The following Fedora EPEL 8 Security updates need testing: Age URL 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-e44d8312da rclone-1.53.3-1.el8 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-37ef75d1ce chromium-87.0.4280.88-1.el8 The following builds have been pushed to Fedora EPEL 8 updates-testing dislocker-0.7.3-1.el8 fldigi-4.1.17-1.el8 lyx-2.3.6-2.el8 pngcheck-2.4.0-4.el8 python-prometheus_client-0.9.0-1.el8 python-redis-3.5.3-1.el8 python-rq-1.7.0-1.el8 Details about builds: ================================================================================ dislocker-0.7.3-1.el8 (FEDORA-EPEL-2020-d4a923e4c4) Utility to access BitLocker encrypted volumes -------------------------------------------------------------------------------- Update Information: dislocker 0.7.3 =============== This version is only used to update dislocker's brew file and the BitBake recipe for OSX's and BitBake's users to be able to download v0.7.2. If you're not an OSX nor a BitBake user, you can use either v0.7.2 or v0.7.3, this won't make any difference. dislocker 0.7.2 =============== Bugfixes -------- * Fix compilation on OSX when ruby dependency is installed Feature improvement ------------------- * Reported NTFS volume size is more accurate * Add ability to decrypt from a VMK file * Add ability to read the user password from the environment variable `DISLOCKER_PASSWORD` * Add ability to read the user password from pipes * Decryption/encryption speed has been improved by disabling faulty threading -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 13 2020 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 0.7.3-1 - Spec file cleanup - Upgrade to 0.7.3 (#1876804, thanks to Eshin Kunishima) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1876804 - Segmentation fault https://bugzilla.redhat.com/show_bug.cgi?id=1876804 -------------------------------------------------------------------------------- ================================================================================ fldigi-4.1.17-1.el8 (FEDORA-EPEL-2020-9d458c55ea) Digital modem program for Linux -------------------------------------------------------------------------------- Update Information: This is a paired release. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 3 2020 Richard Shaw <hobbes1069@xxxxxxxxx> - 4.1.17-1 - Update to 4.1.17. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1897714 - fldigi-4.1.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=1897714 [ 2 ] Bug #1903899 - flrig-1.3.53 is available https://bugzilla.redhat.com/show_bug.cgi?id=1903899 -------------------------------------------------------------------------------- ================================================================================ lyx-2.3.6-2.el8 (FEDORA-EPEL-2020-25a8bc9338) WYSIWYM (What You See Is What You Mean) document processor -------------------------------------------------------------------------------- Update Information: First release of LyX on EPEL-8. This is the latest stable release. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1753685 - build of lyx for EPEL 8 https://bugzilla.redhat.com/show_bug.cgi?id=1753685 -------------------------------------------------------------------------------- ================================================================================ pngcheck-2.4.0-4.el8 (FEDORA-EPEL-2020-9760814baa) Verifies the integrity of PNG, JNG and MNG files -------------------------------------------------------------------------------- Update Information: Security fix for multiple buffer overflows from crafted file input (RHBZ#1902786,1902806,1902810: no CVE yet assigned), and for buffer overrun printing the contents of the sPLT chunk in certain malformed inputs (RHBZ#1905775: no tracking bug or CVE yet assigned) ---- Fix null pointer dereference in pngcheck when -f is given and the sCAL chunk -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 13 2020 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 2.4.0-4 - Bounds-check all accesses into enumerated-value name arrays; a malformed file could have caused a buffer overrun in several of these cases. (RHBZ#1902810) - Fix buffer overrun when print_buffer() is passed a nonpositive size, which can occur in practice for certain malformed inputs. (RHBZ#1902810) - In some cases, the chunk length from the file data (sz) is used to index into the read buffer without sufficient bounds-checking, leading to a buffer overrun. Fix this for PPLT, hIST, sCAL, FRAM, SAVE, nEED, PAST, DISC, DROP, DBYK, ORDR, and SEEK chunks. (RHBZ#1902810) - Fix buffer overrun printing the contents of the sPLT chunk in certain malformed inputs. (RHBZ#1905775) - Backport fix for off-by-one bug in check_magic() from 3.0.0 - Backport fix for zlib version warnings going to stdout from 3.0.0 * Mon Nov 30 2020 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 2.4.0-3 - Fix null pointer dereference in pngcheck when -f is given and the sCAL chunk is missing the pixel height. - Use name macro when referencing patches. - Add BR on make in anticipation of https://fedoraproject.org/wiki/Changes/Remove_make_from_BuildRoot. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1902806 - pngcheck: Multiple buffer overflows from crafted file input https://bugzilla.redhat.com/show_bug.cgi?id=1902806 -------------------------------------------------------------------------------- ================================================================================ python-prometheus_client-0.9.0-1.el8 (FEDORA-EPEL-2020-c733213733) Python client for Prometheus -------------------------------------------------------------------------------- Update Information: Update to 0.9.0 -------------------------------------------------------------------------------- ChangeLog: * Sat Dec 12 2020 Igor Raits <ignatenkobrain@xxxxxxxxxxxxxxxxx> - 0.9.0-1 - Update to 0.9.0 -------------------------------------------------------------------------------- ================================================================================ python-redis-3.5.3-1.el8 (FEDORA-EPEL-2020-b2ad71fc30) Python interface to the Redis key-value store -------------------------------------------------------------------------------- Update Information: Update python-redis to the latest version -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 15 2020 Joel Capitao <jcapitao@xxxxxxxxxx> - 3.5.3-1 - Update to 3.5.3 -------------------------------------------------------------------------------- ================================================================================ python-rq-1.7.0-1.el8 (FEDORA-EPEL-2020-b2ad71fc30) Simple, lightweight, library for creating background jobs, and processing them -------------------------------------------------------------------------------- Update Information: Update python-redis to the latest version -------------------------------------------------------------------------------- ChangeLog: * Sat Dec 12 2020 Igor Raits <ignatenkobrain@xxxxxxxxxxxxxxxxx> - 1.7.0-1 - Update to 1.7.0 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
