The following Fedora EPEL 7 Security updates need testing:
Age URL
28 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-4a9fc09599 openjpeg2-2.3.1-10.el7
10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-143227c7ed sympa-6.2.60-1.el7
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-5843fdc72c adplug-2.3.3-1.el7 audacious-plugins-4.0.5-3.el7
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-6bfa86551f coturn-4.5.2-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
blitz-1.0.1-5.el7
chromium-87.0.4280.141-1.el7
liferea-1.13.5-1.el7
python-junit_xml-1.7-2.el7
qpid-proton-0.33.0-1.el7
Details about builds:
================================================================================
blitz-1.0.1-5.el7 (FEDORA-EPEL-2021-77e387a201)
C++ class library for matrix scientific computing
--------------------------------------------------------------------------------
Update Information:
Blitz is a C++ matrix library
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1140772 - Please build an EPEL7 build of blitz
https://bugzilla.redhat.com/show_bug.cgi?id=1140772
--------------------------------------------------------------------------------
================================================================================
chromium-87.0.4280.141-1.el7 (FEDORA-EPEL-2021-d851c69e59)
A WebKit (Blink) powered web browser
--------------------------------------------------------------------------------
Update Information:
Update Chromium to 87.0.4280.141. Fixes: CVE-2021-21106 CVE-2021-21107
CVE-2021-21108 CVE-2021-21109 CVE-2021-21110 CVE-2021-21111 CVE-2021-21112
CVE-2021-21113 CVE-2020-16043 CVE-2021-21114 CVE-2020-15995 CVE-2021-21115
CVE-2021-21116
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 13 2021 Tom Callaway <spot(a)fedoraproject.org> - 87.0.4280.141-1
- update to 87.0.4280.141
* Wed Dec 30 2020 Tom Callaway <spot(a)fedoraproject.org> - 87.0.4280.88-2
- rebuild against new gcc (rawhide)
* Thu Dec 17 2020 Tom Callaway <spot(a)fedoraproject.org> - 87.0.4280.88-1.1
- add two patches for missing headers to build with gcc 11
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1913624 - CVE-2021-21106 chromium-browser: Use after free in autofill
https://bugzilla.redhat.com/show_bug.cgi?id=1913624
[ 2 ] Bug #1913625 - CVE-2021-21107 chromium-browser: Use after free in drag and drop
https://bugzilla.redhat.com/show_bug.cgi?id=1913625
[ 3 ] Bug #1913626 - CVE-2021-21108 chromium-browser: Use after free in media
https://bugzilla.redhat.com/show_bug.cgi?id=1913626
[ 4 ] Bug #1913627 - CVE-2021-21109 chromium-browser: Use after free in payments
https://bugzilla.redhat.com/show_bug.cgi?id=1913627
[ 5 ] Bug #1913629 - CVE-2021-21110 chromium-browser: Use after free in safe browsing
https://bugzilla.redhat.com/show_bug.cgi?id=1913629
[ 6 ] Bug #1913630 - CVE-2021-21111 chromium-browser: Insufficient policy enforcement in WebUI
https://bugzilla.redhat.com/show_bug.cgi?id=1913630
[ 7 ] Bug #1913631 - CVE-2021-21112 chromium-browser: Use after free in Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1913631
[ 8 ] Bug #1913632 - CVE-2021-21113 chromium-browser: Heap buffer overflow in Skia
https://bugzilla.redhat.com/show_bug.cgi?id=1913632
[ 9 ] Bug #1913633 - CVE-2020-16043 chromium-browser: Insufficient data validation in networking
https://bugzilla.redhat.com/show_bug.cgi?id=1913633
[ 10 ] Bug #1913634 - CVE-2021-21114 chromium-browser: Use after free in audio
https://bugzilla.redhat.com/show_bug.cgi?id=1913634
[ 11 ] Bug #1913635 - CVE-2020-15995 chromium-browser: Out of bounds write in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1913635
[ 12 ] Bug #1913636 - CVE-2021-21115 chromium-browser: Use after free in safe browsing
https://bugzilla.redhat.com/show_bug.cgi?id=1913636
[ 13 ] Bug #1913637 - CVE-2021-21116 chromium-browser: Heap buffer overflow in audio
https://bugzilla.redhat.com/show_bug.cgi?id=1913637
--------------------------------------------------------------------------------
================================================================================
liferea-1.13.5-1.el7 (FEDORA-EPEL-2021-9d5b0573f0)
An RSS/RDF feed reader
--------------------------------------------------------------------------------
Update Information:
new version
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 12 2021 josef radinger <cheese(a)nosuchhost.net> - 1:1.13.5-1
- bump version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1786583 - liferea switched ui language partly from german to english
https://bugzilla.redhat.com/show_bug.cgi?id=1786583
--------------------------------------------------------------------------------
================================================================================
python-junit_xml-1.7-2.el7 (FEDORA-EPEL-2021-4e73834f3e)
Python module for creating JUnit XML test result documents
--------------------------------------------------------------------------------
Update Information:
Add missing python2-six/python36-six dependency; various packaging improvements
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 14 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> - 1.7-2
- Drop EL6 support
- Drop unnecessary macros
- Do not conditionalize Python 3 build
- Update summary and description from upstream
- Use %python3_pkgversion where appropriate
- Add missing BR on setuptools
- Add missing runtime requirement for python*-six
--------------------------------------------------------------------------------
================================================================================
qpid-proton-0.33.0-1.el7 (FEDORA-EPEL-2021-3b1aa447f7)
A high performance, lightweight messaging library
--------------------------------------------------------------------------------
Update Information:
Rebased to 0.33.0.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 14 2021 Irina Boverman <iboverma(a)redhat.com> - 0.33.0-1
- Rebased to 0.33.0
--------------------------------------------------------------------------------
Dear all,
You are kindly invited to the meeting:
EPEL Steering Committee on 2021-01-15 from 17:00:00 to 18:00:00 US/Eastern
At fedora-meeting(a)irc.freenode.net
The meeting will be about:
This is the weekly EPEL Steering Committee Meeting.
A general agenda is the following:
#meetingname EPEL
#topic Intros
#topic Old Business
#topic EPEL-7
#topic EPEL-8
#topic Openfloor
#endmeeting
Source: https://apps.fedoraproject.org/calendar/meeting/9854/
The following Fedora EPEL 8 Security updates need testing:
Age URL
13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-001e4d949f dia-0.97.3-16.el8
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-bd945e3b55 adplug-2.3.3-1.el8 audacious-plugins-4.0.5-3.el8
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-e976495093 coturn-4.5.2-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
autojump-22.5.3-3.el8
ipv6calc-3.0.1-48.el8
perl-Crypt-GPG-1.64-19.el8
python-pystemd-0.8.0-1.el8
singularity-3.7.1-1.el8
Details about builds:
================================================================================
autojump-22.5.3-3.el8 (FEDORA-EPEL-2021-2f0e55a233)
A fast way to navigate your filesystem from the command line
--------------------------------------------------------------------------------
Update Information:
Initial EPEL8 release
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1899791 - Please branch and build autojump for EPEL 8
https://bugzilla.redhat.com/show_bug.cgi?id=1899791
--------------------------------------------------------------------------------
================================================================================
ipv6calc-3.0.1-48.el8 (FEDORA-EPEL-2021-30d32ca4fb)
IPv6 address format change and calculation utility
--------------------------------------------------------------------------------
Update Information:
Final release 3.0.1
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 13 2021 Peter Bieringer <pb(a)bieringer.de> - 3.0.1-48
- Final release 3.0.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1915669 - ipv6calc-3.0.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1915669
--------------------------------------------------------------------------------
================================================================================
perl-Crypt-GPG-1.64-19.el8 (FEDORA-EPEL-2021-1914ea0002)
Perl Object Oriented Interface to GnuPG
--------------------------------------------------------------------------------
Update Information:
The Crypt::GPG module provides access to the functionality of the GnuPG v1
(www.gnupg.org) encryption tool through an object oriented interface. It
provides methods for encryption, decryption, signing, signature verification,
key generation, key certification, export and import.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
python-pystemd-0.8.0-1.el8 (FEDORA-EPEL-2021-f9f8d631cb)
A thin Cython-based wrapper on top of libsystemd
--------------------------------------------------------------------------------
Update Information:
Initial EPEL8 release
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
singularity-3.7.1-1.el8 (FEDORA-EPEL-2021-4c2fa578e4)
Application and environment virtualization
--------------------------------------------------------------------------------
Update Information:
Upgrade to upstream 3.7.1.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 12 2021 Dave Dykstra <dwd(a)fedoraproject.org> - 3.7.1-1
- Upgrade to upstream 3.7.1.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1915866 - singularity-3.7.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1915866
--------------------------------------------------------------------------------
The following Fedora EPEL 7 Security updates need testing:
Age URL
26 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-4a9fc09599 openjpeg2-2.3.1-10.el7
13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-ab8d229496 awstats-7.8-2.el7
12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-a8b2c928f5 dia-0.97.3-16.el7
8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-143227c7ed sympa-6.2.60-1.el7
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-5843fdc72c adplug-2.3.3-1.el7 audacious-plugins-4.0.5-3.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-6bfa86551f coturn-4.5.2-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
fmf-0.14-1.el7
gnupg1-1.4.23-14.el7
holland-1.1.22-1.el7
libmodulemd2-2.11.2-2.el7
python-redis-2.10.6-2.el7
Details about builds:
================================================================================
fmf-0.14-1.el7 (FEDORA-EPEL-2021-e04b6022df)
Flexible Metadata Format
--------------------------------------------------------------------------------
Update Information:
Recursive merging, continue default, special comparisons...
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 12 2021 Petr ��pl��chal <psplicha(a)redhat.com> - 0.14-1
- Adjust context docs, fix typos, style cleanup
- Left vs Right side in Context matches
- Simplify deep merging, adjust test suite a bit
- Implement recursive merging of data
- Remove the duplicate build job from packit config
- Adjust 'make test' to work under virtualenv
- Update the adjust continue key default to True
--------------------------------------------------------------------------------
================================================================================
gnupg1-1.4.23-14.el7 (FEDORA-EPEL-2021-a615940d77)
A GNU utility for secure communication and data storage
--------------------------------------------------------------------------------
Update Information:
First build of gnupg1 for EPEL7
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
holland-1.1.22-1.el7 (FEDORA-EPEL-2021-4ca3ab656f)
Pluggable Backup Framework
--------------------------------------------------------------------------------
Update Information:
Latest Upstream Release.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 12 2021 Sam P <survient(a)fedoraproject.org> - 1.1.22-1
- Updated to latest upstream release.
--------------------------------------------------------------------------------
================================================================================
libmodulemd2-2.11.2-2.el7 (FEDORA-EPEL-2021-fcf44d3fdc)
Module metadata manipulation library
--------------------------------------------------------------------------------
Update Information:
Fix issue with ModuleIndex when input contains only Obsoletes documents ----
Update to libmodulemd 2.11.2 Also fixes a bug when trying to import the python2
bindings.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 12 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 2.11.2-2
- Fix issue with ModuleIndex when input contains only Obsoletes documents
* Mon Jan 11 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 2.11.2-1.1
- Fix issue with loading python2 bindings
* Thu Jan 7 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 2.11.2-1
- Release 2.11.2
- Extend read_packager_[file|string]() to support overriding the module name
and stream.
--------------------------------------------------------------------------------
================================================================================
python-redis-2.10.6-2.el7 (FEDORA-EPEL-2021-851ea5f59f)
Python 2 interface to the Redis key-value store
--------------------------------------------------------------------------------
Update Information:
Enable Python 3 build
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 4 2020 Frantisek Zatloukal <fzatlouk(a)redhat.com> - 2.10.6-2
- Enable Python 3 build
--------------------------------------------------------------------------------
The following Fedora EPEL 8 Security updates need testing:
Age URL
13 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-d4406c9c75 awstats-7.8-2.el8
12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-001e4d949f dia-0.97.3-16.el8
7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-bd945e3b55 adplug-2.3.3-1.el8 audacious-plugins-4.0.5-3.el8
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-e976495093 coturn-4.5.2-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
fmf-0.14-1.el8
gnupg1-1.4.23-14.el8
libmongocrypt-1.1.0-1.el8
python-s3transfer-0.3.4-1.el8
python-strictyaml-1.3.1-1.el8
votca-csg-1.6.4-1.el8
votca-tools-1.6.4-1.el8
votca-xtp-1.6.4-1.el8
Details about builds:
================================================================================
fmf-0.14-1.el8 (FEDORA-EPEL-2021-0f3b71236e)
Flexible Metadata Format
--------------------------------------------------------------------------------
Update Information:
Recursive merging, continue default, special comparisons...
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 12 2021 Petr ��pl��chal <psplicha(a)redhat.com> - 0.14-1
- Adjust context docs, fix typos, style cleanup
- Left vs Right side in Context matches
- Simplify deep merging, adjust test suite a bit
- Implement recursive merging of data
- Remove the duplicate build job from packit config
- Adjust 'make test' to work under virtualenv
- Update the adjust continue key default to True
--------------------------------------------------------------------------------
================================================================================
gnupg1-1.4.23-14.el8 (FEDORA-EPEL-2021-dbcfb6a209)
A GNU utility for secure communication and data storage
--------------------------------------------------------------------------------
Update Information:
First build of gnupg1 for EPEL8
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
libmongocrypt-1.1.0-1.el8 (FEDORA-EPEL-2021-95423819e8)
The companion C library for client side encryption in drivers
--------------------------------------------------------------------------------
Update Information:
**Version 1.1.0** Added - Add ENABLE_PIC cmake option, set to ON by default,
so static libraries build with -fPIC by default on relevant systems. Fixed -
Errors produced in all crypto callbacks are propagated to user. ---- **Version
1.1.0-beta1** Deprecated - mongocrypt_setopt_kms_provider_aws and
mongocrypt_setopt_kms_provider_local are deprecated in favor of the more
flexible mongocrypt_setopt_kms_providers, which supports configuration of all
KMS providers. - mongocrypt_ctx_setopt_masterkey_aws,
mongocrypt_ctx_setopt_masterkey_aws_endpoint, and
mongocrypt_ctx_setopt_masterkey_local are deprecated in favor of the more
flexible mongocrypt_ctx_setopt_key_encryption_key, which supports configuration
for all KMS providers. Added - Introduces a new crypto hook for signing the
JSON Web Token (JWT) for Google Cloud Platform (GCP) requests: -
mongocrypt_setopt_crypto_hook_sign_rsaes_pkcs1_v1_5 - Introduces a CLI utility
`csfle` to test the context state machine against live KMS, mongocryptd, and
mongod. See ./test/util/README.md. - Introduces two new functions to the
libmongocrypt API. - mongocrypt_setopt_kms_providers To set the KMS
providers. - mongocrypt_ctx_setopt_key_encryption_key To set the key
encryption key. - Adds support for Azure and GCP KMS providers.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 12 2021 Remi Collet <remi(a)remirepo.net> - 1.1.0-1
- update to 1.1.0
- fix cmake macros usage
--------------------------------------------------------------------------------
================================================================================
python-s3transfer-0.3.4-1.el8 (FEDORA-EPEL-2021-a63102b8c5)
Amazon S3 Transfer Manager
--------------------------------------------------------------------------------
Update Information:
0.3.4
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 12 2021 Gwyn Ciesla <gwync(a)protonmail.com> - 0.3.4-1
- 0.3.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1915124 - python-s3transfer-0.3.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1915124
--------------------------------------------------------------------------------
================================================================================
python-strictyaml-1.3.1-1.el8 (FEDORA-EPEL-2021-be5ced9777)
Parses and validates a restricted subset of YAML
--------------------------------------------------------------------------------
Update Information:
Update to 1.3.1 BUGFIX : Fix for faulty Url validator ---- Update to 1.3.0
FEATURE : Use dict instead of OrderedDict for Python 3.7+ BUGFIX : Require Regex
to be a full match FEATURE: Support underscores in int and decimal ---- Update
to version 1.2.0: FEATURE : Optional keys in mappings and set value to None -
with thanks to @wwoods.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 12 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> - 1.3.1-1
- Update to 1.3.1
* Sun Jan 10 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> - 1.3.0-1
- Update to 1.3.0
* Sat Jan 2 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> - 1.2.0-1
- Update to version 1.2.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1912012 - python-strictyaml-1.2.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1912012
[ 2 ] Bug #1915282 - python-strictyaml-1.3.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1915282
--------------------------------------------------------------------------------
================================================================================
votca-csg-1.6.4-1.el8 (FEDORA-EPEL-2021-66712742e1)
VOTCA coarse-graining engine
--------------------------------------------------------------------------------
Update Information:
Bump Votca package to v1.6.4
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 12 2021 Christoph Junghans <junghans(a)lanl.gov> - 1.6.4-1
- Version bump to v1.6.4 (bug #1915545)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1915543 - votca-tools-1.6.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1915543
[ 2 ] Bug #1915545 - votca-csg-1.6.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1915545
[ 3 ] Bug #1915546 - votca-xtp-1.6.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1915546
--------------------------------------------------------------------------------
================================================================================
votca-tools-1.6.4-1.el8 (FEDORA-EPEL-2021-66712742e1)
VOTCA tools library
--------------------------------------------------------------------------------
Update Information:
Bump Votca package to v1.6.4
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 12 2021 Christoph Junghans <junghans(a)votca.org> - 1.6.4-1
- Version bump to v1.6.4 (bug #1915543)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1915543 - votca-tools-1.6.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1915543
[ 2 ] Bug #1915545 - votca-csg-1.6.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1915545
[ 3 ] Bug #1915546 - votca-xtp-1.6.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1915546
--------------------------------------------------------------------------------
================================================================================
votca-xtp-1.6.4-1.el8 (FEDORA-EPEL-2021-66712742e1)
VOTCA excitation and charge properties module
--------------------------------------------------------------------------------
Update Information:
Bump Votca package to v1.6.4
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 12 2021 Christoph Junghans <junghans(a)lanl.gov> - 1.6.4-1
- Version bump to v1.6.4 (bug #1915546)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1915543 - votca-tools-1.6.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1915543
[ 2 ] Bug #1915545 - votca-csg-1.6.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1915545
[ 3 ] Bug #1915546 - votca-xtp-1.6.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1915546
--------------------------------------------------------------------------------
The following Fedora EPEL 7 Security updates need testing:
Age URL
24 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-4a9fc09599 openjpeg2-2.3.1-10.el7
11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-ab8d229496 awstats-7.8-2.el7
10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-a8b2c928f5 dia-0.97.3-16.el7
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-143227c7ed sympa-6.2.60-1.el7
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-5843fdc72c adplug-2.3.3-1.el7 audacious-plugins-4.0.5-3.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
coturn-4.5.2-1.el7
libmodulemd2-2.11.2-1.1.el7
s3fs-fuse-1.88-1.el7
Details about builds:
================================================================================
coturn-4.5.2-1.el7 (FEDORA-EPEL-2021-6bfa86551f)
TURN/STUN & ICE Server
--------------------------------------------------------------------------------
Update Information:
Coturn 4.5.2 ============ - Fix null pointer dereference in case of out of
memory - Add prometheus metrics - Delete trailing whitespace in example
configuration files - Add architecture ppc64le to travis build - Fix
misleading option in doc (prometheus) - Allow RFC6062 TCP relay data to look
like TLS - Add support for proxy protocol V1 - Print full date and time in
logs - Add new options: "new-log-timestamp" and "new-log-timestamp-format" -
Do not use FIPS and remove hardcode `OPENSSL_VERSION_NUMBER` with LibreSSL -
Add ACME redirect url - Support of `--acme-redirect <URL>` - Fix acme
security, redundancy, consistency - Disable binding request logging to avoid
DoS attacks (Breaking change!) - Add new `--log-binding` option to enable
binding request logging - Fix stale-nonce documentation - Version number is
changed to semver 2.0 - pkg-config, and various cleanups in configure file -
Add systemd notification for better systemd integration - Fix: Null pointer
dereference on tcp_client_input_handler_rfc6062data function - Fix: use-after-
free vulnerability on write_to_peerchannel function - Fix: use-after-free
vulnerability on write_client_connection function - Little refactoring
prometheus - Fix c++ support - Simplify - Remove session
id/allocation labels - Remove per session metrics - Fix CVE-2020-26262
- Fix ipv6 ::1 loopback check - Not allow allocate peer address 0.0.0.0/8
and ::/128 - For more details see the github security advisory:
https://github.com/coturn/coturn/security/advisories/GHSA-6g6j-r9rf-cm7p
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 11 2021 Robert Scheck <robert(a)fedoraproject.org> - 4.5.2-1
- Upgrade to 4.5.2 (#1914861)
* Sun Sep 27 2020 Christian Glombek <lorbus(a)fedoraproject.org> - 4.5.1.3-3
- Rebuilt for libevent 2.1.12 soname bump
* Mon Jul 27 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.5.1.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1915045 - CVE-2020-26262 coturn: Loopback access control bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1915045
--------------------------------------------------------------------------------
================================================================================
libmodulemd2-2.11.2-1.1.el7 (FEDORA-EPEL-2021-07fff01e4a)
Module metadata manipulation library
--------------------------------------------------------------------------------
Update Information:
Update to libmodulemd 2.11.2 Also fixes a bug when trying to import the python2
bindings.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 11 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 2.11.2-1.1
- Fix issue with loading python2 bindings
* Thu Jan 7 2021 Stephen Gallagher <sgallagh(a)redhat.com> - 2.11.2-1
- Release 2.11.2
- Extend read_packager_[file|string]() to support overriding the module name
and stream.
--------------------------------------------------------------------------------
================================================================================
s3fs-fuse-1.88-1.el7 (FEDORA-EPEL-2021-8873b594c6)
FUSE-based file system backed by Amazon S3
--------------------------------------------------------------------------------
Update Information:
Update to 1.88 from https://github.com/s3fs-fuse/s3fs-fuse (#1914881) Full
changelog: https://github.com/s3fs-fuse/s3fs-fuse/releases/tag/v1.88
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 11 2021 Julio Gonz��lez Gil <packages(a)juliogonzalez.es> - 1.88-1
- Update to 1.88 from https://github.com/s3fs-fuse/s3fs-fuse (#1914881)
Full changelog: https://github.com/s3fs-fuse/s3fs-fuse/releases/tag/v1.88
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1914881 - s3fs-fuse-1.88 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1914881
--------------------------------------------------------------------------------
The following Fedora EPEL 8 Security updates need testing:
Age URL
11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-d4406c9c75 awstats-7.8-2.el8
10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-001e4d949f dia-0.97.3-16.el8
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-bd945e3b55 adplug-2.3.3-1.el8 audacious-plugins-4.0.5-3.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
coturn-4.5.2-1.el8
duplicity-0.8.18-1.el8
gengetopt-2.23-3.el8
htop-3.0.5-1.el8
plasma-applet-translator-0.8-1.el8
python-rfc3987-1.3.7-15.el8
python-slixmpp-1.5.2-2.el8
s3fs-fuse-1.88-1.el8
Details about builds:
================================================================================
coturn-4.5.2-1.el8 (FEDORA-EPEL-2021-e976495093)
TURN/STUN & ICE Server
--------------------------------------------------------------------------------
Update Information:
Coturn 4.5.2 ============ - Fix null pointer dereference in case of out of
memory - Add prometheus metrics - Delete trailing whitespace in example
configuration files - Add architecture ppc64le to travis build - Fix
misleading option in doc (prometheus) - Allow RFC6062 TCP relay data to look
like TLS - Add support for proxy protocol V1 - Print full date and time in
logs - Add new options: "new-log-timestamp" and "new-log-timestamp-format" -
Do not use FIPS and remove hardcode `OPENSSL_VERSION_NUMBER` with LibreSSL -
Add ACME redirect url - Support of `--acme-redirect <URL>` - Fix acme
security, redundancy, consistency - Disable binding request logging to avoid
DoS attacks (Breaking change!) - Add new `--log-binding` option to enable
binding request logging - Fix stale-nonce documentation - Version number is
changed to semver 2.0 - pkg-config, and various cleanups in configure file -
Add systemd notification for better systemd integration - Fix: Null pointer
dereference on tcp_client_input_handler_rfc6062data function - Fix: use-after-
free vulnerability on write_to_peerchannel function - Fix: use-after-free
vulnerability on write_client_connection function - Little refactoring
prometheus - Fix c++ support - Simplify - Remove session
id/allocation labels - Remove per session metrics - Fix CVE-2020-26262
- Fix ipv6 ::1 loopback check - Not allow allocate peer address 0.0.0.0/8
and ::/128 - For more details see the github security advisory:
https://github.com/coturn/coturn/security/advisories/GHSA-6g6j-r9rf-cm7p
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 11 2021 Robert Scheck <robert(a)fedoraproject.org> - 4.5.2-1
- Upgrade to 4.5.2 (#1914861)
* Sun Sep 27 2020 Christian Glombek <lorbus(a)fedoraproject.org> - 4.5.1.3-3
- Rebuilt for libevent 2.1.12 soname bump
* Mon Jul 27 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.5.1.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1915045 - CVE-2020-26262 coturn: Loopback access control bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1915045
--------------------------------------------------------------------------------
================================================================================
duplicity-0.8.18-1.el8 (FEDORA-EPEL-2021-22f638da42)
Encrypted bandwidth-efficient backup using rsync algorithm
--------------------------------------------------------------------------------
Update Information:
0.8.18
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 11 2021 Gwyn Ciesla <gwync(a)protonmail.com> - 0.8.18-1
- 0.8.18
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1914552 - duplicity-0.8.18 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1914552
--------------------------------------------------------------------------------
================================================================================
gengetopt-2.23-3.el8 (FEDORA-EPEL-2021-3ae7b1ed61)
Tool to write command line option parsing code for C programs
--------------------------------------------------------------------------------
Update Information:
New package for epel8
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1792864 - Please, provide the package in EPEL8
https://bugzilla.redhat.com/show_bug.cgi?id=1792864
--------------------------------------------------------------------------------
================================================================================
htop-3.0.5-1.el8 (FEDORA-EPEL-2021-dfea948821)
Interactive process viewer
--------------------------------------------------------------------------------
Update Information:
- Update to 3.0.5
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 11 2021 Mukundan Ragavan <nonamedotc(a)fedoraproject.org> - 3.0.5-1
- Update to 3.0.5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1915002 - htop-3.0.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1915002
--------------------------------------------------------------------------------
================================================================================
plasma-applet-translator-0.8-1.el8 (FEDORA-EPEL-2021-aef97be0c8)
Plasma 5 applet for translate-shell
--------------------------------------------------------------------------------
Update Information:
Update to 0.8.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 10 2021 Vasiliy Glazov <vascom2(a)gmail.com> - 0.8-1
- Update to 0.8
--------------------------------------------------------------------------------
================================================================================
python-rfc3987-1.3.7-15.el8 (FEDORA-EPEL-2021-5494ad5d24)
Parsing and validation of URIs (RFC 3986) and IRIs (RFC 3987)
--------------------------------------------------------------------------------
Update Information:
new package
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
python-slixmpp-1.5.2-2.el8 (FEDORA-EPEL-2021-4436106081)
Slixmpp is an XMPP library for Python 3.5+
--------------------------------------------------------------------------------
Update Information:
Initial import from fedora/rawhide
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
s3fs-fuse-1.88-1.el8 (FEDORA-EPEL-2021-05940c8cba)
FUSE-based file system backed by Amazon S3
--------------------------------------------------------------------------------
Update Information:
Update to 1.88 from https://github.com/s3fs-fuse/s3fs-fuse (#1914881) Full
changelog: https://github.com/s3fs-fuse/s3fs-fuse/releases/tag/v1.88
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 11 2021 Julio Gonz��lez Gil <packages(a)juliogonzalez.es> - 1.88-1
- Update to 1.88 from https://github.com/s3fs-fuse/s3fs-fuse (#1914881)
Full changelog: https://github.com/s3fs-fuse/s3fs-fuse/releases/tag/v1.88
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1914881 - s3fs-fuse-1.88 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1914881
--------------------------------------------------------------------------------
The following Fedora EPEL 8 Security updates need testing:
Age URL
11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-d4406c9c75 awstats-7.8-2.el8
10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-001e4d949f dia-0.97.3-16.el8
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-bd945e3b55 adplug-2.3.3-1.el8 audacious-plugins-4.0.5-3.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
bleachbit-4.2.0-1.el8
bpytop-1.0.58-1.el8
python-strictyaml-1.3.0-1.el8
xmakemol-5.16-10.el8
Details about builds:
================================================================================
bleachbit-4.2.0-1.el8 (FEDORA-EPEL-2021-04e7bb5ca8)
Remove sensitive data and free up disk space
--------------------------------------------------------------------------------
Update Information:
Bump to upstream version 4.2.0, which, among other things, adds new cleaners and
regular expression-based searches during deep scans.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 6 2021 Andrew Toskin <andrew(a)tosk.in> - 4.2.0-1
- Bump to upstream version 4.2.0, which, among other things, adds new
cleaners and regular expression-based searches during deep scans.
* Mon Jul 27 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.0.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
bpytop-1.0.58-1.el8 (FEDORA-EPEL-2021-638c1d6d69)
Linux/OSX/FreeBSD resource monitor
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 10 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> - 1.0.58-1
- build(update): 1.0.58
* Wed Jan 6 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> - 1.0.57-1
- build(update): 1.0.57
* Tue Jan 5 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> - 1.0.56-1
- build(update): 1.0.56
* Sat Jan 2 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> - 1.0.55-1
- build(update): 1.0.55
* Thu Dec 31 2020 Artem Polishchuk <ego.cordatus(a)gmail.com> - 1.0.54-1
- build(update): 1.0.54
* Wed Dec 30 2020 Artem Polishchuk <ego.cordatus(a)gmail.com> - 1.0.53-1
- build(update): 1.0.53
* Sat Dec 19 2020 Artem Polishchuk <ego.cordatus(a)gmail.com> - 1.0.51-1
- build(update): 1.0.51
--------------------------------------------------------------------------------
================================================================================
python-strictyaml-1.3.0-1.el8 (FEDORA-EPEL-2021-7f63b3a2e0)
Parses and validates a restricted subset of YAML
--------------------------------------------------------------------------------
Update Information:
Update to 1.3.0 FEATURE : Use dict instead of OrderedDict for Python 3.7+ BUGFIX
: Require Regex to be a full match FEATURE: Support underscores in int and
decimal ---- Update to version 1.2.0: FEATURE : Optional keys in mappings and
set value to None - with thanks to @wwoods.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 10 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> - 1.3.0-1
- Update to 1.3.0
* Sat Jan 2 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> - 1.2.0-1
- Update to version 1.2.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1912012 - python-strictyaml-1.2.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1912012
--------------------------------------------------------------------------------
================================================================================
xmakemol-5.16-10.el8 (FEDORA-EPEL-2021-af3d14df66)
Program for visualizing atomic and molecular systems
--------------------------------------------------------------------------------
Update Information:
First release in EPEL 8.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------