date:20201028

[EPEL-devel] Fedora EPEL 6 updates-testing report

2020-10-28 Thread updates

The following Fedora EPEL 6 Security updates need testing:
 Age  URL
  13  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-2dbce134fd   
singularity-3.6.4-1.el6
   7  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-b21ed088ad   
tcpreplay-4.3.3-3.el6
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-ca0361c919   
lout-3.40-18.el6


The following builds have been pushed to Fedora EPEL 6 updates-testing

python-regex-2020.10.23-1.el6
tomcat-7.0.106-1.el6

Details about builds:



 python-regex-2020.10.23-1.el6 (FEDORA-EPEL-2020-62b3e6fdf6)
 Alternative regular expression module, to replace re

Update Information:

Update python-regex to the latest release.

ChangeLog:

* Wed Oct 28 2020 Thomas Moschny  - 2020.10.23-1
- Update to 2020.10.23.




 tomcat-7.0.106-1.el6 (FEDORA-EPEL-2020-2cde864460)
 Apache Servlet/JSP Engine, RI for Servlet 3.0/JSP 2.2 API

Update Information:

This update includes a rebase from 7.0.105 up to 7.0.106.

ChangeLog:

* Wed Oct 28 2020 Hui Wang  - 1:7.0.106-1
- Update to 7.0.106


___
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org

[EPEL-devel] Fedora EPEL 7 updates-testing report

2020-10-28 Thread updates

The following Fedora EPEL 7 Security updates need testing:
 Age  URL
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-01179f6b9f   
suricata-4.1.9-1.el7
   7  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-e6c7b4cbec   
tcpreplay-4.3.3-3.el7
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-284f18e5de   
lout-3.40-18.el7
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-fd6ec50fa5   
fastd-21-2.el7


The following builds have been pushed to Fedora EPEL 7 updates-testing

chromium-86.0.4240.111-1.el7
perl-HTML-Lint-2.32-7.el7.1
pngcheck-2.3.0-3.el7

Details about builds:



 chromium-86.0.4240.111-1.el7 (FEDORA-EPEL-2020-3157c3d291)
 A WebKit (Blink) powered web browser

Update Information:

Update to Chromium 86. A few big things here:  1. Upstream has made hardware
accelerated video support (VAAPI) for Linux possible without patches. One key
difference is that the patchset used previously in Fedora enabled it by default
and upstream's approach disables it by default. To enable Hardware accelerated
video in chromium, open this link in chromium:  chrome://flags/#enable-
accelerated-video-decode  Be sure it is turned on. Note that not all GPUs are
supported.  2. All the security fixes you expect with a major release:
CVE-2020-15967 CVE-2020-15968 CVE-2020-15969 CVE-2020-15970 CVE-2020-15971
CVE-2020-15972 CVE-2020-15990  CVE-2020-15991 CVE-2020-15973 CVE-2020-15974
CVE-2020-15975 CVE-2020-15976 CVE-2020-6557  CVE-2020-15977  CVE-2020-15978
CVE-2020-15979 CVE-2020-15980 CVE-2020-15981 CVE-2020-15982 CVE-2020-15983
CVE-2020-15984  CVE-2020-15985 CVE-2020-15986 CVE-2020-15987 CVE-2020-15992
CVE-2020-15988 CVE-2020-15989 CVE-2020-16000  CVE-2020-16001 CVE-2020-16002
CVE-2020-16003  3. The EPEL-7 build no longer requires minizip, because Red Hat
removed that package in RHEL 7.9.  4. Without bats acting as pollinators, agave
and cacao plants would struggle. That means that bats are responsible for
tequila and chocolate.

ChangeLog:

* Wed Oct 21 2020 Tom Callaway  - 86.0.4240.111-1
- update to 86.0.4240.111
* Tue Oct 20 2020 Tom Callaway  - 86.0.4240.75-2
- use bundled zlib/minizip on el7 (thanks Red Hat. :P)
* Wed Oct 14 2020 Tom Callaway  - 86.0.4240.75-1
- update to 86.0.4240.75
* Mon Sep 28 2020 Tom Callaway  - 85.0.4183.121-2
- rebuild for libevent

References:

