The following Fedora EPEL 8 Security updates need testing: Age URL 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-11f765300e singularity-3.6.3-1.el8 8 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-17fdec3133 zeromq-4.3.3-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
IP2Location-8.1.2-11.el8 chromium-85.0.4183.121-1.el8 icewm-1.8.3-1.el8 knot-3.0.0-2.el8 knot-resolver-5.1.3-4.el8 libprelude-5.2.0-1.el8 libpreludedb-5.2.0-1.el8 prelude-correlator-5.2.0-1.el8 prelude-lml-5.2.0-1.el8 prelude-lml-rules-5.2.0-1.el8 prelude-manager-5.2.0-1.el8 prewikka-5.2.0-1.el8 socialscan-1.3.0-1.el8 wad-0.4.5-1.el8
Details about builds:
================================================================================ IP2Location-8.1.2-11.el8 (FEDORA-EPEL-2020-ad267b0fc9) C library for mapping IP address to geolocation information -------------------------------------------------------------------------------- Update Information:
update version to 8.1.2 (soname: 2) ---- add additional Obsoletes/Provides/BuildRequires ---- subpackage data-sample: add suffix "SAMPLE" to included BIN files, fix file permissions ---- add patch to sync with upstream -------------------------------------------------------------------------------- ChangeLog:
--------------------------------------------------------------------------------
================================================================================ chromium-85.0.4183.121-1.el8 (FEDORA-EPEL-2020-1790461e43) A WebKit (Blink) powered web browser -------------------------------------------------------------------------------- Update Information:
Update to 85.0.4183.121. Why? Because security, that's why. It fixes these CVEs: CVE-2020-15960 CVE-2020-15961 CVE-2020-15962 CVE-2020-15963 CVE-2020-15964 CVE-2020-15965 CVE-2020-15966 It also has a fix for an issue where networking... uh... didn't. ---- Update Chromium to 85.0.4183.102. Fix issue where unpackaged components prevented hardware accelerated rendering from working. Also fixes the following security issues: CVE-2020-6573 CVE-2020-6574 CVE-2020-6575 CVE-2020-6576 CVE-2020-15959 -------------------------------------------------------------------------------- ChangeLog:
* Mon Sep 21 2020 Tom Callaway spot@fedoraproject.org - 85.0.4183.121-1 - update to 85.0.4183.121 - apply upstream fix for networking issue with CookieMonster * Tue Sep 8 2020 Tom Callaway spot@fedoraproject.org - 85.0.4183.102-1 - update to 85.0.4183.102 - install ANGLE so files (libEGL.so, libGLESv2.so) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1877090 - CVE-2020-6573 chromium-browser: Use after free in video https://bugzilla.redhat.com/show_bug.cgi?id=1877090 [ 2 ] Bug #1877091 - CVE-2020-6574 chromium-browser: Insufficient policy enforcement in installer https://bugzilla.redhat.com/show_bug.cgi?id=1877091 [ 3 ] Bug #1877093 - CVE-2020-6575 chromium-browser: Race in Mojo https://bugzilla.redhat.com/show_bug.cgi?id=1877093 [ 4 ] Bug #1877094 - CVE-2020-6576 chromium-browser: Use after free in offscreen canvas https://bugzilla.redhat.com/show_bug.cgi?id=1877094 [ 5 ] Bug #1877095 - CVE-2020-15959 chromium-browser: Insufficient policy enforcement in networking https://bugzilla.redhat.com/show_bug.cgi?id=1877095 [ 6 ] Bug #1881593 - CVE-2020-15960 chromium-browser: Out of bounds read in storage https://bugzilla.redhat.com/show_bug.cgi?id=1881593 [ 7 ] Bug #1881595 - CVE-2020-15961 chromium-browser: Insufficient policy enforcement in extensions https://bugzilla.redhat.com/show_bug.cgi?id=1881595 [ 8 ] Bug #1881596 - CVE-2020-15962 chromium-browser: Insufficient policy enforcement in serial https://bugzilla.redhat.com/show_bug.cgi?id=1881596 [ 9 ] Bug #1881597 - CVE-2020-15963 chromium-browser: Insufficient policy enforcement in extensions https://bugzilla.redhat.com/show_bug.cgi?id=1881597 [ 10 ] Bug #1881598 - CVE-2020-15965 chromium-browser: Out of bounds write in V8 https://bugzilla.redhat.com/show_bug.cgi?id=1881598 [ 11 ] Bug #1881599 - CVE-2020-15966 chromium-browser: Insufficient policy enforcement in extensions https://bugzilla.redhat.com/show_bug.cgi?id=1881599 [ 12 ] Bug #1881600 - CVE-2020-15964 chromium-browser: Insufficient data validation in media https://bugzilla.redhat.com/show_bug.cgi?id=1881600 --------------------------------------------------------------------------------
================================================================================ icewm-1.8.3-1.el8 (FEDORA-EPEL-2020-2f50fbf239) Window manager designed for speed, usability, and consistency -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 17 2020 Artem Polishchuk ego.cordatus@gmail.com - 1.8.3-1 - Update to 1.8.3 --------------------------------------------------------------------------------
================================================================================ knot-3.0.0-2.el8 (FEDORA-EPEL-2020-678df6e4c6) High-performance authoritative DNS server -------------------------------------------------------------------------------- Update Information:
Update Knot DNS to 3.0.0 and Knot Resolver to 5.1.3 in EPEL. -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 25 2020 Jakub Ru��i��ka jakub.ruzicka@nic.cz 3.0.0-2 - Rebuild * Thu Sep 10 2020 Jakub Ru��i��ka jakub.ruzicka@nic.cz 3.0.0-1 - New major upstream release 3.0.0 - Sync packaging from upstream * Wed Sep 2 2020 Jakub Ru��i��ka jakub.ruzicka@nic.cz 2.9.6-1 - Update to 2.9.6 --------------------------------------------------------------------------------
================================================================================ knot-resolver-5.1.3-4.el8 (FEDORA-EPEL-2020-678df6e4c6) Caching full DNS Resolver -------------------------------------------------------------------------------- Update Information:
Update Knot DNS to 3.0.0 and Knot Resolver to 5.1.3 in EPEL. -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 25 2020 Jakub Ru��i��ka jakub.ruzicka@nic.cz 5.1.3-4 - rebuild for new bodhi update * Thu Sep 24 2020 Jakub Ru��i��ka jakub.ruzicka@nic.cz 5.1.3-3 - rebuild for Knot DNS 3.0.0 * Wed Sep 23 2020 Jakub Ru��i��ka jakub.ruzicka@nic.cz 5.1.3-2 - rebuild for Knot DNS 3.0.0 * Tue Sep 8 2020 Jakub Ru��i��ka jakub.ruzicka@nic.cz 5.1.3-1 - update to upstream version 5.1.3 * Tue Jul 28 2020 Fedora Release Engineering releng@fedoraproject.org - 5.1.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ libprelude-5.2.0-1.el8 (FEDORA-EPEL-2020-3b4096daee) Secure Connections between all Sensors and the Prelude Manager -------------------------------------------------------------------------------- Update Information:
Bump version 5.2.0 -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 17 2020 Thomas Andrejak thomas.andrejak@gmail.com - 5.2.0-1 - Bump version 5.2.0 --------------------------------------------------------------------------------
================================================================================ libpreludedb-5.2.0-1.el8 (FEDORA-EPEL-2020-3b4096daee) Framework for easy access to the IDMEF database -------------------------------------------------------------------------------- Update Information:
Bump version 5.2.0 -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 17 2020 Thomas Andrejak thomas.andrejak@gmail.com - 5.2.0-1 - Bump version 5.2.0 --------------------------------------------------------------------------------
================================================================================ prelude-correlator-5.2.0-1.el8 (FEDORA-EPEL-2020-3b4096daee) Real time correlator of events received by Prelude Manager -------------------------------------------------------------------------------- Update Information:
Bump version 5.2.0 -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 17 2020 Thomas Andrejak thomas.andrejak@gmail.com - 5.2.0-1 - Bump version 5.2.0 --------------------------------------------------------------------------------
================================================================================ prelude-lml-5.2.0-1.el8 (FEDORA-EPEL-2020-3b4096daee) Log analyzer sensor with IDMEF output -------------------------------------------------------------------------------- Update Information:
Bump version 5.2.0 -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 17 2020 Thomas Andrejak thomas.andrejak@gmail.com - 5.2.0-1 - Bump version 5.2.0 --------------------------------------------------------------------------------
================================================================================ prelude-lml-rules-5.2.0-1.el8 (FEDORA-EPEL-2020-3b4096daee) Prelude LML community ruleset -------------------------------------------------------------------------------- Update Information:
Bump version 5.2.0 -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 17 2020 Thomas Andrejak thomas.andrejak@gmail.com - 5.2.0-1 - Bump version 5.2.0 --------------------------------------------------------------------------------
================================================================================ prelude-manager-5.2.0-1.el8 (FEDORA-EPEL-2020-3b4096daee) Bus communicator for Prelude modules and other IDMEF agents -------------------------------------------------------------------------------- Update Information:
Bump version 5.2.0 -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 17 2020 Thomas Andrejak thomas.andrejak@gmail.com - 5.2.0-1 - Bump version 5.2.0 --------------------------------------------------------------------------------
================================================================================ prewikka-5.2.0-1.el8 (FEDORA-EPEL-2020-3b4096daee) Graphical front-end analysis console for IDMEF -------------------------------------------------------------------------------- Update Information:
Bump version 5.2.0 -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 17 2020 Thomas Andrejak thomas.andrejak@gmail.com - 5.2.0-1 - Bump version 5.2.0 --------------------------------------------------------------------------------
================================================================================ socialscan-1.3.0-1.el8 (FEDORA-EPEL-2020-aa3c5c52da) CLI and library for usage checking of user names and email addresses -------------------------------------------------------------------------------- Update Information:
Update to latest upstream release 1.3.0 (#1882611) -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 25 2020 Fabian Affolter mail@fabian-affolter.ch - 1.3.0-1 - Update to latest upstream release 1.3.0 (#1882611) * Wed Jul 29 2020 Fedora Release Engineering releng@fedoraproject.org - 1.1.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1882611 - socialscan-1.3.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1882611 --------------------------------------------------------------------------------
================================================================================ wad-0.4.5-1.el8 (FEDORA-EPEL-2020-337ccc50e5) Tool for detecting technologies used by web applications -------------------------------------------------------------------------------- Update Information:
Update to latest upstream release 0.4.5 (#1882610) -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 25 2020 Fabian Affolter mail@fabian-affolter.ch - 0.4.5-1 - Update to latest upstream release 0.4.5 (#1882610) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1882610 - wad-0.4.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1882610 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org