The following Fedora EPEL 8 Security updates need testing:
Age URL
59 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-31d4c55df0
arm-none-eabi-binutils-cs-2.43-1.el8 arm-none-eabi-gcc-cs-12.4.0-1.el8
arm-none-eabi-newlib-4.4.0.20231231-1.el8
10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-35583dfe8b
iaito-5.9.6-2.el8 radare2-5.9.6-2.el8
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-c35d90e5f2
lemonldap-ng-2.20.1-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
chromium-130.0.6723.116-1.el8
csdiff-3.5.2-1.el8
csmock-3.8.0-1.el8
nordugrid-arc6-6.21.0-1.el8
onedrive-2.5.2-1.el8
openjph-0.18.0-1.el8
tito-0.6.27-1.el8
Details about builds:
================================================================================
chromium-130.0.6723.116-1.el8 (FEDORA-EPEL-2024-d396fc832a)
A WebKit (Blink) powered web browser that Google doesn't want you to use
--------------------------------------------------------------------------------
Update Information:
Update to 130.0.6723.116
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 10 2024 Than Ngo <[email protected]> - 130.0.6723.116-1
- Update to 130.0.6723.116
* High CVE-2024-10826: Use after free in Family Experience
* High CVE-2024-10827: Use after free in Serial
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2324200 - CVE-2024-10827 chromium: Use after free in Serial
[epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=2324200
[ 2 ] Bug #2324201 - CVE-2024-10827 chromium: Use after free in Serial
[epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2324201
[ 3 ] Bug #2324202 - CVE-2024-10827 chromium: Use after free in Serial
[fedora-39]
https://bugzilla.redhat.com/show_bug.cgi?id=2324202
[ 4 ] Bug #2324203 - CVE-2024-10827 chromium: Use after free in Serial
[fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2324203
[ 5 ] Bug #2324204 - CVE-2024-10827 chromium: Use after free in Serial
[fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2324204
--------------------------------------------------------------------------------
================================================================================
csdiff-3.5.2-1.el8 (FEDORA-EPEL-2024-c9e62b673c)
Non-interactive tools for processing code scan results in plain-text
--------------------------------------------------------------------------------
Update Information:
update to latest upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 11 2024 Kamil Dudka <[email protected]> - 3.5.2-1
- update to latest upstream release
--------------------------------------------------------------------------------
================================================================================
csmock-3.8.0-1.el8 (FEDORA-EPEL-2024-c9e62b673c)
A mock wrapper for Static Analysis tools
--------------------------------------------------------------------------------
Update Information:
update to latest upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 11 2024 Kamil Dudka <[email protected]> - 3.8.0-1
- update to latest upstream
--------------------------------------------------------------------------------
================================================================================
nordugrid-arc6-6.21.0-1.el8 (FEDORA-EPEL-2024-0343e7e460)
Advanced Resource Connector Middleware
--------------------------------------------------------------------------------
Update Information:
AEC 6.21
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 10 2024 Mattias Ellert <[email protected]> - 6.21.0-1
- Update to version 6.21.0
--------------------------------------------------------------------------------
================================================================================
onedrive-2.5.2-1.el8 (FEDORA-EPEL-2024-095e9d96cc)
OneDrive Free Client written in D
--------------------------------------------------------------------------------
Update Information:
Update to 2.5.2
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2024 Zamir SUN <[email protected]> - 2.5.2-1
- Update to 2.5.2
- Fixes RHBZ#2315073 RHBZ#2258756
* Wed Sep 18 2024 Zamir SUN <[email protected]> - 2.5.0-1
- Update to 2.5.0 (#2268779)
* Tue Aug 6 2024 Kalev Lember <[email protected]> - 2.4.25-9
- Rebuilt for ldc 1.39
* Mon Jul 29 2024 Miroslav Suchý <[email protected]> - 2.4.25-8
- convert license to SPDX
* Thu Jul 18 2024 Fedora Release Engineering <[email protected]> -
2.4.25-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Thu Jan 25 2024 Fedora Release Engineering <[email protected]> -
2.4.25-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <[email protected]> -
2.4.25-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Tue Oct 17 2023 Kalev Lember <[email protected]> - 2.4.25-4
- Rebuilt for ldc 1.35
* Mon Jul 24 2023 Kalev Lember <[email protected]> - 2.4.25-3
- Rebuilt for ldc 1.33
* Thu Jul 20 2023 Fedora Release Engineering <[email protected]> -
2.4.25-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
openjph-0.18.0-1.el8 (FEDORA-EPEL-2024-5251513ad1)
Open-source implementation of JPEG2000 Part-15 (or JPH or HTJ2K)
--------------------------------------------------------------------------------
Update Information:
Update to 0.18.0.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 11 2024 Simone Caronni <[email protected]> - 0.18.0-1
- Update to 0.18.0.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2314015 - Invalid instruction, sddm, gwenview and others crash
https://bugzilla.redhat.com/show_bug.cgi?id=2314015
[ 2 ] Bug #2322683 - openjph-0.18.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2322683
--------------------------------------------------------------------------------
================================================================================
tito-0.6.27-1.el8 (FEDORA-EPEL-2024-d00fb7448d)
A tool for managing rpm based git projects
--------------------------------------------------------------------------------
Update Information:
507 - Defer submodule detection to git to prevent fails caused by empty
.gitmodules file
Many improvements to tests and they now run during package build
460 - Sometimes Tito-built packages have lower NVR than packages from the
official repositories. This can now be prevented by
new config option buildconfig.test_version_suffix. It can be used like this:
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 11 2024 Jakub KadlÄÃk <[email protected]>
- Defer submodule detection to git
- Many improvements to tests and they now run during package build
- New config option `buildconfig.test_version_suffix`
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
