Fedora EPEL 7 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The following Fedora EPEL 7 Security updates need testing:
 Age  URL
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-afd7021128   ipython-3.2.3-1.el7
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-08427e256d   seamonkey-2.53.15-1.el7


The following builds have been pushed to Fedora EPEL 7 updates-testing

    copr-cli-1.105-1.el7
    imlib2-1.4.9-8.el7
    python-copr-1.125-1.el7
    python-websockify-0.6.0-4.el7

Details about builds:


================================================================================
 copr-cli-1.105-1.el7 (FEDORA-EPEL-2023-016a5af72a)
 Command line interface for COPR
--------------------------------------------------------------------------------
Update Information:

### copr-cli  - More understandable module hotfixes description - Add options to
download only built RPMs/spec files - Use the --dirname parameter for copr-cli
monitor - Disable appstream by default - Use SPDX license  ### python-copr  -
Drop the unneeded marshmallow dependency - Fix APIv3 additional_modules
CoprChroot option - More understandable module hotfixes description - Disable
appstream by default - Use SPDX license
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 24 2023 Jakub Kadlcik <frostyx@xxxxxxxx> 1.105-1
- More understandable module hotfixes description
- Add options to download only built RPMs/spec files
- Use the --dirname parameter for copr-cli monitor
- Disable appstream by default
- Use SPDX license
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2151239 - RFE: Add --rpms option to download only rpms via download-build
        https://bugzilla.redhat.com/show_bug.cgi?id=2151239
--------------------------------------------------------------------------------


================================================================================
 imlib2-1.4.9-8.el7 (FEDORA-EPEL-2023-2b409ccc37)
 Image loading, saving, rendering, and manipulation library
--------------------------------------------------------------------------------
Update Information:

This update rebases imlib2 from version 1.4.5 to 1.4.9.  This is a compatible
update with the same library soname.  It resolves multiple high severity CVEs.
- CVE-2011-5326  - CVE-2014-9762 - CVE-2014-9763 - CVE-2014-9764 - CVE-2014-9771
- CVE-2016-3993 - CVE-2016-3994  - CVE-2016-4024
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb  1 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.4.9-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Jul 13 2018 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.4.9-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Sun Feb 11 2018 Sandro Mani <manisandro@xxxxxxxxx> - 1.4.9-6
- Rebuild (giflib)
* Wed Feb  7 2018 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.4.9-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Aug  2 2017 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.4.9-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.4.9-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Feb 10 2017 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.4.9-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Fri May  6 2016 Tomas Smetana <tsmetana@xxxxxxxxxx> - 1.4.9-1
- New upstream bugfix version
- Fix rhbz#1323617 - CVE-2016-3993: off by one error in MergeUpdate
- Fix rhbz#1327478 - CVE-2016-4024: integer overflow resulting in insufficient heap allocation
* Fri Apr  1 2016 Tomas Smetana <tsmetana@xxxxxxxxxx> - 1.4.8-1
- New upstream bugfix version
- Fix rhbz#1323062 - out of bound read in GIF loader
- Fix rhbz#1323082 - divide by zero on 2x1 ellipse
* Thu Feb  4 2016 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.4.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Mon Jan 25 2016 Tomas Smetana <tsmetana@xxxxxxxxxx> - 1.4.7-1
- Rebase to 1.4.7
- Fixes CVE-2014-9762, CVE-2014-9763, CVE-2014-9764
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.4.6-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Thu Jan 22 2015 Tomas Smetana <tsmetana@xxxxxxxxxx> - 1.4.6-3
- Fix output of imlib2-config --libs (rhbz #1184166)
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.4.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Thu Jul 31 2014 Tomas Smetana <tsmetana@xxxxxxxxxx> - 1.4.6-1
- New upstream bugfix version
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.4.5-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Aug  3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.4.5-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1301617 - CVE-2014-9762 CVE-2014-9763 CVE-2014-9764 imlib2: security issues fixed in 1.4.7 [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1301617
  [ 2 ] Bug #1323064 - CVE-2016-3994 imlib2: out of bound read in GIF loader [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1323064
  [ 3 ] Bug #1323084 - CVE-2011-5326 imlib2: divide by zero on 2x1 ellipse [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1323084
  [ 4 ] Bug #1323619 - CVE-2016-3993 imlib2: off by one error in MergeUpdate [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1323619
  [ 5 ] Bug #1324776 - CVE-2014-9771 imlib2: exploitable integer overflow in _imlib_SaveImage [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1324776
  [ 6 ] Bug #1327480 - CVE-2016-4024 imlib2: integer overflow resulting in insufficient heap allocation [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1327480
--------------------------------------------------------------------------------


================================================================================
 python-copr-1.125-1.el7 (FEDORA-EPEL-2023-016a5af72a)
 Python interface for Copr
--------------------------------------------------------------------------------
Update Information:

### copr-cli  - More understandable module hotfixes description - Add options to
download only built RPMs/spec files - Use the --dirname parameter for copr-cli
monitor - Disable appstream by default - Use SPDX license  ### python-copr  -
Drop the unneeded marshmallow dependency - Fix APIv3 additional_modules
CoprChroot option - More understandable module hotfixes description - Disable
appstream by default - Use SPDX license
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 24 2023 Jakub Kadlcik <frostyx@xxxxxxxx> 1.125-1
- Drop the unneeded marshmallow dependency
- Fix APIv3 additional_modules CoprChroot option
- More understandable module hotfixes description
- Disable appstream by default
- Use SPDX license
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2151239 - RFE: Add --rpms option to download only rpms via download-build
        https://bugzilla.redhat.com/show_bug.cgi?id=2151239
--------------------------------------------------------------------------------


================================================================================
 python-websockify-0.6.0-4.el7 (FEDORA-EPEL-2023-1bc3956232)
 WSGI based adapter for the Websockets protocol
--------------------------------------------------------------------------------
Update Information:

add python36 build
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 25 2023 Jonathan Wright <jonathan@xxxxxxxxxxxxx> - 0.6.0-4
- Add proper provides for python36 package
* Wed Jan 25 2023 Jonathan Wright <jonathan@xxxxxxxxxxxxx> - 0.6.0-3
- Build python36-websockify rhbz#1890583
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux