The following Fedora EPEL 8 Security updates need testing:
Age URL
27 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-1e00c3d01e
cutter-re-2.2.0-1.el8 rizin-0.5.1-1.el8
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-b06600ebc7
bzip3-1.3.0-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
HepMC3-3.2.6-1.el8
chromium-112.0.5615.49-1.el8
gtk-layer-shell-0.8.1-1.el8
indent-2.2.13-2.el8
livesys-scripts-0.4.3-1.el8
python-twisted-19.10.0-4.el8
rednotebook-2.29.4-1.el8
texlive-extension-20180414-11.el8
Details about builds:
================================================================================
HepMC3-3.2.6-1.el8 (FEDORA-EPEL-2023-7b2a8f010c)
C++ Event Record for Monte Carlo Generators
--------------------------------------------------------------------------------
Update Information:
HepMC3 3.2.6
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 12 2023 Mattias Ellert <[email protected]> - 3.2.6-1
- Update to version 3.2.6
- Update license tag for license change (GPLv3 to LGPLv3)
- New protobuf IO subpackage
- Soname bump for libHepMC3search in HepMC3-search subpackage
- Drop patches accepted upstream or previously backported
--------------------------------------------------------------------------------
================================================================================
chromium-112.0.5615.49-1.el8 (FEDORA-EPEL-2023-8c1df52e87)
A WebKit (Blink) powered web browser that Google doesn't want you to use
--------------------------------------------------------------------------------
Update Information:
update to 112.0.5615.49. Fixes the following security issues: CVE-2023-1528
CVE-2023-1529 CVE-2023-1530 CVE-2023-1531 CVE-2023-1532 CVE-2023-1533
CVE-2023-1534, CVE-2023-25193
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 5 2023 Than Ngo <[email protected]> - 112.0.5615.49-1
- update to 112.0.5615.49
- fix #2184142, Small fonts in menus
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2173489 - CVE-2023-25193 chromium: harfbuzz: allows attackers to
trigger O(n^2) growth via consecutive marks [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=2173489
[ 2 ] Bug #2184710 - CVE-2023-1810 CVE-2023-1811 CVE-2023-1812 CVE-2023-1813
CVE-2023-1814 CVE-2023-1815 CVE-2023-1816 CVE-2023-1817 CVE-2023-1818
CVE-2023-1819 CVE-2023-1820 CVE-2023-1821 CVE-2023-1822 CVE-2023-1823 chromium:
various flaws [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2184710
--------------------------------------------------------------------------------
================================================================================
gtk-layer-shell-0.8.1-1.el8 (FEDORA-EPEL-2023-1aaf80d094)
Library to create components for Wayland using the Layer Shell
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 12 2023 Artem Polishchuk <[email protected]> - 0.8.1-1
- chore: Update to 0.8.1
* Thu Jan 19 2023 Fedora Release Engineering <[email protected]> -
0.8.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
indent-2.2.13-2.el8 (FEDORA-EPEL-2023-0147b726cb)
A GNU program for formatting C code
--------------------------------------------------------------------------------
Update Information:
This release fixes few buffer oveflows and uses after free. It also updates
Catalan, Croatian, French, Galician, German, Greek, Hungarian, Indonesian,
Italian, Romanian, Serbian, Spanish, Turkish, and Ukrainian translations. It
adds Portuguese translation.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 12 2023 Petr Pisar <[email protected]> - 2.2.13-2
- Check for setlocale() at configure time
* Tue Mar 21 2023 Petr Pisar <[email protected]> - 2.2.13-1
- 2.2.13 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2180115 - indent-2.2.13 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2180115
--------------------------------------------------------------------------------
================================================================================
livesys-scripts-0.4.3-1.el8 (FEDORA-EPEL-2023-c333940461)
Scripts for auto-configuring live media during boot
--------------------------------------------------------------------------------
Update Information:
Another fix for making the desktop icon for the installer work in Xfce ----
This update fixes the anaconda (installer) icon displaying a warning when
clicked on Xfce live images.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 12 2023 Neal Gompa <[email protected]> - 0.4.3-1
- Update to 0.4.3
* Tue Apr 11 2023 Adam Williamson <[email protected]> - 0.4.2-1
- Update to 0.4.2
* Tue Mar 21 2023 Adam Williamson <[email protected]> - 0.4.1-1
- Update to 0.4.1
--------------------------------------------------------------------------------
================================================================================
python-twisted-19.10.0-4.el8 (FEDORA-EPEL-2023-73a16276bd)
Twisted is a networking engine written in Python
--------------------------------------------------------------------------------
Update Information:
Backport fixes for CVE-2022-21716 and CVE-2022-24801.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 12 2023 Carl George <[email protected]> - 19.10.0-4
- Backport fix for CVE-2022-24801, resolves: rhbz#2073116
* Mon Nov 28 2022 Diego Herrera <[email protected]> - 19.10.0-3
- Backported CVE-2022-21716 fix from upstream
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2060973 - CVE-2022-21716 python-twisted: SSH client and server
denial of service during SSH handshake [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=2060973
[ 2 ] Bug #2073116 - CVE-2022-24801 python-twisted: possible http request
smuggling [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=2073116
--------------------------------------------------------------------------------
================================================================================
rednotebook-2.29.4-1.el8 (FEDORA-EPEL-2023-e603aaab5e)
Daily journal with calendar, templates and keyword searching
--------------------------------------------------------------------------------
Update Information:
* Wed Apr 12 2023 Phil Wyett <[email protected]> - 2.29.4-1 - New
upstream version 2.29.4. - Use SPDX license identifier. - Requires webkit2gtk4.1
where able. - Little spec file rework.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 12 2023 Phil Wyett <[email protected]> - 2.29.4-1
- New upstream version 2.29.4.
- Use SPDX license identifier.
- Requires webkit2gtk4.1 where able.
- Little spec file rework.
* Fri Jan 20 2023 Fedora Release Engineering <[email protected]> -
2.29.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
texlive-extension-20180414-11.el8 (FEDORA-EPEL-2023-2037e87f4c)
TeX formatting system
--------------------------------------------------------------------------------
Update Information:
this update includes texlive-supertabular
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 12 2023 Than Ngo <[email protected]> - 20180414-11
- fixed #2184736, added supertabular
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2184736 - Please branch and build texlive-supertabular in EPEL 8/9
https://bugzilla.redhat.com/show_bug.cgi?id=2184736
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
