Fedora EPEL 7 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The following Fedora EPEL 7 Security updates need testing:
 Age  URL
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-735d1baeca   brotli-1.0.9-10.el7
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-10049c7b14   libbsd-0.11.7-2.el7


The following builds have been pushed to Fedora EPEL 7 updates-testing

    annobin-10.94-1.el7

Details about builds:


================================================================================
 annobin-10.94-1.el7 (FEDORA-EPEL-2022-3da6e22147)
 Annotate and examine compiled binary files
--------------------------------------------------------------------------------
Update Information:

Rebase to 10.94
--------------------------------------------------------------------------------
ChangeLog:

* Tue Dec  6 2022 Nick Clifton  <nickc@xxxxxxxxxx> - 10.94-1
- Rebase to 10.94
- Annocheck: Better detection of binaries which do not contain code.  (#2144533)
- Annocheck: Provide more information when a test is skipped because the file being tested was not compiled.
- Annocheck: Try harder not to run mutually exclusive tests.
- Tests: Fix future-test so that it properly handles the situation where the compiler does not support the new options.
- Libannocheck: Actually set result fields after tests are run.
- Libannocheck: Replace libannocheck_version variable with LIBANNOCHECK_VERSION define.
- Libannocheck: Remove 'Requires binutils-devel' from libannocheck.pc.
- Libannocheck: Move into separate sub-package.
- Libannocheck: Add libannocheck.pc pkgconfig file.
- Libannocheck: Add libannocheck_reinit().
- GCC Plugin: Record -ftrivial-auto-var-init and -fzero-call-used-regs.
- Annocheck: Add future tests for  -ftrivial-auto-var-init and -fzero-call-used-regs.
- Clang Plugin: Fix for building with Clang-15.  (#2125875)
- Annocheck: Add a test for the inconsistent use of -Ofast.  (#1248744)
- Plugin: Fix top level configuration support for RiscV.
- Annocheck: Improvements to the size tool.
- Annocheck: Fixes for libannocheck.h.
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
- Annocheck: Add automatic profile selection.
- Annocheck: Improve gap detection and reporting.
- Spec File: Use the %dir directive in the %files section to ensure that
-  plugin directories are useable.  (#2080454)
- Spec File: Remove bogus Provides from annobin-docs subpackage.
- Annocheck: Check build-id of separate debuginfo files.
- Annocheck: Add GAPS test replacing --ignore-gaps.
- Annocheck: Fix covscan detected race condition between stat() and open().
- Annocheck: Handle binaries created by Rust 1.18.  (#2094420)
- Annocheck: Add optional function name to --skip arguments.  (PR 29229)
- Annocheck: Fix handling of command line options that take arguments.  (#2086850)
- Annocheck: Do not complain about unenabled -mbranch-protection option in AArch64 binaries.  (#2078909)
- gcc-plugin: Fix typo in configure.ac.
- gcc-plugin: Add support for RISC-V.
- Annocheck: Add another special case for glibc rpms.  (#2083070)
- Annocheck: Do not complain about unenabled -mbranch-protection option in AArch64 binaries if compiled using LTO.  (#2082146)
- Annocheck: Add more glibc exceptions + check PT_TLS segments.  (#2081131)
- Annocheck: Do not complain about missing -mbranch-protection option in AArch64 binaries if compiled by golang.
- Annocheck: Do not complain about missing -mbranch-protection option in AArch64 binaries if compiled in LTO mode.
- gcc-plugin: Add support for CLVC_INTEGER options.
- Annocheck: Even more special cases for AArch64 glibc on RHEL-8.  (#2072082)
- Annocheck: Add more special cases for AArch64 glibc on RHEL-8.  (#2072082)
- llvm-plugin: Fix a thinko in the sources.
- gcc-plugin: Add remap of OPT_Wall.
- configure: Fix typo in top level configure.ac.
- Add support for building using meson+ninja.
- Rebuilt against new LLVM release, with patch.
- Annocheck: Fix test for AArch64 property notes.  (#2068657)
- gcc-plugin: Do not issue warning messages for autoconf generated source files.  (#2009958)
