Fedora EPEL 7 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The following builds have been pushed to Fedora EPEL 7 updates-testing

    chromium-102.0.5005.115-1.el7
    scitokens-cpp-0.7.1-1.el7
    tio-1.40-1.el7

Details about builds:


================================================================================
 chromium-102.0.5005.115-1.el7 (FEDORA-EPEL-2022-0dde709329)
 A WebKit (Blink) powered web browser that Google doesn't want you to use
--------------------------------------------------------------------------------
Update Information:

Update to Chromium 102.0.5005.115 (yes, I know there is a newer one, but we need
to get something out now).  This also adds the first build of Chromium for
EPEL9, many thanks to all the folks who got the many dependencies built.  Fixes:
CVE-2022-1232 CVE-2022-1364 CVE-2022-1633 CVE-2022-1634 CVE-2022-1635
CVE-2022-1636 CVE-2022-1637 CVE-2022-1638 CVE-2022-1639 CVE-2022-1640
CVE-2022-1641 CVE-2022-1853 CVE-2022-1854 CVE-2022-1855 CVE-2022-1856
CVE-2022-1857 CVE-2022-1858 CVE-2022-1859 CVE-2022-1860 CVE-2022-1861
CVE-2022-1862 CVE-2022-1863 CVE-2022-1864 CVE-2022-1865 CVE-2022-1866
CVE-2022-1867 CVE-2022-1868 CVE-2022-1869 CVE-2022-1870 CVE-2022-1871
CVE-2022-1872 CVE-2022-1873 CVE-2022-1874 CVE-2022-1875 CVE-2022-1876
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jun 10 2022 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 102.0.5005.115-1
- update to 102.0.5005.115
* Fri Jun  3 2022 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 102.0.5005.61-1
- update to 102.0.5005.61
* Wed Apr 27 2022 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 101.0.4951.41-1
- update to 101.0.4951.41
* Thu Apr 21 2022 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 100.0.4896.127-1
- update to 100.0.4896.127
* Tue Apr  5 2022 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 100.0.4896.75-1
- update to 100.0.4896.75
* Sat Apr  2 2022 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 100.0.4896.60-1
- update to 100.0.4896.60
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2071876 - CVE-2022-1232 chromium-browser: Type Confusion in V8
        https://bugzilla.redhat.com/show_bug.cgi?id=2071876
  [ 2 ] Bug #2076274 - CVE-2022-1364 Chromium-browser: Type Confusion in V8.
        https://bugzilla.redhat.com/show_bug.cgi?id=2076274
  [ 3 ] Bug #2084016 - CVE-2022-1633 chromium-browser: Use after free in Sharesheet
        https://bugzilla.redhat.com/show_bug.cgi?id=2084016
  [ 4 ] Bug #2084017 - CVE-2022-1634 chromium-browser: Use after free in Browser UI
        https://bugzilla.redhat.com/show_bug.cgi?id=2084017
  [ 5 ] Bug #2084018 - CVE-2022-1635 chromium-browser: Use after free in Permission Prompts
        https://bugzilla.redhat.com/show_bug.cgi?id=2084018
  [ 6 ] Bug #2084019 - CVE-2022-1636 chromium-browser: Use after free in Performance APIs
        https://bugzilla.redhat.com/show_bug.cgi?id=2084019
  [ 7 ] Bug #2084020 - CVE-2022-1637 chromium-browser: Inappropriate implementation in Web Contents
        https://bugzilla.redhat.com/show_bug.cgi?id=2084020
  [ 8 ] Bug #2084021 - CVE-2022-1638 chromium-browser: Heap buffer overflow in V8 Internationalization
        https://bugzilla.redhat.com/show_bug.cgi?id=2084021
  [ 9 ] Bug #2084022 - CVE-2022-1639 chromium-browser: Use after free in ANGLE
        https://bugzilla.redhat.com/show_bug.cgi?id=2084022
  [ 10 ] Bug #2084023 - CVE-2022-1640 chromium-browser: Use after free in Sharing
        https://bugzilla.redhat.com/show_bug.cgi?id=2084023
  [ 11 ] Bug #2084024 - CVE-2022-1641 chromium-browser: Use after free in Web UI Diagnostics
        https://bugzilla.redhat.com/show_bug.cgi?id=2084024
  [ 12 ] Bug #2090284 - CVE-2022-1853 chromium-browser: Use after free in Indexed DB
        https://bugzilla.redhat.com/show_bug.cgi?id=2090284
  [ 13 ] Bug #2090285 - CVE-2022-1854 chromium-browser: Use after free in ANGLE
        https://bugzilla.redhat.com/show_bug.cgi?id=2090285
  [ 14 ] Bug #2090286 - CVE-2022-1855 chromium-browser: Use after free in Messaging
        https://bugzilla.redhat.com/show_bug.cgi?id=2090286
  [ 15 ] Bug #2090287 - CVE-2022-1856 chromium-browser: Use after free in User Education
        https://bugzilla.redhat.com/show_bug.cgi?id=2090287
  [ 16 ] Bug #2090288 - CVE-2022-1857 chromium-browser: Insufficient policy enforcement in File System API
        https://bugzilla.redhat.com/show_bug.cgi?id=2090288
  [ 17 ] Bug #2090289 - CVE-2022-1858 chromium-browser: Out of bounds read in DevTools
        https://bugzilla.redhat.com/show_bug.cgi?id=2090289
  [ 18 ] Bug #2090290 - CVE-2022-1859 chromium-browser: Use after free in Performance Manager
        https://bugzilla.redhat.com/show_bug.cgi?id=2090290
  [ 19 ] Bug #2090291 - CVE-2022-1860 chromium-browser: Use after free in UI Foundations
        https://bugzilla.redhat.com/show_bug.cgi?id=2090291
  [ 20 ] Bug #2090292 - CVE-2022-1861 chromium-browser: Use after free in Sharing
        https://bugzilla.redhat.com/show_bug.cgi?id=2090292
  [ 21 ] Bug #2090293 - CVE-2022-1862 chromium-browser: Inappropriate implementation in Extensions
        https://bugzilla.redhat.com/show_bug.cgi?id=2090293
  [ 22 ] Bug #2090294 - CVE-2022-1863 chromium-browser: Use after free in Tab Groups
        https://bugzilla.redhat.com/show_bug.cgi?id=2090294
  [ 23 ] Bug #2090295 - CVE-2022-1864 chromium-browser: Use after free in WebApp Installs
        https://bugzilla.redhat.com/show_bug.cgi?id=2090295
  [ 24 ] Bug #2090296 - CVE-2022-1865 chromium-browser: Use after free in Bookmarks
        https://bugzilla.redhat.com/show_bug.cgi?id=2090296
  [ 25 ] Bug #2090297 - CVE-2022-1866 chromium-browser: Use after free in Tablet Mode
        https://bugzilla.redhat.com/show_bug.cgi?id=2090297
  [ 26 ] Bug #2090298 - CVE-2022-1867 chromium-browser: Insufficient validation of untrusted input in Data Transfer
        https://bugzilla.redhat.com/show_bug.cgi?id=2090298
  [ 27 ] Bug #2090299 - CVE-2022-1868 chromium-browser: Inappropriate implementation in Extensions API
        https://bugzilla.redhat.com/show_bug.cgi?id=2090299
  [ 28 ] Bug #2090300 - CVE-2022-1869 chromium-browser: Type Confusion in V8
        https://bugzilla.redhat.com/show_bug.cgi?id=2090300
  [ 29 ] Bug #2090303 - CVE-2022-1870 chromium-browser: Use after free in App Service
        https://bugzilla.redhat.com/show_bug.cgi?id=2090303
  [ 30 ] Bug #2090304 - CVE-2022-1871 chromium-browser: Insufficient policy enforcement in File System API
        https://bugzilla.redhat.com/show_bug.cgi?id=2090304
  [ 31 ] Bug #2090305 - CVE-2022-1872 chromium-browser: Insufficient policy enforcement in Extensions API
        https://bugzilla.redhat.com/show_bug.cgi?id=2090305
  [ 32 ] Bug #2090306 - CVE-2022-1873 chromium-browser: Insufficient policy enforcement in COOP
        https://bugzilla.redhat.com/show_bug.cgi?id=2090306
  [ 33 ] Bug #2090307 - CVE-2022-1874 chromium-browser: Insufficient policy enforcement in Safe Browsing
        https://bugzilla.redhat.com/show_bug.cgi?id=2090307
  [ 34 ] Bug #2090308 - CVE-2022-1875 chromium-browser: Inappropriate implementation in PDF
        https://bugzilla.redhat.com/show_bug.cgi?id=2090308
  [ 35 ] Bug #2090309 - CVE-2022-1876 chromium-browser: Heap buffer overflow in DevTools
        https://bugzilla.redhat.com/show_bug.cgi?id=2090309
--------------------------------------------------------------------------------


================================================================================
 scitokens-cpp-0.7.1-1.el7 (FEDORA-EPEL-2022-1a3ee1e251)
 C++ Implementation of the SciTokens Library
--------------------------------------------------------------------------------
Update Information:

- Enabling unit tests should not disable install of libraries and binaries -
Warnings as errors option - Convert CMakeLists.txt to "modern" cmake style  -
fix apparent fd-leak of sqlite handle
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun 22 2022 Derek Weitzel <dweitzel@xxxxxxx> - 0.7.1-1
- Add scitokens-* binaries to the package
- Bug: close sqlite db handle on return
--------------------------------------------------------------------------------


================================================================================
 tio-1.40-1.el7 (FEDORA-EPEL-2022-c5831ac386)
 Simple TTY terminal I/O application
--------------------------------------------------------------------------------
Update Information:

# tio v1.40    * Add config support for log-strip    * Add config support for
hex-mode    * Rename `--hex` to `--hex-mode`    * Fix completion for `-e`,
`--local-echo`    * Ignore newlines in hex output    * Fix newline in
`warning_printf()`    * Fix `ansi_printf_raw()` in no color mode    * Enter non-
interactive mode when piping to tio      Add support for a non interactive mode
which allows other application to pipe data to tio which then forwards the data
to the connected serial device.      Non ineractive means that tio does not
react to interactive key commands in the incoming stream. This allows users to
pipe binary data directly to the connected serial device.      Example use: `$
cat commands.txt | tio /dev/ttyUSB0`    * Also strip backspace from log      To
make log strip feature consistent so that we remove all unprintable control
characters and escape sequences.    * Socket code cleanup    * Cleanup man page
* Rename `--log-filename` to `--log-file`    * Allow strip escape sequence
characters from log file      The log without escape key stripped is like:  ```
^M[12:47:17] ACRN:\> ^M[12:47:17] ACRN:\>lasdfjklsdjf ^M ^M[12:47:18] Error:
Invalid command. ^M[12:47:19] ACRN:\> ^M[12:47:26] ACRN:\> ^M[12:47:26]
ACRN:\>sdafkljsdkaljfklsadjflksdjafjsda^H ^H^H... ^M ^M[12:47:31] Error: Invalid
command. ```     After strip escape key, the log is like:  ``` [12:49:18]
ACRN:\> [12:49:19] ACRN:\> [12:49:19] ACRN:\>ls  [12:49:19] Error: Invalid
command. [12:49:19] ACRN:\> [12:49:19] ACRN:\>dfaslhj  [12:49:24] Error: Invalid
command. ```    Beside escape key, it also handle backspace key as well.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jun 18 2022 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.40-1
- Upgrade to 1.40 (#2098148)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2098148 - tio-1.40 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2098148
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux