The following Fedora EPEL 8 Security updates need testing:
Age URL
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-e04f53ab00
python-rencode-1.0.6-17.el8
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-a079d34eaa
xrdp-0.9.18-5.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
python-opensearch-py-1.0.0-4.el8
radare2-5.6.0-1.el8
remmina-1.4.24-2.el8
zswap-cli-0.8.0-1.el8
Details about builds:
================================================================================
python-opensearch-py-1.0.0-4.el8 (FEDORA-EPEL-2022-d35e153b3e)
Python low-level client for OpenSearch
--------------------------------------------------------------------------------
Update Information:
First EPEL Package ---- First release of package
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 12 2022 Steve Traylen <[email protected]> - 1.0.0-4
- so 8 is newer than 7
* Sat Feb 12 2022 Steve Traylen <[email protected]> -1.0.0-3
- Migrate to pyproject macros
- Migrate back to %py3 macros
* Thu Dec 9 2021 Steve Traylen <[email protected]> - 1.0.0-2
- Review corrections rhbz#2016597
* Fri Oct 22 2021 Steve Traylen <[email protected]> - 1.0.0-1
- Initial package.
--------------------------------------------------------------------------------
================================================================================
radare2-5.6.0-1.el8 (FEDORA-EPEL-2022-ba28d36d05)
The reverse engineering framework
--------------------------------------------------------------------------------
Update Information:
Update to version 5.6.0 fixes some security bugs.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 9 2022 Michal Ambroz <rebus at, seznam.cz> 5.6.0-1
- bump to 5.6.0
- fix CVE-2022-0419
- fix CVE-2021-4021
* Wed Jan 26 2022 Henrik Nordstrom <[email protected]> - 5.5.4-1
- Update to version 5.5.4
- should be fixing CVE-2021-4021
* Fri Jan 21 2022 Fedora Release Engineering <[email protected]> -
5.4.2-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Thu Sep 23 2021 Henrik Nordstrom <[email protected]> - 5.4.2-1
- Update to version 5.4.2
* Sat Sep 18 2021 Henrik Nordstrom <[email protected]> - 5.4.0-1
- Update to version 5.4.0
- Fix CVE-2021-3673
* Fri Jul 23 2021 Fedora Release Engineering <[email protected]> -
5.3.1-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1989137 - CVE-2021-3673 radare2: improper input validation can
lead to resource exhaustion when reading LE binary [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1989137
[ 2 ] Bug #2006164 - radare2-5.6.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2006164
[ 3 ] Bug #2027695 - CVE-2021-4021 radare2: uncontrolled resource consumption
via specially crafted ELF64 binary for MIPS architecture [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2027695
[ 4 ] Bug #2027696 - CVE-2021-4021 radare2: uncontrolled resource consumption
via specially crafted ELF64 binary for MIPS architecture [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2027696
[ 5 ] Bug #2045240 - CVE-2022-0173 radare2: is vulnerable to Out-of-bounds
Read [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2045240
[ 6 ] Bug #2045242 - CVE-2022-0173 radare2: is vulnerable to Out-of-bounds
Read [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2045242
[ 7 ] Bug #2050588 - CVE-2022-0419 radare2: NULL pointer dereference in
load_buffer() in bin_xnu_kernelcache.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2050588
[ 8 ] Bug #2050589 - CVE-2022-0419 radare2: NULL pointer dereference in
load_buffer() in bin_xnu_kernelcache.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2050589
--------------------------------------------------------------------------------
================================================================================
remmina-1.4.24-2.el8 (FEDORA-EPEL-2022-3067e253d7)
Remote Desktop Client
--------------------------------------------------------------------------------
Update Information:
- Remove XDMCP reference from remmina package description. - Remove pyhoca-cli
BuildRrequires. Only Requires on x2go now required. - Use upstream projects
HTTPS URL. ---- New upstream version 1.4.24.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 12 2022 Phil Wyett <[email protected]> - 1.4.24-2
- Remove XDMCP reference from remmina package description.
- Remove pyhoca-cli BuildRrequires. Only Requires on x2go now required.
- Use upstream projects HTTPS URL.
* Thu Feb 10 2022 Phil Wyett <[email protected]> - 1.4.24-1
- New upstream version 1.4.24.
--------------------------------------------------------------------------------
================================================================================
zswap-cli-0.8.0-1.el8 (FEDORA-EPEL-2022-2a366b036f)
Command-line tool to control zswap options
--------------------------------------------------------------------------------
Update Information:
Updated to version 0.8.0.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 12 2022 Vitaly Zaitsev <[email protected]> - 0.8.0-1
- Updated to version 0.8.0.
* Sat Jan 22 2022 Fedora Release Engineering <[email protected]> -
0.7.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
