The following Fedora EPEL 8 Security updates need testing:
Age URL
65 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-1e00c3d01e
cutter-re-2.2.0-1.el8 rizin-0.5.1-1.el8
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-29e8ff9273
osslsigncode-2.5-3.el8
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-78e9d2e031
dropbear-2019.78-5.el8
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-9f9a39afa5
editorconfig-0.12.6-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
chromium-113.0.5672.126-1.el8
eccodes-2.30.0-1.el8
liblxi-1.20-1.el8
Details about builds:
================================================================================
chromium-113.0.5672.126-1.el8 (FEDORA-EPEL-2023-2694488870)
A WebKit (Blink) powered web browser that Google doesn't want you to use
--------------------------------------------------------------------------------
Update Information:
update to 113.0.5672.126. Fixes the many security issues
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 17 2023 Than Ngo <[email protected]> - 113.0.5672.126-1
- drop clang workaround for el8
- update to 113.0.5672.126
* Tue May 9 2023 Than Ngo <[email protected]> - 113.0.5672.92-1
- update to 113.0.5672.92
* Wed May 3 2023 Than Ngo <[email protected]> - 113.0.5672.63-1
- update to 113.0.5672.63
* Sun Apr 23 2023 Than Ngo <[email protected]> - 112.0.5615.165-2
- make --use-gl=egl default for x11/wayland
- enable WebUIDarkMode
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2192762 - CVE-2023-2459 chromium-browser: Inappropriate
implementation in Prompts
https://bugzilla.redhat.com/show_bug.cgi?id=2192762
[ 2 ] Bug #2192763 - CVE-2023-2460 chromium-browser: Insufficient validation
of untrusted input in Extensions
https://bugzilla.redhat.com/show_bug.cgi?id=2192763
[ 3 ] Bug #2192764 - CVE-2023-2461 chromium-browser: Use after free in OS
Inputs
https://bugzilla.redhat.com/show_bug.cgi?id=2192764
[ 4 ] Bug #2192765 - CVE-2023-2462 chromium-browser: Inappropriate
implementation in Prompts
https://bugzilla.redhat.com/show_bug.cgi?id=2192765
[ 5 ] Bug #2192766 - CVE-2023-2463 chromium-browser: Inappropriate
implementation in Full Screen Mode
https://bugzilla.redhat.com/show_bug.cgi?id=2192766
[ 6 ] Bug #2192767 - CVE-2023-2464 chromium-browser: Inappropriate
implementation in PictureInPicture
https://bugzilla.redhat.com/show_bug.cgi?id=2192767
[ 7 ] Bug #2192768 - CVE-2023-2465 chromium-browser: Inappropriate
implementation in CORS
https://bugzilla.redhat.com/show_bug.cgi?id=2192768
[ 8 ] Bug #2192769 - CVE-2023-2466 chromium-browser: Inappropriate
implementation in Prompts
https://bugzilla.redhat.com/show_bug.cgi?id=2192769
[ 9 ] Bug #2192770 - CVE-2023-2467 chromium-browser: Inappropriate
implementation in Prompts
https://bugzilla.redhat.com/show_bug.cgi?id=2192770
[ 10 ] Bug #2192771 - CVE-2023-2468 chromium-browser: Inappropriate
implementation in PictureInPicture
https://bugzilla.redhat.com/show_bug.cgi?id=2192771
--------------------------------------------------------------------------------
================================================================================
eccodes-2.30.0-1.el8 (FEDORA-EPEL-2023-f971004f31)
WMO data format decoding and encoding
--------------------------------------------------------------------------------
Update Information:
Upgrade to upstream version 2.30.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 18 2023 Jos de Kloe <[email protected]> - 2.30.0-1
- Upgrade to upstream version 2.30.0
- explicitly switch on ENABLE_AEC
- migrated to SPDX license
* Wed Jun 1 2022 Jos de Kloe <[email protected]> - 2.26.0-1
- Upgrade to upstream version 2.26.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2208249 - eccodes-2.23.0-1.el7
https://bugzilla.redhat.com/show_bug.cgi?id=2208249
--------------------------------------------------------------------------------
================================================================================
liblxi-1.20-1.el8 (FEDORA-EPEL-2023-fd0f88e4b8)
Library with simple API for communication with LXI devices
--------------------------------------------------------------------------------
Update Information:
# liblxi v1.20 * refactor(bonjour): Fix typo & refine browse default domain *
feat(bonjour): Add mdns support for macOS
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 20 2023 Robert Scheck <[email protected]> 1.20-1
- Upgrade to 1.20 (#2208790)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2208790 - liblxi-1.20 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2208790
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
