The following Fedora EPEL 8 Security updates need testing: Age URL 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-31d4c55df0 arm-none-eabi-binutils-cs-2.43-1.el8 arm-none-eabi-gcc-cs-12.4.0-1.el8 arm-none-eabi-newlib-4.4.0.20231231-1.el8 The following builds have been pushed to Fedora EPEL 8 updates-testing chromium-129.0.6668.58-1.el8 mongo-c-driver-1.28.0-1.el8 Details about builds: ================================================================================ chromium-129.0.6668.58-1.el8 (FEDORA-EPEL-2024-2cc55c9f93) A WebKit (Blink) powered web browser that Google doesn't want you to use -------------------------------------------------------------------------------- Update Information: update to 129.0.6668.58 High CVE-2024-8904: Type Confusion in V8 Medium CVE-2024-8905: Inappropriate implementation in V8 Medium CVE-2024-8906: Incorrect security UI in Downloads Medium CVE-2024-8907: Insufficient data validation in Omnibox Low CVE-2024-8908: Inappropriate implementation in Autofill Low CVE-2024-8909: Inappropriate implementation in UI -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 17 2024 Than Ngo <than@xxxxxxxxxx> - 129.0.6668.58-1 - update to 129.0.6668.58 * High CVE-2024-8904: Type Confusion in V8 * Medium CVE-2024-8905: Inappropriate implementation in V8 * Medium CVE-2024-8906: Incorrect security UI in Downloads * Medium CVE-2024-8907: Insufficient data validation in Omnibox * Low CVE-2024-8908: Inappropriate implementation in Autofill * Low CVE-2024-8909: Inappropriate implementation in UI -------------------------------------------------------------------------------- ================================================================================ mongo-c-driver-1.28.0-1.el8 (FEDORA-EPEL-2024-4c92c7207f) Client library written in C for MongoDB -------------------------------------------------------------------------------- Update Information: libbson 1.28.0 New features: Add bson_validate_with_error_and_offset. Build Configuration: Remove automatic ccache detection and usage (CCache.cmake). Set CMAKE_<LANG>_COMPILER_LAUNCHER to build with ccache. Remove MONGO_USE_CCACHE (no longer applicable; see above). libmongoc 1.28.0 New features: Support In-Use Encryption range queries. Include insert ID on result of mongoc_collection_insert_one. Add new bulk write API mongoc_bulkwrite_t. Requires MongoDB 8.0. Reduces round- trips for mixed writes. Add serverMonitoringMode URI option. Improvements: Improve performance of OpenSSL connection creation. Improve performance when trace logging is configured (ENABLE_TRACING=ON) but disabled at runtime. Prefer FIPS compliant functions for SCRAM-SHA-256 key derivation. Remove required slash to delimit options in MongoDB URI (e.g. mongodb://example.com?w=1 parses the same as mongodb://example.com/?w=1). Include topology description in server selection timeout errors. Notes: Bump minimum wire protocol version from 6 (MongoDB 3.6) to 7 (MongoDB 4.0). Raise required version of libmongocrypt to 1.11.0 to support In-Use Encryption (corresponds to the CMake option: ENABLE_CLIENT_SIDE_ENCRYPTION). Build Configuration: Remove automatic ccache detection and usage (CCache.cmake). Set CMAKE_<LANG>_COMPILER_LAUNCHER to build with ccache. Remove MONGO_USE_CCACHE (no longer applicable; see above). Changed: Test and example targets are excluded from the ALL target. All test targets can be built using the mongo_c_driver_tests target. All example targets can be built using the mongo_c_driver_examples target. Use #!/usr/bin/env bash instead of #!/bin/sh in uninstall script generated by ENABLE_UNINSTALL=ON. Deprecated: Use of *_hint functions is deprecated in favor of more aptly named *_server_id functions: mongoc_bulk_operation_set_hint is deprecated for mongoc_bulk_operation_set_server_id mongoc_bulk_operation_get_hint is deprecated for mongoc_bulk_operation_get_server_id mongoc_cursor_set_hint is deprecated for mongoc_cursor_set_server_id mongoc_cursor_get_hint is deprecated for mongoc_cursor_get_server_id -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 19 2024 Remi Collet <remi@xxxxxxxxxxxx> - 1.28.0-1 - update to 1.28.0 - raise dependency to libmongocrypt 1.11.0 -------------------------------------------------------------------------------- -- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue