Fedora EPEL 8 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The following Fedora EPEL 8 Security updates need testing:
 Age  URL
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-3a6675bd1a   chromium-102.0.5005.115-1.el8
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-59cdfb46c4   glances-3.2.5-1.el8
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-ac75a8517c   exim-4.95-1.el8


The following builds have been pushed to Fedora EPEL 8 updates-testing

    copr-cli-1.101-1.el8
    copr-messaging-0.6-1.el8
    golang-x-net-0-0.60.20200807gitab34263.el8
    golang-x-text-0.3.7-1.el8
    kiwi-9.24.44-1.el8
    python-copr-1.120-1.el8
    python-rosdep-0.22.1-1.el8
    rebase-helper-0.27.0-1.el8
    strongswan-5.9.6-1.el8
    testcloud-0.8.0-1.el8

Details about builds:


================================================================================
 copr-cli-1.101-1.el8 (FEDORA-EPEL-2022-6fe6d98425)
 Command line interface for COPR
--------------------------------------------------------------------------------
Update Information:

copr-cli  - removed a depraceted build method `copr-cli buildfedpkg'  python-
copr  - disable network in Python API by default, this mimics what is done in
copr-cli for a long time
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 21 2022 Jakub Kadlcik <frostyx@xxxxxxxx> 1.101-1
- Remove depraceted method `copr-cli buildfedpkg'
--------------------------------------------------------------------------------


================================================================================
 copr-messaging-0.6-1.el8 (FEDORA-EPEL-2022-dbf2a63e55)
 Abstraction for Copr messaging listeners/publishers
--------------------------------------------------------------------------------
Update Information:

copr-backend  - Consolidate the two hitcounter scripts - Dump Resalloc ticket ID
and hostname to backend.log - Automatically restart services in %%post - Don't
count RPMs downloaded from Mock - Attempt to sign multiple times - Try multiple
attempts of creating GPG keys   copr-dist-git  - Don't setgid(apache) while
importing ("uploading") - More obvious "locking" importer proctitle   copr-
frontend  - Start logging important events - Change logging formatter to show
also flask.g.user - APIv3 support for chroot_denylist - Restrict the CoprDir
names to <copr>:custom:<suffix> - Don't require trailing slash in APIv3
/package/list - Don't hide CoprDir buttons in Builds web-ui - New command 'copr-
frontend chroots-template' - More understandable Pagure badges - Detect
ClientDisconnected errors   copr-messaging  - Adapt to the changed stomppy API
copr-rpmbuild  - Fix make_srpm with new git - Define copr-specific macros also
for SRPM builds - SCM method to clone recursively   python-copr-common  - Allow
SafeRequest's timeout to be specified
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 21 2022 Jakub Kadlcik <frostyx@xxxxxxxx> 0.6-1
- Adapt to the changed stomppy API
--------------------------------------------------------------------------------


================================================================================
 golang-x-net-0-0.60.20200807gitab34263.el8 (FEDORA-EPEL-2022-46b9d78e30)
 Go supplementary network libraries
--------------------------------------------------------------------------------
Update Information:

## golang-x-text - Update to 0.3.7. Fixes rhbz#1945761. - Mitigate
CVE-2021-38561 (rhbz#2100495).  ## golang-x-net - Rebuild to mitigate
CVE-2021-38561 (rhbz#2100495).
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jun 24 2022 Maxwell G <gotmax@e.email> - 0-0.60.20200807gitab34263
- Rebuild to mitigate CVE-2021-38561 (rhbz#2100495).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2100495 - CVE-2021-38561 golang: out-of-bounds read in golang.org/x/text/language leads to DoS
        https://bugzilla.redhat.com/show_bug.cgi?id=2100495
--------------------------------------------------------------------------------


================================================================================
 golang-x-text-0.3.7-1.el8 (FEDORA-EPEL-2022-46b9d78e30)
 Go text processing support
--------------------------------------------------------------------------------
Update Information:

## golang-x-text - Update to 0.3.7. Fixes rhbz#1945761. - Mitigate
CVE-2021-38561 (rhbz#2100495).  ## golang-x-net - Rebuild to mitigate
CVE-2021-38561 (rhbz#2100495).
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jun 24 2022 Maxwell G <gotmax@e.email> - 0.3.7-1
- Update to 0.3.7. Fixes rhbz#1945761.
- Mitigate CVE-2021-38561 (rhbz#2100495).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2100495 - CVE-2021-38561 golang: out-of-bounds read in golang.org/x/text/language leads to DoS
        https://bugzilla.redhat.com/show_bug.cgi?id=2100495
--------------------------------------------------------------------------------


================================================================================
 kiwi-9.24.44-1.el8 (FEDORA-EPEL-2022-176fbe523e)
 Flexible operating system image builder
--------------------------------------------------------------------------------
Update Information:

This update fixes the following issues:  * Building CentOS/RHEL 8 images on
CentOS/RHEL 9 hosts didn't work due to a missing `rpm --rebuilddb` between
bootstrap and image install phases. * Configuring the SELinux policy for
CentOS/RHEL 7 images stopped working due to adaptations to correctly apply
labels, a workaround is now implemented. * The DNF versionlock plugin is
forcefully disabled to prevent issues at bootstrap phase.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jun 24 2022 Neal Gompa <ngompa@xxxxxxxxxxxxxxxxx> - 9.24.44-1
- Update to 9.24.44 (RH#2100806)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2100806 - kiwi-9.24.44 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2100806
--------------------------------------------------------------------------------


================================================================================
 python-copr-1.120-1.el8 (FEDORA-EPEL-2022-6fe6d98425)
 Python interface for Copr
--------------------------------------------------------------------------------
Update Information:

copr-cli  - removed a depraceted build method `copr-cli buildfedpkg'  python-
copr  - disable network in Python API by default, this mimics what is done in
copr-cli for a long time
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 21 2022 Jakub Kadlcik <frostyx@xxxxxxxx> 1.120-1
- Disable network on builders by default
--------------------------------------------------------------------------------


================================================================================
 python-rosdep-0.22.1-1.el8 (FEDORA-EPEL-2022-f2d393459d)
 ROS System Dependency Installer
--------------------------------------------------------------------------------
Update Information:

Update to `rosdep` 0.22.1
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jun 24 2022 Scott K Logan <logans@xxxxxxxxxxx> - 0.22.1-1
- Update to 0.22.1 (rhbz#2100935)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2100935 - python-rosdep-0.22.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2100935
--------------------------------------------------------------------------------


================================================================================
 rebase-helper-0.27.0-1.el8 (FEDORA-EPEL-2022-c5428b38a6)
 The tool that helps you to rebase your package to the latest version
--------------------------------------------------------------------------------
Update Information:

**News in version 0.27.0:**  - Added support for `rpmuncompress` being used by
`rpm` >= 4.18 - Replaced hardcoded references to *master* branch - Fixed typos
in `%preun`, `%postun` and `%generate_buildrequires` section names - Fixed
parsing of macros with multiline bodies in `%dump` output - Fixed parsing issue
in **rpmdiff** checker - **rebase-helper** now removes any existing submodule
configuration from upstream tarballs before rebasing to avoid errors due to
submodules not being checked out - **rebase-helper** now warns about a potential
rename that can't be handled automatically, such as `README` to `README.md` -
**rebase-helper** is now able to handle unexpected `git rebase` errors
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jun 24 2022 Packit <hello@xxxxxxxxxx> - 0.27.0-1
News in version 0.27.0:

- Added support for `rpmuncompress` being used by `rpm` >= 4.18
- Replaced hardcoded references to *master* branch
- Fixed typos in `%preun`, `%postun` and `%generate_buildrequires` section names
- Fixed parsing of macros with multiline bodies in `` output
- Fixed parsing issue in **rpmdiff** checker
- **rebase-helper** now removes any existing submodule configuration from upstream tarballs before rebasing to avoid errors due to submodules not being checked out
- **rebase-helper** now warns about a potential rename that can't be handled automatically, such as `README` to `README.md`
- **rebase-helper** is now able to handle unexpected `git rebase` errors
--------------------------------------------------------------------------------


================================================================================
 strongswan-5.9.6-1.el8 (FEDORA-EPEL-2022-3ae7eab0c3)
 An OpenSource IPsec-based VPN and TNC solution
--------------------------------------------------------------------------------
Update Information:

- [Changelog](https://github.com/strongswan/strongswan/releases/tag/5.9.6)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun 22 2022 Arne Reiter <redhat@xxxxxxxxxxxxx> - 5.9.6-1
- Resolves rhbz#2080070 strongswan-5.9.6 is available
- Fixed missing format string in enum_flags_to_string()
* Fri Feb 25 2022 Arne Reiter <redhat@xxxxxxxxxxxxx> - 5.9.5-3
- Resolves: rhbz#2048108 - segfault at 18 ip 00007f4c7c0d841c sp 00007ffe49f61b70 error 4 in libc.so.6
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2080070 - strongswan-5.9.6 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2080070
--------------------------------------------------------------------------------


================================================================================
 testcloud-0.8.0-1.el8 (FEDORA-EPEL-2022-10ec3d1b92)
 Tool for running cloud images locally
--------------------------------------------------------------------------------
Update Information:

- Bump CentOS Stream versions - Build seed image with genisoimage (mpitt) -
Reduce libvirt dependencies (mpitt) - Drop libguestfs from Requires to Suggests
(mpitt) - util: except also requests.exceptions.JSONDecodeError -
_needs_legacy_net: try to guess based on image name with missing guestfs - add
coreos aarch64 support (lnie) - Allow to configure download progress verbosity
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jun 24 2022 Frantisek Zatloukal <fzatlouk@xxxxxxxxxx> - 0.8.0-1
- Bump CentOS Stream versions
- Build seed image with genisoimage (mpitt)
- Reduce libvirt dependencies (mpitt)
- Drop libguestfs from Requires to Suggests (mpitt)
- util: except also requests.exceptions.JSONDecodeError
- _needs_legacy_net: try to guess based on image name with missing guestfs
- add coreos aarch64 support (lnie)
- Allow to configure download progress verbosity
* Mon Jun 13 2022 Python Maint <python-maint@xxxxxxxxxx> - 0.7.1-2
- Rebuilt for Python 3.11
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2093717 - Please lower or drop python3-libguestfs dependency
        https://bugzilla.redhat.com/show_bug.cgi?id=2093717
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux