The following Fedora EPEL 8 Security updates need testing: Age URL 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-0214580ca4 mbedtls-2.16.8-1.el8 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-c5ced83bcc seamonkey-2.53.4-1.el8 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-11f765300e singularity-3.6.3-1.el8 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-17fdec3133 zeromq-4.3.3-1.el8 The following builds have been pushed to Fedora EPEL 8 updates-testing fuzza-0.6.0-3.el8 matio-1.5.18-1.el8 nordugrid-arc-6.7.0-4.el8 proxytunnel-1.10.20200907-1.el8 python-afsapi-0.0.4-1.el8 python-spnego-0.1.1-2.el8 root-6.22.02-2.el8 xrdcl-http-5.0.2-1.el8 xrootd-5.0.2-1.el8 yadifa-2.3.10-1.el8 Details about builds: ================================================================================ fuzza-0.6.0-3.el8 (FEDORA-EPEL-2020-e7c02a4c08) TCP fuzzing tool to test for remote buffer overflows -------------------------------------------------------------------------------- Update Information: Disable dependency generator -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ matio-1.5.18-1.el8 (FEDORA-EPEL-2020-9720b9f379) Library for reading/writing Matlab MAT files -------------------------------------------------------------------------------- Update Information: 1.5.18 https://github.com/tbeu/matio/releases/tag/v1.5.18 -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 17 2020 Gwyn Ciesla <gwync@xxxxxxxxxxxxxx> - 1.5.18-1 - 1.5.18 * Tue Jul 28 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.5.17-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1769546 - CVE-2019-17533 matio: improper null termination in Mat_VarReadNextInfo4 in mat4.c leads to heap-based overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1769546 [ 2 ] Bug #1769548 - CVE-2019-17533 matio: improper null termination in Mat_VarReadNextInfo4 in mat4.c leads to heap-based overflow [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1769548 [ 3 ] Bug #1769550 - CVE-2019-17533 matio: improper null termination in Mat_VarReadNextInfo4 in mat4.c leads to heap-based overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1769550 [ 4 ] Bug #1792008 - CVE-2019-20019 matio: excessive memory allocation in Mat_VarRead5 in mat5.c [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1792008 [ 5 ] Bug #1792009 - CVE-2019-20019 matio: excessive memory allocation in Mat_VarRead5 in mat5.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1792009 [ 6 ] Bug #1792295 - CVE-2019-20020 matio: stack-based buffer overflow in ReadNextStructField in mat5.c [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1792295 [ 7 ] Bug #1792296 - CVE-2019-20020 matio: stack-based buffer overflow in ReadNextStructField in mat5.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1792296 [ 8 ] Bug #1792301 - CVE-2019-20018 matio: stack-based buffer overflow in ReadNextCell in mat5.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1792301 [ 9 ] Bug #1792303 - CVE-2019-20018 matio: stack-based buffer overflow in ReadNextCell in mat5.c [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1792303 [ 10 ] Bug #1792333 - CVE-2019-20017 matio: stack-based buffer overflow in Mat_VarReadNextInfo5 in mat5.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1792333 [ 11 ] Bug #1792336 - CVE-2019-20017 matio: stack-based buffer overflow in Mat_VarReadNextInfo5 in mat5.c [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1792336 [ 12 ] Bug #1794726 - CVE-2019-20052 matio: memory leak in Mat_VarCalloc in mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1794726 [ 13 ] Bug #1794727 - CVE-2019-20052 matio: memory leak in Mat_VarCalloc in mat.c [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1794727 [ 14 ] Bug #1880167 - matio-1.5.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=1880167 -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-6.7.0-4.el8 (FEDORA-EPEL-2020-296f3d7907) Advanced Resource Connector Middleware -------------------------------------------------------------------------------- Update Information: xrootd 5 -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 28 2020 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 6.7.0-4 - xrootd 5 compatibility * Tue Jul 28 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 6.7.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Mon Jul 27 2020 Jeff Law <law@xxxxxxxxxx> - 6.7.0-2 - Always specify C++11 or C++14 rather than using the default (which will be C++17 in the near future and this code is not C++17 ready). -------------------------------------------------------------------------------- ================================================================================ proxytunnel-1.10.20200907-1.el8 (FEDORA-EPEL-2020-7416e3e2e2) Tool to tunnel a connection through an standard HTTP(S) proxy -------------------------------------------------------------------------------- Update Information: Remove patches -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ python-afsapi-0.0.4-1.el8 (FEDORA-EPEL-2020-7f16bcf5fc) Python wrapper for the Frontier Silicon API -------------------------------------------------------------------------------- Update Information: Initial package for Fedora -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ python-spnego-0.1.1-2.el8 (FEDORA-EPEL-2020-d87e7a0b5e) Windows Negotiate Authentication Client and Server -------------------------------------------------------------------------------- Update Information: Add missing BR (rhbz#1876588) -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ root-6.22.02-2.el8 (FEDORA-EPEL-2020-296f3d7907) Numerical data analysis framework -------------------------------------------------------------------------------- Update Information: xrootd 5 -------------------------------------------------------------------------------- ChangeLog: * Sun Aug 30 2020 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 6.22.02-2 - Adapt to xrootd 5 (Fedora 33+, EPEL 7+) - Don't build the old proof client (xproofd) - Don't build the old NetX module -------------------------------------------------------------------------------- ================================================================================ xrdcl-http-5.0.2-1.el8 (FEDORA-EPEL-2020-296f3d7907) HTTP client plug-in for XRootD -------------------------------------------------------------------------------- Update Information: xrootd 5 -------------------------------------------------------------------------------- ChangeLog: * Fri Sep 18 2020 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 5.0.2-1 - Update to version 5.0.2 - Drop patches (accepted upstream or previously backported) * Thu Aug 27 2020 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 5.0.1-1 - Update to version 5.0.1 - Don't use versioned plugin names in configuration - Backport plugin version change from git master * Sat Aug 1 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.12.2-3 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Wed Jul 29 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.12.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ xrootd-5.0.2-1.el8 (FEDORA-EPEL-2020-296f3d7907) Extended ROOT file server -------------------------------------------------------------------------------- Update Information: xrootd 5 -------------------------------------------------------------------------------- ChangeLog: * Fri Sep 18 2020 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 1:5.0.2-1 - Update to version 5.0.2 - Drop patches (accepted upstream or previously backported) - Obsolete xrdhttpvoms in xrootd-voms package * Thu Aug 27 2020 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 1:5.0.1-1 - Update to version 5.0.1 - Remove conditionals for building on EPEL 6 - Drop patches (accepted upstream or previously backported) - Fix 32 bit compilation (format error) - Fix compilation on ARM, PPC and S390X (char is unsigned) -------------------------------------------------------------------------------- ================================================================================ yadifa-2.3.10-1.el8 (FEDORA-EPEL-2020-afb8e51e66) Lightweight authoritative Name Server with DNSSEC capabilities -------------------------------------------------------------------------------- Update Information: 20200915: YADIFA 2.3.10 - Added an autogen.sh script, as we did for YADIFA 2.4.x - Fixes an issue with IPv6 aliases. - Fixes an issue that would happen when building with a gcc version 10 or above. - Fixes an issue with FreeBSD aliases. - Fixes an issue with strncpy on FreeBSD. - Fixes an issue with CNAME queries incorrectly answered with an error code. -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 17 2020 Denis Fateyev <denis@xxxxxxxxxxx> - 2.3.10-1 - Update to 2.3.10 release * Wed Jul 29 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.3.9-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Fri Feb 28 2020 Denis Fateyev <denis@xxxxxxxxxxx> - 2.3.9-4 - Add "legacy_common_support" build option * Fri Jan 31 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.3.9-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1879172 - yadifa-2.3.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=1879172 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
