The following Fedora EPEL 8 Security updates need testing:
Age URL
71 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-31d4c55df0
arm-none-eabi-binutils-cs-2.43-1.el8 arm-none-eabi-gcc-cs-12.4.0-1.el8
arm-none-eabi-newlib-4.4.0.20231231-1.el8
22 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-35583dfe8b
iaito-5.9.6-2.el8 radare2-5.9.6-2.el8
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-375a09fd04
cobbler3.2-3.2.3-2.el8
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-bc19d8cc99
python-aiohttp-3.7.4-7.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
chromium-131.0.6778.85-1.el8
fedora-license-data-1.62-1.el8
onedrive-2.5.3-2.el8
Details about builds:
================================================================================
chromium-131.0.6778.85-1.el8 (FEDORA-EPEL-2024-09b0f49aa6)
A WebKit (Blink) powered web browser that Google doesn't want you to use
--------------------------------------------------------------------------------
Update Information:
Update to 131.0.6778.85
High CVE-2024-11395: Type Confusion in V8
High CVE-2024-11110: Inappropriate implementation in Blink
Medium CVE-2024-11111: Inappropriate implementation in Autofill
Medium CVE-2024-11112: Use after free in Media
Medium CVE-2024-11113: Use after free in Accessibility
Medium CVE-2024-11114: Inappropriate implementation in Views
Medium CVE-2024-11115: Insufficient policy enforcement in Navigation
Medium CVE-2024-11116: Inappropriate implementation in Paint
Low CVE-2024-11117: Inappropriate implementation in FileSystem
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 20 2024 Than Ngo <[email protected]> - 131.0.6778.85-1
- Update to 131.0.6778.85
* High CVE-2024-11395: Type Confusion in V8
* Tue Nov 12 2024 Than Ngo <[email protected]> - 131.0.6778.69-1
- Update to 131.0.6778.69
* High CVE-2024-11110: Inappropriate implementation in Blink
* Medium CVE-2024-11111: Inappropriate implementation in Autofill
* Medium CVE-2024-11112: Use after free in Media
* Medium CVE-2024-11113: Use after free in Accessibility
* Medium CVE-2024-11114: Inappropriate implementation in Views
* Medium CVE-2024-11115: Insufficient policy enforcement in Navigation
* Medium CVE-2024-11116: Inappropriate implementation in Paint
* Low CVE-2024-11117: Inappropriate implementation in FileSystem
--------------------------------------------------------------------------------
================================================================================
fedora-license-data-1.62-1.el8 (FEDORA-EPEL-2024-6efb7765a4)
Fedora Linux license data
--------------------------------------------------------------------------------
Update Information:
Automatic update for fedora-license-data-1.62-1.el8.
Changelog for fedora-license-data
* Fri Nov 22 2024 Miroslav Suchý <[email protected]> 1.62-1
- add Avasys public license as allowed-firmware
- add public domain dedication for python-hexdump
- add public domain dedication for allegro (loadpng addon)
- add LicenseRef-soundfont as not-allowed
- add broadcom firmware license
- Reclassify LicenseRef-qmail as allowed (deprecated)
- add GPL-2.0-only WITH CGAL-linking-exception
- add firmware licensing terms for atmel-firmware
- add wwl license
- add generic-xts license
- add LicenseRef-Mod-Archive as not-allowed
- add public domain dedication for perl-Math-Expression-Evaluator
- add public domain dedication for perl-MaxMind-DB-Reader-XS
- add public domain dedication for python-django-pdb
- add UltraPermissive dedication of package python-utmp
- add public domain dedication for re2c
- add public domain dedication for python-nine
- add public domain dedication for perl-Devel-Trace
- add LGPL-3.0-or-later WITH LGPL-3.0-linking-exception
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 22 2024 Miroslav Suchý <[email protected]> 1.62-1
- add Avasys public license as allowed-firmware
- add public domain dedication for python-hexdump
- add public domain dedication for allegro (loadpng addon)
- add LicenseRef-soundfont as not-allowed
- add broadcom firmware license
- Reclassify LicenseRef-qmail as allowed (deprecated)
- add GPL-2.0-only WITH CGAL-linking-exception
- add firmware licensing terms for atmel-firmware
- add wwl license
- add generic-xts license
- add LicenseRef-Mod-Archive as not-allowed
- add public domain dedication for perl-Math-Expression-Evaluator
- add public domain dedication for perl-MaxMind-DB-Reader-XS
- add public domain dedication for python-django-pdb
- add UltraPermissive dedication of package python-utmp
- add public domain dedication for re2c
- add public domain dedication for python-nine
- add public domain dedication for perl-Devel-Trace
- add LGPL-3.0-or-later WITH LGPL-3.0-linking-exception
--------------------------------------------------------------------------------
================================================================================
onedrive-2.5.3-2.el8 (FEDORA-EPEL-2024-f4ab45ff1d)
OneDrive Free Client written in D
--------------------------------------------------------------------------------
Update Information:
Update to 2.5.3 (#2326647)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 22 2024 Zamir SUN <[email protected]> - 2.5.3-2
- Fix unable to parse SSL version
* Fri Nov 15 2024 Fedora Release Monitoring
<[email protected]> - 2.5.3-1
- Update to 2.5.3 (#2326647)
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
