[EPEL-devel] Fedora EPEL 8 updates-testing report

[updates]

The following builds have been pushed to Fedora EPEL 8 updates-testing

    chromium-120.0.6099.62-2.el8
    java-latest-openjdk-21.0.1.0.12-1.rolling.el8
    netdata-1.44.0-1.el8

Details about builds:


================================================================================
 chromium-120.0.6099.62-2.el8 (FEDORA-EPEL-2023-d0b9bcb64f)
 A WebKit (Blink) powered web browser that Google doesn't want you to use
--------------------------------------------------------------------------------
Update Information:

Update to 120.0.6099.62, upstream release fixes follow security issues:  * High
CVE-2023-6508: Use after free in Media Stream * High CVE-2023-6509: Use after
free in Side Panel Search * Medium CVE-2023-6510: Use after free in Media
Capture * Low CVE-2023-6511: Inappropriate implementation in Autofill * Low
CVE-2023-6512: Inappropriate implementation in Web Browser UI   ----  update to
119.0.6045.199, upstream security release  * High CVE-2023-6348: Type Confusion
in Spellcheck * High CVE-2023-6347: Use after free in Mojo * High CVE-2023-6346:
Use after free in WebAudio * High CVE-2023-6350: Out of bounds memory access in
libavif * High CVE-2023-6351: Use after free in libavif * High CVE-2023-6345:
Integer overflow in Skia
--------------------------------------------------------------------------------
ChangeLog:

* Wed Dec  6 2023 Than Ngo <t...@redhat.com> - 120.0.6099.62-2
- drop unsupported ldflag which caused build failure
* Tue Dec  5 2023 Than Ngo <t...@redhat.com> - 120.0.6099.62-1
- update to 120.0.6099.62
- fixed bz#2252874, built with control flow integrity (CFI) support
* Sat Dec  2 2023 Than Ngo <t...@redhat.com> - 120.0.6099.56-1
- update to 120.0.6099.56 
- enable qt6 UI backend
* Sat Dec  2 2023 Than Ngo <t...@redhat.com> - 119.0.6045.199-2
- fixed bz#2242271, built with bundleminizip in fedora > 39
- fixed bz#2251884, built with fstack-protector-strong for improved security
* Wed Nov 29 2023 Than Ngo <t...@redhat.com> - 119.0.6045.199-1
- update to 119.0.6045.199
* Sun Nov 19 2023 Than Ngo <t...@redhat.com> - 119.0.6045.159-2
- fix ffmpeg conflicts
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2252009 - CVE-2023-6346 CVE-2023-6347 CVE-2023-6350 CVE-2023-6351 
chromium: various flaws [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2252009
  [ 2 ] Bug #2252188 - CVE-2023-6345 chromium: chromium-browser: Integer 
overflow [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2252188
  [ 3 ] Bug #2252191 - CVE-2023-6348 chromium: chromium-browser: Type Confusion 
in Spellcheck [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2252191
  [ 4 ] Bug #2253151 - CVE-2023-6508 chromium: Use after free in Media Stream 
[epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2253151
  [ 5 ] Bug #2253154 - CVE-2023-6509 chromium: Use after free in Side Panel 
Search [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2253154
  [ 6 ] Bug #2253157 - CVE-2023-6510 chromium: Use after free in Media Capture 
[epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2253157
  [ 7 ] Bug #2253161 - CVE-2023-6511 chromium: Inappropriate implementation in 
Autofill [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2253161
  [ 8 ] Bug #2253164 - CVE-2023-6512 chromium: Inappropriate implementation in 
Web Browser UI [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2253164
--------------------------------------------------------------------------------


================================================================================
 java-latest-openjdk-21.0.1.0.12-1.rolling.el8 (FEDORA-EPEL-2023-1cee9af347)
 OpenJDK 21 Runtime Environment
--------------------------------------------------------------------------------
Update Information:

updated to octrober cpu
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 22 2023 Jiri Vanek <jva...@redhat.com> - 1:21.0.1.0.12-1.rolling
- updated to OpenJDK 21.0.1 (2023-10-17)
* Fri Sep 29 2023 Yaakov Selkowitz <yselk...@redhat.com> - 
1:21.0.0.0.35-3.rolling
- Fix flatpak build by handling different installation prefixes of package 
dependencies
* Tue Sep 19 2023 Jiri Vanek <jva...@redhat.com> - 1:21.0.0.0.35-2.rolling
- adapted to new path in sources
- repacked alt-java from misc subpkg
- adapted alt-java to grep correctly prctl
- removed no longer prepared nss.cfg
* Tue Aug 29 2023 Jiri Vanek <jva...@redhat.com> - 1:21.0.0.0.35-1.rolling
- updated to jdk 21
--------------------------------------------------------------------------------


================================================================================
 netdata-1.44.0-1.el8 (FEDORA-EPEL-2023-39976b127c)
 Real-time performance monitoring
--------------------------------------------------------------------------------
Update Information:

Update from upstream
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec  7 2023 Didier Fabert <didier.fab...@gmail.com> 1.44.0-1
- Update from upstream
--------------------------------------------------------------------------------

--
_______________________________________________
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue