The following Fedora EPEL 8 Security updates need testing: Age URL 71 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-31d4c55df0 arm-none-eabi-binutils-cs-2.43-1.el8 arm-none-eabi-gcc-cs-12.4.0-1.el8 arm-none-eabi-newlib-4.4.0.20231231-1.el8 22 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-35583dfe8b iaito-5.9.6-2.el8 radare2-5.9.6-2.el8 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-375a09fd04 cobbler3.2-3.2.3-2.el8 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-bc19d8cc99 python-aiohttp-3.7.4-7.el8 The following builds have been pushed to Fedora EPEL 8 updates-testing chromium-131.0.6778.85-1.el8 fedora-license-data-1.62-1.el8 onedrive-2.5.3-2.el8 Details about builds: ================================================================================ chromium-131.0.6778.85-1.el8 (FEDORA-EPEL-2024-09b0f49aa6) A WebKit (Blink) powered web browser that Google doesn't want you to use -------------------------------------------------------------------------------- Update Information: Update to 131.0.6778.85 High CVE-2024-11395: Type Confusion in V8 High CVE-2024-11110: Inappropriate implementation in Blink Medium CVE-2024-11111: Inappropriate implementation in Autofill Medium CVE-2024-11112: Use after free in Media Medium CVE-2024-11113: Use after free in Accessibility Medium CVE-2024-11114: Inappropriate implementation in Views Medium CVE-2024-11115: Insufficient policy enforcement in Navigation Medium CVE-2024-11116: Inappropriate implementation in Paint Low CVE-2024-11117: Inappropriate implementation in FileSystem -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 20 2024 Than Ngo <than@xxxxxxxxxx> - 131.0.6778.85-1 - Update to 131.0.6778.85 * High CVE-2024-11395: Type Confusion in V8 * Tue Nov 12 2024 Than Ngo <than@xxxxxxxxxx> - 131.0.6778.69-1 - Update to 131.0.6778.69 * High CVE-2024-11110: Inappropriate implementation in Blink * Medium CVE-2024-11111: Inappropriate implementation in Autofill * Medium CVE-2024-11112: Use after free in Media * Medium CVE-2024-11113: Use after free in Accessibility * Medium CVE-2024-11114: Inappropriate implementation in Views * Medium CVE-2024-11115: Insufficient policy enforcement in Navigation * Medium CVE-2024-11116: Inappropriate implementation in Paint * Low CVE-2024-11117: Inappropriate implementation in FileSystem -------------------------------------------------------------------------------- ================================================================================ fedora-license-data-1.62-1.el8 (FEDORA-EPEL-2024-6efb7765a4) Fedora Linux license data -------------------------------------------------------------------------------- Update Information: Automatic update for fedora-license-data-1.62-1.el8. Changelog for fedora-license-data * Fri Nov 22 2024 Miroslav Suchý <msuchy@xxxxxxxxxx> 1.62-1 - add Avasys public license as allowed-firmware - add public domain dedication for python-hexdump - add public domain dedication for allegro (loadpng addon) - add LicenseRef-soundfont as not-allowed - add broadcom firmware license - Reclassify LicenseRef-qmail as allowed (deprecated) - add GPL-2.0-only WITH CGAL-linking-exception - add firmware licensing terms for atmel-firmware - add wwl license - add generic-xts license - add LicenseRef-Mod-Archive as not-allowed - add public domain dedication for perl-Math-Expression-Evaluator - add public domain dedication for perl-MaxMind-DB-Reader-XS - add public domain dedication for python-django-pdb - add UltraPermissive dedication of package python-utmp - add public domain dedication for re2c - add public domain dedication for python-nine - add public domain dedication for perl-Devel-Trace - add LGPL-3.0-or-later WITH LGPL-3.0-linking-exception -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 22 2024 Miroslav Suchý <msuchy@xxxxxxxxxx> 1.62-1 - add Avasys public license as allowed-firmware - add public domain dedication for python-hexdump - add public domain dedication for allegro (loadpng addon) - add LicenseRef-soundfont as not-allowed - add broadcom firmware license - Reclassify LicenseRef-qmail as allowed (deprecated) - add GPL-2.0-only WITH CGAL-linking-exception - add firmware licensing terms for atmel-firmware - add wwl license - add generic-xts license - add LicenseRef-Mod-Archive as not-allowed - add public domain dedication for perl-Math-Expression-Evaluator - add public domain dedication for perl-MaxMind-DB-Reader-XS - add public domain dedication for python-django-pdb - add UltraPermissive dedication of package python-utmp - add public domain dedication for re2c - add public domain dedication for python-nine - add public domain dedication for perl-Devel-Trace - add LGPL-3.0-or-later WITH LGPL-3.0-linking-exception -------------------------------------------------------------------------------- ================================================================================ onedrive-2.5.3-2.el8 (FEDORA-EPEL-2024-f4ab45ff1d) OneDrive Free Client written in D -------------------------------------------------------------------------------- Update Information: Update to 2.5.3 (#2326647) -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 22 2024 Zamir SUN <sztsian@xxxxxxxxx> - 2.5.3-2 - Fix unable to parse SSL version * Fri Nov 15 2024 Fedora Release Monitoring <release-monitoring@xxxxxxxxxxxxxxxxx> - 2.5.3-1 - Update to 2.5.3 (#2326647) --------------------------------------------------------------------------------
-- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue