The following Fedora EPEL 8 Security updates need testing:
Age URL
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-d241ea2238
libuev-2.4.1-1.el8
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-d7cc38dee9
apptainer-1.3.0-1.el8
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-d521530f6a
amavis-2.13.1-1.el8
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-ac18018db8
tcpreplay-4.4.4-5.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
copr-rpmbuild-0.72-1.el8
libgit2_1.7-1.7.2-1.el8
lynis-3.1.1-1.el8
openelp-0.9.3-1.el8
python-copr-common-0.23-1.el8
python-specfile-0.28.0-1.el8
python3.11-pygit2-1.14.0-1.el8
radicale-3.1.9-1.el8
resalloc-5.4-1.el8
w3m-0.5.3-63.git20230121.el8
Details about builds:
================================================================================
copr-rpmbuild-0.72-1.el8 (FEDORA-EPEL-2024-50faa01ddb)
Run COPR build tasks
--------------------------------------------------------------------------------
Update Information:
don't clean after builds with user ssh access
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 16 2024 Pavel Raiskup <prais...@redhat.com> 0.72-1
- don't clean after builds with user ssh access
* Fri Mar 1 2024 Pavel Raiskup <prais...@redhat.com> 0.71-1
- don't set bootstrap_image_ready for rawhide
- no Jinja-vars in config_opts keys (mock-core-configs 40.2 compat)
- allow user SSH to builders
- fix copr-rpmbuild --dump-configs
- install copr-distgit-client with copr-rpmbuild
--------------------------------------------------------------------------------
================================================================================
libgit2_1.7-1.7.2-1.el8 (FEDORA-EPEL-2024-6395ae2eec)
C implementation of the Git core methods as a library with a solid API
--------------------------------------------------------------------------------
Update Information:
This update introduces a compatibility package for libgit2 version 1.7.x.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 18 2024 Nils Philippsen <n...@redhat.com> - 1.7.2-1
- Import package
--------------------------------------------------------------------------------
================================================================================
lynis-3.1.1-1.el8 (FEDORA-EPEL-2024-7a4a8669a9)
Security and system auditing tool
--------------------------------------------------------------------------------
Update Information:
3.1.1, fix bash-completion issue.
3.1.0
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 18 2024 Gwyn Ciesla <gw...@protonmail.com> - 3.1.1-1
- 3.1.1
* Tue Mar 12 2024 Gwyn Ciesla <gw...@protonmail.com> - 3.1.0-1
- 3.1.0
* Thu Jan 25 2024 Fedora Release Engineering <rel...@fedoraproject.org> -
3.0.9-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <rel...@fedoraproject.org> -
3.0.9-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Tue Dec 19 2023 Gwyn Ciesla <gw...@protonmail.com> - 3.0.9-5
- Additional egrep patch
* Wed Dec 6 2023 Gwyn Ciesla <gw...@protonmail.com> - 3.0.9-4
- pgrep patch
* Tue Sep 19 2023 Gwyn Ciesla <gw...@protonmail.com> - 3.0.9-3
- Additional egrep patch
* Mon Aug 7 2023 Gwyn Ciesla <gw...@protonmail.com> - 3.0.9-2
- Upstream patch to remove egrep usage
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2268997 - lynis-3.1.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2268997
[ 2 ] Bug #2270013 - File conflict with filesystem
https://bugzilla.redhat.com/show_bug.cgi?id=2270013
[ 3 ] Bug #2270108 - lynis-3.1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2270108
--------------------------------------------------------------------------------
================================================================================
openelp-0.9.3-1.el8 (FEDORA-EPEL-2024-6d66e8a036)
Open Source EchoLink Proxy
--------------------------------------------------------------------------------
Update Information:
Update to OpenELP 0.9.3
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 17 2024 Scott K Logan <log...@cottsay.net> - 0.9.3-1
- Update to 0.9.3
--------------------------------------------------------------------------------
================================================================================
python-copr-common-0.23-1.el8 (FEDORA-EPEL-2024-09ce04b70a)
Python code used by Copr
--------------------------------------------------------------------------------
Update Information:
New resalloc upstream release
https://github.com/praiskup/resalloc/releases/tag/v5.4
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 15 2024 Pavel Raiskup <prais...@redhat.com> 0.23-1
- make get_redis_connection to accept dict-like 'opts' argument
--------------------------------------------------------------------------------
================================================================================
python-specfile-0.28.0-1.el8 (FEDORA-EPEL-2024-00db7e3914)
A library for parsing and manipulating RPM spec files
--------------------------------------------------------------------------------
Update Information:
Update for python-specfile-0.28.0.
Changelog
* Sun Mar 17 2024 Packit <he...@packit.dev> - 0.28.0-1
- A trailing newline is no longer added to spec files without one upon saving.
(#353)
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 17 2024 Packit <he...@packit.dev> - 0.28.0-1
- A trailing newline is no longer added to spec files without one upon saving.
(#353)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2173057 - python-specfile-0.28.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2173057
--------------------------------------------------------------------------------
================================================================================
python3.11-pygit2-1.14.0-1.el8 (FEDORA-EPEL-2024-d105b8582b)
Python bindings for libgit2
--------------------------------------------------------------------------------
Update Information:
This update introduces the current version of pygit2 for Python 3.11.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 18 2024 Nils Philippsen <n...@redhat.com> - 1.14.0-1
- Import package
--------------------------------------------------------------------------------
================================================================================
radicale-3.1.9-1.el8 (FEDORA-EPEL-2024-6279d9ad52)
A simple CalDAV (calendar) and CardDAV (contact) server
--------------------------------------------------------------------------------
Update Information:
Update to 3.1.9
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 18 2024 Peter Bieringer <p...@bieringer.de> - 3.1.9-1
- Update to 3.1.9
- Remove obsolete patches
- Add support for intermediate build using gitcommit
--------------------------------------------------------------------------------
================================================================================
resalloc-5.4-1.el8 (FEDORA-EPEL-2024-09ce04b70a)
Resource allocator for expensive resources - client tooling
--------------------------------------------------------------------------------
Update Information:
New resalloc upstream release
https://github.com/praiskup/resalloc/releases/tag/v5.4
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 15 2024 Pavel Raiskup <prais...@redhat.com> - 5.4-1
- New upstream release https://github.com/praiskup/resalloc/releases/tag/v5.4
--------------------------------------------------------------------------------
================================================================================
w3m-0.5.3-63.git20230121.el8 (FEDORA-EPEL-2024-bf31852fe0)
Pager with Web browsing abilities
--------------------------------------------------------------------------------
Update Information:
Added upstream patch to fix out-of-bounds access due to multiple backspaces to
address incomplete fix for CVE-2022-38223 (#2222775, #2222780, #2255207)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 18 2024 Robert Scheck <rob...@fedoraproject.org> -
0.5.3-63.git20230121
- Added upstream patch to fix out-of-bounds access due to multiple backspaces
to address incomplete fix for CVE-2022-38223 (#2222775, #2222780, #2255207)
* Sat Jan 27 2024 Fedora Release Engineering <rel...@fedoraproject.org> -
0.5.3-62.git20230121
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sat Jul 22 2023 Fedora Release Engineering <rel...@fedoraproject.org> -
0.5.3-61.git20230121
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2222775 - CVE-2023-38252 w3m: Out of bounds read in Strnew_size()
at w3m/Str.c
https://bugzilla.redhat.com/show_bug.cgi?id=2222775
[ 2 ] Bug #2222779 - CVE-2023-38253 w3m: Out of bounds read in
growbuf_to_Str() at w3m/indep.c
https://bugzilla.redhat.com/show_bug.cgi?id=2222779
[ 3 ] Bug #2255207 - CVE-2023-4255 w3m: out-of-bounds write in function
checkType() in etc.c (incomplete fix for CVE-2022-38223)
https://bugzilla.redhat.com/show_bug.cgi?id=2255207
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
