The following Fedora EPEL 8 Security updates need testing: Age URL 59 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-31d4c55df0 arm-none-eabi-binutils-cs-2.43-1.el8 arm-none-eabi-gcc-cs-12.4.0-1.el8 arm-none-eabi-newlib-4.4.0.20231231-1.el8 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-35583dfe8b iaito-5.9.6-2.el8 radare2-5.9.6-2.el8 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-c35d90e5f2 lemonldap-ng-2.20.1-1.el8 The following builds have been pushed to Fedora EPEL 8 updates-testing chromium-130.0.6723.116-1.el8 csdiff-3.5.2-1.el8 csmock-3.8.0-1.el8 nordugrid-arc6-6.21.0-1.el8 onedrive-2.5.2-1.el8 openjph-0.18.0-1.el8 tito-0.6.27-1.el8 Details about builds: ================================================================================ chromium-130.0.6723.116-1.el8 (FEDORA-EPEL-2024-d396fc832a) A WebKit (Blink) powered web browser that Google doesn't want you to use -------------------------------------------------------------------------------- Update Information: Update to 130.0.6723.116 -------------------------------------------------------------------------------- ChangeLog: * Sun Nov 10 2024 Than Ngo <than@xxxxxxxxxx> - 130.0.6723.116-1 - Update to 130.0.6723.116 * High CVE-2024-10826: Use after free in Family Experience * High CVE-2024-10827: Use after free in Serial -------------------------------------------------------------------------------- References: [ 1 ] Bug #2324200 - CVE-2024-10827 chromium: Use after free in Serial [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2324200 [ 2 ] Bug #2324201 - CVE-2024-10827 chromium: Use after free in Serial [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2324201 [ 3 ] Bug #2324202 - CVE-2024-10827 chromium: Use after free in Serial [fedora-39] https://bugzilla.redhat.com/show_bug.cgi?id=2324202 [ 4 ] Bug #2324203 - CVE-2024-10827 chromium: Use after free in Serial [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2324203 [ 5 ] Bug #2324204 - CVE-2024-10827 chromium: Use after free in Serial [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2324204 -------------------------------------------------------------------------------- ================================================================================ csdiff-3.5.2-1.el8 (FEDORA-EPEL-2024-c9e62b673c) Non-interactive tools for processing code scan results in plain-text -------------------------------------------------------------------------------- Update Information: update to latest upstream release -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 11 2024 Kamil Dudka <kdudka@xxxxxxxxxx> - 3.5.2-1 - update to latest upstream release -------------------------------------------------------------------------------- ================================================================================ csmock-3.8.0-1.el8 (FEDORA-EPEL-2024-c9e62b673c) A mock wrapper for Static Analysis tools -------------------------------------------------------------------------------- Update Information: update to latest upstream release -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 11 2024 Kamil Dudka <kdudka@xxxxxxxxxx> - 3.8.0-1 - update to latest upstream -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc6-6.21.0-1.el8 (FEDORA-EPEL-2024-0343e7e460) Advanced Resource Connector Middleware -------------------------------------------------------------------------------- Update Information: AEC 6.21 -------------------------------------------------------------------------------- ChangeLog: * Sun Nov 10 2024 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 6.21.0-1 - Update to version 6.21.0 -------------------------------------------------------------------------------- ================================================================================ onedrive-2.5.2-1.el8 (FEDORA-EPEL-2024-095e9d96cc) OneDrive Free Client written in D -------------------------------------------------------------------------------- Update Information: Update to 2.5.2 -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 14 2024 Zamir SUN <sztsian@xxxxxxxxx> - 2.5.2-1 - Update to 2.5.2 - Fixes RHBZ#2315073 RHBZ#2258756 * Wed Sep 18 2024 Zamir SUN <sztsian@xxxxxxxxx> - 2.5.0-1 - Update to 2.5.0 (#2268779) * Tue Aug 6 2024 Kalev Lember <klember@xxxxxxxxxx> - 2.4.25-9 - Rebuilt for ldc 1.39 * Mon Jul 29 2024 Miroslav Suchý <msuchy@xxxxxxxxxx> - 2.4.25-8 - convert license to SPDX * Thu Jul 18 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.4.25-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Thu Jan 25 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.4.25-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sun Jan 21 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.4.25-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Tue Oct 17 2023 Kalev Lember <klember@xxxxxxxxxx> - 2.4.25-4 - Rebuilt for ldc 1.35 * Mon Jul 24 2023 Kalev Lember <klember@xxxxxxxxxx> - 2.4.25-3 - Rebuilt for ldc 1.33 * Thu Jul 20 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.4.25-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ openjph-0.18.0-1.el8 (FEDORA-EPEL-2024-5251513ad1) Open-source implementation of JPEG2000 Part-15 (or JPH or HTJ2K) -------------------------------------------------------------------------------- Update Information: Update to 0.18.0. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 11 2024 Simone Caronni <negativo17@xxxxxxxxx> - 0.18.0-1 - Update to 0.18.0. -------------------------------------------------------------------------------- References: [ 1 ] Bug #2314015 - Invalid instruction, sddm, gwenview and others crash https://bugzilla.redhat.com/show_bug.cgi?id=2314015 [ 2 ] Bug #2322683 - openjph-0.18.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2322683 -------------------------------------------------------------------------------- ================================================================================ tito-0.6.27-1.el8 (FEDORA-EPEL-2024-d00fb7448d) A tool for managing rpm based git projects -------------------------------------------------------------------------------- Update Information: 507 - Defer submodule detection to git to prevent fails caused by empty .gitmodules file Many improvements to tests and they now run during package build 460 - Sometimes Tito-built packages have lower NVR than packages from the official repositories. This can now be prevented by new config option buildconfig.test_version_suffix. It can be used like this: -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 11 2024 Jakub KadlÄ?Ãk <frostyx@xxxxxxxx> - Defer submodule detection to git - Many improvements to tests and they now run during package build - New config option `buildconfig.test_version_suffix` --------------------------------------------------------------------------------
-- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue