The following Fedora EPEL 8 Security updates need testing: Age URL 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-ea252e0b24 tor-0.4.5.7-1.el8 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-eb1a7d918d atasm-1.09-1.el8 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-9222415f70 exim-4.94-2.el8 The following builds have been pushed to Fedora EPEL 8 updates-testing assimp-5.0.1-3.el8 bitstream-1.5-4.el8 chromium-89.0.4389.90-3.el8 dvblast-3.4-6.el8 kiwi-9.23.22-1.el8 Details about builds: ================================================================================ assimp-5.0.1-3.el8 (FEDORA-EPEL-2021-fd1b923c69) Library to import various 3D model formats into applications -------------------------------------------------------------------------------- Update Information: Fix library install dir specification (rhbz#1943862). This should correct errors with CMake packages building against assimp on 64-bit architectures. ---- Add an upstream patch to fix imported library locations, resolving issues when finding assimp in CMake projects. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 29 2021 Rich Mattes <richmattes@xxxxxxxxx> - 5.0.1-3 - Fix library install dir specification (rhbz#1943862) - Remove un-needed build dependency on ILUT * Tue Mar 23 2021 Scott K Logan <logans@xxxxxxxxxxx> - 5.0.1-2 - Add an upstream patch to fix imported library locations -------------------------------------------------------------------------------- References: [ 1 ] Bug #1943862 - Invalid ASSIMP_LIBRARY_DIRS reported from CMake https://bugzilla.redhat.com/show_bug.cgi?id=1943862 -------------------------------------------------------------------------------- ================================================================================ bitstream-1.5-4.el8 (FEDORA-EPEL-2021-3d5e67ff72) Simpler access to binary structures such as specified by MPEG, DVB, IETF -------------------------------------------------------------------------------- Update Information: Introduce dvblast. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ chromium-89.0.4389.90-3.el8 (FEDORA-EPEL-2021-b26bce013a) A WebKit (Blink) powered web browser that Google doesn't want you to use -------------------------------------------------------------------------------- Update Information: Fix issue where chromium would crash upon accessing components/cast_*. Thanks to Gentoo for the patch. It also fixes some security issues, because why not: CVE-2021-21191 CVE-2021-21192 CVE-2021-21193 -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 25 2021 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 89.0.4389.90-3 - apply upstream fix for newer system libva * Wed Mar 24 2021 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 89.0.4389.90-2 - fix crashes with components/cast_* * Thu Mar 18 2021 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 89.0.4389.90-1 - update to 89.0.4389.90 - disable auto-download of widevine binary only blob * Mon Mar 15 2021 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 89.0.4389.82-2 - add support for futex_time64 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1939460 - CVE-2021-21191 chromium-browser: Use after free in WebRTC https://bugzilla.redhat.com/show_bug.cgi?id=1939460 [ 2 ] Bug #1939461 - CVE-2021-21192 chromium-browser: Heap buffer overflow in tab groups https://bugzilla.redhat.com/show_bug.cgi?id=1939461 [ 3 ] Bug #1939462 - CVE-2021-21193 chromium-browser: Use after free in Blink https://bugzilla.redhat.com/show_bug.cgi?id=1939462 -------------------------------------------------------------------------------- ================================================================================ dvblast-3.4-6.el8 (FEDORA-EPEL-2021-3d5e67ff72) Simple and powerful streaming application -------------------------------------------------------------------------------- Update Information: Introduce dvblast. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ kiwi-9.23.22-1.el8 (FEDORA-EPEL-2021-fa909bb47f) Flexible operating system image builder -------------------------------------------------------------------------------- Update Information: Update to 9.23.22 to fix `yum` redirecting to `dnf` properly in image descriptions. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 29 2021 Neal Gompa <ngompa13@xxxxxxxxx> - 9.23.22-1 - Update to 9.23.22 (RH#1941503) * Wed Mar 17 2021 Neal Gompa <ngompa13@xxxxxxxxx> - 9.23.20-3 - Update kiwi-schema provides to match the current schema version - Sync systemdeps dependencies from upstream -------------------------------------------------------------------------------- References: [ 1 ] Bug #1941503 - kiwi-9.23.22 is available https://bugzilla.redhat.com/show_bug.cgi?id=1941503 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
