The following Fedora EPEL 9 Security updates need testing: Age URL 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-a5952fc093 sympa-6.2.74-1.el9 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-55f18fb87f dr_libs-0^20241216git660795b-1.el9 The following builds have been pushed to Fedora EPEL 9 updates-testing chromium-131.0.6778.204-1.el9 mold-2.35.1-2.el9 python-apprise-1.9.1-1.el9 python-colcon-cmake-0.2.29-1.el9 python-colcon-core-0.18.4-1.el9 python-colcon-defaults-0.2.9-1.el9 python-colcon-lcov-result-0.5.3-1.el9 python-osrf-pycommon-2.1.5-1.el9 rust-target-lexicon-0.13.1-1.el9 rust-target-lexicon0.12-0.12.16-1.el9 singularity-ce-4.2.2-1.el9 waycheck-1.5.0-1.el9 Details about builds: ================================================================================ chromium-131.0.6778.204-1.el9 (FEDORA-EPEL-2024-74ea1d7890) A WebKit (Blink) powered web browser that Google doesn't want you to use -------------------------------------------------------------------------------- Update Information: Update to 131.0.6778.204 High CVE-2024-12692: Type Confusion in V8 High CVE-2024-12693: Out of bounds memory access in V8 High CVE-2024-12694: Use after free in Compositing High CVE-2024-12695: Out of bounds write in V8 -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 19 2024 Than Ngo <than@xxxxxxxxxx> - 131.0.6778.204-1 - Update to 131.0.6778.204 * High CVE-2024-12692: Type Confusion in V8 * High CVE-2024-12693: Out of bounds memory access in V8 * High CVE-2024-12694: Use after free in Compositing * High CVE-2024-12695: Out of bounds write in V8 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2333152 - CVE-2024-12692 chromium: Type Confusion in V8 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2333152 [ 2 ] Bug #2333153 - CVE-2024-12692 chromium: Type Confusion in V8 [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2333153 [ 3 ] Bug #2333154 - CVE-2024-12693 chromium: Out of bounds memory access in V8 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2333154 [ 4 ] Bug #2333155 - CVE-2024-12693 chromium: Out of bounds memory access in V8 [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2333155 [ 5 ] Bug #2333156 - CVE-2024-12694 chromium: Use after free in Compositing [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2333156 [ 6 ] Bug #2333157 - CVE-2024-12694 chromium: Use after free in Compositing [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2333157 [ 7 ] Bug #2333159 - CVE-2024-12695 chromium: Out of bounds write in V8 [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2333159 [ 8 ] Bug #2333160 - CVE-2024-12695 chromium: Out of bounds write in V8 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2333160 -------------------------------------------------------------------------------- ================================================================================ mold-2.35.1-2.el9 (FEDORA-EPEL-2024-e6b9ecf0f4) A Modern Linker -------------------------------------------------------------------------------- Update Information: Fix linking against shared libmimalloc Update to 2.35.1 (rhbz#2332563) -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 19 2024 Christoph Erhardt <fedora@xxxxxxxxxxx> - 2.35.1-2 - Fix linking against shared `libmimalloc` * Mon Dec 16 2024 Christoph Erhardt <fedora@xxxxxxxxxxx> - 2.35.1-1 - Update to 2.35.1 (rhbz#2332563) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2332563 - mold-2.35.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2332563 -------------------------------------------------------------------------------- ================================================================================ python-apprise-1.9.1-1.el9 (FEDORA-EPEL-2024-542691c430) A simple wrapper to many popular notification services used today -------------------------------------------------------------------------------- Update Information: Updated to v1.9.1 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 17 2024 Chris Caron <lead2gold@xxxxxxxxx> - 1.9.1 - Updated to v1.9.1 * Mon Sep 2 2024 Chris Caron <lead2gold@xxxxxxxxx> - 1.9.0 - Updated to v1.9.0 -------------------------------------------------------------------------------- ================================================================================ python-colcon-cmake-0.2.29-1.el9 (FEDORA-EPEL-2024-0714a76cdc) Extension for colcon to support CMake packages -------------------------------------------------------------------------------- Update Information: Update to the latest colcon releases -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 20 2024 Scott K Logan <logans@xxxxxxxxxxx> - 0.2.29-1 - Update to 0.2.29 (rhbz#2328584) - Add Recommends: cmake - convert license to SPDX -------------------------------------------------------------------------------- References: [ 1 ] Bug #2324372 - python-colcon-lcov-result-0.5.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2324372 [ 2 ] Bug #2328584 - python-colcon-cmake-0.2.29 is available https://bugzilla.redhat.com/show_bug.cgi?id=2328584 [ 3 ] Bug #2328585 - python-colcon-core-0.18.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2328585 [ 4 ] Bug #2333150 - python-colcon-defaults-0.2.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=2333150 -------------------------------------------------------------------------------- ================================================================================ python-colcon-core-0.18.4-1.el9 (FEDORA-EPEL-2024-0714a76cdc) Command line tool to build sets of software packages -------------------------------------------------------------------------------- Update Information: Update to the latest colcon releases -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 20 2024 Scott K Logan <logans@xxxxxxxxxxx> - 0.18.4-1 - Update to 0.18.4 (rhbz#2328585) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2324372 - python-colcon-lcov-result-0.5.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2324372 [ 2 ] Bug #2328584 - python-colcon-cmake-0.2.29 is available https://bugzilla.redhat.com/show_bug.cgi?id=2328584 [ 3 ] Bug #2328585 - python-colcon-core-0.18.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2328585 [ 4 ] Bug #2333150 - python-colcon-defaults-0.2.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=2333150 -------------------------------------------------------------------------------- ================================================================================ python-colcon-defaults-0.2.9-1.el9 (FEDORA-EPEL-2024-0714a76cdc) Extension for colcon to read defaults from a config file -------------------------------------------------------------------------------- Update Information: Update to the latest colcon releases -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 20 2024 Scott K Logan <logans@xxxxxxxxxxx> - 0.2.9-1 - Update to 0.2.9 (rhbz#2333150) - convert license to SPDX -------------------------------------------------------------------------------- References: [ 1 ] Bug #2324372 - python-colcon-lcov-result-0.5.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2324372 [ 2 ] Bug #2328584 - python-colcon-cmake-0.2.29 is available https://bugzilla.redhat.com/show_bug.cgi?id=2328584 [ 3 ] Bug #2328585 - python-colcon-core-0.18.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2328585 [ 4 ] Bug #2333150 - python-colcon-defaults-0.2.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=2333150 -------------------------------------------------------------------------------- ================================================================================ python-colcon-lcov-result-0.5.3-1.el9 (FEDORA-EPEL-2024-0714a76cdc) Extension for colcon to provide test results using LCOV -------------------------------------------------------------------------------- Update Information: Update to the latest colcon releases -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 20 2024 Scott K Logan <logans@xxxxxxxxxxx> - 0.5.3-1 - Update to 0.5.3 (rhbz#2324372) - Drop spec file support for RHEL 7 - convert license to SPDX -------------------------------------------------------------------------------- References: [ 1 ] Bug #2324372 - python-colcon-lcov-result-0.5.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2324372 [ 2 ] Bug #2328584 - python-colcon-cmake-0.2.29 is available https://bugzilla.redhat.com/show_bug.cgi?id=2328584 [ 3 ] Bug #2328585 - python-colcon-core-0.18.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2328585 [ 4 ] Bug #2333150 - python-colcon-defaults-0.2.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=2333150 -------------------------------------------------------------------------------- ================================================================================ python-osrf-pycommon-2.1.5-1.el9 (FEDORA-EPEL-2024-eb8da3347e) Commonly needed Python modules used by software developed at OSRF -------------------------------------------------------------------------------- Update Information: Update to osrf_pycommon 2.1.5 -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 20 2024 Scott K Logan <logans@xxxxxxxxxxx> - 2.1.5-1 - Update to 2.1.5 (rhbz#2332954) - Review SPDX licensing - Drop spec file support for RHEL 7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2332954 - python-osrf-pycommon-2.1.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2332954 -------------------------------------------------------------------------------- ================================================================================ rust-target-lexicon-0.13.1-1.el9 (FEDORA-EPEL-2024-31f52473e3) LLVM target triple types -------------------------------------------------------------------------------- Update Information: Update the target-lexicon crate to version 0.13.1 and add a compat package for version 0.12 of the crate. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 20 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 0.13.1-1 - Update to version 0.13.1; Fixes RHBZ#2330705 -------------------------------------------------------------------------------- ================================================================================ rust-target-lexicon0.12-0.12.16-1.el9 (FEDORA-EPEL-2024-31f52473e3) Targeting utilities for compilers and related tools -------------------------------------------------------------------------------- Update Information: Update the target-lexicon crate to version 0.13.1 and add a compat package for version 0.12 of the crate. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 20 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 0.12.16-1 - Initial import (target-lexicon 0.12 compat package) -------------------------------------------------------------------------------- ================================================================================ singularity-ce-4.2.2-1.el9 (FEDORA-EPEL-2024-ba9e1654f0) Application and environment virtualization -------------------------------------------------------------------------------- Update Information: Upgrade to 4.2.2 upstream version. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 20 2024 David Trudgian <dtrudg@xxxxxxxxx> - 4.2.2-1 - Upgrade to 4.2.2 upstream version. -------------------------------------------------------------------------------- ================================================================================ waycheck-1.5.0-1.el9 (FEDORA-EPEL-2024-bf118010ff) Simple GUI that displays protocols implemented by a Wayland compositor -------------------------------------------------------------------------------- Update Information: ð??? Features Update upstream protocol list to v1.39 Add detection of COSMIC overlap notify protocol ð??? Bug Fixes Remove margins on tab view Detect COSMIC protocols properly -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 20 2024 Neal Gompa <ngompa@xxxxxxxxxxxxxxxxx> - 1.5.0-1 - Update to 1.5.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2333599 - waycheck-1.5.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2333599 --------------------------------------------------------------------------------
-- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue