[EPEL-devel] Fedora EPEL 8 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora EPEL 8 Security updates need testing:
 Age  URL
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-d40458db4b   trafficserver-9.2.5-1.el8
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-2b876f90b2   xrdp-0.10.1-1.el8
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-5efb0dbd99   ImageMagick-6.9.13.14-1.el8


The following builds have been pushed to Fedora EPEL 8 updates-testing

    aws-c-cal-0.7.2-1.el8
    chromium-127.0.6533.88-2.el8
    cscppc-2.2.6-1.el8
    csdiff-3.4.1-1.el8
    csmock-3.6.1-1.el8
    gfal2-2.23.0-1.el8
    libmongocrypt-1.11.0-1.el8
    scorep-6.0-21.el8
    srm-ifce-1.24.7-1.el8
    syncthing-1.27.9-1.el8
    youtube-dl-2024.08.01.git71223bf-1.el8

Details about builds:


================================================================================
 aws-c-cal-0.7.2-1.el8 (FEDORA-EPEL-2024-5168e3434b)
 AWS Crypto Abstraction Layer
--------------------------------------------------------------------------------
Update Information:

Automatic update for aws-c-cal-0.7.2-1.el8.
Changelog for aws-c-cal
* Thu Jul 18 2024 Packit <hello@xxxxxxxxxx> - 0.7.2-1
- Update to version 0.7.2
- Resolves: rhbz#2298632
* Wed Jul 17 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> -
0.7.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jul 18 2024 Packit <hello@xxxxxxxxxx> - 0.7.2-1
- Update to version 0.7.2
- Resolves: rhbz#2298632
* Wed Jul 17 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2298632 - aws-c-cal-0.7.2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2298632
--------------------------------------------------------------------------------


================================================================================
 chromium-127.0.6533.88-2.el8 (FEDORA-EPEL-2024-b57653699c)
 A WebKit (Blink) powered web browser that Google doesn't want you to use
--------------------------------------------------------------------------------
Update Information:

update to 127.0.6533.88
Critical CVE-2024-6990: Uninitialized Use in Dawn
High CVE-2024-7255: Out of bounds read in WebTransport
High CVE-2024-7256: Insufficient data validation in Dawn
update to 127.0.6533.72
       * CVE-2024-6988: Use after free in Downloads
       * CVE-2024-6989: Use after free in Loader
       * CVE-2024-6991: Use after free in Dawn
       * CVE-2024-6992: Out of bounds memory access in ANGLE
       * CVE-2024-6993: Inappropriate implementation in Canvas
       * CVE-2024-6994: Heap buffer overflow in Layout
       * CVE-2024-6995: Inappropriate implementation in Fullscreen
       * CVE-2024-6996: Race in Frames
       * CVE-2024-6997: Use after free in Tabs
       * CVE-2024-6998: Use after free in User Education
       * CVE-2024-6999: Inappropriate implementation in FedCM
       * CVE-2024-7000: Use after free in CSS. Reported by Anonymous
       * CVE-2024-7001: Inappropriate implementation in HTML
       * CVE-2024-7003: Inappropriate implementation in FedCM
       * CVE-2024-7004: Insufficient validation of untrusted input in Safe
Browsing
       * CVE-2024-7005: Insufficient validation of untrusted input in Safe
--------------------------------------------------------------------------------
ChangeLog:

* Thu Aug  1 2024 Than Ngo <than@xxxxxxxxxx> - 127.0.6533.88-2
- remove old patch that seems to be the cause of a crash
  when the user set user.max_user_namespaces to 0
* Wed Jul 31 2024 Than Ngo <than@xxxxxxxxxx> - 127.0.6533.88-1
- update to 127.0.6533.88
* Wed Jul 24 2024 Than Ngo <than@xxxxxxxxxx> - 127.0.6533.72-1
- update to 127.0.6533.72
	* CVE-2024-6988: Use after free in Downloads
	* CVE-2024-6989: Use after free in Loader
	* CVE-2024-6991: Use after free in Dawn
	* CVE-2024-6992: Out of bounds memory access in ANGLE
	* CVE-2024-6993: Inappropriate implementation in Canvas
	* CVE-2024-6994: Heap buffer overflow in Layout
	* CVE-2024-6995: Inappropriate implementation in Fullscreen
	* CVE-2024-6996: Race in Frames
	* CVE-2024-6997: Use after free in Tabs
	* CVE-2024-6998: Use after free in User Education
	* CVE-2024-6999: Inappropriate implementation in FedCM
	* CVE-2024-7000: Use after free in CSS. Reported by Anonymous
	* CVE-2024-7001: Inappropriate implementation in HTML
	* CVE-2024-7003: Inappropriate implementation in FedCM
	* CVE-2024-7004: Insufficient validation of untrusted input in Safe Browsing
	* CVE-2024-7005: Insufficient validation of untrusted input in Safe
* Sat Jul 20 2024 Than Ngo <than@xxxxxxxxxx> - 126.0.6478.182-2
- fix condition for is_cfi/use_thin_lto on aarch64/ppc64le
- update powerpc patches
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2299576 - 127.0.6533.72 released, fixing many CVEs
        https://bugzilla.redhat.com/show_bug.cgi?id=2299576
  [ 2 ] Bug #2299689 - Adopt the ppc64le patches from OpenPOWER patchset
        https://bugzilla.redhat.com/show_bug.cgi?id=2299689
--------------------------------------------------------------------------------


================================================================================
 cscppc-2.2.6-1.el8 (FEDORA-EPEL-2024-551e413775)
 A compiler wrapper that runs Cppcheck in background
--------------------------------------------------------------------------------
Update Information:

update to latest upstream release
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug  2 2024 Kamil Dudka <kdudka@xxxxxxxxxx> 2.2.6-1
- update to latest upstream release
--------------------------------------------------------------------------------


================================================================================
 csdiff-3.4.1-1.el8 (FEDORA-EPEL-2024-551e413775)
 Non-interactive tools for processing code scan results in plain-text
--------------------------------------------------------------------------------
Update Information:

update to latest upstream release
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug  2 2024 Kamil Dudka <kdudka@xxxxxxxxxx> - 3.4.1-1
- update to latest upstream release
--------------------------------------------------------------------------------


================================================================================
 csmock-3.6.1-1.el8 (FEDORA-EPEL-2024-551e413775)
 A mock wrapper for Static Analysis tools
--------------------------------------------------------------------------------
Update Information:

update to latest upstream release
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug  2 2024 Kamil Dudka <kdudka@xxxxxxxxxx> - 3.6.1-1
- update to latest upstream
--------------------------------------------------------------------------------


================================================================================
 gfal2-2.23.0-1.el8 (FEDORA-EPEL-2024-8ebdfb5eaa)
 Grid file access library 2.0
--------------------------------------------------------------------------------
Update Information:

New upstream release v2.23.0
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug  2 2024 Mihai Patrascoiu <mihai.patrascoiu@xxxxxxx> - 2.23.0-1
- Upstream release 2.23.0
* Wed Jul 24 2024 Miroslav Suchý <msuchy@xxxxxxxxxx> - 2.22.2-3
- convert license to SPDX
* Thu Jul 18 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.22.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 libmongocrypt-1.11.0-1.el8 (FEDORA-EPEL-2024-90d3d1015a)
 The companion C library for client side encryption in drivers
--------------------------------------------------------------------------------
Update Information:

Version 1.11.0
New features
Support range algorithm as stable.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug  2 2024 Remi Collet <remi@xxxxxxxxxxxx> - 1.11.0-1
- update to 1.11.0
--------------------------------------------------------------------------------


================================================================================
 scorep-6.0-21.el8 (FEDORA-EPEL-2024-ba19a61736)
 Scalable Performance Measurement Infrastructure for Parallel Codes
--------------------------------------------------------------------------------
Update Information:

Rebuild for clang 17
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug  2 2024 Orion Poplawski <orion@xxxxxxxx> - 6.0-21
- Rebuild for clang 17 (RHEL 8.10)
--------------------------------------------------------------------------------


================================================================================
 srm-ifce-1.24.7-1.el8 (FEDORA-EPEL-2024-eea0d555f5)
 SRM client side library
--------------------------------------------------------------------------------
Update Information:

New upstream release v1.24.7
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug  2 2024 Mihai Patrascoiu <mihai.patrascoiu@xxxxxxx> - 1.24.7-1
- Upstream release 1.24.7
* Wed Jul 24 2024 Miroslav Suchý <msuchy@xxxxxxxxxx> - 1.24.6-5
- convert license to SPDX
* Sat Jul 20 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.24.6-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Sat Jan 27 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.24.6-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sat Jul 22 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.24.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 syncthing-1.27.9-1.el8 (FEDORA-EPEL-2024-c93aaf4031)
 Continuous File Synchronization
--------------------------------------------------------------------------------
Update Information:

Update to version 1.27.9.
Release notes:
1.27.8: https://github.com/syncthing/syncthing/releases/tag/v1.27.8
1.27.9: https://github.com/syncthing/syncthing/releases/tag/v1.27.9
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug  2 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 1.27.9-1
- Update to version 1.27.9; Fixes RHBZ#2290442
--------------------------------------------------------------------------------


================================================================================
 youtube-dl-2024.08.01.git71223bf-1.el8 (FEDORA-EPEL-2024-8d34fbe41a)
 A small command-line program to download online videos
--------------------------------------------------------------------------------
Update Information:

Update to latest snapshot
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug  2 2024 David Bold <davidsch@xxxxxxxxxxxxxxxxx> - 2024.08.01.git71223bf-1
- Update to latest git snapshot 71223bf from 2024.08.01
* Mon Jul 29 2024 David Bold <davidsch@xxxxxxxxxxxxxxxxx> - 2024.07.25.gite1b3fa2-1
- Update to latest git snapshot e1b3fa2 from 2024.07.25
--------------------------------------------------------------------------------


-- 
_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux