--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2020-ebecd0eb91
2020-06-01 01:01:15.594238
--------------------------------------------------------------------------------
Name : coturn
Product : Fedora EPEL 7
Version : 4.5.1.2
Release : 1.el7
URL : https://github.com/coturn/coturn/
Summary : TURN/STUN & ICE Server
Description :
The Coturn TURN Server is a VoIP media traffic NAT traversal server and gateway.
It can be used as a general-purpose network traffic TURN server/gateway, too.
This implementation also includes some extra features. Supported RFCs:
TURN specs:
- RFC 5766 - base TURN specs
- RFC 6062 - TCP relaying TURN extension
- RFC 6156 - IPv6 extension for TURN
- Experimental DTLS support as client protocol.
STUN specs:
- RFC 3489 - "classic" STUN
- RFC 5389 - base "new" STUN specs
- RFC 5769 - test vectors for STUN protocol testing
- RFC 5780 - NAT behavior discovery support
The implementation fully supports the following client-to-TURN-server protocols:
- UDP (per RFC 5766)
- TCP (per RFC 5766 and RFC 6062)
- TLS (per RFC 5766 and RFC 6062); TLS1.0/TLS1.1/TLS1.2
- DTLS (experimental non-standard feature)
Supported relay protocols:
- UDP (per RFC 5766)
- TCP (per RFC 6062)
Supported user databases (for user repository, with passwords or keys, if
authentication is required):
- SQLite
- MySQL
- PostgreSQL
- Redis
Redis can also be used for status and statistics storage and notification.
Supported TURN authentication mechanisms:
- long-term
- TURN REST API (a modification of the long-term mechanism, for time-limited
secret-based authentication, for WebRTC applications)
The load balancing can be implemented with the following tools (either one or a
combination of them):
- network load-balancer server
- DNS-based load balancing
- built-in ALTERNATE-SERVER mechanism.
--------------------------------------------------------------------------------
Update Information:
Coturn 4.5.1.2 ============== - merge regression fix: * Do not display
empty CLI passwd alert if CLI is not enabled - merge PR #359: * Remove
`turn_free_simple()` * Remove `turn_malloc()` * Remove `turn_realloc()`
* Remove `turn_free()` * Remove `turn_calloc()` * Remove `turn_strdup()`
* Remove `SSL_NEW()` and `SSL_FREE()` * Remove pointer debugging machinery
* Remove `ns_bzero()`, `ns_bcopy()`, and `ns_bcmp()` * Remove
`[su]{08,16,32,64}bits` type defines - merge PR #327 * Strip white-spaces
from config file lines end - merge PR #386 * fix the webadmin ip
permission add/delete sql injection - merge PR #390 * fix mongo driver
crash when invalid connection string is used - merge PR #392 enhanced fread
return length check - merge PR #367 disconnect database gracefully - merge
PR #382 * Using `SSL_get_version` method for BoringSSL compatibility *
Now we put in `turn_session_info->tls_method` the real TLS version. Earlier we
put UNKNOWN in this field if it was a TLS protocol that was not defined
supportel TLS protocol during compile time. - merge PR #276 Add systemd
service example - merge PR #284 Add bandwidth usage reporting packet/bandwidth
usage by peers - merge PR #381 Modifying configure to enable compile with
private libraries - merge PR #455 Typo corrected - merge PR #417 Append only
to log files rather to override them - merge PR #442 Updated incorrect string
length check for 'ssh' - merge PR #449 Fix Dockerfile for latest Debian -
http server NULL dereference * Reported (by quarkslab.com, cisco/talos)
* CVE-2020-6061 / TALOS-2020-0984 - http server out of bound read *
Reported (by quarkslab.com, cisco/talos) * CVE-2020-6061 / TALOS-2020-0984
- merge PR #472 STUN input validation - merge PR #398 FIPS - merge PR #478
prod - merge PR #463 fix typos and grammar - update travis config ubuntu/mac
images - merge PR #466 added null check for second char - merge PR #470
compiler warning fixes - merge PR #475 Update `README.docker` - merge PR
#471 Fix a memory leak when an SHATYPE isn't supported - merge PR #488 Fix
typos about `INSTALL` filenames - fix compiler warning comparison between
signed and unsigned integer expressions - fix compiler warning string
truncation - change Diffie Hellman default key length from 1066 to 2066 -
merge PR #522 drop of supplementary group IDs - merge PR #514 Unify spelling
of Coturn - merge PR#506 Rename "prod" config option to "no-software-
attribute" - merge PR #519 fix config extension in `README.docker` - merge
PR #516 change sql data dir in `docker-compose-all.yml` - merge PR #513 remove
trailing spaces from `README`s - merge PR #525 add flags to disable periodic
use of dynamic tables
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 16 2020 Robert Scheck <robert(a)fedoraproject.org> - 4.5.1.2-1
- Update to 4.5.1.2
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update coturn' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2020-5bd056a025
2020-06-01 01:01:15.594219
--------------------------------------------------------------------------------
Name : librsync
Product : Fedora EPEL 7
Version : 2.3.0
Release : 1.el7
URL : https://librsync.github.io/
Summary : Rsync remote-delta algorithm library
Description :
librsync is a library for calculating and applying network deltas, with an
interface designed to ease integration into diverse network applications.
librsync encapsulates the core algorithms of the rsync protocol, which help
with efficient calculation of the differences between two files. The rsync
algorithm is different from most differencing algorithms because it does not
require the presence of the two files to calculate the delta. Instead, it
requires a set of checksums of each block of one file, which together form a
signature for that file. Blocks at any in the other file which have the same
checksum are likely to be identical, and whatever remains is the difference.
--------------------------------------------------------------------------------
Update Information:
librsync 2.3.0 ============== * Bump minor version from 2.2.1 to 2.3.0 to
reflect additional `rs_sig_args()` and `strong_len=-1` support. * Add public
`rs_sig_args()` function for getting the recommend signature args from the file
size. Added support to rdiff for `--sum-size=-1` to indicate "use minimum size
safe against random block collisions". Added warning output for sum-sizes that
are too small to be safe. Fixed possible rdiff bug affecting popt parsing on
non-little-endian platforms. * Fixed yet more compiler warnings for various
platforms/compilers. * Improved cmake popt handling to find popt dependencies
using PkgConfig. * Tidied internal code and improved tests for `netint.[ch]`,
`tube.c`, and `hashtable.h`. * Improved C99 compatibility. Add `-std=c99
-pedantic` to `CMAKE_C_FLAGS` for gcc and clang. Fix all C99 warnings by making
all code C99 compliant. Tidy all CMake checks, #cmakedefines, and #includes. Fix
64bit support for mdfour checksums. * Usage clarified in rdiff (1) man page.
librsync 2.2.1 ============== * Fix #176 hangs calculating deltas for files
larger than 4GB. librsync 2.2.0 ============== * Bump minor version from
2.1.0 to 2.2.0 to reflect additional RabinKarp rollsum support. * Fix MSVC
builds by adding missing `LIBRSYNC_EXPORT` to variables in `librsync.h`, add
`-DLIBRSYNC_STATIC_DEFINE` to the sumset_test target, and correctly install
`.dll` files in the bin directory. * Add RabinKarp rollsum support and make it
the default. RabinKarp is a much better rolling hash, which reduces the risk of
hash collision corruption and speeds up delta calculations. The rdiff cmd gets a
new `-R (rollsum|rabinkarp)` argument with the default being `rabinkarp`, Use
`-R rollsum` to generate backwards-compatible signatures. * Use single-byte
literal commands for small inserts in deltas. This makes each small insert use 1
less byte in deltas. * Fix multiple warnings (cross-)compiling for windows.
* Change `rs_file_size()` to report -1 instead of 0 for unknown file sizes (not
a regular file). * Add cmake `BUILD_SHARED_LIBS` option for static library
support. `BUILD_SHARED_LIBS` defaults to `ON`, and can be set to `OFF` using
`ccmake .` to build librsync as a static library. * Fix compile errors and add
`.gitignore` entries for MSVS 2019. Fixes `hashtable.h` to be C99 compliant.
librsync 2.1.0 ============== * Bump minor version from 2.0.3 to 2.1.0 to
reflect additions to `librsync.h`. * Fix exporting of private symbols from
librsync library. Add export of useful large file functions `rs_file_open()`,
`rs_file_close()`, and `rs_file_size()` to `librsync.h`. Add export of
`rs_signature_log_stats()` to log signature hashtable hit/miss stats. Improve
rdiff error output. * Updated release process to include stable tarballs. *
Remove redundant and broken `--paranoia` argument from rdiff. * Fix memory
leak of `rs_signature_t->block_sigs` when freeing signatures. * Document delta
file format. * Fix up doxygen comments.
