The following Fedora EPEL 8 Security updates need testing: Age URL 9 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-87e6bb3010 chromium-88.0.4324.150-1.el8 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-610589457a prosody-0.11.8-1.el8 The following builds have been pushed to Fedora EPEL 8 updates-testing cscppc-1.8.2-1.el8 csdiff-2.1.0-1.el8 csmock-2.7.1-1.el8 cswrap-1.9.1-1.el8 gnome-shell-extension-windowoverlay-icons-39-1.el8 libmysofa-1.2-4.el8 snapd-2.49-2.el8 zork-1.0.2-6.el8 Details about builds: ================================================================================ cscppc-1.8.2-1.el8 (FEDORA-EPEL-2021-8012d9be02) A compiler wrapper that runs cppcheck in background -------------------------------------------------------------------------------- Update Information: - update to latest upstream release -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 17 2021 Kamil Dudka <kdudka@xxxxxxxxxx> 1.8.2-1 - update to latest upstream release * Tue Jan 26 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.8.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ csdiff-2.1.0-1.el8 (FEDORA-EPEL-2021-8012d9be02) Non-interactive tools for processing code scan results in plain-text -------------------------------------------------------------------------------- Update Information: - update to latest upstream release -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 17 2021 Kamil Dudka <kdudka@xxxxxxxxxx> 2.1.0-1 - update to latest upstream release -------------------------------------------------------------------------------- ================================================================================ csmock-2.7.1-1.el8 (FEDORA-EPEL-2021-8012d9be02) A mock wrapper for Static Analysis tools -------------------------------------------------------------------------------- Update Information: - update to latest upstream release -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 17 2021 Kamil Dudka <kdudka@xxxxxxxxxx> 2.7.1-1 - update to latest upstream release -------------------------------------------------------------------------------- ================================================================================ cswrap-1.9.1-1.el8 (FEDORA-EPEL-2021-8012d9be02) Generic compiler wrapper -------------------------------------------------------------------------------- Update Information: - update to latest upstream release -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 17 2021 Kamil Dudka <kdudka@xxxxxxxxxx> 1.9.1-1 - update to latest upstream * Tue Jan 26 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.9.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ gnome-shell-extension-windowoverlay-icons-39-1.el8 (FEDORA-EPEL-2021-c9ea37f8fd) Show app icons on top of the windows thumbnails in Activities Overview -------------------------------------------------------------------------------- Update Information: Bump to upstream version 39, which is based on version 35, the last WindowOverlay Icons release for GNOME 3.32 to 3.36. -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 16 2021 Audrey Toskin <audrey@xxxxxxx> - 39-1 - Bump to upstream version 39, which just fixes some metadata bugs. * Mon Aug 3 2020 Audrey Toskin <audrey@xxxxxxx> - 35-1 - Bump to upstream version 35. * Mon Jul 27 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 34-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ libmysofa-1.2-4.el8 (FEDORA-EPEL-2021-bfa4482ae0) C functions for reading HRTFs -------------------------------------------------------------------------------- Update Information: Fixes various security issues by upgrading to the current 1.2 version. -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 8 2021 Nicolas Chauvet <kwizart@xxxxxxxxx> - 1.2-4 - Update to 1.2 * Tue Jan 26 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Sat Aug 1 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.1-3 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Tue Jul 28 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1928824 - CVE-2020-36152 libmysofa: Buffer overflow in readDataVar in hdf/dataobject.c [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1928824 [ 2 ] Bug #1928825 - CVE-2020-36152 libmysofa: Buffer overflow in readDataVar in hdf/dataobject.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1928825 [ 3 ] Bug #1928826 - CVE-2020-36151 libmysofa: Incorrect handling of input data in mysofa_resampler_reset_mem function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1928826 [ 4 ] Bug #1928827 - CVE-2020-36151 libmysofa: Incorrect handling of input data in mysofa_resampler_reset_mem function [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1928827 [ 5 ] Bug #1928829 - CVE-2020-36150 libmysofa: Incorrect handling of input data in loudness function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1928829 [ 6 ] Bug #1928830 - CVE-2020-36150 libmysofa: Incorrect handling of input data in loudness function [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1928830 [ 7 ] Bug #1928833 - CVE-2020-36148 libmysofa: Incorrect handling of input data in verifyAttribute function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1928833 [ 8 ] Bug #1928834 - CVE-2020-36148 libmysofa: Incorrect handling of input data in verifyAttribute function [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1928834 [ 9 ] Bug #1928835 - CVE-2020-36149 libmysofa: Incorrect handling of input data in changeAttribute function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1928835 [ 10 ] Bug #1928836 - CVE-2020-36149 libmysofa: Incorrect handling of input data in changeAttribute function [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1928836 -------------------------------------------------------------------------------- ================================================================================ snapd-2.49-2.el8 (FEDORA-EPEL-2021-cb381d0403) A transactional software package manager -------------------------------------------------------------------------------- Update Information: Fix SELinux policy to allow dbus-daemon watch access on /var/lib/snapd/dbus-1 [LP#1915642](https://bugs.launchpad.net/snappy/+bug/1915642) -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 16 2021 Maciek Borzecki <maciek.borzecki@xxxxxxxxx> - 2.49-2 - Fix SELinux policy to allow dbus-daemon watch access on /var/lib/snapd/dbus-1 (LP#1915642) -------------------------------------------------------------------------------- ================================================================================ zork-1.0.2-6.el8 (FEDORA-EPEL-2021-1a69da230b) Public Domain original DUNGEON game (Zork I) -------------------------------------------------------------------------------- Update Information: Remove compiler optimization flag to workaround segfault while upstream change is assessed -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 17 2021 Justin W. Flory <jflory7@xxxxxxxxxxxxxxxxx> - 1.0.2-6 - Remove compiler optimization flag to workaround segfault while upstream change is assessed * Thu Jan 28 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.0.2-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Wed Jul 29 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.0.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1833823 - Zork crashes (after some commands) https://bugzilla.redhat.com/show_bug.cgi?id=1833823 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
