The following Fedora EPEL 8 Security updates need testing: Age URL 27 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-31d4c55df0 arm-none-eabi-binutils-cs-2.43-1.el8 arm-none-eabi-gcc-cs-12.4.0-1.el8 arm-none-eabi-newlib-4.4.0.20231231-1.el8 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-851c74616f p7zip-16.02-31.el8 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-a09b624fa1 koji-1.35.1-1.el8 The following builds have been pushed to Fedora EPEL 8 updates-testing fedora-license-data-1.58-1.el8 keepass-2.57.1-3.el8 mongo-c-driver-1.28.1-1.el8 netdata-1.47.4-4.el8 oath-toolkit-2.6.12-1.el8 python-ncclient-0.6.16-1.el8 Details about builds: ================================================================================ fedora-license-data-1.58-1.el8 (FEDORA-EPEL-2024-68e30c07e0) Fedora Linux license data -------------------------------------------------------------------------------- Update Information: Automatic update for fedora-license-data-1.58-1.el8. Changelog for fedora-license-data * Thu Oct 10 2024 Miroslav Suchý <msuchy@xxxxxxxxxx> 1.58-1 - add Ultra permissive dedication of docbook5-schemas - add public domain dedication for clc - add Sendmail-Open-Source-1.1 license - add public domain dedication for biblesync - add public domain dedication for BareBonesBrowserLaunch - add public domain dedication for astronomy-menus - add LGPL-2.1-only WITH OCCT-exception-1.0 - add CERN-OHL-P-2.0 - add Jam license - add public domain dedication for ants -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 10 2024 Miroslav Suchý <msuchy@xxxxxxxxxx> 1.58-1 - add Ultra permissive dedication of docbook5-schemas - add public domain dedication for clc - add Sendmail-Open-Source-1.1 license - add public domain dedication for biblesync - add public domain dedication for BareBonesBrowserLaunch - add public domain dedication for astronomy-menus - add LGPL-2.1-only WITH OCCT-exception-1.0 - add CERN-OHL-P-2.0 - add Jam license - add public domain dedication for ants -------------------------------------------------------------------------------- ================================================================================ keepass-2.57.1-3.el8 (FEDORA-EPEL-2024-ef4406c2f8) Password manager -------------------------------------------------------------------------------- Update Information: Update to 2.57.1 as approved by BSI -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 10 2024 Dr. Tilmann Bubeck <tilmann@xxxxxxxxxx> - 2.57.1-3 - local build * Wed Oct 9 2024 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 2.57.1-1 - Update to version 2.57.1 * Thu Jul 18 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.57-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Sun Jun 2 2024 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 2.57-1 - Update to version 2.57 * Sun Feb 4 2024 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 2.56-1 - Update to version 2.56. * Wed Jan 24 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.55-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sun Jan 21 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.55-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Wed Jan 17 2024 Yaakov Selkowitz <yselkowi@xxxxxxxxxx> - 2.55-6 - Fix flatpak build * Tue Jan 2 2024 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 2.55-5 - Fix missing sources * Fri Dec 1 2023 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 2.55-4 - Fix build error * Fri Dec 1 2023 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 2.55-3 - Use upstream source archive directly and verify it during %%prep * Tue Nov 21 2023 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 2.55-2 - Cleanup for upcoming re-review - Do not own %%docdir - Flag license file as %%license - Migrate to SPDX license * Tue Nov 21 2023 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 2.55-1 - Update to version 2.55. * Tue Nov 21 2023 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 2.54-1 - Update to version 2.54. * Tue Nov 21 2023 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 2.53.1-2 - Disable xdotool clipboard workaround to prevent passwords from leaking to systemd journal (CVE-2022-0725) * Tue Nov 21 2023 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 2.53.1-1 - Update to version 2.53.1. * Tue Nov 21 2023 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 2.52-1 - Update to version 2.52. * Tue Nov 21 2023 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 2.51.1-1 - Update to version 2.51.1. * Tue Nov 21 2023 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 2.50-2 - Revert "Don't know how to fix CVE-2022-0725." * Sat Jan 22 2022 Peter Oliver <git@xxxxxxxxxxxx> - 2.50-1 - Update to version 2.50. * Thu Jan 20 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.49-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Sun Sep 19 2021 Peter Oliver <git@xxxxxxxxxxxx> - 2.49-1 - Update to version 2.49. * Thu Jul 22 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.48.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Tue May 18 2021 Peter Oliver <git@xxxxxxxxxxxx> - 2.48.1-2 - Create directory /usr/lib/keepass/Languages * Tue May 11 2021 Peter Oliver <git@xxxxxxxxxxxx> - 2.48.1-1 - Update to version 2.48.1. * Fri May 7 2021 Peter Oliver <git@xxxxxxxxxxxx> - 2.48-1 - Update to version 2.48. * Tue Jan 26 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.47-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Sat Jan 9 2021 Peter Oliver <git@xxxxxxxxxxxx> - 2.47-1 - Update to version 2.47. * Thu Sep 17 2020 Peter Oliver <git@xxxxxxxxxxxx> - 2.46-2 - Exclude from armv7hl, where this doesn't currently build. * Fri Sep 11 2020 Peter Oliver <git@xxxxxxxxxxxx> - 2.46-1 - Update to version 2.46. * Tue Jul 28 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.45-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Thu Jul 2 2020 Peter Oliver <git@xxxxxxxxxxxx> - 2.45-2 - Drop Recommends on gtk2 -------------------------------------------------------------------------------- ================================================================================ mongo-c-driver-1.28.1-1.el8 (FEDORA-EPEL-2024-12072a6c55) Client library written in C for MongoDB -------------------------------------------------------------------------------- Update Information: libbson 1.28.1 Fixes: Fix large string handling in bson_string_truncate. Fix possible crash in bson_value_copy. libmongoc 1.28.1 Fixes: Do not return result in mongoc_bulkwritereturn_t if there are no known successful writes. Validate lengths in ill-formed server responses. Do not override read preference when using aggregate with $out/$merge with unscanned servers. Remove unexpected warning if authSource in TXT record is overriden by URI option. Fix crash when non-existent CA file configured with OpenSSL. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 10 2024 Remi Collet <remi@xxxxxxxxxxxx> - 1.28.1-1 - update to 1.28.1 -------------------------------------------------------------------------------- ================================================================================ netdata-1.47.4-4.el8 (FEDORA-EPEL-2024-53d6aa793f) Real-time performance monitoring -------------------------------------------------------------------------------- Update Information: Update from upstream Update from upstream Update from upstream -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 10 2024 Didier Fabert <didier.fabert@xxxxxxxxx> 1.47.4-1 - Update from upstream * Wed Oct 2 2024 Didier Fabert <didier.fabert@xxxxxxxxx> 1.47.3-1 - Update from upstream * Thu Sep 26 2024 Didier Fabert <didier.fabert@xxxxxxxxx> 1.47.2-1 - Update from upstream -------------------------------------------------------------------------------- References: [ 1 ] Bug #2314600 - netdata-1.47.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2314600 [ 2 ] Bug #2316144 - netdata-1.47.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2316144 [ 3 ] Bug #2317730 - netdata-1.47.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2317730 -------------------------------------------------------------------------------- ================================================================================ oath-toolkit-2.6.12-1.el8 (FEDORA-EPEL-2024-af2d187f08) One-time password components -------------------------------------------------------------------------------- Update Information: This is new version fixing possible local privilege escalation. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 10 2024 Jaroslav Škarvada <jskarvad@xxxxxxxxxx> - 2.6.12-1 - New version Resolves: rhbz#2316447 - Dropped privileges when operating on user files Resolves: CVE-2024-47191 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2316488 - CVE-2024-47191 oath-toolkit: Local root exploit in a PAM module https://bugzilla.redhat.com/show_bug.cgi?id=2316488 -------------------------------------------------------------------------------- ================================================================================ python-ncclient-0.6.16-1.el8 (FEDORA-EPEL-2024-35ac828870) Python library for the NETCONF protocol -------------------------------------------------------------------------------- Update Information: Update to 0.6.16: https://github.com/ncclient/ncclient/releases/tag/v0.6.16 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 9 2024 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.6.16-1 - Update to 0.6.16 (close RHBZ#2317548) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2317548 - python-ncclient-0.6.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=2317548 --------------------------------------------------------------------------------
-- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue