The following builds have been pushed to Fedora EPEL 7 updates-testing baresip-3.5.1-1.el7 chromium-117.0.5938.62-1.el7 libre-3.5.1-1.el7 netatalk-3.1.17-1.el7 Details about builds: ================================================================================ baresip-3.5.1-1.el7 (FEDORA-EPEL-2023-af745023b6) Modular SIP user-agent with audio and video support -------------------------------------------------------------------------------- Update Information: # Baresip v3.5.1 (2023-09-12) * cmake: fix `RE_DEFINITIONS` # Baresip v3.5.0 (2023-09-12) * mc: fix format string * call: never set `sent_answer` to false * video: add source and display name getters * cmake: fix clang gnu-zero-variadic-macro-arguments warning * test call cancel rules * stream: declare `ext_len` when assigned * ci/mingw: remove cmake workaround * call: fix Refer-To URI angle brackets * test: call - replace `re_cancel` in `CALL_RTCP` and `REMOTE_SDP` by rule * test: add `rtcp_mux` test * test: remove unused local variable in `test_call_bundle_base()` * account,docs: cleanup for accounts config * test: call - combine cancel rules with logical AND * ccheck: add PRI*64 check (use `%L` instead) * test: call - replace `stop_on_rtp` by cancel rules * webrtc/js: add `rtcpMuxPolicy` require policy * gst: `gst_deinit()` should be last gst call * cmake: replace old `add_definitions` * Release v3.5.0 # libre v3.5.1 (2023-09-12) * cmake: fix `RELEASE` definition for older cmake releases * ci/build: add release build check * cmake: fix definitions for older cmake # libre v3.5.0 (2023-09-12) * ci/sonar: update scanner and java version * ci/sonar: fix java distribution * udp: add doxygen comments * tls: fix some doxygen warnings * mk: add release target * types: add `re_assert` and `re_assert_se` definition * btrace improvements * Safe `RE_VA_ARG` helpers * mbuf: add safe `mbuf_printf` * auth: cast `time_t` timestamp * mbuf: add `mbuf_write_ptr` and `mbuf_read_ptr` * ci/mingw: remove cmake workaround * tls: assume OpenSSL version 1.1.1 or later * cmake: cleanup, remove unused define `USE_OPENSSL_DTLS` * test/turn: use mutex instead atomic * stun: remove unused struct members * stun: complete doxygen for struct * tcp,udp: full IPv6 dual-stack socket support * aufile: add methods to get size in bytes/length in ms * async: signal `ESHUTDOWN` to all open worker callbacks * dns/client: fix async getaddr query abort (not thread safe) * async,dns/client: replace `ESHUTDOWN` with `ECANCELED` and optimize err handling * sip: remove unused local variable * dns/client: optimize udp timeout * ice: add candidate sdp mdns support * ice/icesdp: fix freeaddrinfo * retest: fix format string in `test_listcases` for `size_t` argument * httpauth: http digest challenge request using RFC 7616 * types: fix `RE_ARG_SIZE` default argument promotions * sip: fix TCP source port * fmt/print: add 64-bit length modifier `%Li`, `%Ld` and `%Lu` * fmt/print: improve print `RE_VA_ARG` debugging * sip/request: fix check return code (found by coverity) * httpauth/digest: use `%L` instead of PRI*64 macros * types: add `RE_ARG_SIZE` struct pl (avoids wrong print fmt `%r` usage) * dns/client: fix getaddrinfo err handling and `mem_ref` dnsc * rtp/rtp_debug: fix printf size format * main: optimize `re_lock` and `re_unlock` * hexdump: fix format and add test * test: fix bug in performance test format * types: remove some duplicated error codes * test: minor improvements in remain test * dbg: remove unused functions * cmake/re-config: add default `CMAKE_BUILD_TYPE` and fix `RELEASE` definition * dns/client: use info for `getaddrinfo_h` err -------------------------------------------------------------------------------- ChangeLog: * Sun Sep 17 2023 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 3.5.1-1 - Upgrade to 3.5.1 (#2238647) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2238647 - baresip-3.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2238647 [ 2 ] Bug #2238874 - libre-3.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2238874 -------------------------------------------------------------------------------- ================================================================================ chromium-117.0.5938.62-1.el7 (FEDORA-EPEL-2023-c66924cb92) A WebKit (Blink) powered web browser that Google doesn't want you to use -------------------------------------------------------------------------------- Update Information: update to 117.0.5938.62. Fixes following security issues: CVE-2023-4900 CVE-2023-4901 CVE-2023-4902 CVE-2023-4903 CVE-2023-4904 CVE-2023-4905 CVE-2023-4906 CVE-2023-4907 CVE-2023-4908 CVE-2023-4909 ---- update to 116.0.5845.187. Fixes following security issue: CVE-2023-4863 ---- update to 116.0.5845.179. Fixes following security issues: CVE-2023-4427 CVE-2023-4428 CVE-2023-4429 CVE-2023-4430 CVE-2023-4431 CVE-2023-4572 CVE-2023-4761 CVE-2023-4762 CVE-2023-4763 CVE-2023-4764 -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 13 2023 Than Ngo <than@xxxxxxxxxx> - 117.0.5938.62-1 - update to 117.0.5938.62 * Tue Sep 12 2023 Than Ngo <than@xxxxxxxxxx> - 116.0.5845.187-1 - update to 116.0.5845.187 * Fri Sep 8 2023 Than Ngo <than@xxxxxxxxxx> - 116.0.5845.179-1 - update to 116.0.5845.179 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2234749 - CVE-2023-4427 CVE-2023-4428 CVE-2023-4429 CVE-2023-4430 CVE-2023-4431 chromium: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2234749 [ 2 ] Bug #2234750 - CVE-2023-4427 CVE-2023-4428 CVE-2023-4429 CVE-2023-4430 CVE-2023-4431 chromium: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2234750 [ 3 ] Bug #2235800 - CVE-2023-4572 chromium: chromium-browser: Use after free in MediaStream [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2235800 [ 4 ] Bug #2235801 - CVE-2023-4572 chromium: chromium-browser: Use after free in MediaStream [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2235801 [ 5 ] Bug #2236152 - CVE-2021-29390 chromium: libjpeg-turbo: heap-buffer-overflow vulnerability in decompress_smooth_data in jdcoefct.c [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2236152 [ 6 ] Bug #2237509 - CVE-2023-4761 CVE-2023-4762 CVE-2023-4763 CVE-2023-4764 chromium: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2237509 [ 7 ] Bug #2237510 - CVE-2023-4761 CVE-2023-4762 CVE-2023-4763 CVE-2023-4764 chromium: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2237510 [ 8 ] Bug #2238432 - CVE-2023-4863 chromium: chromium-browser: Heap buffer overflow in WebP [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2238432 [ 9 ] Bug #2238433 - CVE-2023-4863 chromium: chromium-browser: Heap buffer overflow in WebP [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2238433 [ 10 ] Bug #2238832 - CVE-2023-4900 CVE-2023-4901 CVE-2023-4902 CVE-2023-4903 CVE-2023-4904 CVE-2023-4905 CVE-2023-4906 CVE-2023-4907 CVE-2023-4908 CVE-2023-4909 chromium: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2238832 [ 11 ] Bug #2238833 - CVE-2023-4900 CVE-2023-4901 CVE-2023-4902 CVE-2023-4903 CVE-2023-4904 CVE-2023-4905 CVE-2023-4906 CVE-2023-4907 CVE-2023-4908 CVE-2023-4909 chromium: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2238833 -------------------------------------------------------------------------------- ================================================================================ libre-3.5.1-1.el7 (FEDORA-EPEL-2023-af745023b6) Generic library for real-time communications -------------------------------------------------------------------------------- Update Information: # Baresip v3.5.1 (2023-09-12) * cmake: fix `RE_DEFINITIONS` # Baresip v3.5.0 (2023-09-12) * mc: fix format string * call: never set `sent_answer` to false * video: add source and display name getters * cmake: fix clang gnu-zero-variadic-macro-arguments warning * test call cancel rules * stream: declare `ext_len` when assigned * ci/mingw: remove cmake workaround * call: fix Refer-To URI angle brackets * test: call - replace `re_cancel` in `CALL_RTCP` and `REMOTE_SDP` by rule * test: add `rtcp_mux` test * test: remove unused local variable in `test_call_bundle_base()` * account,docs: cleanup for accounts config * test: call - combine cancel rules with logical AND * ccheck: add PRI*64 check (use `%L` instead) * test: call - replace `stop_on_rtp` by cancel rules * webrtc/js: add `rtcpMuxPolicy` require policy * gst: `gst_deinit()` should be last gst call * cmake: replace old `add_definitions` * Release v3.5.0 # libre v3.5.1 (2023-09-12) * cmake: fix `RELEASE` definition for older cmake releases * ci/build: add release build check * cmake: fix definitions for older cmake # libre v3.5.0 (2023-09-12) * ci/sonar: update scanner and java version * ci/sonar: fix java distribution * udp: add doxygen comments * tls: fix some doxygen warnings * mk: add release target * types: add `re_assert` and `re_assert_se` definition * btrace improvements * Safe `RE_VA_ARG` helpers * mbuf: add safe `mbuf_printf` * auth: cast `time_t` timestamp * mbuf: add `mbuf_write_ptr` and `mbuf_read_ptr` * ci/mingw: remove cmake workaround * tls: assume OpenSSL version 1.1.1 or later * cmake: cleanup, remove unused define `USE_OPENSSL_DTLS` * test/turn: use mutex instead atomic * stun: remove unused struct members * stun: complete doxygen for struct * tcp,udp: full IPv6 dual-stack socket support * aufile: add methods to get size in bytes/length in ms * async: signal `ESHUTDOWN` to all open worker callbacks * dns/client: fix async getaddr query abort (not thread safe) * async,dns/client: replace `ESHUTDOWN` with `ECANCELED` and optimize err handling * sip: remove unused local variable * dns/client: optimize udp timeout * ice: add candidate sdp mdns support * ice/icesdp: fix freeaddrinfo * retest: fix format string in `test_listcases` for `size_t` argument * httpauth: http digest challenge request using RFC 7616 * types: fix `RE_ARG_SIZE` default argument promotions * sip: fix TCP source port * fmt/print: add 64-bit length modifier `%Li`, `%Ld` and `%Lu` * fmt/print: improve print `RE_VA_ARG` debugging * sip/request: fix check return code (found by coverity) * httpauth/digest: use `%L` instead of PRI*64 macros * types: add `RE_ARG_SIZE` struct pl (avoids wrong print fmt `%r` usage) * dns/client: fix getaddrinfo err handling and `mem_ref` dnsc * rtp/rtp_debug: fix printf size format * main: optimize `re_lock` and `re_unlock` * hexdump: fix format and add test * test: fix bug in performance test format * types: remove some duplicated error codes * test: minor improvements in remain test * dbg: remove unused functions * cmake/re-config: add default `CMAKE_BUILD_TYPE` and fix `RELEASE` definition * dns/client: use info for `getaddrinfo_h` err -------------------------------------------------------------------------------- ChangeLog: * Sun Sep 17 2023 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 3.5.1-1 - Upgrade to 3.5.1 (#2238874) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2238647 - baresip-3.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2238647 [ 2 ] Bug #2238874 - libre-3.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2238874 -------------------------------------------------------------------------------- ================================================================================ netatalk-3.1.17-1.el7 (FEDORA-EPEL-2023-157de09f6e) Open Source Apple Filing Protocol(AFP) File Server -------------------------------------------------------------------------------- Update Information: 3.1.17 release ---- autoconf, automake, and libtool are no longer required -------------------------------------------------------------------------------- ChangeLog: * Sun Sep 17 2023 Andrew Bauer <zonexpertconsulting@xxxxxxxxxxx> - 5:3.1.17-1 - 3.1.17 release - Fixes CVE-2023-42464 - upstream removed bundled libevent back in 3.1.13 release * Tue Sep 12 2023 Andrew Bauer <zonexpertconsulting@xxxxxxxxxxx> - 5:3.1.16-1 - autoconf, automake, and libtool are no longer required - force gnu99 cflag on el7 builds - 3.1.16 release * Thu Jul 20 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 5:3.1.15-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2238477 - netatalk-3.1.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=2238477 [ 2 ] Bug #2239273 - netatalk-3.1.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239273 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue