[SECURITY] Fedora EPEL 7 Update: mbedtls-2.7.8-1.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2018-f5e66c71c9
2018-12-26 00:39:12.872515
--------------------------------------------------------------------------------
Name : mbedtls
Product : Fedora EPEL 7
Version : 2.7.8
Release : 1.el7
URL : https://tls.mbed.org/
Summary : Light-weight cryptographic and SSL/TLS library
Description :
Mbed TLS is a light-weight open source cryptographic and SSL/TLS
library written in C. Mbed TLS makes it easy for developers to include
cryptographic and SSL/TLS capabilities in their (embedded)
applications with as little hassle as possible.
FOSS License Exception: https://tls.mbed.org/foss-license-exception
--------------------------------------------------------------------------------
Update Information:
- Update to 2.7.8 - CVE-2018-19608 (#1656785) Release notes:
https://tls.mbed.org/tech-
updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released Security Advisory:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-
advisory-2018-03 ---- - Update to 2.7.7 Release notes:
https://tls.mbed.org/tech-
updates/releases/mbedtls-2.14.0-2.7.7-and-2.1.16-released
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1656785 - CVE-2018-19608 mbedtls: Local timing attack on RSA decryption [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1656785
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update mbedtls' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 4 months
Fedora EPEL 7 Update: rust-1.31.0-8.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2018-c2c1096ab5
2018-12-26 00:39:12.872503
--------------------------------------------------------------------------------
Name : rust
Product : Fedora EPEL 7
Version : 1.31.0
Release : 8.el7
URL : https://www.rust-lang.org
Summary : The Rust Programming Language
Description :
Rust is a systems programming language that runs blazingly fast, prevents
segfaults, and guarantees thread safety.
This package includes the Rust compiler and documentation generator.
--------------------------------------------------------------------------------
Update Information:
New versions of Rust and related tools, marking the start of Rust 2018 edition!
See the release notes for [1.31](https://blog.rust-
lang.org/2018/12/06/Rust-1.31-and-rust-2018.html). The subpackages for
`clippy`, `rls`, and `rustfmt` no longer have the "-preview" suffix, as these
tools were promoted with the 2018 edition.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update rust' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 4 months
Fedora EPEL 7 Update: gnucash-2.6.21-3.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2018-86f0abc677
2018-12-26 00:39:12.872453
--------------------------------------------------------------------------------
Name : gnucash
Product : Fedora EPEL 7
Version : 2.6.21
Release : 3.el7
URL : http://gnucash.org/
Summary : Finance management application
Description :
GnuCash is a personal finance manager. A check-book like register GUI
allows you to enter and track bank accounts, stocks, income and even
currency trades. The interface is designed to be simple and easy to
use, but is backed with double-entry accounting principles to ensure
balanced books.
--------------------------------------------------------------------------------
Update Information:
Fix gnucash to show up in appstream metadata.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1656631 - gnucash appdata missing
https://bugzilla.redhat.com/show_bug.cgi?id=1656631
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update gnucash' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 4 months
[SECURITY] Fedora EPEL 6 Update: mbedtls-2.7.8-1.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2018-48a1d47098
2018-12-26 00:36:47.577539
--------------------------------------------------------------------------------
Name : mbedtls
Product : Fedora EPEL 6
Version : 2.7.8
Release : 1.el6
URL : https://tls.mbed.org/
Summary : Light-weight cryptographic and SSL/TLS library
Description :
Mbed TLS is a light-weight open source cryptographic and SSL/TLS
library written in C. Mbed TLS makes it easy for developers to include
cryptographic and SSL/TLS capabilities in their (embedded)
applications with as little hassle as possible.
FOSS License Exception: https://tls.mbed.org/foss-license-exception
--------------------------------------------------------------------------------
Update Information:
- Update to 2.7.8 - CVE-2018-19608 (#1656785) Release notes:
https://tls.mbed.org/tech-
updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released Security Advisory:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-
advisory-2018-03 ---- - Update to 2.7.7 Release notes:
https://tls.mbed.org/tech-
updates/releases/mbedtls-2.14.0-2.7.7-and-2.1.16-released
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1656785 - CVE-2018-19608 mbedtls: Local timing attack on RSA decryption [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1656785
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update mbedtls' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 4 months
Fedora EPEL 7 Update: zchunk-0.9.17-1.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2018-bd0cf12227
2018-12-25 00:39:58.024528
--------------------------------------------------------------------------------
Name : zchunk
Product : Fedora EPEL 7
Version : 0.9.17
Release : 1.el7
URL : https://github.com/zchunk/zchunk
Summary : Compressed file format that allows easy deltas
Description :
zchunk is a compressed file format that splits the file into independent
chunks. This allows you to only download the differences when downloading a
new version of the file, and also makes zchunk files efficient over rsync.
zchunk files are protected with strong checksums to verify that the file you
downloaded is in fact the file you wanted.
--------------------------------------------------------------------------------
Update Information:
Add zck_gen_zdict binary to generate optimal zdict for a zchunk file and change
default compression level for a 6x speed increase in compression speed in
exchange for a 5% increase in compression size
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update zchunk' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 4 months
Fedora EPEL 7 Update: HepMC-2.06.09-22.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2018-af9ddc850d
2018-12-24 01:15:32.322664
--------------------------------------------------------------------------------
Name : HepMC
Product : Fedora EPEL 7
Version : 2.06.09
Release : 22.el7
URL : http://lcgapp.cern.ch/project/simu/HepMC/
Summary : C++ Event Record for Monte Carlo Generators
Description :
The HepMC package is an object oriented event record written in C++
for High Energy Physics Monte Carlo Generators. Many extensions from
HEPEVT, the Fortran HEP standard, are supported: the number of entries
is unlimited, spin density matrices can be stored with each vertex,
flow patterns (such as color) can be stored and traced, integers
representing random number generator states can be stored, and an
arbitrary number of event weights can be included. Particles and
vertices are kept separate in a graph structure, physically similar to
a physics event. The added information supports the modularization of
event generators. The package has been kept as simple as possible with
minimal internal/external dependencies. Event information is accessed
by means of iterators supplied with the package.
--------------------------------------------------------------------------------
Update Information:
Fix segmentation fault.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update HepMC' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 4 months
Fedora EPEL 7 Update: libisofs1-1.5.0-1.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2018-d2b18aa5f1
2018-12-24 01:15:32.322648
--------------------------------------------------------------------------------
Name : libisofs1
Product : Fedora EPEL 7
Version : 1.5.0
Release : 1.el7
URL : http://libburnia-project.org/
Summary : Library to create ISO 9660 disk images
Description :
Libisofs is a library to create an ISO-9660 filesystem and supports
extensions like RockRidge or Joliet. It is also a full featured
ISO-9660 editor, allowing you to modify an ISO image or multisession
disc, including file addition or removal, change of file names and
attributes etc. It supports the extension AAIP which allows to store
ACLs and xattr in ISO-9660 filesystems as well. As it is linked with
zlib, it supports zisofs compression, too.
--------------------------------------------------------------------------------
Update Information:
libisofs 1.5.0 ============== * New API call iso_image_get_ignore_aclea(),
new iso_image_set_ignore_aclea() and iso_file_source_get_aa_string() flag bit3
to import all xattr namespaces * New API calls iso_image_was_blind_attrs(),
iso_local_set_attrs_errno(). * New flag bit7 with iso_local_set_attrs() to
avoid unnecessary write attempts. * New return value 2 of
IsoFileSource.get_aa_string() and iso_local_get_attrs(). * Now putting user
defined padding after appended partitions. * Bug fix: Add-on sessions with
partition offset claimed too many blocks as size. Regression of version 1.4.8.
* Bug fix: Long Joliet names without dot were mangled with one character too
many. Long Joliet names with leading dot were mangled one char too short. *
Bug fix: Reading beyond array end for HFS+ production caused SIGSEGV with
FreeBSD 11 CLANG -O2. Thanks ASX of GhostBSD. libburn 1.5.0 ============= *
Bug fix: cdrskin threw errno 22 on data file input if libburn is configured with
--enable-track-src-odirect * Bug fix: SIGSEGV could happen if a track ended by
reaching its fixed size while the track source still was willing to deliver
bytes. Thanks to user swordragon. * Bug fix: Device file comparison parameters
were recorded wrong with Linux sg libisoburn 1.5.0 ================ * Bug
fix: Multi-session emulation was not recognized with non-zero partition offset
* New bit10 of isoburn_drive_aquire() to accept all xattr namespaces * New
-xattr mode "any" to process all xattr namespaces of local filesystem * New
-as mkisofs option --xattr-any * New -as mkisofs options -uid and -gid
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1633872 - RPM installs "extract ISO-image" service menu for KDE4 but nothing for KDE 5
https://bugzilla.redhat.com/show_bug.cgi?id=1633872
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update libisofs1' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 4 months
Fedora EPEL 7 Update: libisoburn-1.5.0-1.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2018-d2b18aa5f1
2018-12-24 01:15:32.322648
--------------------------------------------------------------------------------
Name : libisoburn
Product : Fedora EPEL 7
Version : 1.5.0
Release : 1.el7
URL : http://libburnia-project.org/
Summary : Library to enable creation and expansion of ISO-9660 filesystems
Description :
Libisoburn is a front-end for libraries libburn and libisofs which
enables creation and expansion of ISO-9660 filesystems on all CD/
DVD/BD media supported by libburn. This includes media like DVD+RW,
which do not support multi-session management on media level and
even plain disk files or block devices. Price for that is thorough
specialization on data files in ISO-9660 filesystem images. And so
libisoburn is not suitable for audio (CD-DA) or any other CD layout
which does not entirely consist of ISO-9660 sessions.
--------------------------------------------------------------------------------
Update Information:
libisofs 1.5.0 ============== * New API call iso_image_get_ignore_aclea(),
new iso_image_set_ignore_aclea() and iso_file_source_get_aa_string() flag bit3
to import all xattr namespaces * New API calls iso_image_was_blind_attrs(),
iso_local_set_attrs_errno(). * New flag bit7 with iso_local_set_attrs() to
avoid unnecessary write attempts. * New return value 2 of
IsoFileSource.get_aa_string() and iso_local_get_attrs(). * Now putting user
defined padding after appended partitions. * Bug fix: Add-on sessions with
partition offset claimed too many blocks as size. Regression of version 1.4.8.
* Bug fix: Long Joliet names without dot were mangled with one character too
many. Long Joliet names with leading dot were mangled one char too short. *
Bug fix: Reading beyond array end for HFS+ production caused SIGSEGV with
FreeBSD 11 CLANG -O2. Thanks ASX of GhostBSD. libburn 1.5.0 ============= *
Bug fix: cdrskin threw errno 22 on data file input if libburn is configured with
--enable-track-src-odirect * Bug fix: SIGSEGV could happen if a track ended by
reaching its fixed size while the track source still was willing to deliver
bytes. Thanks to user swordragon. * Bug fix: Device file comparison parameters
were recorded wrong with Linux sg libisoburn 1.5.0 ================ * Bug
fix: Multi-session emulation was not recognized with non-zero partition offset
* New bit10 of isoburn_drive_aquire() to accept all xattr namespaces * New
-xattr mode "any" to process all xattr namespaces of local filesystem * New
-as mkisofs option --xattr-any * New -as mkisofs options -uid and -gid
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1633872 - RPM installs "extract ISO-image" service menu for KDE4 but nothing for KDE 5
https://bugzilla.redhat.com/show_bug.cgi?id=1633872
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update libisoburn' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 4 months
Fedora EPEL 7 Update: libburn1-1.5.0-1.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2018-d2b18aa5f1
2018-12-24 01:15:32.322648
--------------------------------------------------------------------------------
Name : libburn1
Product : Fedora EPEL 7
Version : 1.5.0
Release : 1.el7
URL : http://libburnia-project.org/
Summary : Library for reading, mastering and writing optical discs
Description :
Libburn is a library by which preformatted data get onto optical media:
CD, DVD and BD (Blu-Ray). It also offers a facility for reading data
blocks from its drives without using the normal block device I/O, which
has advantages and disadvantages. It seems appropriate, nevertheless,
to do writing and reading via same channel. On several Linux systems,
the block device driver needs reloading of the drive tray in order to
make available freshly written data. The libburn read function does not
need such a reload. The code of libburn is independent of cdrecord.
--------------------------------------------------------------------------------
Update Information:
libisofs 1.5.0 ============== * New API call iso_image_get_ignore_aclea(),
new iso_image_set_ignore_aclea() and iso_file_source_get_aa_string() flag bit3
to import all xattr namespaces * New API calls iso_image_was_blind_attrs(),
iso_local_set_attrs_errno(). * New flag bit7 with iso_local_set_attrs() to
avoid unnecessary write attempts. * New return value 2 of
IsoFileSource.get_aa_string() and iso_local_get_attrs(). * Now putting user
defined padding after appended partitions. * Bug fix: Add-on sessions with
partition offset claimed too many blocks as size. Regression of version 1.4.8.
* Bug fix: Long Joliet names without dot were mangled with one character too
many. Long Joliet names with leading dot were mangled one char too short. *
Bug fix: Reading beyond array end for HFS+ production caused SIGSEGV with
FreeBSD 11 CLANG -O2. Thanks ASX of GhostBSD. libburn 1.5.0 ============= *
Bug fix: cdrskin threw errno 22 on data file input if libburn is configured with
--enable-track-src-odirect * Bug fix: SIGSEGV could happen if a track ended by
reaching its fixed size while the track source still was willing to deliver
bytes. Thanks to user swordragon. * Bug fix: Device file comparison parameters
were recorded wrong with Linux sg libisoburn 1.5.0 ================ * Bug
fix: Multi-session emulation was not recognized with non-zero partition offset
* New bit10 of isoburn_drive_aquire() to accept all xattr namespaces * New
-xattr mode "any" to process all xattr namespaces of local filesystem * New
-as mkisofs option --xattr-any * New -as mkisofs options -uid and -gid
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1633872 - RPM installs "extract ISO-image" service menu for KDE4 but nothing for KDE 5
https://bugzilla.redhat.com/show_bug.cgi?id=1633872
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update libburn1' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 4 months
Fedora EPEL 7 Update: egl-wayland-1.1.1-3.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2018-a9f6238aca
2018-12-24 01:15:32.322521
--------------------------------------------------------------------------------
Name : egl-wayland
Product : Fedora EPEL 7
Version : 1.1.1
Release : 3.el7
URL : https://github.com/NVIDIA/egl-wayland
Summary : Wayland EGL External Platform library
Description :
Wayland EGL External Platform library
--------------------------------------------------------------------------------
Update Information:
- Update to latest release ---- - Bug fix
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1653118 - libnvidia-egl-wayland.so lacks wl_eglstream_interface symbol
https://bugzilla.redhat.com/show_bug.cgi?id=1653118
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update egl-wayland' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 4 months