Fedora EPEL 8 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora EPEL 8 Security updates need testing:
 Age  URL
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-f282573e05   et-6.2.8-2.el8
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-6327fb701b   stb-0-0.45.20240213gitae721c5.el8


The following builds have been pushed to Fedora EPEL 8 updates-testing

    bgpq4-1.13-1.el8
    chromium-124.0.6367.118-2.el8
    tio-3.1-1.el8
    zabbix6.0-6.0.29-1.el8

Details about builds:


================================================================================
 bgpq4-1.13-1.el8 (FEDORA-EPEL-2024-6d23f67317)
 Automate BGP filter generation based on routing database information
--------------------------------------------------------------------------------
Update Information:

bgpq4 1.13
Fixed a bug for macOS users by removing sx_maxsockbuf()
--------------------------------------------------------------------------------
ChangeLog:

* Mon May  6 2024 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.13-1
- Upgrade to 1.13 (#2278792)
--------------------------------------------------------------------------------


================================================================================
 chromium-124.0.6367.118-2.el8 (FEDORA-EPEL-2024-4edaf658b7)
 A WebKit (Blink) powered web browser that Google doesn't want you to use
--------------------------------------------------------------------------------
Update Information:

update to 124.0.6367.118
High CVE-2024-4331: Use after free in Picture In Picture
High CVE-2024-4368: Use after free in Dawn
--------------------------------------------------------------------------------
ChangeLog:

* Sun May  5 2024 Than Ngo <than@xxxxxxxxxx> - 124.0.6367.118-2
- fixed build errors on el8
- refreshed clean_ffmpeg.sh
- added missing files for bundle ffmpeg
* Wed May  1 2024 Than Ngo <than@xxxxxxxxxx> - 124.0.6367.118-1
- update to 124.0.6367.118
  * High CVE-2024-4331: Use after free in Picture In Picture
  * High CVE-2024-4368: Use after free in Dawn
- use system highway
* Sat Apr 27 2024 Than Ngo <than@xxxxxxxxxx> - 124.0.6367.91-1
- update to 124.0.6367.91
- fixed bz#2277228 - chromium wrapper causes library issues (symbol lookup error)
- use system dav1d
* Wed Apr 24 2024 Than Ngo <than@xxxxxxxxxx> - 124.0.6367.78-1
- update to 124.0.6367.78
  * Critical CVE-2024-4058: Type Confusion in ANGLE
  * High CVE-2024-4059: Out of bounds read in V8 API
  * High CVE-2024-4060: Use after free in Dawn
* Sat Apr 20 2024 Than Ngo <than@xxxxxxxxxx> - 124.0.6367.60-2
- fix waylang regression
* Tue Apr 16 2024 Than Ngo <than@xxxxxxxxxx> - 124.0.6367.60-1
- update to 124.0.6367.60
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2274695 - CVE-2023-49528 chromium: FFmpeg: Heap Buffer Overflow vulnerability [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2274695
  [ 2 ] Bug #2275841 - CVE-2024-31578 CVE-2024-31581 CVE-2024-31582 CVE-2024-31585 chromium: ffmpeg: multiple vulnerabilities [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2275841
  [ 3 ] Bug #2276116 - CVE-2023-49501 CVE-2023-49502 CVE-2023-51791 CVE-2023-51792 CVE-2023-51793 chromium: ffmpeg: multiple vulnerabilities [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2276116
  [ 4 ] Bug #2276123 - CVE-2023-51795 CVE-2023-51796 CVE-2023-51797 CVE-2023-51798 chromium: ffmpeg: multiple vulnerabilites [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2276123
  [ 5 ] Bug #2276130 - CVE-2023-50007 CVE-2023-50008 CVE-2023-50009 CVE-2023-50010 chromium: ffmpeg: multiple vulnerabilitites [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2276130
  [ 6 ] Bug #2278765 - CVE-2024-4331 chromium: chromium-browser: Use after free in Picture In Picture [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2278765
  [ 7 ] Bug #2278766 - CVE-2024-4331 chromium: chromium-browser: Use after free in Picture In Picture [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2278766
  [ 8 ] Bug #2278771 - CVE-2024-4368 chromium: chromium-browser: Use after free in Dawn [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2278771
--------------------------------------------------------------------------------


================================================================================
 tio-3.1-1.el8 (FEDORA-EPEL-2024-0d1d43583b)
 Simple TTY terminal I/O application
--------------------------------------------------------------------------------
Update Information:

tio v3.1
Improve --list feature on non-linux platform
List available profiles in --list output
Always message when saving log file
Add support for using TID as device in config file
Fix use of invalid flag with regexec()
Fix potential buffer overflow in match_and_replace()
Fix profile autocompletion
Remove inih dependency from CI builds
Replace use of stat() with fstat()
For better security.
Fix hexN output mode
Update pattern matching example
Fix submenu response when invalid key hit
Replace inih with glib key file parser
After including the use of glib we might as well replace inih with the glib key
file parser.
All configuraiton file parsing has been reworked and also the options parsing
has been cleaned up, resulting in better and stricter configuration file and
option value checks.
Compared to old, configuration files now requires any default configurations to
be put in a group/section named [default].
Configuration file keywords such as enable, disable, on, off, yes, no, 0, 1 have
been retired. Now only true and false apply to boolean configuration options.
This is done to simplify things and avoid any confusion.
The pattern option feature has been reworked so now the user can now access the
full match string and any matching subexpression using the%mN syntax.
For example:
[usb devices]
pattern = usb([0-9]*)
device = /dev/ttyUSB%m1
Then when using tio:
$ tio usb12
   %m0 = 'usb12'  // Full match string
   %m1 = 12       // First match subexpression
Which results in device = `/dev/ttyUSB12`
Remove CircleCI
Replaced with GitHub workflow CI.
Add GitHub workflow for Ubuntu build
Enable extended pattern matching
So that the exclude options can also work as include using special pattern
syntax.
For example, to only include /dev/ttyUSB* devices simply do: $ tio --exclude-
devices=!(/dev/ttyUSB*) --list
See the man page of fnmatch() for all available extended pattern options.
Update lua read() description
Fix: add build patch for FNM_EXTMATCH
Feat: add macOS workflow
Fix: add macOS build patch for fs_get_creation_time
tio v3.0
Simplify lua line manipulation API
Collapses lua high(), low(), toggle(), config_high(), config_low(),
config_apply() into one simple function:
set{<line>=<state>, ...}
Line can be any of DTR, RTS, CTS, DSR, CD, RI.
State is high, low, or toggle.
Example: script = set{DTR=high, RTS=low}; msleep(100); set{DTR=low, RTS=high};
msleep(100); set{RTS=low}
Notice the use of {} instad of () when calling the set function. This is
required to pass parameters by name in lua.
Disable DEC Special Graphics at exit if vt100
If a vt100 terminal receives the Shift In character \016 it will enable the 7
bit DEC Special Graphics character set used for line drawing.
For most users this can happen due to line noise from the tty device and will
likely mess up your terminal even after tio exits.
To better handle this we want to make sure that tio disables this mode by
sending the Shift Out character \017 at exit.
This mechanism will only activate if environment variable TERM assumes value
vt100.
Add hexN output mode
Adds support for hexN mode where N is a number in the range 1 to 4096 which
defines how many hex values will be printed before a line break.
In short, it defines the width of the hex output.
In this mode, if timestamps are enabled they will be added to each hex line.
Rename sub-config to profile
Because better naming.
Use lua io.write() instead of print()
io.write() gives better output control as print() is hardcoded to always print a
newline.
Add new ways to manage serial devices
Rename --list-devices to --list
Rename --no-autoconnect to --no-reconnect
Switch -l and -L options
-l now lists available serial devices
-L enables log to file
Add option --auto-connect <strategy>
Supported strategies:
new - Waits to connect first new appearing serial device
latest - Connects to latest registered serial device
direct - Connect directly to specified serial device (default)
Add options to exclude serial devices from auto connect strategy by pattern
Supported exclude options:
--exclude-devices <pattern>
Example: --exclude-devices "/dev/ttyUSB2,/dev/ttyS?"
--exclude-drivers <pattern>
Example: --exclude-drivers "cdc_acm"
--exclude-tids <pattern>
Example: --exclude-tids "yW07,bCC2"
Patterns support * and ?
Connect to same port/device combination via unique topology ID (TID)
Topology ID is a 4 digit base62 encoded hash of a device topology string coming
from the Linux kernel. This means that whenever you plug in the same e.g. USB
serial port device to the same USB hub port connected via the exact same hub
topology all the way to your computer, you will get the same unique TID.
Useful for stable reconnections when serial device has no serial device by ID
For now, only tested on Linux.
Reworked and improved listing of serial devices to show serial devices:
By device
Including TID, uptime, driver, and description.
Sorted by uptime (newest device listed last)
By unique topology ID
By ID
By path
Add script interface list = tty_search() for searching for serial devices.
Clean up timestamp enum definition
Add missing options to show configuration
Update description of mute option
Add lua read_string() function
Don't forget to log output in lua expect()
Generalize automatic login example for Linux
Fix log output in hex output mode
Add timeout based timestamps in hex output mode
This change reintroduces timestamping in hex output mode but based on timeout
instead of new lines which made no sense. This means that timestamps will only
be printed when timeout time has elapsed with no output activity from serial
device.
Adds option --timestamp-timeout <ms> for setting the timeout value in
milliseconds.
Defaults to 200 ms.
Improve switched messages
Extend lua expect() to also return matched string
Add automatic login script example
Organize examples directory
Introduce basic line input mode
Cleanup global variable name shadowing
Updated login example with new expect logic
Reset buffer size at start of expect
Return 1 when expect matches
--------------------------------------------------------------------------------
ChangeLog:

* Sun May  5 2024 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 3.1-1
- Upgrade to 3.1 (#2277784)
* Wed May  1 2024 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 3.0-1
- Upgrade to 3.0 (#2277784)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2277784 - tio-3.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2277784
--------------------------------------------------------------------------------


================================================================================
 zabbix6.0-6.0.29-1.el8 (FEDORA-EPEL-2024-247f7a626a)
 Open-source monitoring solution for your IT infrastructure
--------------------------------------------------------------------------------
Update Information:

Update to 6.0.29
Hopefully really get the zabbix_run_sudo SELinux boolean working for zabbix-
agent and allow it to run lvm when enabled
--------------------------------------------------------------------------------
ChangeLog:

* Fri May  3 2024 Orion Poplawski <orion@xxxxxxxx> - 6.0.29-1
- Update to 6.0.29
- Hopefully really get the zabbix_run_sudo SELinux boolean working for
  zabbix-agent and allow it to run lvm when enabled
--------------------------------------------------------------------------------

--
_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue




[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux