supybot-meetbot/issues/20). Both these
issues were related to a piece of experimental code that was causing some
issues. This was removed in [#21](https://github.com/fedora-infra/supybot-
meetbot/issues/21), and the commands work as expected now.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 22 2021 Ryan Lerch <rlerch(a)redhat.com> - 0.4-1
- Fix message body format when sending a Fedora message
- Fix standard commands like .listmeetings and .recent
--------------------------------------------------------------------------------
================================================================================
wireguard-tools-1.0.20210914-1.el8 (FEDORA-EPEL-2021-dbd920f706)
Fast, modern, secure VPN tunnel
--------------------------------------------------------------------------------
Update Information:
Update to 1.0.20210914
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 21 2021 Joe Doss <joe(a)solidadmin.com> - 1.0.20210914-1
- contrib/launchd: fix xml syntax error
- wg-quick: darwin: account for "link#XX" gateways
- ipc: add wireguard-nt support
- ipc: cache windows lookups to avoid O(n^2) with nested lookups
- ipc: remove windows elevation
- ipc: windows: don't display disabled adapters
- ipc: windows: use devpkey instead of nci for name
- wg-quick: android: adjust for android 12
- wg-quick: openbsd: set DNS with resolvd(8)
* Fri Jul 23 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
1.0.20210424-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2003848 - wireguard-tools-1.0.20210914 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2003848
--------------------------------------------------------------------------------