  [ 1 ] Bug #1885883 - CVE-2020-15967 chromium-browser: Use after free in 
payments
https://bugzilla.redhat.com/show_bug.cgi?id=1885883
  [ 2 ] Bug #1885884 - CVE-2020-15968 chromium-browser: Use after free in Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1885884
  [ 3 ] Bug #1885885 - CVE-2020-15969 chromium-browser: Use after free in WebRTC
https://bugzilla.redhat.com/show_bug.cgi?id=1885885
  [ 4 ] Bug #1885886 - CVE-2020-15970 chromium-browser: Use after free in NFC
https://bugzilla.redhat.com/show_bug.cgi?id=1885886
  [ 5 ] Bug #1885887 - CVE-2020-15971 chromium-browser: Use after free in 
printing
https://bugzilla.redhat.com/show_bug.cgi?id=1885887
  [ 6 ] Bug #1885888 - CVE-2020-15972 chromium-browser: Use after free in audio
https://bugzilla.redhat.com/show_bug.cgi?id=1885888
  [ 7 ] Bug #1885889 - CVE-2020-15990 chromium-browser: Use after free in 
autofill
https://bugzilla.redhat.com/show_bug.cgi?id=1885889
  [ 8 ] Bug #1885890 - CVE-2020-15991 chromium-browser: Use after free in 
password manager
https://bugzilla.redhat.com/show_bug.cgi?id=1885890
  [ 9 ] Bug #1885891 - CVE-2020-15973 chromium-browser: Insufficient policy 
enforcement in extensions
https://bugzilla.redhat.com/show_bug.cgi?id=1885891
  [ 10 ] Bug #1885892 - CVE-2020-15974 chromium-browser: Integer overflow in 
Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1885892
  [ 11 ] Bug #1885893 - CVE-2020-15975 chromium-browser: Integer overflow in 
SwiftShader
https://bugzilla.redhat.com/show_bug.cgi?id=1885893
  [ 12 ] Bug #1885894 - CVE-2020-15976 chromium-browser: Use after free in WebXR
https://bugzilla.redhat.com/show_bug.cgi?id=1885894
  [ 13 ] Bug #1885896 - CVE-2020-6557 chromium-browser: Inappropriate 
implementation in networking
https://bugzilla.redhat.com/show_bug.cgi?id=1885896
  [ 14 ] Bug #1885897 - CVE-2020-15977 chromium-browser: Insufficient data 
validation in dialogs
https://bugzilla.redhat.com/show_bug.cgi?id=1885897
  [ 15 ] Bug #1885899 - CVE-2020-15978 chromium-browser: Insufficient data 
validation in navigation
https://bugzilla.redhat.com/show_bug.cgi?id=1885899
  [ 16 ] Bug #1885901 - CVE-2020-15979 chromium-browser: Inappropriate 
implementation in V8

[EPEL-devel] Fedora EPEL 8 updates-testing report

2020-10-28 Thread updates

The following Fedora EPEL 8 Security updates need testing:
 Age  URL
  13  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-69c0102261   
singularity-3.6.4-1.el8
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-b7912a8edb   
suricata-5.0.4-1.el8
   9  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-e85de73cdb   
pdns-recursor-4.3.5-1.el8
   7  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-6ef54b7a2d   
tcpreplay-4.3.3-3.el8
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-4f4de3554d   
fastd-21-1.el8


The following builds have been pushed to Fedora EPEL 8 updates-testing

chromium-86.0.4240.111-1.el8
perl-HTML-Lint-2.32-7.el8
perl-HTTP-Response-Encoding-0.06-32.el8
perl-Pod-Tests-1.20-6.el8
perl-WWW-Mechanize-1.97-1.el8.1
pngcheck-2.3.0-3.el8
python-nuheat-0.3.0-1.el8
wavemon-0.9.2-1.el8

Details about builds:



 chromium-86.0.4240.111-1.el8 (FEDORA-EPEL-2020-5f50399d2e)
 A WebKit (Blink) powered web browser

Update Information:

Update to Chromium 86. A few big things here:  1. Upstream has made hardware
accelerated video support (VAAPI) for Linux possible without patches. One key
difference is that the patchset used previously in Fedora enabled it by default
and upstream's approach disables it by default. To enable Hardware accelerated
video in chromium, open this link in chromium:  chrome://flags/#enable-
accelerated-video-decode  Be sure it is turned on. Note that not all GPUs are
supported.  2. All the security fixes you expect with a major release:
CVE-2020-15967 CVE-2020-15968 CVE-2020-15969 CVE-2020-15970 CVE-2020-15971
CVE-2020-15972 CVE-2020-15990  CVE-2020-15991 CVE-2020-15973 CVE-2020-15974
CVE-2020-15975 CVE-2020-15976 CVE-2020-6557  CVE-2020-15977  CVE-2020-15978
CVE-2020-15979 CVE-2020-15980 CVE-2020-15981 CVE-2020-15982 CVE-2020-15983
CVE-2020-15984  CVE-2020-15985 CVE-2020-15986 CVE-2020-15987 CVE-2020-15992
CVE-2020-15988 CVE-2020-15989 CVE-2020-16000  CVE-2020-16001 CVE-2020-16002
CVE-2020-16003  3. The EPEL-7 build no longer requires minizip, because Red Hat
removed that package in RHEL 7.9.  4. Without bats acting as pollinators, agave
and cacao plants would struggle. That means that bats are responsible for
tequila and chocolate.

ChangeLog:

* Wed Oct 21 2020 Tom Callaway  - 86.0.4240.111-1
- update to 86.0.4240.111
* Tue Oct 20 2020 Tom Callaway  - 86.0.4240.75-2
- use bundled zlib/minizip on el7 (thanks Red Hat. :P)
* Wed Oct 14 2020 Tom Callaway  - 86.0.4240.75-1
- update to 86.0.4240.75
* Mon Sep 28 2020 Tom Callaway  - 85.0.4183.121-2
- rebuild for libevent

References:

  [ 1 ] Bug #1885883 - CVE-2020-15967 chromium-browser: Use after free in 
payments
https://bugzilla.redhat.com/show_bug.cgi?id=1885883
  [ 2 ] Bug #1885884 - CVE-2020-15968 chromium-browser: Use after free in Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1885884
  [ 3 ] Bug #1885885 - CVE-2020-15969 chromium-browser: Use after free in WebRTC
https://bugzilla.redhat.com/show_bug.cgi?id=1885885
  [ 4 ] Bug #1885886 - CVE-2020-15970 chromium-browser: Use after free in NFC
https://bugzilla.redhat.com/show_bug.cgi?id=1885886
  [ 5 ] Bug #1885887 - CVE-2020-15971 chromium-browser: Use after free in 
printing
https://bugzilla.redhat.com/show_bug.cgi?id=1885887
  [ 6 ] Bug #1885888 - CVE-2020-15972 chromium-browser: Use after free in audio
https://bugzilla.redhat.com/show_bug.cgi?id=1885888
  [ 7 ] Bug #1885889 - CVE-2020-15990 chromium-browser: Use after free in 
autofill
https://bugzilla.redhat.com/show_bug.cgi?id=1885889
  [ 8 ] Bug #1885890 - CVE-2020-15991 chromium-browser: Use after free in 
password manager
https://bugzilla.redhat.com/show_bug.cgi?id=1885890
  [ 9 ] Bug #1885891 - CVE-2020-15973 chromium-browser: Insufficient policy 
enforcement in extensions
https://bugzilla.redhat.com/show_bug.cgi?id=1885891
  [ 10 ] Bug #1885892 - CVE-2020-15974 chromium-browser: Integer overflow in 
Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1885892
  [ 11 ] Bug #1885893 - CVE-2020-15975 chromium-browser: Integer overflow in 
SwiftShader
https://bugzilla.redhat.com/show_bug.cgi?id=1885893
  [ 12 ] Bug #1885894 - CVE-2020-15976 chromium-browser: Use after free in WebXR
https://bugzilla.redhat.com/show_bug.cgi?id=1885894
  [ 13 ] Bug #1885896 - CVE-2020-6557 chromium-browser: Inappropriate 
implementation in networking
https://bugzilla.redhat.com/show_bug.cgi?id=1885896
  [ 14 ] Bug #1885897 - CVE-2020-15977 chromium-browser: Insufficient data 
validation in dialogs
https://bugzilla.redhat.com/show_bug.c

[EPEL-devel] Fedora EPEL 6 updates-testing report

[EPEL-devel] Fedora EPEL 7 updates-testing report

[EPEL-devel] Fedora EPEL 8 updates-testing report

3 matches

Site Navigation

Mail list logo

Footer information