The following Fedora EPEL 8 Security updates need testing: Age URL 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-2d9ad80d5c java-latest-openjdk-18.0.1.0.10-1.rolling.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
castxml-0.4.5-2.el8 lagrange-1.13.5-1.el8 needrestart-3.6-1.el8 remmina-1.4.26-2.el8 rubygem-git-1.11.0-1.el8 rubygem-rchardet-1.8.0-4.el8
Details about builds:
================================================================================ castxml-0.4.5-2.el8 (FEDORA-EPEL-2022-0ee447448c) C-family abstract syntax tree XML output tool -------------------------------------------------------------------------------- Update Information:
Rebuild for llvm/clang 13. -------------------------------------------------------------------------------- ChangeLog:
* Fri May 20 2022 Mattias Ellert mattias.ellert@physics.uu.se - 0.4.5-2 - Rebuild for llvm/clang 13 (EPEL 8) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2087619 - castxml package installation is failing with epel-release-8-13 https://bugzilla.redhat.com/show_bug.cgi?id=2087619 --------------------------------------------------------------------------------
================================================================================ lagrange-1.13.5-1.el8 (FEDORA-EPEL-2022-fd893610ad) A Beautiful Gemini Client -------------------------------------------------------------------------------- Update Information:
## 1.13.5 - Parent navigation assumes directory URL is equivalent to index page URL (e.g., "/path/" == "/path/index.gmi"): this now only applies to Gemini URLs, and checks for "index.gemini", too, as per Gemini Best Practices. - Fixed crash when determining the name of a ZIP file from a URL. - Fixed misparsing of URL to form the name of a downloaded file (%23 decoded too early). ## 1.13.4 - Spartan: Fixed opening URLs in other apps via operating system handlers. - Updated language strings. -------------------------------------------------------------------------------- ChangeLog:
* Thu May 19 2022 Michel Alexandre Salim salimma@fedoraproject.org 1.13.5-1 - Update to 1.13.5 * Mon May 9 2022 Michel Alexandre Salim salimma@fedoraproject.org 1.13.3-2 - Build with optional mp3 and webp support * Mon May 9 2022 Michel Alexandre Salim salimma@fedoraproject.org 1.13.3-1 - Update to 1.13.3 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2084254 - lagrange-1.13.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2084254 --------------------------------------------------------------------------------
================================================================================ needrestart-3.6-1.el8 (FEDORA-EPEL-2022-b991c4d1df) Restart daemons after library updates -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2022-30688 -------------------------------------------------------------------------------- ChangeLog:
* Thu May 19 2022 Marc Dequ��nes (Duck) duck@redhat.com - 3.6-1 - NUR * Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 3.5-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Thu Sep 23 2021 Miro Hron��ok mhroncok@redhat.com - 3.5-8 - Don't own /usr/lib/python3.X/site-packages * Thu Jul 22 2021 Fedora Release Engineering releng@fedoraproject.org - 3.5-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Fri Jun 4 2021 Python Maint python-maint@redhat.com - 3.5-6 - Rebuilt for Python 3.10 * Tue Mar 16 2021 Marc Dequ��nes (Duck) duck@redhat.com - 3.5-5 - move 'iucode-tool' to Recommends as it is not available in all architectures * Tue Jan 26 2021 Fedora Release Engineering releng@fedoraproject.org - 3.5-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Tue Jul 28 2020 Fedora Release Engineering releng@fedoraproject.org - 3.5-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2087660 - CVE-2022-30688 needrestart: local privilege escalation [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=2087660 [ 2 ] Bug #2087661 - CVE-2022-30688 needrestart: local privilege escalation [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2087661 --------------------------------------------------------------------------------
================================================================================ remmina-1.4.26-2.el8 (FEDORA-EPEL-2022-c444abc428) Remote Desktop Client -------------------------------------------------------------------------------- Update Information:
Various minor changes. - Add some missing BuildRequires for calrity. - Correctly disable spice plugin on EL9. ---- * Wed May 18 2022 Phil Wyett philip.wyett@kathenas.org - 1.4.26-1 - New upstream version 1.4.26. - New python plugin enabled. - Drop patches as no longer needed. - EL9 - Disable avahi-ui and avahi-ui-gtk support. - Disable libappindicator support. - Disable spice plugin. - Disable x2go plugin. -------------------------------------------------------------------------------- ChangeLog:
* Thu May 19 2022 Phil Wyett philip.wyett@kathenas.org - 1.4.26-2 - Add some missing BuildRequires for calrity. - Correctly disable spice plugin on EL9. * Wed May 18 2022 Phil Wyett philip.wyett@kathenas.org - 1.4.26-1 - New upstream version 1.4.26. - New python plugin enabled. - Drop patches as no longer needed. - EL9 - Disable avahi-ui and avahi-ui-gtk support. - Disable libappindicator support. - Disable spice plugin. - Disable x2go plugin. --------------------------------------------------------------------------------
================================================================================ rubygem-git-1.11.0-1.el8 (FEDORA-EPEL-2022-81ce78cd62) Ruby/Git is a Ruby library that can be used to create, read and manipulate Git repositories by wrapping system calls to the git binary -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2022-25648 -------------------------------------------------------------------------------- ChangeLog:
* Fri May 13 2022 Steve Traylen steve.traylen@cern.ch - 1.11.0-1 - Up to 1.11.0. CVE-2022-25648 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2076843 - CVE-2022-25648 ruby-git: package vulnerable to Command Injection via git argument injection https://bugzilla.redhat.com/show_bug.cgi?id=2076843 --------------------------------------------------------------------------------
================================================================================ rubygem-rchardet-1.8.0-4.el8 (FEDORA-EPEL-2022-7054ab4eed) Character encoding auto-detection in Ruby -------------------------------------------------------------------------------- Update Information:
First EPEL package -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 21 2022 Fedora Release Engineering releng@fedoraproject.org - 1.8.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Fri Jul 23 2021 Fedora Release Engineering releng@fedoraproject.org - 1.8.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Wed Jan 27 2021 Fedora Release Engineering releng@fedoraproject.org - 1.8.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Tue Sep 1 2020 Steve Traylen steve@traylen.net - 1.8.0-1 - Initial package --------------------------------------------------------------------------------