The following Fedora EPEL 8 Security updates need testing:
Age URL
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-5f230957f1
duktape-2.2.0-6.el8
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-cf1c0e2ced
strongswan-5.9.10-1.el8
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-40e1d58afe
dcmtk-3.6.4-11.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
heimdal-7.7.1-7.el8
pack-0.29.0~rc1-1.el8
rdiff-backup-2.2.4-2.el8
vim-nerdtree-git-plugin-0-9.20210818gite1fe727.el8
zeromq-4.3.4-3.el8
Details about builds:
================================================================================
heimdal-7.7.1-7.el8 (FEDORA-EPEL-2023-8a559f9c70)
A Kerberos 5 implementation without export restrictions
--------------------------------------------------------------------------------
Update Information:
Move libraries to a lib subdirectory and include pkgconfig files in the devel
subpackage (#1525462) (#1565954) (#1931072).
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 8 2023 Alexander Bostr��m <abo(a)root.snowtree.se> - 7.7.1-7
- Add compatibility symlinks for moved libraries.
* Wed Mar 8 2023 Alexander Bostr��m <abo(a)root.snowtree.se> - 7.7.1-6
- Remove conditionals prior to RHEL7
* Wed Mar 8 2023 Alexander Bostr��m <abo(a)root.snowtree.se> - 7.7.1-5
- remove _with_systemd conditional
- remove unused source files
* Wed Mar 8 2023 Alexander Bostr��m <abo(a)root.snowtree.se> - 7.7.1-4
- Move libraries to a lib subdirectory
- Include pkgconfig files (#1525462) (#1565954) (#1931072)
* Mon Nov 21 2022 Alexander Bostr��m <abo(a)root.snowtree.se> - 7.7.1-3
- Restart services on upgrade
* Mon Nov 21 2022 Alexander Bostr��m <abo(a)root.snowtree.se> - 7.7.1-2
- Delay service starts until after network is online (rhbz#2005501)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1525462 - pkgconfig files missing in the devel sub package
https://bugzilla.redhat.com/show_bug.cgi?id=1525462
[ 2 ] Bug #1565954 - pkgconfig files missing in the devel sub package
https://bugzilla.redhat.com/show_bug.cgi?id=1565954
[ 3 ] Bug #1931072 - The pkgconfig support is missing
https://bugzilla.redhat.com/show_bug.cgi?id=1931072
--------------------------------------------------------------------------------
================================================================================
pack-0.29.0~rc1-1.el8 (FEDORA-EPEL-2023-cd5e934713)
Convert code into runnable images
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2022-41717, CVE-2022-24675, CVE-2022-28327 ---- Resolves:
#2161300 - set _fortify_level 3
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 8 2023 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.29.0~rc1-1
- bump to v0.29.0-rc1
* Wed Mar 8 2023 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.28.0-3
- Revert "Resolves: #2161300 - set _fortify_level 3"
* Mon Mar 6 2023 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.28.0-2
- Resolves: #2161300 - set _fortify_level 3
* Mon Mar 6 2023 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.28.0-1
- bump to v0.28.0
* Mon Mar 6 2023 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.28.0~rc2-4
- fix build flags specification
* Mon Mar 6 2023 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.28.0~rc2-3
- migrated to SPDX license
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> -
0.28.0~rc2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Mon Dec 12 2022 RH Container Bot <rhcontainerbot(a)fedoraproject.org> -
0.28.0~rc2-1
- auto bump to v0.28.0-rc2
* Mon Oct 10 2022 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.27.0-7
- update autosetup
* Mon Oct 10 2022 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.27.0-6
- add macros for getting correct version and add comment about Source0
tarball
* Wed Aug 17 2022 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.27.0-5
- use built_tag_strip macro instead of built_tag for rhcontainerbot
autobuilder
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.27.0-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jul 19 2022 Maxwell G <gotmax(a)e.email> - 0.27.0-3
- Rebuild for
CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang
* Sun Jul 10 2022 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 0.27.0-2
- Rebuild for CVE-2022-{24675,28327,29526 in golang}
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2077688 - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode
https://bugzilla.redhat.com/show_bug.cgi?id=2077688
[ 2 ] Bug #2077689 - CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized
scalar
https://bugzilla.redhat.com/show_bug.cgi?id=2077689
[ 3 ] Bug #2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive
memory growth in a Go server accepting HTTP/2 requests
https://bugzilla.redhat.com/show_bug.cgi?id=2161274
--------------------------------------------------------------------------------
================================================================================
rdiff-backup-2.2.4-2.el8 (FEDORA-EPEL-2023-db4f9228df)
Convenient and transparent local/remote incremental mirror/backup
--------------------------------------------------------------------------------
Update Information:
Small Fix Release v2.2.4 - Fedora/EPEL Release
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 8 2023 Frank Crawford <frank(a)crawford.emu.id.au> - 2.2.4-2
- Small Fix Release v2.2.4 - Fedora/EPEL Release
* Tue Feb 28 2023 Frank Crawford <frank(a)crawford.emu.id.au> - 2.2.4-1
- Small Fix Release v2.2.4 - COPR Release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2173670 - rdiff-backup-2.2.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2173670
--------------------------------------------------------------------------------
================================================================================
vim-nerdtree-git-plugin-0-9.20210818gite1fe727.el8 (FEDORA-EPEL-2023-80c6b5c727)
Plugin of NERDTree showing git status
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 8 2023 Artem Polishchuk <ego.cordatus(a)gmail.com> -
0-9.20210818gite1fe727
- chore: Update to latest version
* Sat Jan 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> -
0-8.20191024gitf522a09
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
0-7.20191024gitf522a09
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Sat Jan 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
0-6.20191024gitf522a09
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Fri Jul 23 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
0-5.20191024gitf522a09
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
0-4.20191024gitf522a09
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Jul 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> -
0-3.20191024gitf522a09
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri Jan 31 2020 Fedora Release Engineering <releng(a)fedoraproject.org> -
0-2.20191024gitf522a09
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
zeromq-4.3.4-3.el8 (FEDORA-EPEL-2023-69b98a0072)
Software library for fast, message-based applications
--------------------------------------------------------------------------------
Update Information:
Disable building with libunwind to fix C++ exceptions when a C application loads
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 7 2023 Ben Woodard <woodard(a)redhat.com> - 4.3.4-3
- disable building with libunwind to fix C++ exceptions when a C applicaion loads
a module written in C++ #2175966
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2175966 - zeromq includes libunwind
https://bugzilla.redhat.com/show_bug.cgi?id=2175966
--------------------------------------------------------------------------------