The following Fedora EPEL 8 Security updates need testing: Age URL 29 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-02f03affd4 ansible-2.9.6-1.el8 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-2cb1029c5a okular-18.12.2-2.el8 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-913d6d1779 coturn-4.5.1.1-3.el8 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-98e8249e5c chromium-80.0.3987.162-1.el8 The following builds have been pushed to Fedora EPEL 8 updates-testing nrpe-4.0.2-2.el8 root-6.20.04-1.el8 rpki-client-0.3.0-2.el8 systemd-extras-245.4-1.el8 Details about builds: ================================================================================ nrpe-4.0.2-2.el8 (FEDORA-EPEL-2020-83cd17b92f) Host/service/network monitoring agent for Nagios -------------------------------------------------------------------------------- Update Information: New upstream version -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 5 2020 Martin Jackson <mhjacks@xxxxxxxxxx> - 4.0.2-2 - New upstream version - Update patch for indlude_dir - Fix BZ#1816816 - CVE-2020-6582 nrpe: heap-based buffer overflow due to a wrong integer type conversion - Fix BZ#1816805 - CVE-2020-6581 nrpe: insufficient filtering and incorrect parsing of the configuration file may lead to command injection * Wed Jan 29 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.2.1-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1816805 - CVE-2020-6581 nrpe: insufficient filtering and incorrect parsing of the configuration file may lead to command injection [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1816805 [ 2 ] Bug #1816816 - CVE-2020-6582 nrpe: heap-based buffer overflow due to a wrong integer type conversion [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1816816 -------------------------------------------------------------------------------- ================================================================================ root-6.20.04-1.el8 (FEDORA-EPEL-2020-66b2a77f2b) Numerical data analysis framework -------------------------------------------------------------------------------- Update Information: ROOT 6.20.04 -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 1 2020 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 6.20.04-1 - Update to 6.20.04 - Drop previously backported patch root-tutorials-unique-filenames.patch - Improved patch for the PyROOT issue on EPEL 7 ppc64le * Sun Mar 22 2020 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 6.20.02-1 - Update to 6.20.02 - Drop patches accepted upstream - root-dont-download-input-file-if-it-already-exists.patch - root-fix-plugin-definition.patch - root-man-install.patch - root-pretty-printers.patch - root-python3.patch - root-stress-aarch64-ppc64le.patch - Drop patches no longer relevant due to changes to the code - root-missing-include-string.patch - root-static-constexpr.patch - Add workaround for PyROOT issues on ppc64le in EPEL 7 - root-epel7-ppc64le-pyroot.patch (patch conditionally applied) - Fix path to moved data file in tutorial - root-moved-file.patch - Split the root-roofit subpackage into four different packages - root-roofit, root-roofit-core, root-roofit-more and root-roostats - The root-roofit-more library splits out the part of roofit that depends on the root-mathmore package - New subpackage: root-histv7 * Sat Mar 14 2020 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 6.18.04-6 - Build for 32 bit ARM again - gcc-10.0.1-0.9 fixes the problem * Sat Feb 22 2020 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 6.18.04-5 - Fixes and workarounds for gcc 10 - ExcludeArch for 32 bit ARM because rootcling_stage1 segfaults (bug #1811604) * Thu Jan 30 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 6.18.04-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ rpki-client-0.3.0-2.el8 (FEDORA-EPEL-2020-966061ddef) RPKI client implementation -------------------------------------------------------------------------------- Update Information: * New output format for BIRD 2.x * Bug fixes for output format for BIRD 1.x * Mitigation regarding missing `*.roa` files * Further bug fixes and minor enhancements -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 5 2020 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 0.3.0-2 - Apply fixes from upstream (rebase to commit 87683e9) -------------------------------------------------------------------------------- ================================================================================ systemd-extras-245.4-1.el8 (FEDORA-EPEL-2020-91ff58047c) System and Service Manager (optional components) -------------------------------------------------------------------------------- Update Information: Upgrade to 245.4 (and synchronize with systemd-245.4-1.fc33) -------------------------------------------------------------------------------- ChangeLog: * Sat Apr 4 2020 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 245.4-1 - Upgrade to 245.4 (and synchronize with systemd-245.4-1.fc33) * Fri Mar 27 2020 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 245.3-1 - Upgrade to 245.3 (and synchronize with systemd-245.3-1.fc33) * Sun Mar 8 2020 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 245-1 - Upgrade to 245 (and synchronize with systemd-245-1.fc33) -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
