The following Fedora EPEL 8 Security updates need testing:
Age URL
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-1e00c3d01e
cutter-re-2.2.0-1.el8 rizin-0.5.1-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
HepMC3-3.2.5-7.el8
js-jsroot-7.3.0-1.el8
lhapdf-6.5.4-1.el8
libprometheus-cpp-1.1.0-1.el8
pythia8-8.3.09-1.el8
python-cairosvg-2.7.0-1.el8
root-6.28.00-1.el8
scitokens-cpp-1.0.0-1.el8
Details about builds:
================================================================================
HepMC3-3.2.5-7.el8 (FEDORA-EPEL-2023-1d85e23a95)
C++ Event Record for Monte Carlo Generators
--------------------------------------------------------------------------------
Update Information:
lhapdf 6.5.4 pythia8 8.3.0 jsroot 7.3.0 root 6.28.00 HepMC3 rebuilt for root
update
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 21 2023 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 3.2.5-7
- Rebuild for root 6.28
- Fix Python 3.12 build
* Wed Jan 18 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.2.5-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Wed Jul 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.2.5-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Mon Jun 13 2022 Python Maint <python-maint(a)redhat.com> - 3.2.5-4
- Rebuilt for Python 3.11
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2166961 - root-6.28.00 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2166961
--------------------------------------------------------------------------------
================================================================================
js-jsroot-7.3.0-1.el8 (FEDORA-EPEL-2023-1d85e23a95)
JavaScript ROOT - Interactive numerical data analysis graphics
--------------------------------------------------------------------------------
Update Information:
lhapdf 6.5.4 pythia8 8.3.0 jsroot 7.3.0 root 6.28.00 HepMC3 rebuilt for root
update
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 15 2023 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 7.3.0-1
- Update to version 7.3.0
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 6.3.4-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 6.3.4-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Mon Jul 18 2022 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 6.3.4-3
- Change CSS minifier from yuicompressor to rcssmin on Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2166961 - root-6.28.00 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2166961
--------------------------------------------------------------------------------
================================================================================
lhapdf-6.5.4-1.el8 (FEDORA-EPEL-2023-1d85e23a95)
Les Houches Accord PDF Interface
--------------------------------------------------------------------------------
Update Information:
lhapdf 6.5.4 pythia8 8.3.0 jsroot 7.3.0 root 6.28.00 HepMC3 rebuilt for root
update
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 13 2023 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 6.5.4-1
- Update to version 6.5.4
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 6.4.0-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 6.4.0-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Mon Jun 13 2022 Python Maint <python-maint(a)redhat.com> - 6.4.0-3
- Rebuilt for Python 3.11
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 6.4.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2166961 - root-6.28.00 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2166961
--------------------------------------------------------------------------------
================================================================================
libprometheus-cpp-1.1.0-1.el8 (FEDORA-EPEL-2023-0551eb299f)
Prometheus Client Library for Modern C++
--------------------------------------------------------------------------------
Update Information:
initial build for el8
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 6 2023 Kaleb S. KEITHLEY <kkeithle at redhat.com> - 1.1.0-1
- prometheus-cpp 1.1.0 GA
--------------------------------------------------------------------------------
================================================================================
pythia8-8.3.09-1.el8 (FEDORA-EPEL-2023-1d85e23a95)
Pythia Event Generator for High Energy Physics
--------------------------------------------------------------------------------
Update Information:
lhapdf 6.5.4 pythia8 8.3.0 jsroot 7.3.0 root 6.28.00 HepMC3 rebuilt for root
update
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 14 2023 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 8.3.09-1
- Update to version 8.3.09
* Fri Jan 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 8.3.06-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 8.3.06-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Mon Jun 13 2022 Python Maint <python-maint(a)redhat.com> - 8.3.06-5
- Rebuilt for Python 3.11
- Update pybind headers for python 3.11
* Fri Jan 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 8.3.06-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2166961 - root-6.28.00 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2166961
--------------------------------------------------------------------------------
================================================================================
python-cairosvg-2.7.0-1.el8 (FEDORA-EPEL-2023-921342768a)
A Simple SVG Converter for Cairo
--------------------------------------------------------------------------------
Update Information:
``` - Update python-cairosvg version 2.7.0 - Disable isort flake8 patch updated
- Fix CVE-2023-27586 - BZ#2180272 BZ#2180271 ```
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 21 2023 Onuralp SEZER <thunderbirdtr(a)fedoraproject.org> - 2.7.0-1
- Update python-cairosvg version 2.7.0
- Disable isort flake8 patch updated
- Fix CVE-2023-27586 - BZ#2180272 BZ#2180271
* Fri Jan 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.5.2-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.5.2-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Fri Jun 17 2022 Python Maint <python-maint(a)redhat.com> - 2.5.2-5
- Rebuilt for Python 3.11
* Fri Jan 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.5.2-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2160532 - python-cairosvg-2.7.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2160532
[ 2 ] Bug #2180271 - CVE-2023-27586 python-cairosvg: SSRF & DOS vulnerability
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2180271
--------------------------------------------------------------------------------
================================================================================
root-6.28.00-1.el8 (FEDORA-EPEL-2023-1d85e23a95)
Numerical data analysis framework
--------------------------------------------------------------------------------
Update Information:
lhapdf 6.5.4 pythia8 8.3.0 jsroot 7.3.0 root 6.28.00 HepMC3 rebuilt for root
update
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 18 2023 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 6.28.00-1
- Update to 6.28.00
- ROOT now uses llvm/clang version 13 (updated from version 9)
- Clean up specfile by removing EPEL 7 conditionals
- Drop dataframe, roofit and tmva-sofieparser on EPEL 8 ppc64le due to
"pure virtual method called" errors
- Split the root-geom sub-package into three separate sub-packages:
root-geom, root-geom-builder and root-geom-painter
- Enable uring support in EPEL 9 (liburing now available)
- New sub-packages: root-geom-webviewer, root-roofit-jsoninterface,
root-testsupport, root-tree-ntuple-utils, root-tree-webviewer, root-xroofit
- Dropped patches: 31
- New patches: 17
- Updated patches: 4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2166961 - root-6.28.00 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2166961
--------------------------------------------------------------------------------
================================================================================
scitokens-cpp-1.0.0-1.el8 (FEDORA-EPEL-2023-50b68bfdf5)
C++ Implementation of the SciTokens Library
--------------------------------------------------------------------------------
Update Information:
- Add async API for parsing and verifying tokens - Add configuration API - Make
nbf claim optional for non-scitokens tokens - Update to OpenSSL 3.0
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 21 2023 Derek Weitzel <dweitzel(a)unl.edu> - 1.0.0-1
- Add async API for parsing and verifying tokens
- Add configuration API
- Make nbf claim optional for non-scitokens tokens
- Update to OpenSSL 3.0
* Sat Jan 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.7.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------