Fedora EPEL 8 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The following Fedora EPEL 8 Security updates need testing:
 Age  URL
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-ac1fd7a29f   seamonkey-2.53.2-1.el8
  10  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-aa8ce752c3   pure-ftpd-1.0.49-4.el8
   8  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-03d5f14bbe   chromium-81.0.4044.138-1.el8
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-0d41abf072   perl-Mojolicious-8.42-1.el8
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-765ceaa306   clamav-0.102.3-1.el8
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-30aba92944   log4net-2.0.8-10.el8
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-2056b1c4a9   exim-4.93-3.el8


The following builds have been pushed to Fedora EPEL 8 updates-testing

    coturn-4.5.1.2-1.el8
    gjots2-3.1.6-2.el8
    librsync-2.3.0-1.el8
    ngircd-25-7.el8
    rkhunter-1.4.6-6.el8

Details about builds:


================================================================================
 coturn-4.5.1.2-1.el8 (FEDORA-EPEL-2020-408b73ee0b)
 TURN/STUN & ICE Server
--------------------------------------------------------------------------------
Update Information:

Coturn 4.5.1.2 ==============    - merge regression fix:     * Do not display
empty CLI passwd alert if CLI is not enabled   - merge PR #359:     * Remove
`turn_free_simple()`     * Remove `turn_malloc()`     * Remove `turn_realloc()`
* Remove `turn_free()`     * Remove `turn_calloc()`     * Remove `turn_strdup()`
* Remove `SSL_NEW()` and `SSL_FREE()`     * Remove pointer debugging machinery
* Remove `ns_bzero()`, `ns_bcopy()`, and `ns_bcmp()`     * Remove
`[su]{08,16,32,64}bits` type defines   - merge PR #327     * Strip white-spaces
from config file lines end   - merge PR #386     * fix the webadmin ip
permission add/delete sql injection   - merge PR #390     * fix mongo driver
crash when invalid connection string is used   - merge PR #392 enhanced fread
return length check   - merge PR #367 disconnect database gracefully   - merge
PR #382     * Using `SSL_get_version` method for BoringSSL compatibility     *
Now we put in `turn_session_info->tls_method` the real TLS version. Earlier we
put UNKNOWN in this field if it was a TLS protocol that was not defined
supportel TLS protocol during compile time.   - merge PR #276 Add systemd
service example   - merge PR #284 Add bandwidth usage reporting packet/bandwidth
usage by peers   - merge PR #381 Modifying configure to enable compile with
private libraries   - merge PR #455 Typo corrected   - merge PR #417 Append only
to log files rather to override them   - merge PR #442 Updated incorrect string
length check for 'ssh'   - merge PR #449 Fix Dockerfile for latest Debian   -
http server NULL dereference     * Reported (by quarkslab.com, cisco/talos)
* CVE-2020-6061 / TALOS-2020-0984   - http server out of bound read     *
Reported (by quarkslab.com, cisco/talos)     * CVE-2020-6061 / TALOS-2020-0984
- merge PR #472 STUN input validation   - merge PR #398 FIPS   - merge PR #478
prod   - merge PR #463 fix typos and grammar   - update travis config ubuntu/mac
images   - merge PR #466 added null check for second char   - merge PR #470
compiler warning fixes   - merge PR #475 Update `README.docker`   - merge PR
#471 Fix a memory leak when an SHATYPE isn't supported   - merge PR #488 Fix
typos about `INSTALL` filenames   - fix compiler warning comparison between
signed and unsigned integer expressions   - fix compiler warning string
truncation   - change Diffie Hellman default key length from 1066 to 2066   -
merge PR #522 drop of supplementary group IDs   - merge PR #514 Unify spelling
of Coturn   - merge PR#506 Rename "prod" config option to "no-software-
attribute"   - merge PR #519 fix config extension in `README.docker`   - merge
PR #516 change sql data dir in `docker-compose-all.yml`   - merge PR #513 remove
trailing spaces from `README`s   - merge PR #525 add flags to disable periodic
use of dynamic tables
--------------------------------------------------------------------------------
ChangeLog:

* Sat May 16 2020 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> - 4.5.1.2-1
- Update to 4.5.1.2
--------------------------------------------------------------------------------


================================================================================
 gjots2-3.1.6-2.el8 (FEDORA-EPEL-2020-3bfe11ae0b)
 A hierarchical note jotter - organize your ideas, notes, facts in a tree
--------------------------------------------------------------------------------
Update Information:

unretire package
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1823599 - Review Request: gjots2 - A heirarchical note jotter. Organise your ideas, notes, facts in a tree
        https://bugzilla.redhat.com/show_bug.cgi?id=1823599
--------------------------------------------------------------------------------


================================================================================
 librsync-2.3.0-1.el8 (FEDORA-EPEL-2020-7cc4ed96df)
 Rsync remote-delta algorithm library
--------------------------------------------------------------------------------
Update Information:

librsync 2.3.0 ==============   * Bump minor version from 2.2.1 to 2.3.0 to
reflect additional `rs_sig_args()` and `strong_len=-1` support.   * Add public
`rs_sig_args()` function for getting the recommend signature args from the file
size. Added support to rdiff for `--sum-size=-1` to indicate "use minimum size
safe against random block collisions". Added warning output for sum-sizes that
are too small to be safe. Fixed possible rdiff bug affecting popt parsing on
non-little-endian platforms.   * Fixed yet more compiler warnings for various
platforms/compilers.   * Improved cmake popt handling to find popt dependencies
using PkgConfig.   * Tidied internal code and improved tests for `netint.[ch]`,
`tube.c`, and `hashtable.h`.   * Improved C99 compatibility. Add `-std=c99
-pedantic` to `CMAKE_C_FLAGS` for gcc and clang. Fix all C99 warnings by making
all code C99 compliant. Tidy all CMake checks, #cmakedefines, and #includes. Fix
64bit support for mdfour checksums.   * Usage clarified in rdiff (1) man page.
librsync 2.2.1 ==============   * Fix #176 hangs calculating deltas for files
larger than 4GB.    librsync 2.2.0 ==============   * Bump minor version from
2.1.0 to 2.2.0 to reflect additional RabinKarp rollsum support.   * Fix MSVC
builds by adding missing `LIBRSYNC_EXPORT` to variables in `librsync.h`, add
`-DLIBRSYNC_STATIC_DEFINE` to the sumset_test target, and correctly install
`.dll` files in the bin directory.   * Add RabinKarp rollsum support and make it
the default. RabinKarp is a much better rolling hash, which reduces the risk of
hash collision corruption and speeds up delta calculations. The rdiff cmd gets a
new `-R (rollsum|rabinkarp)` argument with the default being `rabinkarp`, Use
`-R rollsum` to generate backwards-compatible signatures.   * Use single-byte
literal commands for small inserts in deltas. This makes each small insert use 1
less byte in deltas.   * Fix multiple warnings (cross-)compiling for windows.
* Change `rs_file_size()` to report -1 instead of 0 for unknown file sizes (not
a regular file).    * Add cmake `BUILD_SHARED_LIBS` option for static library
support. `BUILD_SHARED_LIBS` defaults to `ON`, and can be set to `OFF` using
`ccmake .` to build librsync as a static library.   * Fix compile errors and add
`.gitignore` entries for MSVS 2019. Fixes `hashtable.h` to be C99 compliant.
librsync 2.1.0 ==============   * Bump minor version from 2.0.3 to 2.1.0 to
reflect additions to `librsync.h`.   * Fix exporting of private symbols from
librsync library. Add export of useful large file functions `rs_file_open()`,
`rs_file_close()`, and `rs_file_size()` to `librsync.h`. Add export of
`rs_signature_log_stats()` to log signature hashtable hit/miss stats. Improve
rdiff error output.   * Updated release process to include stable tarballs.   *
Remove redundant and broken `--paranoia` argument from rdiff.   * Fix memory
leak of `rs_signature_t->block_sigs` when freeing signatures.   * Document delta
file format.   * Fix up doxygen comments.
--------------------------------------------------------------------------------
ChangeLog:

* Sat May 16 2020 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 2.3.0-1
- Upgrade to 2.3.0
* Wed Jan 29 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.0.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 ngircd-25-7.el8 (FEDORA-EPEL-2020-cbf782932d)
 Next Generation IRC Daemon
--------------------------------------------------------------------------------
Update Information:

Initial rhel8 package
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1830182 - [RFE] ngircd: epel8 build request.
        https://bugzilla.redhat.com/show_bug.cgi?id=1830182
--------------------------------------------------------------------------------


================================================================================
 rkhunter-1.4.6-6.el8 (FEDORA-EPEL-2020-6b481c35fd)
 A host-based tool to scan for rootkits, backdoors and local exploits
--------------------------------------------------------------------------------
Update Information:

Exclude podman /dev/shm files from checks.
--------------------------------------------------------------------------------
ChangeLog:

* Sat May 16 2020 Kevin Fenzi <kevin@xxxxxxxxx> - 1.4.6-6
- Add allow for podman's /dev/shm files (fixes bug #1828698 )
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1828698 - Suspicious file types found in /dev: /dev/shm/libpod_lock
        https://bugzilla.redhat.com/show_bug.cgi?id=1828698
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux