Fedora EPEL 8 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora EPEL 8 Security updates need testing:
 Age  URL
  20  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-17ae719cb2   syncthing-1.18.6-3.el8
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-d431be322b   zabbix40-4.0.39-1.el8
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-0dca326d43   abcm2ps-8.14.13-1.el8
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-ad126686cf   python-paramiko-2.4.3-2.el8
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-42af0c4375   libcaca-0.99-0.59.beta20.el8


The following builds have been pushed to Fedora EPEL 8 updates-testing

    bird-2.0.9-2.el8
    libass-0.15.2-1.el8
    openssl3-3.0.1-18.el8.1
    slop-7.6-5.el8
    xrdp-0.9.19-1.el8

Details about builds:


================================================================================
 bird-2.0.9-2.el8 (FEDORA-EPEL-2022-dfb03f1d29)
 BIRD Internet Routing Daemon
--------------------------------------------------------------------------------
Update Information:

- Added patch to fix bug in babel iface reconfiguration (#2064465)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2022 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> - 2.0.9-2
- Added patch to fix bug in babel iface reconfiguration (#2064465)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2064465 - Babel protocol broken in bird-2.0.9
        https://bugzilla.redhat.com/show_bug.cgi?id=2064465
--------------------------------------------------------------------------------


================================================================================
 libass-0.15.2-1.el8 (FEDORA-EPEL-2022-081cae121c)
 Portable library for SSA/ASS subtitles rendering
--------------------------------------------------------------------------------
Update Information:

Update to 0.15.2
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 23 2022 Nicolas Chauvet <kwizart@xxxxxxxxx> - 0.15.2-1
- Update to 0.15.2
* Thu Jan 20 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.14.0-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Thu Jul 22 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.14.0-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Tue Jan 26 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.14.0-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Jul 28 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.14.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jan 29 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.14.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 openssl3-3.0.1-18.el8.1 (FEDORA-EPEL-2022-1edabe7090)
 Utilities from the general purpose cryptography library with TLS implementation
--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2022-0778
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 16 2022 Michel Alexandre Salim <salimma@xxxxxxxxxxxxxxxxx> 3.0.1-18.1
- Merge c9s openssl changes to pick up CVE-2022-0778 fix
* Wed Mar 16 2022 Dmitry Belyavskiy <dbelyavs@xxxxxxxxxx> - 1:3.0.1-18
- CVE-2022-0778 fix
- Resolves: rhbz#2062315
* Thu Mar 10 2022 Clemens Lang <cllang@xxxxxxxxxx> - 1:3.0.1-17
- Fix invocation of EVP_PKEY_CTX_set_rsa_padding(RSA_PKCS1_PSS_PADDING) before
  setting an allowed digest with EVP_PKEY_CTX_set_signature_md()
- Skipping 3.0.1-16 due to version numbering confusion with the RHEL-9.0 branch
- Resolves: rhbz#2062640
* Tue Mar  1 2022 Clemens Lang <cllang@xxxxxxxxxx> - 1:3.0.1-15
- Allow SHA1 in SECLEVEL 2 if rh-allow-sha1-signatures = yes
- Resolves: rhbz#2060510
* Fri Feb 25 2022 Clemens Lang <cllang@xxxxxxxxxx> - 1:3.0.1-14
- Prevent use of SHA1 with ECDSA
- Resolves: rhbz#2031742
* Fri Feb 25 2022 Dmitry Belyavskiy <dbelyavs@xxxxxxxxxx> - 1:3.0.1-13
- OpenSSL will generate keys with prime192v1 curve if it is provided using explicit parameters
- Resolves: rhbz#1977867
* Thu Feb 24 2022 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 1:3.0.1-12
- Support KBKDF (NIST SP800-108) with an R value of 8bits
- Resolves: rhbz#2027261
* Wed Feb 23 2022 Clemens Lang <cllang@xxxxxxxxxx> - 1:3.0.1-11
- Allow SHA1 usage in MGF1 for RSASSA-PSS signatures
- Resolves: rhbz#2031742
* Wed Feb 23 2022 Dmitry Belyavskiy <dbelyavs@xxxxxxxxxx> - 1:3.0.1-10
- rebuilt
* Tue Feb 22 2022 Clemens Lang <cllang@xxxxxxxxxx> - 1:3.0.1-9
- Allow SHA1 usage in HMAC in TLS
- Resolves: rhbz#2031742
* Tue Feb 22 2022 Dmitry Belyavskiy <dbelyavs@xxxxxxxxxx> - 1:3.0.1-8
- OpenSSL will generate keys with prime192v1 curve if it is provided using explicit parameters
- Resolves: rhbz#1977867
- pkcs12 export broken in FIPS mode
- Resolves: rhbz#2049265
* Tue Feb 22 2022 Clemens Lang <cllang@xxxxxxxxxx> - 1:3.0.1-8
- Disable SHA1 signature creation and verification by default
- Set rh-allow-sha1-signatures = yes to re-enable
- Resolves: rhbz#2031742
* Thu Feb  3 2022 Sahana Prasad <sahana@xxxxxxxxxx> - 1:3.0.1-7
- s_server: correctly handle 2^14 byte long records
- Resolves: rhbz#2042011
* Tue Feb  1 2022 Dmitry Belyavskiy <dbelyavs@xxxxxxxxxx> - 1:3.0.1-6
- Adjust FIPS provider version
- Related: rhbz#2026445
* Wed Jan 26 2022 Dmitry Belyavskiy <dbelyavs@xxxxxxxxxx> - 1:3.0.1-5
- On the s390x, zeroize all the copies of TLS premaster secret
- Related: rhbz#2040448
* Fri Jan 21 2022 Dmitry Belyavskiy <dbelyavs@xxxxxxxxxx> - 1:3.0.1-4
- rebuilt
* Fri Jan 21 2022 Dmitry Belyavskiy <dbelyavs@xxxxxxxxxx> - 1:3.0.1-3
- KATS tests should be executed before HMAC verification
- Restoring fips=yes for SHA1
- Related: rhbz#2026445, rhbz#2041994
* Thu Jan 20 2022 Sahana Prasad <sahana@xxxxxxxxxx> - 1:3.0.1-2
- Add enable-buildtest-c++ to the configure options.
- Related: rhbz#1990814
* Tue Jan 18 2022 Sahana Prasad <sahana@xxxxxxxxxx> - 1:3.0.1-1
- Rebase to upstream version 3.0.1
- Fixes CVE-2021-4044 Invalid handling of X509_verify_cert() internal errors in libssl
- Resolves: rhbz#2038910, rhbz#2035148
* Mon Jan 17 2022 Dmitry Belyavskiy <dbelyavs@xxxxxxxxxx> - 1:3.0.0-7
- Remove algorithms we don't plan to certify from fips module
- Remove native fipsmodule.cnf
- Related: rhbz#2026445
* Tue Dec 21 2021 Dmitry Belyavskiy <dbelyavs@xxxxxxxxxx> - 1:3.0.0-6
- openssl speed should run in FIPS mode
- Related: rhbz#1977318
* Wed Nov 24 2021 Dmitry Belyavskiy <dbelyavs@xxxxxxxxxx> - 1:3.0.0-5
- rebuilt for spec cleanup
- Related: rhbz#1985362
* Thu Nov 18 2021 Dmitry Belyavskiy <dbelyavs@xxxxxxxxxx> - 1:3.0.0-4
- Embed FIPS HMAC in fips.so
- Enforce loading FIPS provider when FIPS kernel flag is on
- Related: rhbz#1985362
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2062202 - CVE-2022-0778 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
        https://bugzilla.redhat.com/show_bug.cgi?id=2062202
--------------------------------------------------------------------------------


================================================================================
 slop-7.6-5.el8 (FEDORA-EPEL-2022-f50d06704b)
 Command line tool to perform region SeLect OPeration with mouse
--------------------------------------------------------------------------------
Update Information:

