The following Fedora EPEL 8 Security updates need testing: Age URL 13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-bc19d8cc99 python-aiohttp-3.7.4-7.el8 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-59fe4b1ed6 zabbix6.0-6.0.36-1.el8 The following builds have been pushed to Fedora EPEL 8 updates-testing iaito-5.9.9-2.el8 perl-OLE-Storage_Lite-0.20-1.el8 radare2-5.9.8-5.el8 Details about builds: ================================================================================ iaito-5.9.9-2.el8 (FEDORA-EPEL-2024-f9e4479284) GUI for radare2 reverse engineering framework -------------------------------------------------------------------------------- Update Information: Bump radare2 to 5.9.8, iaito to 5.9.9, fixes CVE-2024-11858 fix CVE-2024-48241 -------------------------------------------------------------------------------- ChangeLog: * Sat Nov 30 2024 Michal Ambroz <rebus@xxxxxxxxx> - 5.9.9-2 - iaito rebuild * Mon Nov 25 2024 Michal Ambroz <rebus@xxxxxxxxx> - 5.9.9-1 - bump to 5.9.9 * Thu Oct 31 2024 Michal Ambroz <rebus@xxxxxxxxx> - 5.9.6-2 - fix epel8 build * Wed Oct 16 2024 Michal Ambroz <rebus@xxxxxxxxx> - 5.9.6-1 - bump to 5.9.6 * Mon Aug 12 2024 Michal Ambroz <rebus _AT seznam.cz> - 5.9.4-1 - bump to 5.9.4 * Thu Jul 18 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 5.9.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Fri May 24 2024 Michal Ambroz <rebus _AT seznam.cz> - 5.9.2-1 - bump to 5.9.2 * Thu May 23 2024 Michal Ambroz <rebus _AT seznam.cz> - 5.9.0-2 - rebuild with radare2 5.9.2 * Sun May 5 2024 Michal Ambroz <rebus _AT seznam.cz> - 5.9.0-1 - rebuild with radare2 5.9.0 * Wed Jan 24 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 5.8.8-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sat Jan 20 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 5.8.8-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Mon Nov 13 2023 Michal Ambroz <rebus _AT seznam.cz> - 5.8.8-4 - rebuild with capstone 5.0.1 * Thu Jul 20 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 5.8.8-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Sun Jul 9 2023 Michal Ambroz <rebus _AT seznam.cz> - 5.8.8-2 - rebuild with radare2 5.8.8 * Wed Jul 5 2023 Michal Ambroz <rebus _AT seznam.cz> - 5.8.8-1 - bump to 5.8.8 * Mon Apr 10 2023 Michal Ambroz <rebus _AT seznam.cz> - 5.8.4-2 - rebuild with fixed radare2 5.8.5 * Wed Mar 29 2023 Michal Ambroz <rebus _AT seznam.cz> - 5.8.4-1 - bump to 5.8.4 * Fri Feb 3 2023 Michal Ambroz <rebus _AT seznam.cz> - 5.8.2-1 - bump to 5.8.2 * Thu Jan 26 2023 Michal Ambroz <rebus _AT seznam.cz> - 5.8.0-1 - bump to 5.8.0 * Thu Jan 19 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 5.7.8-1.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Thu Oct 27 2022 Michal Ambroz <rebus _AT seznam.cz> - 5.7.8-1 - bump to 5.7.8 * Tue Oct 4 2022 Michal Ambroz <rebus _AT seznam.cz> - 5.7.6-1 - bump to 5.7.6 * Mon Sep 19 2022 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 5.7.2-1 - 5.7.2 - build system switched from cmake to configure / make * Thu Jul 21 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 5.6.0-0.5.20220303gitb8a42d8.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Thu Apr 21 2022 Henrik Nordstrom <henrik@xxxxxxxxxxxxxxxxxxx> - 5.6.0-0.5.20220303gitb8a42d8 - rebuilt with radare2 5.6.8 * Thu Mar 3 2022 Michal Ambroz <rebus _AT seznam.cz> - 5.6.0-0.3.20220303gitafaa7df - fixes issue in disassembly with not visible arguments - remove the obsolete docs * Tue Mar 1 2022 Michal Ambroz <rebus _AT seznam.cz> - 5.6.0-0.2.20220206git28a1099 - rebuild with radare2 5.6.4 - add missing include #2059619 to compile with the new version of highlighting * Sun Feb 13 2022 Michal Ambroz <rebus _AT seznam.cz> - 5.6.0-0.1.20220206git28a1099 - bump to git version 20220206git28a1099 to be able to upgrade radare2 to 5.6.0 * Sun Feb 13 2022 Michal Ambroz <rebus _AT seznam.cz> - 5.5.0-0.beta.1 - bump to 5.5.0 * Thu Jan 20 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 5.3.1-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Fri Oct 15 2021 Ivan Mironov <mironov.ivan@xxxxxxxxx> - 5.3.1-5 - Fix plugin search paths * Mon Oct 4 2021 Henrik Nordstrom <henrik@xxxxxxxxxxxxxxxxxxx> - 5.3.1-4 - rebuilt with radare2 5.4.2 * Sat Sep 18 2021 Henrik Nordstrom <henrik@xxxxxxxxxxxxxxxxxxx> - 5.3.1-3 - rebuilt with radare2 5.4.0 * Sat Sep 18 2021 Henrik Nordstrom <henrik@xxxxxxxxxxxxxxxxxxx> - 5.3.1-2 - rebuilt with radare2 5.4.0 * Wed Jul 21 2021 Henrik Nordstrom <henrik@xxxxxxxxxxxxxxxxxxx> - 5.3.1-1 - Update to release 5.3.1 * Fri Jun 11 2021 Michal Ambroz <rebus _AT seznam.cz> - 5.2.2-3 - rebuild with radare2 5.3.1 * Wed Jun 9 2021 Michal Ambroz <rebus _AT seznam.cz> - 5.2.2-2 - rebuild with radare2 5.3.0 * Thu Apr 29 2021 Michal Ambroz <rebus _AT seznam.cz> - 5.2.2-1 - bump to 5.2.2 * Sat Apr 24 2021 Michal Ambroz <rebus _AT seznam.cz> - 5.2.1-1 - bump to 5.2.1 * Wed Apr 21 2021 Michal Ambroz <rebus _AT seznam.cz> - 5.2.0-3 - fix RIO list * Fri Apr 16 2021 Michal Ambroz <rebus _AT seznam.cz> - 5.2.0-2 - name change again -> iaito - adding doc package - Add '/usr/lib*/iaito/' to plugin search paths * Mon Mar 22 2021 Ivan Mironov <mironov.ivan@xxxxxxxxx> - 0.1.1-4 - Add '/usr/lib*/r2cutter/' to plugin search paths * Fri Mar 19 2021 Michal Ambroz <rebus _AT seznam.cz> - 0.1.1-3 - switch from cutter to r2cutter - cosmetic patches to fix gcc10+ warnings (reported upstream) * Tue Jan 26 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.0.1.11.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Mon Jul 27 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.0.1.11.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Mon Jul 27 2020 Riccardo Schirone <rschirone91@xxxxxxxxx> - 0.0.1.11.0-1 - Bump to upstream version 1.11.0-1 (Thanks to Michal Ambroz, changes mostly taken from https://src.fedoraproject.org/rpms/cutter-re/pull-request/2#request_diff) - Add cutter translations - Provide -devel sub package to allow compilation of cutter plugins * Fri May 8 2020 Riccardo Schirone <rschirone91@xxxxxxxxx> - 0.0.1.10.2-2 - Just re-build * Tue May 5 2020 Riccardo Schirone <rschirone91@xxxxxxxxx> - 0.0.1.10.2-1 - Rebase to upstream version 1.10.2 * Tue May 5 2020 Riccardo Schirone <rschirone91@xxxxxxxxx> - 0.0.1.10.1-5 - Re-build for new radare2 release * Wed Feb 5 2020 Riccardo Schirone <rschirone91@xxxxxxxxx> - 0.0.1.10.1-4 - Just use the right desktop file name and app metadata instead of messing with cutter source code * Wed Feb 5 2020 Riccardo Schirone <rschirone91@xxxxxxxxx> - 0.0.1.10.1-3 - Rebuild with new radare2 * Wed Feb 5 2020 Riccardo Schirone <rschirone91@xxxxxxxxx> - 0.0.1.10.1-2 - Fix the main window icon * Mon Feb 3 2020 Riccardo Schirone <rschirone91@xxxxxxxxx> - 0.0.1.10.1-1 - Rebase to cutter 1.10.1 * Tue Jan 28 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.0.1.9.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Fri Oct 11 2019 Riccardo Schirone <rschirone91@xxxxxxxxx> - 0.0.1.9.0-2 - Rebuilt for radare2-3.9.0-3 * Mon Sep 30 2019 Riccardo Schirone <rschirone91@xxxxxxxxx> - 0.0.1.9.0-1 - rebase to cutter 1.9.0 * Wed Jul 24 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.0.1.8.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Mon Jul 15 2019 Riccardo Schirone <rschirone91@xxxxxxxxx> - 0.0.1.8.3-1 - rebase to cutter 1.8.3 * Wed Jun 26 2019 Riccardo Schirone <rschirone91@xxxxxxxxx> - 0.0.1.8.0-4 - recompile for radare2 3.6.0 * Mon Apr 15 2019 Riccardo Schirone <rschirone91@xxxxxxxxx> - 0.0.1.8.0-3 - recompile for radare2 3.4.1 * Tue Apr 9 2019 Lubomir Rintel <lkundrak@xxxxx> - 0.0.1.8.0-2 - Update to radare2 3.4.1 * Thu Mar 21 2019 Lubomir Rintel <lkundrak@xxxxx> - 0.0.1.8.0-1 - Update to 1.8.0 - Require hicolor-icon-theme - Move appdata to a correct location - Fix license field (Robert-André Mauchin, #1690050) * Thu Mar 14 2019 Lubomir Rintel <lkundrak@xxxxx> - 0.0.1.7.4-1 - Cutter - Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #2313891 - iaito: fails to install from epel9 https://bugzilla.redhat.com/show_bug.cgi?id=2313891 [ 2 ] Bug #2318484 - iaito-5.9.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=2318484 [ 3 ] Bug #2319076 - radare2-5.9.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=2319076 [ 4 ] Bug #2322791 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2322791 [ 5 ] Bug #2322792 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2322792 [ 6 ] Bug #2322793 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-39] https://bugzilla.redhat.com/show_bug.cgi?id=2322793 [ 7 ] Bug #2322794 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2322794 [ 8 ] Bug #2322795 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2322795 [ 9 ] Bug #2327286 - iaito-5.9.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=2327286 [ 10 ] Bug #2327308 - radare2-5.9.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=2327308 [ 11 ] Bug #2329104 - CVE-2024-11858 radare2: Command Injection via Pebble Application Files in Radare2 [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2329104 [ 12 ] Bug #2329105 - CVE-2024-11858 radare2: Command Injection via Pebble Application Files in Radare2 [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2329105 [ 13 ] Bug #2329107 - CVE-2024-11858 radare2: Command Injection via Pebble Application Files in Radare2 [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2329107 [ 14 ] Bug #2329108 - CVE-2024-11858 radare2: Command Injection via Pebble Application Files in Radare2 [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2329108 [ 15 ] Bug #2329622 - F41FailsToInstall: iaito https://bugzilla.redhat.com/show_bug.cgi?id=2329622 [ 16 ] Bug #2329623 - F40FailsToInstall: iaito https://bugzilla.redhat.com/show_bug.cgi?id=2329623 -------------------------------------------------------------------------------- ================================================================================ perl-OLE-Storage_Lite-0.20-1.el8 (FEDORA-EPEL-2024-b17728ac4f) Simple Class for OLE document interface -------------------------------------------------------------------------------- Update Information: This update fixes an issue with dates being misinterpreted after 2020 (https://rt.cpan.org/Ticket/Display.html?id=124513). -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 6 2020 Petr Pisar <ppisar@xxxxxxxxxx> - 0.20-1 - 0.20 bump (CPAN RT#124513) -------------------------------------------------------------------------------- ================================================================================ radare2-5.9.8-5.el8 (FEDORA-EPEL-2024-f9e4479284) The reverse engineering framework -------------------------------------------------------------------------------- Update Information: Bump radare2 to 5.9.8, iaito to 5.9.9, fixes CVE-2024-11858 fix CVE-2024-48241 -------------------------------------------------------------------------------- ChangeLog: * Sat Nov 30 2024 Michal Ambroz <rebus@xxxxxxxxx> - 5.9.8-5 - RPMAUTOSPEC: unresolvable merge -------------------------------------------------------------------------------- References: [ 1 ] Bug #2313891 - iaito: fails to install from epel9 https://bugzilla.redhat.com/show_bug.cgi?id=2313891 [ 2 ] Bug #2318484 - iaito-5.9.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=2318484 [ 3 ] Bug #2319076 - radare2-5.9.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=2319076 [ 4 ] Bug #2322791 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2322791 [ 5 ] Bug #2322792 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2322792 [ 6 ] Bug #2322793 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-39] https://bugzilla.redhat.com/show_bug.cgi?id=2322793 [ 7 ] Bug #2322794 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2322794 [ 8 ] Bug #2322795 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2322795 [ 9 ] Bug #2327286 - iaito-5.9.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=2327286 [ 10 ] Bug #2327308 - radare2-5.9.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=2327308 [ 11 ] Bug #2329104 - CVE-2024-11858 radare2: Command Injection via Pebble Application Files in Radare2 [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2329104 [ 12 ] Bug #2329105 - CVE-2024-11858 radare2: Command Injection via Pebble Application Files in Radare2 [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2329105 [ 13 ] Bug #2329107 - CVE-2024-11858 radare2: Command Injection via Pebble Application Files in Radare2 [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2329107 [ 14 ] Bug #2329108 - CVE-2024-11858 radare2: Command Injection via Pebble Application Files in Radare2 [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2329108 [ 15 ] Bug #2329622 - F41FailsToInstall: iaito https://bugzilla.redhat.com/show_bug.cgi?id=2329622 [ 16 ] Bug #2329623 - F40FailsToInstall: iaito https://bugzilla.redhat.com/show_bug.cgi?id=2329623 --------------------------------------------------------------------------------
-- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue