The following Fedora EPEL 8 Security updates need testing: Age URL 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-1dc713f355 chromium-111.0.5563.64-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
R-4.2.3-1.el8 SDL2_mixer-2.6.3-1.el8 cutter-re-2.2.0-1.el8 eggdrop-1.9.5-1.el8 kimageannotator-0.6.1-1.el8 ksnip-1.10.1-1.el8 lua-sec-1.3.0-1.el8 mate-desktop-1.26.1-1.el8 printer-driver-brlaser-6.2.5-2.el8 rizin-0.5.1-1.el8 rpminspect-data-centos-1.2-1.el8 rubygem-addressable-2.8.1-3.el8 uARMSolver-0.2.5-1.el8 uglify-js3-3.17.4-1.el8
Details about builds:
================================================================================ R-4.2.3-1.el8 (FEDORA-EPEL-2023-7150b53aa1) A language for data analysis and graphics -------------------------------------------------------------------------------- Update Information:
Update to 4.2.3 -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 15 2023 I��aki ��car iucar@fedoraproject.org - 4.2.3-1 - Update to 4.2.3 - Adapt license tag to SPDX - Disable tests for non x86_64 architectures in EPEL * Wed Jan 18 2023 Fedora Release Engineering releng@fedoraproject.org - 4.2.2-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Sat Dec 31 2022 Pete Walter pwalter@fedoraproject.org - 4.2.2-6 - Rebuild for ICU 72 * Sun Nov 6 2022 I��aki ��car iucar@fedoraproject.org - 4.2.2-5 - Revert inadvertent change to BLAS condition * Sat Nov 5 2022 I��aki ��car iucar@fedoraproject.org - 4.2.2-4 - Remove FlexiBLAS workaround, now officially supported - Re-enable tests in all platforms - Fix LTO flag once and for all (thanks, Mattias) * Sat Nov 5 2022 I��aki ��car iucar@fedoraproject.org - 4.2.2-3 - Let R find its way into Java instead of specifying too many possible paths * Fri Nov 4 2022 I��aki ��car iucar@fedoraproject.org - 4.2.2-2 - Move Java configuration to the build phase - Remove javareconf from posttrans scriptlets - Remove noreplace from javaconf file - Rename LTO flag to avoid conflicts with bcond - Simplify default R_LIBS_SITE cleanup - Update old _pkgdocdir specification --------------------------------------------------------------------------------
================================================================================ SDL2_mixer-2.6.3-1.el8 (FEDORA-EPEL-2023-0999c3691c) Simple DirectMedia Layer - Sample Mixer Library -------------------------------------------------------------------------------- Update Information:
Update SDL2_mixer to 2.6.3 (#2167934) -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 15 2023 S��rgio Basto sergio@serjux.com - 2.6.3-1 - Update SDL2_mixer to 2.6.3 (#2167934) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2167934 - SDL2_mixer-2.6.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2167934 --------------------------------------------------------------------------------
================================================================================ cutter-re-2.2.0-1.el8 (FEDORA-EPEL-2023-1e00c3d01e) GUI for Rizin reverse engineering framework -------------------------------------------------------------------------------- Update Information:
rebase rizin to v0.5.1 and cutter-re to 0.2.0 -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 14 2023 Riccardo Schirone rschirone91@gmail.com - 2.2.0-1 - Rebase to version 2.2.0 * Thu Jan 19 2023 Fedora Release Engineering releng@fedoraproject.org - 2.1.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Tue Sep 13 2022 Riccardo Schirone rschirone91@gmail.com - 2.1.2-1 - Rebase to version 2.1.2 * Wed Jul 20 2022 Fedora Release Engineering releng@fedoraproject.org - 2.1.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Sat Jul 16 2022 Riccardo Schirone rschirone91@gmail.com - 2.1.0-2 - Fix cutter path in .cmake file for -devel package -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2112240 - CVE-2022-34612 rizin: integer overflow in get_long_object() further leads to heap-overflow causing a crash [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2112240 [ 2 ] Bug #2124770 - CVE-2022-36042 rizin: rizin: Out-of-bounds Write in dyld cache binary plugin [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2124770 [ 3 ] Bug #2124791 - CVE-2022-36039 rizin: rizin: Out-of-bounds Write when parsing DEX files [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2124791 [ 4 ] Bug #2126124 - CVE-2022-36040 rizin: Out-of-bounds Write in pyc/marshal.c [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2126124 [ 5 ] Bug #2126125 - CVE-2022-36041 rizin: Out-of-bounds Write in Mach-O binary plugin [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2126125 [ 6 ] Bug #2126127 - CVE-2022-36043 rizin: Double Free in bobj.c when using QNX binary plugin [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2126127 [ 7 ] Bug #2126128 - CVE-2022-36044 rizin: Out-of-bounds Write in Lua binary plugin [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2126128 [ 8 ] Bug #2171271 - rizin-0.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2171271 --------------------------------------------------------------------------------
================================================================================ eggdrop-1.9.5-1.el8 (FEDORA-EPEL-2023-998768c463) World's most popular Open Source IRC bot -------------------------------------------------------------------------------- Update Information:
# Eggdrop v1.9.5 ## General changes - Implemented a workaround for a Tcl issue parsing emojis that can cause a crash - Fixed an improper change to the display of bind flags that caused issues with Tcl scripts that parse bind flags - Added SSL header information to `.status` to help diagnose `./configure` mismatches - Lots of under-the-hood bug fixes ## Tcl API changes - Tcl minimum required version is now 8.5! This actually happened in version 1.9.0; upstream just forgot to tell people. Oops! :) ## Module changes - Updated `woobie.mod` with additional example code ## Documentation changes: - Added additional documentation to help write modules - Updated botnet docs to include reference to TLS docs for secure links - Updated Tcl repo from unmaintained FTP to HTTP repository -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 15 2023 Robert Scheck robert@fedoraproject.org 1.9.5-1 - Upgrade to 1.9.5 (#2169600) * Thu Jan 19 2023 Fedora Release Engineering releng@fedoraproject.org - 1.9.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2169600 - eggdrop-1.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2169600 --------------------------------------------------------------------------------
================================================================================ kimageannotator-0.6.1-1.el8 (FEDORA-EPEL-2023-795978c284) Library and a tool for annotating images -------------------------------------------------------------------------------- Update Information:
Updated ksnip to version 1.10.1. -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 15 2023 Vitaly Zaitsev vitaly@easycoding.org - 0.6.1-1 - Updated to version 0.6.1. * Thu Jan 19 2023 Fedora Release Engineering releng@fedoraproject.org - 0.6.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org - 0.6.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ ksnip-1.10.1-1.el8 (FEDORA-EPEL-2023-795978c284) Qt based cross-platform screenshot tool -------------------------------------------------------------------------------- Update Information:
Updated ksnip to version 1.10.1. -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 15 2023 Vitaly Zaitsev vitaly@easycoding.org - 1.10.1-1 - Updated to version 1.10.1. * Thu Jan 19 2023 Fedora Release Engineering releng@fedoraproject.org - 1.10.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org - 1.10.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ lua-sec-1.3.0-1.el8 (FEDORA-EPEL-2023-2532681a12) Lua binding for OpenSSL library -------------------------------------------------------------------------------- Update Information:
# LuaSec 1.3.0 * Add `:getlocalchain()` and `:getlocalcertificate()` to mirror the peer methods * Add Pre-Shared Key (PSK) support -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 15 2023 Robert Scheck robert@fedoraproject.org 1.3.0-1 - Upgrade to 1.3.0 (#2178605) * Thu Jan 19 2023 Fedora Release Engineering releng@fedoraproject.org - 1.2.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2178605 - lua-sec-1.3.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2178605 --------------------------------------------------------------------------------
================================================================================ mate-desktop-1.26.1-1.el8 (FEDORA-EPEL-2023-8c2a136c61) Shared code for mate-panel, mate-session, caja, etc -------------------------------------------------------------------------------- Update Information:
- update to 1.26.1 -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 15 2023 Wolfgang Ulbrich fedora@raveit.de - 1.26.1-1 - update to 1.26.1 --------------------------------------------------------------------------------
================================================================================ printer-driver-brlaser-6.2.5-2.el8 (FEDORA-EPEL-2023-8ec58205b5) Brother laser printer driver -------------------------------------------------------------------------------- Update Information:
Update to version 6.2.5 -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 14 2023 Ond��ej Budai ondrej@budai.cz - 6.2.5-2 - Drop i686 builds * Tue Mar 14 2023 Ond��ej Budai ondrej@budai.cz - 6.2.5-1 - Update to 6.2.5 * Fri Jan 27 2023 Ond��ej Budai ondrej@budai.cz - 6.2-2 - convert license to SPDX --------------------------------------------------------------------------------
================================================================================ rizin-0.5.1-1.el8 (FEDORA-EPEL-2023-1e00c3d01e) UNIX-like reverse engineering framework and command-line tool-set -------------------------------------------------------------------------------- Update Information:
rebase rizin to v0.5.1 and cutter-re to 0.2.0 -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 14 2023 Riccardo Schirone rschirone91@gmail.com - 0.5.1-1 - Rebase to upstream version 0.5.1 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2112240 - CVE-2022-34612 rizin: integer overflow in get_long_object() further leads to heap-overflow causing a crash [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2112240 [ 2 ] Bug #2124770 - CVE-2022-36042 rizin: rizin: Out-of-bounds Write in dyld cache binary plugin [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2124770 [ 3 ] Bug #2124791 - CVE-2022-36039 rizin: rizin: Out-of-bounds Write when parsing DEX files [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2124791 [ 4 ] Bug #2126124 - CVE-2022-36040 rizin: Out-of-bounds Write in pyc/marshal.c [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2126124 [ 5 ] Bug #2126125 - CVE-2022-36041 rizin: Out-of-bounds Write in Mach-O binary plugin [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2126125 [ 6 ] Bug #2126127 - CVE-2022-36043 rizin: Double Free in bobj.c when using QNX binary plugin [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2126127 [ 7 ] Bug #2126128 - CVE-2022-36044 rizin: Out-of-bounds Write in Lua binary plugin [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2126128 [ 8 ] Bug #2171271 - rizin-0.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2171271 --------------------------------------------------------------------------------
================================================================================ rpminspect-data-centos-1.2-1.el8 (FEDORA-EPEL-2023-b205e62e7c) Build deviation compliance tool data files for CentOS -------------------------------------------------------------------------------- Update Information:
Upgrade to rpminspect-data-centos-1.2 -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 14 2023 David Cantrell dcantrell@redhat.com - 1.2-1 - Upgrade to rpminspect-data-centos-1.2 --------------------------------------------------------------------------------
================================================================================ rubygem-addressable-2.8.1-3.el8 (FEDORA-EPEL-2023-7d3fb79249) URI Implementation -------------------------------------------------------------------------------- Update Information:
First EPEL release of rubygem-addressable -------------------------------------------------------------------------------- ChangeLog:
* Fri Mar 3 2023 Steve Traylen steve.traylen@cern.ch - 2.8.1-3 - First EPEL build * Fri Jan 20 2023 Fedora Release Engineering releng@fedoraproject.org - 2.8.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Mon Dec 5 2022 V��t Ondruch vondruch@redhat.com - 2.8.1-1 - Update to Addressable 2.8.1. Resolves: rhbz#2119778 * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 2.8.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Fri Jan 21 2022 Fedora Release Engineering releng@fedoraproject.org - 2.8.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Sat Sep 18 2021 Pavel Valena pvalena@redhat.com - 2.8.0-1 - Update to addressable 2.8.0. Resolves: rhbz#1978860 * Sun Aug 8 2021 Mamoru TASAKA mtasaka@fedoraproject.org - 2.7.0-5 - Upstream patch for CVE-2021-32740 (bug 1979702) * Fri Jul 23 2021 Fedora Release Engineering releng@fedoraproject.org - 2.7.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Wed Jan 27 2021 Fedora Release Engineering releng@fedoraproject.org - 2.7.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Wed Jul 29 2020 Fedora Release Engineering releng@fedoraproject.org - 2.7.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Tue Apr 7 2020 V��t Ondruch vondruch@redhat.com - 2.7.0-1 - Update to Addressable 2.7.0. * Thu Jan 30 2020 Fedora Release Engineering releng@fedoraproject.org - 2.5.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Fri Jul 26 2019 Fedora Release Engineering releng@fedoraproject.org - 2.5.2-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Sat Feb 2 2019 Fedora Release Engineering releng@fedoraproject.org - 2.5.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Sat Jul 14 2018 Fedora Release Engineering releng@fedoraproject.org - 2.5.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Fri Feb 9 2018 Fedora Release Engineering releng@fedoraproject.org - 2.5.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Tue Aug 29 2017 Shawn Starr shawn.starr@fedoraproject.org - 2.5.2-1 - Spec changes from Franti��ek Zatloukal fzatlouk@redhat.com - New upstream release - Add BuildRequires: rubygem(idn) - Drop a lot of Build dependencies, kudos to vondruch@redhat.com - Fix test fails in mock - Comment out failing tests - Add BuildRequires: rubygem(bundler) - Switched rspec-its to rspec-core - Re-Enable testing suite - add no-rack-mount.patch to fix tests - Regenerate spec with gem2rpm * Thu Feb 4 2016 Fedora Release Engineering releng@fedoraproject.org - 2.3.8-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild * Thu Jun 18 2015 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.3.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Sat Jun 6 2015 Shawn Starr spstarr@fedoraproject.org - 2.3.8-1 - New upstream release, fix some build changes * Sun Jun 8 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.3.6-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Wed Apr 23 2014 Shawn Starr shawn.starr@rogers.com - 2.3.6-5 - Fix it harder * Wed Apr 23 2014 Shawn Starr shawn.starr@rogers.com - 2.3.6-4 - Disable test 'Addressable::URI when parsed from 'http://example.com' should have a different hash from http://EXAMPLE.com' fails on koji but not in mock * Wed Apr 23 2014 Shawn Starr shawn.starr@rogers.com - 2.3.6-3 - Disable GNU idn ruby bindings fallback to pure, rubygem-idn is dead upstream * Wed Apr 23 2014 Shawn Starr shawn.starr@rogers.com - 2.3.6-2 - minor build issue.. * Wed Apr 23 2014 Shawn Starr shawn.starr@rogers.com - 2.3.6-1 - New upstream release * Fri Feb 7 2014 Shawn Starr shawn.starr@rogers.com - 2.3.5-1 - New upstream release * Sun Aug 4 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.3.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Thu Mar 7 2013 Josef Stribny jstribny@redhat.com - 2.3.2-5 - Rebuild for https://fedoraproject.org/wiki/Features/Ruby_2.0.0 * Tue Feb 19 2013 Shawn Starr shawn.starr@rogers.com - 2.3.2-4 - Changes in rubygem rspec packaging, adjust build dependencies accordingly * Thu Feb 14 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.3.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Thu Aug 23 2012 Shawn Starr shawn.starr@rogers.com - 2.3.2-2 - Fix build issue disable one test due to DNS lookup not available on koji mock builders * Thu Aug 23 2012 Shawn Starr shawn.starr@rogers.com - 2.3.2-1 - Bump to latest upstream - Fix spec test due to namespace/classname conflict * Sat Jul 21 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.2.6-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Feb 9 2012 Shawn Starr shawn.starr@rogers.com - 2.2.6-3 - Remove patch passes all tests now. * Sun Nov 6 2011 Shawn Starr shawn.starr@rogers.com - 2.2.6-2 - Fix up package from bugzilla reviews * Tue Jul 19 2011 Shawn Starr shawn.starr@rogers.com - 2.2.6-1 - Bump to latest upstream - Overhall spec, split -doc packaging - Fix loader path to idn.so extension * Thu Apr 1 2010 Adam Young ayoung@ayoung.boston.devel.redhat.com - 2.1.1-1 - Initial package -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2168260 - New unmet dependency introduced by 1.113.0 https://bugzilla.redhat.com/show_bug.cgi?id=2168260 [ 2 ] Bug #2174705 - Please build rubygem-addressable for EPEL8 and EPEL9 https://bugzilla.redhat.com/show_bug.cgi?id=2174705 --------------------------------------------------------------------------------
================================================================================ uARMSolver-0.2.5-1.el8 (FEDORA-EPEL-2023-709e2b2eed) Universal Association Rule Mining Solver -------------------------------------------------------------------------------- Update Information:
Update to 0.2.5 -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 15 2023 Iztok Fister Jr. <iztokf AT fedoraproject DOT org> - 0.2.5-1 - Update to 0.2.5 * Tue Mar 14 2023 Iztok Fister Jr. <iztokf AT fedoraproject DOT org> - 0.2.4-4 - Fix compiler errors | apply patch * Sat Jan 21 2023 Fedora Release Engineering releng@fedoraproject.org - 0.2.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 0.2.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2171743 - uARMSolver: FTBFS in Fedora rawhide/f38 https://bugzilla.redhat.com/show_bug.cgi?id=2171743 --------------------------------------------------------------------------------
================================================================================ uglify-js3-3.17.4-1.el8 (FEDORA-EPEL-2023-0cf7102f98) JavaScript parser, mangler/compressor and beautifier toolkit -------------------------------------------------------------------------------- Update Information:
uglify-js 3.17.4 -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 15 2023 Mattias Ellert mattias.ellert@physics.uu.se - 3.17.4-1 - Update to 3.17.4 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2129629 - uglify-js-3.17.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2129629 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org
-
updates@fedoraproject.org