- Annocheck: Update documentation and fix typo in annocheck.  (#2061291)
- Annocheck: Add option to enable/disable following symbolic links.
- Always identify Rust binaries, even if built on a host that does not know about Rust.  (#2057737)
- Spec File: Use a different method to disable the annobin plugin  (#2054571)
- Annocheck: Skip PIE anf PIC tests for GO binaries.
- gcc-plugin: Fix libtool so that extraneous runpaths are not added to the plugin.  (#2030667)
- gcc-plugin: Use canonical_option field of save_decoded_options array. (#2047148)
- Rebuild for new gcc version
- Annocheck: Add an option to disable the use of debuginfod (if available).
- Annocheck: Add more glibc special file names.
- Annocheck: Skip some tests for BPF binaries.
- Annocheck: Add another glibc static library symbol.  (#2043047)
- Annocheck: Skip property note test for GO binaries.  (#204300)
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
- GCC Plugin: Do not fail if a section cannot be attached to a group.
- Annocheck: Improve detection of kernel modules.
- GCC Plugin: Only default to link-once when using gcc-12 or later.  (#2039297)
- Annocheck: Add option to disable instrumentation test.
- GCC Plugin: Replace CLVC_BOOLEAN with CLVC_BIT_SET/CLVC_BIT_CLEAR.
- Rebuild against new GCC.
- Rebuild against new GCC.
- Rebuild against new GCC.
- Annocheck: Add even more glibc function names. (#2037333)
- Annocheck: ARM: Do not fail tests that rely upon annobin notes.
- Annocheck: Extend list of known glibc functions.  (#2037333)
- Annocheck: Ignore gaps that contain the _start symbol (for AArch64).  (#1995224)
- Annocheck: Ignore more glibc special binaries.  (#2037220)
- Annocheck: Do not complaining about missing stack clash notes if the compilation used LTO.  (#2034946)
- Annocheck: Add /usr/lib/ld-linux-aarch64.so.1 to the list of known glibc binaries.  (#2033255)
- Doc: Note that ENDBR is only needed as the landing pad for indirect branches/calls.  (#28705)
- Spec File: Store full	gcc version release string in plugin info file.  (#2030671)
- Annocheck: Add special case for x86_64 RHEL-7 gaps.  (#2031133)
- Annocheck: Do not complaining about missing -mstackrealign notes in LTO mode.  (#2030298)
- GCC Plugin: Do not record missing -mstackrealign in LTO mode.  (#2030298)
- Tests: Fix fortify and debuginfod tests to use newly built annobin plugin.
- Tests: Fix gaps and stat tests to use newly built annobin plugin.  (#2028063)
- Annocheck: Ignore gaps in binaries at least partial built by golang.  (#2028583)
- Annocheck: Allow spaces in golang symbols.
- Annocheck: Initial deployment of libannocheck.
- gcc-plugin: Fix bug creating empty attachments.
- Annocheck: Change MAYB result to SKIP for DT_RPATH.  (#2026300)
- Annocheck: Skip missing fortify/warning notes for ARM32.
- gcc-plugin: Try another fix for ppc64le section grouping.  (#2023437)
- gcc-plugin: Revert 10.22 change.  (#2023437)
- Annocheck: Add exception for /usr/sbin/ldconfig.  (#2022973)
- Annocheck: Add a test for unicode characters in identifiers.
- gcc-plugin: Default to link-order grouping for PPC64LE.  (#2016458)
- Annocheck: Do not fail if a --skip-<name> option does not match a known test.
- ldconfig-test: Skip the LTO check.
- Annocheck: Add more glibc function names.
- gcc-plugin: Fix attaching the .text section to the .text.group section.
- Complain about DT_RPATH for Fedora binaries.
- Better reporting of problems in object files.  (#2013708)
- Add a requirement on llvm-libs for clang and llvm plugins.  (#2014573)
- Fix configuring annocheck without gcc-plugin.
- Annocheck: Better reporting of debuginfod problems.
- Tests: Fix bugs in debuginfod test.
- Annocheck: Add tests based upon recent bug fixes.
- Annocheck: Another tweak to glibc detection code.
- Rebuild for llvm-13.0.0
- Annocheck: Fix memory corruptions when using --debug-path and when a corrupt note is found.  (#20011438)
- Annocheck: Fix MAYB results for mixed GO/C files.
- Annocheck: Move some messages from VERBOSE to VERBOSE2.
- Annocheck: Scan zero-length tool notes.
- Annocheck: Fix covscan detected flaws.
- plugins: Add more required build options.
- Annocheck: Fix cf-prot test to fail if the CET notes are missing.
- Annocheck: Skip gaps in the .plt section.
- Plugins: Add -g option when building LLVM and Clang.
- Annocheck: Add more cases of glibc startup functions.
- Annocheck: Fix covscan detected problems.
- Annocheck: Add --profile=el8.
- gcc-plugin: Conditionalize generation of branch protection note.
- Annocheck: Ignore gaps containing NOP instructions.
- GCC Plugin: Fix detection of running inside the LTO compiler.  (#2004917)
- Annocheck: Do not insist on the DT_AARCH64_PAC_PLT flag being present in AArch64 binaries.
- Annocheck: With gaps at the start/end of the .text section, check for special symbols before displaying a MAYB result.
- Annocheck: Do not set CFLAGS/LDFLAGS when building.  Take from environment instead.
- Annocheck: Fix exit code when tests PASS.
- Documentation: Add node for each hardening test.
- Documentation: Install online.
- Annocheck: Annote FAIL and MAYB results with URL to documentation
- Annocheck: Add --no-urls and --provide-urls options
- Annocheck: Add --help-<tool> option.
- Annocheck: Fix fuzzing detected failures.
- Annocheck: Add --profile option.
- Docs: Document --profile option and rpminspect.yaml.
- Annocheck: Skip GO/CET checks.  Fix fuzzing detected failures.
- LLVM Plugin: Automatically choose the correct tests to run, based upon the version of Clang installed. (#1997444)
- spec file: Add the installation of the annobon sources into /usr/src/annobin.
- Annocheck: Fix memory corruption.  (#1996963)
- spec file: Add the creation of a gcc-plugin version info file in /usr/lib/rpm/redhat.
- Annocheck: Fix conditionalization of AArch64's PAC+BTI detection.
- Annocheck: Add linker generated function for ppc64le exceptions.  (#1981410)
- LLVM Plugin: Allow checks to be selected from the command line.
- Annocheck: Examine DW_AT_producer for -flto.    
- Annocheck: Conditionalize detection of AArch64's PAC+BTI protection.
- Annocheck: Add linker generated function for s390x exceptions.  (#1981410)
- Annocheck: Generate MAYB results for gaps in notes covering the .text section.  (#1991943)
- Annocheck: Close DWARF file descriptors once the debug info is no longer needed.  (#1981410)
- LLVM Plugin: Update to build with Clang v13.  (Thanks to: Tom Stellard <tstellar@xxxxxxxxxx>)
- Rebuild for LLVM 13.0.0-rc1
- Annocheck: Fix memory corruption.  (#1988715)
- Annocheck: Skip certain tests for kernel modules.
- Annocheck: Detect a missing CET note.  (#1991931)
- Annocheck: Do not report future fails for AArch64 notes.
- Annocheck: Warn about multiple --debug-file, --debug-rpm and --debug-dir options.
- Annocheck: Process files in command line order.  (#1988714)
- Annocheck: Reverse AArch64 PAC+BTI check, ie fail if they are enabled.  (#1984995)
* Fri Jul 23 2021 Nick Clifton  <nickc@xxxxxxxxxx> - 9.83-1
- Annocheck: Reverse AArch64 PAC+BTI check, ie fail if they are enabled.  (#1984995)
- Annocheck: Add another test exceptions.
* Tue Jul 13 2021 Nick Clifton  <nickc@xxxxxxxxxx> - 9.81-1
- Annocheck: Add some more test exceptions.
- Tests: Skip glibc-notes test if the assembler does not support --generate-missing-build-notes.  (#1978573)
- Tests: Skip objcopy test if objcopy does not support --merge-notes.
- Annocheck: Fix spelling mistake in -mstack-realign failure message.  (#1977349)
- gcc-plugin: Do not record global versions of stack protection settings in LTO mode, if not set.  (#1958954)
- Annocheck: Remove limit on number of input files.
- clang/llvm plugins: Build with correct security options.
- Annocheck: Better detection of GO compiler version.
- Annocheck: Better support for symbolic links.
- Annocheck: In verbose mode, report the reason for skipping specific tests.  (#1969584)
- Annocheck: Improve detection of shared libraries.  (#1958954)
- Annocheck: Accept 0 as a valid number for gcc minor versions and release numbers.
- gcc-plugin: Add support for ARM and RISCV targets.
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux