The following Fedora EPEL 8 Security updates need testing:
Age URL
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-9d8794e452
ImageMagick-6.9.12.63-1.el8
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-73672e02b0
java-latest-openjdk-18.0.2.0.9-1.rolling.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
anope-2.0.11-1.el8
resalloc-4.7-1.el8
resalloc-openstack-9.3-1.el8
snakeyaml-1.32-1.el8
uglify-js3-3.17.1-1.el8
Details about builds:
================================================================================
anope-2.0.11-1.el8 (FEDORA-EPEL-2022-5655e8411e)
IRC services designed for flexibility and ease of use
--------------------------------------------------------------------------------
Update Information:
# Anope 2.0.11 * Fixed `m_ldap` on OpenLDAP 2.5+ * Fixed not using UTF-8
encoding for outgoing email * Fixed `ns_resetpass` not returning a response
for XMLRPC * Fixed some message params being sent as `<middle>` instead of
`<trailing>` * Fixed unsetting vhosts on unreal4 * Fixed username validity
checking on ircd-hybrid * Send the oper mode for services pseudoclients on
InspIRCd * Updated the pl_PL translation * Updated unreal4 for various
protocol changes
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 20 2022 Robert Scheck <robert(a)fedoraproject.org> 2.0.11-1
- Upgrade to 2.0.11
--------------------------------------------------------------------------------
================================================================================
resalloc-4.7-1.el8 (FEDORA-EPEL-2022-f04eb0b793)
Resource allocator for expensive resources - client tooling
--------------------------------------------------------------------------------
Update Information:
new upstream release:
https://github.com/praiskup/resalloc/releases/tag/v4.7
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 20 2022 Pavel Raiskup <praiskup(a)redhat.com> - 4.7-1
- new upstream release:
https://github.com/praiskup/resalloc/releases/tag/v4.7
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.6-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Wed Jun 29 2022 Jakub Kadlcik <frostyx(a)email.cz> - 4.6-2
- Add resalloc-selinux subpackage
* Wed Jun 29 2022 Jakub Kadlcik <frostyx(a)email.cz> - 4.6-1
- New upstream version:
https://github.com/praiskup/resalloc/releases/tag/v4.6
* Thu Jun 23 2022 Pavel Raiskup <praiskup(a)redhat.com> - 4.5-1
- New upstream version:
https://github.com/praiskup/resalloc/releases/tag/v4.5
* Wed Jun 22 2022 Jakub Kadlcik <python-maint(a)redhat.com> - 4.4-1
- New upstream version:
https://github.com/praiskup/resalloc/releases/tag/v4.4
* Tue Jun 14 2022 Python Maint <python-maint(a)redhat.com> - 4.3-2
- Rebuilt for Python 3.11
--------------------------------------------------------------------------------
================================================================================
resalloc-openstack-9.3-1.el8 (FEDORA-EPEL-2022-9e3c9164cb)
Resource allocator scripts for OpenStack
--------------------------------------------------------------------------------
Update Information:
- new upstream release - adjust cleaning-up with the new `cmd_list` Resalloc
feature - more pedantic cleanup of volumes ---- - new upstream release -
adjust cleaning-up with the new `cmd_list` Resalloc feature - more pedantic
cleanup of volumes
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 20 2022 Pavel Raiskup <praiskup(a)redhat.com> - 9.3-1
- new upstream release
- adjust cleaning-up with the new `cmd_list` Resalloc feature
- more pedantic cleanup of volumes
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 8-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Mon Jun 13 2022 Python Maint <python-maint(a)redhat.com> - 8-3
- Rebuilt for Python 3.11
* Fri Jan 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 8-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
snakeyaml-1.32-1.el8 (FEDORA-EPEL-2022-6a12c208cf)
YAML parser and emitter for Java
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2022-25857
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 16 2022 Severin Gehwolf <sgehwolf(a)redhat.com> - 1.32-1
- Update to latest upstream 1.32 release
- Resolves: CVE-2022-25857
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.27-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Fri Jul 8 2022 Jiri Vanek <jvanek(a)redhat.com> - 1.27-7
- Rebuilt for Drop i686 JDKs
* Sat Feb 5 2022 Jiri Vanek <jvanek(a)redhat.com> - 1.27-6
- Rebuilt for java-17-openjdk as system jdk
* Sat Jan 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.27-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2126792 - CVE-2022-25857 snakeyaml: Denial of Service due missing to nested
depth limitation for collections. [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2126792
--------------------------------------------------------------------------------
================================================================================
uglify-js3-3.17.1-1.el8 (FEDORA-EPEL-2022-790ed99747)
JavaScript parser, mangler/compressor and beautifier toolkit
--------------------------------------------------------------------------------
Update Information:
Uglify-JS 3.17.1
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 20 2022 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 3.17.1-1
- Update to 3.17.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2103532 - uglify-js-3.17.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2103532
--------------------------------------------------------------------------------