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 16 2020 Robert Scheck <robert(a)fedoraproject.org> 2.3.0-1
- Upgrade to 2.3.0
* Wed Jan 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.0.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update librsync' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2020-4cb6f7796b
2020-06-01 01:01:15.594195
--------------------------------------------------------------------------------
Name : python-regex
Product : Fedora EPEL 7
Version : 2020.5.14
Release : 1.el7
URL : https://bitbucket.org/mrabarnett/mrab-regex
Summary : Alternative regular expression module, to replace re
Description :
This new regex implementation is intended eventually to replace
Python's current re module implementation.
For testing and comparison with the current 're' module the new
implementation is in the form of a module called 'regex'.
--------------------------------------------------------------------------------
Update Information:
Update to 2020.5.14.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 15 2020 Thomas Moschny <thomas.moschny(a)gmx.de> - 2020.5.14-1
- Update to 2020.5.14.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update python-regex' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2020-134c471656
2020-06-01 01:01:15.594084
--------------------------------------------------------------------------------
Name : json-c12
Product : Fedora EPEL 7
Version : 0.12.1
Release : 4.el7
URL : https://github.com/json-c/json-c
Summary : JSON implementation in C (0.12 compatibility package)
Description :
JSON-C implements a reference counting object model that allows you
to easily construct JSON objects in C, output them as JSON formatted
strings and parse JSON formatted strings back into the C representation
of JSON objects. It aims to conform to RFC 7159.
--------------------------------------------------------------------------------
Update Information:
- Fix CVE-2020-12762. - Drop the unneeded `%pretrans` scriptlet.
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 16 2020 Bj��rn Esser <besser82(a)fedoraproject.org> - 0.12.1-4
- Drop the unneeded %pretrans scriptlet
* Fri May 15 2020 Bj��rn Esser <besser82(a)fedoraproject.org> - 0.12.1-3
- Fix CVE-2020-12762
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1835253 - CVE-2020-12762 json-c: integer overflow and out-of-bounds write via a large JSON file
https://bugzilla.redhat.com/show_bug.cgi?id=1835253
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update json-c12' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2020-ce63786ca8
2020-06-01 00:49:01.783092
--------------------------------------------------------------------------------
Name : epel-rpm-macros
Product : Fedora EPEL 6
Version : 6
Release : 22
URL : http://download.fedoraproject.org/pub/epel
Summary : Extra Packages for Enterprise Linux RPM macros
Description :
This package contains some RPM macros which minimize the differences in the
packaging process between Fedora and EPEL.
--------------------------------------------------------------------------------
Update Information:
Update with added gpgverify macros. Fixes bug #1830646
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 16 2020 Kevin Fenzi <kevin(a)scrye.com> - 6-22
- Update with added gpgverify macros. Fixes bug #1830646
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1830646 - Add gpgverify for EL6
https://bugzilla.redhat.com/show_bug.cgi?id=1830646
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update epel-rpm-macros' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2020-1ecde69722
2020-06-01 00:49:01.783078
--------------------------------------------------------------------------------
Name : librsync
Product : Fedora EPEL 6
Version : 2.3.0
Release : 1.el6
URL : https://librsync.github.io/
Summary : Rsync remote-delta algorithm library
Description :
librsync is a library for calculating and applying network deltas, with an
interface designed to ease integration into diverse network applications.
librsync encapsulates the core algorithms of the rsync protocol, which help
with efficient calculation of the differences between two files. The rsync
algorithm is different from most differencing algorithms because it does not
require the presence of the two files to calculate the delta. Instead, it
requires a set of checksums of each block of one file, which together form a
signature for that file. Blocks at any in the other file which have the same
checksum are likely to be identical, and whatever remains is the difference.
--------------------------------------------------------------------------------
Update Information:
librsync 2.3.0 ============== * Bump minor version from 2.2.1 to 2.3.0 to
reflect additional `rs_sig_args()` and `strong_len=-1` support. * Add public
`rs_sig_args()` function for getting the recommend signature args from the file
size. Added support to rdiff for `--sum-size=-1` to indicate "use minimum size
safe against random block collisions". Added warning output for sum-sizes that
are too small to be safe. Fixed possible rdiff bug affecting popt parsing on
non-little-endian platforms. * Fixed yet more compiler warnings for various
platforms/compilers. * Improved cmake popt handling to find popt dependencies
using PkgConfig. * Tidied internal code and improved tests for `netint.[ch]`,
`tube.c`, and `hashtable.h`. * Improved C99 compatibility. Add `-std=c99
-pedantic` to `CMAKE_C_FLAGS` for gcc and clang. Fix all C99 warnings by making
all code C99 compliant. Tidy all CMake checks, #cmakedefines, and #includes. Fix
64bit support for mdfour checksums. * Usage clarified in rdiff (1) man page.
librsync 2.2.1 ============== * Fix #176 hangs calculating deltas for files
larger than 4GB. librsync 2.2.0 ============== * Bump minor version from
2.1.0 to 2.2.0 to reflect additional RabinKarp rollsum support. * Fix MSVC
builds by adding missing `LIBRSYNC_EXPORT` to variables in `librsync.h`, add
`-DLIBRSYNC_STATIC_DEFINE` to the sumset_test target, and correctly install
`.dll` files in the bin directory. * Add RabinKarp rollsum support and make it
the default. RabinKarp is a much better rolling hash, which reduces the risk of
hash collision corruption and speeds up delta calculations. The rdiff cmd gets a
new `-R (rollsum|rabinkarp)` argument with the default being `rabinkarp`, Use
`-R rollsum` to generate backwards-compatible signatures. * Use single-byte
literal commands for small inserts in deltas. This makes each small insert use 1
less byte in deltas. * Fix multiple warnings (cross-)compiling for windows.
* Change `rs_file_size()` to report -1 instead of 0 for unknown file sizes (not
a regular file). * Add cmake `BUILD_SHARED_LIBS` option for static library
support. `BUILD_SHARED_LIBS` defaults to `ON`, and can be set to `OFF` using
`ccmake .` to build librsync as a static library. * Fix compile errors and add
`.gitignore` entries for MSVS 2019. Fixes `hashtable.h` to be C99 compliant.
librsync 2.1.0 ============== * Bump minor version from 2.0.3 to 2.1.0 to
reflect additions to `librsync.h`. * Fix exporting of private symbols from
librsync library. Add export of useful large file functions `rs_file_open()`,
`rs_file_close()`, and `rs_file_size()` to `librsync.h`. Add export of
`rs_signature_log_stats()` to log signature hashtable hit/miss stats. Improve
rdiff error output. * Updated release process to include stable tarballs. *
Remove redundant and broken `--paranoia` argument from rdiff. * Fix memory
leak of `rs_signature_t->block_sigs` when freeing signatures. * Document delta
file format. * Fix up doxygen comments.
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 16 2020 Robert Scheck <robert(a)fedoraproject.org> 2.3.0-1
- Upgrade to 2.3.0
* Wed Jan 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.0.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update librsync' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2020-3b6f367376
2020-06-01 00:49:01.783057
--------------------------------------------------------------------------------
Name : python-regex
Product : Fedora EPEL 6
Version : 2020.5.14
Release : 1.el6
URL : https://bitbucket.org/mrabarnett/mrab-regex
Summary : Alternative regular expression module, to replace re
Description :
This new regex implementation is intended eventually to replace
Python's current re module implementation.
For testing and comparison with the current 're' module the new
implementation is in the form of a module called 'regex'.
--------------------------------------------------------------------------------
Update Information:
Update to 2020.5.14.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 15 2020 Thomas Moschny <thomas.moschny(a)gmx.de> - 2020.5.14-1
- Update to 2020.5.14.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update python-regex' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2020-d5bbc97415
2020-06-01 00:49:01.782810
--------------------------------------------------------------------------------
Name : json-c12
Product : Fedora EPEL 6
Version : 0.12.1
Release : 4.el6
URL : https://github.com/json-c/json-c
Summary : JSON implementation in C (0.12 compatibility package)
Description :
JSON-C implements a reference counting object model that allows you
to easily construct JSON objects in C, output them as JSON formatted
strings and parse JSON formatted strings back into the C representation
of JSON objects. It aims to conform to RFC 7159.
--------------------------------------------------------------------------------
Update Information:
- Fix CVE-2020-12762. - Drop the unneeded `%pretrans` scriptlet.
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 16 2020 Bj��rn Esser <besser82(a)fedoraproject.org> - 0.12.1-4
- Drop the unneeded %pretrans scriptlet
* Fri May 15 2020 Bj��rn Esser <besser82(a)fedoraproject.org> - 0.12.1-3
- Fix CVE-2020-12762
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1835253 - CVE-2020-12762 json-c: integer overflow and out-of-bounds write via a large JSON file
https://bugzilla.redhat.com/show_bug.cgi?id=1835253
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update json-c12' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------