Branching slop from Fedora to EPEL-8.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Mar 12 2022 Rajeesh KV <rajeeshknambiar@xxxxxxxxxxxxxxxxx> - 7.6-5
- Enable libXext dependency for RHEL/CentOS
* Thu Feb 10 2022 Orion Poplawski <orion@xxxxxxxx> - 7.6-4
- Rebuild for glew 2.2
* Sat Jan 22 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 7.6-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Tue Sep 14 2021 Alois Mahdal <amahdal@xxxxxxxxxx> - 7.6-2
- Bumping to allow rebuild with maim.src.rpm
* Mon Sep 13 2021 Alois Mahdal <amahdal@xxxxxxxxxx> - 7.6-1
- Updated upstream to 7.6
* Fri Jul 23 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 7.5-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Thu May 20 2021 Pete Walter <pwalter@xxxxxxxxxxxxxxxxx> - 7.5-4
- Rebuild for ICU 69
* Wed May 19 2021 Pete Walter <pwalter@xxxxxxxxxxxxxxxxx> - 7.5-3
- Rebuild for ICU 69
* Wed Jan 27 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 7.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Thu Oct 29 2020 Alois Mahdal <amahdal@xxxxxxxxxx> - 7.5-1
- Updated upstream to 7.5
* Wed Jul 29 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 7.4-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri May 15 2020 Pete Walter <pwalter@xxxxxxxxxxxxxxxxx> - 7.4-10
- Rebuild for ICU 67
* Mon Mar 16 2020 Alois Mahdal <n9042e84@xxxxxxxxx> - 7.4-9
- Fixed BZ#1800099; missing libXext build dependency
* Thu Jan 30 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 7.4-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Fri Jul 26 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 7.4-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sat Feb  2 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 7.4-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Jan 23 2019 Pete Walter <pwalter@xxxxxxxxxxxxxxxxx> - 7.4-5
- Rebuild for ICU 63
* Thu Aug 23 2018 Nicolas Chauvet <kwizart@xxxxxxxxx> - 7.4-4
- Rebuilt for glew 2.1.0
* Sat Jul 14 2018 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 7.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jul 10 2018 Pete Walter <pwalter@xxxxxxxxxxxxxxxxx> - 7.4-2
- Rebuild for ICU 62
* Thu Jun 28 2018 Alois Mahdal <n9042e84@xxxxxxxxx> 7.4-1
- Initial packaging.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2058954 - Please branch and build slop for EPEL8
        https://bugzilla.redhat.com/show_bug.cgi?id=2058954
--------------------------------------------------------------------------------


================================================================================
 xrdp-0.9.19-1.el8 (FEDORA-EPEL-2022-3b0faa5cb4)
 Open source remote desktop protocol (RDP) server
--------------------------------------------------------------------------------
Update Information:

Release notes for xrdp v0.9.19 (2022/03/17)  General announcements   - Running
xrdp and xrdp-sesman on separate hosts is still supported by this release, but
is now deprecated. This is not secure. A future release will replace the TCP
socket used between these processes with a Unix Domain Socket, and then cross-
host running will not be possible.  New features   - Both inbound and outbound
clipboards can now be restricted for text, files or images [Sponsored by
@CyberTrust @clear-code and @kenhys] (#2087)  Bug fixes   - CVE-2022-23613:
Privilege escalation on xrdp-sesman (This fix is also in the out-of-band
v0.9.18.1 release)  - The versions of imlib2 used on RHEL 7 and 8 are now
detected correctly (#2118)  - Some situations where zombie processes could exist
have been resolved (#2146, #2151, #2168)  - Some null-pointer exceptions which
can happen in the logging module have been addressed (#2149)  - Some minor
logging errors have been corrected (#2152)  - The signal handling in sesman has
been reworked to prevent race conditions when a child exits. This has also made
it possible to reliably reload the sesman configuration with SIGHUP (#1729,
#2168)  Internal changes   - Versions 0.13 and later of checklib can undefine
the pre-processor symbol HAVE_STDINT_H. The xrdp tests now build successfully
against these versions (#2124)  - OpenSSL packaging changes (#2130):-  - The
OpenSSL 3 EVP interface is now fully supported  - When building against OpenSSL
3, an internal implementation of the RC4 cipher is used instead of the
implementation from the OpenSSL legacy provider  - The wrapping of the OpenSSL
library has been improved which should make it simpler to provide an alternative
cryptographic provider in the future, if required  - The logging of TLS/non-TLS
security negotiation has been improved  - cppcheck version used for CI bumped to
2.7 (#2140)  - The s_check() macro which is easily mis-used has been removed
(#2144)  - Status values for the DRDYNVC channel are now available in
libxrdp/xrdp_channel.h  Changes for packagers or developers   - On OpenSSL 3
systems, there is now no need to build with the -Wno-error=deprecated-
declarations flag  Known issues   - On-the-fly resolution change requires the
Microsoft Store version of Remote Desktop client but sometimes crashes on
connect (#1869)  - xrdp's login dialog is not relocated at the center of the new
resolution after on-the-fly resolution change happens (#1867)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2022 Bojan Smojver <bojan@xxxxxxxxxxxx> - 1:0.9.19-1
- Bump up to 0.9.19
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure




[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux