The following Fedora EPEL 9 Security updates need testing: Age URL 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-aafd7b2092 stb-0^20230129git5736b15-0.2.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
gnome-shell-extension-pop-shell-1.2.0^10.dcf17f3-1.el9 kbibtex-0.9.2-4.el9 python-makefun-1.14.0-1.el9 python-pyrate-limiter-2.9.1-1.el9 radare2-5.8.2-2.el9
Details about builds:
================================================================================ gnome-shell-extension-pop-shell-1.2.0^10.dcf17f3-1.el9 (FEDORA-EPEL-2023-555acad4ca) GNOME Shell extension for advanced tiling window management -------------------------------------------------------------------------------- Update Information:
Latest upstream snapshot. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 24 2023 Carl George carl@george.computer - 1.2.0^10.dcf17f3-1 - Update to upstream snapshot for GNOME 44 compatibility * Thu Jan 19 2023 Fedora Release Engineering releng@fedoraproject.org - 1.2.0^9.886a069-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ kbibtex-0.9.2-4.el9 (FEDORA-EPEL-2023-a21050e6bb) A BibTeX editor for KDE -------------------------------------------------------------------------------- Update Information:
Build for EPEL 9 -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 2 2021 Robin Lee cheeselee@fedoraproject.org - 0.9.2-4 - Fix requirement of devel subpackage (RHBZ#1919474) * Tue Jan 26 2021 Fedora Release Engineering releng@fedoraproject.org - 0.9.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Tue Jul 28 2020 Fedora Release Engineering releng@fedoraproject.org - 0.9.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Sat Jun 20 2020 Marie Loise Nolden loise@kde.org - 0.9.2-1 - Update to 0.9.2 * Mon May 18 2020 Pete Walter pwalter@fedoraproject.org - 0.9-6 - Rebuild for ICU 67 * Wed Jan 29 2020 Fedora Release Engineering releng@fedoraproject.org - 0.9-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Fri Jan 17 2020 Marek Kasik mkasik@redhat.com - 0.9-4 - Rebuild for poppler-0.84.0 * Fri Nov 1 2019 Pete Walter pwalter@fedoraproject.org - 0.9-3 - Rebuild for ICU 65 * Thu Jul 25 2019 Fedora Release Engineering releng@fedoraproject.org - 0.9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Mon Jun 10 2019 Robin Lee cheeselee@fedoraproject.org - 0.9-1 - Update to 0.9 --------------------------------------------------------------------------------
================================================================================ python-makefun-1.14.0-1.el9 (FEDORA-EPEL-2023-6f76a83d7c) Dynamically create python functions with a proper signature -------------------------------------------------------------------------------- Update Information:
Build for EPEL9 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jun 22 2022 Zbigniew J��drzejewski-Szmek zbyszek@in.waw.pl - 1.14.0-1 - Version 1.14.0 (rhbz#2099882) * Mon Jun 13 2022 Python Maint python-maint@redhat.com - 1.11.1-4 - Rebuilt for Python 3.11 * Fri Jan 21 2022 Fedora Release Engineering releng@fedoraproject.org - 1.11.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Fri Jul 23 2021 Fedora Release Engineering releng@fedoraproject.org - 1.11.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Fri Jun 4 2021 Python Maint python-maint@redhat.com - 1.6.11-6 - Rebuilt for Python 3.10 * Wed Jan 27 2021 Fedora Release Engineering releng@fedoraproject.org - 1.6.11-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Wed Jul 29 2020 Fedora Release Engineering releng@fedoraproject.org - 1.6.11-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2092139 - Please build python-makefun for EPEL9 https://bugzilla.redhat.com/show_bug.cgi?id=2092139 --------------------------------------------------------------------------------
================================================================================ python-pyrate-limiter-2.9.1-1.el9 (FEDORA-EPEL-2023-a41349a0b6) The request rate limiter using Leaky-bucket algorithm -------------------------------------------------------------------------------- Update Information:
Update to 2.9.1 ---- Update to 2.9.0 -------------------------------------------------------------------------------- ChangeLog:
* Sun Feb 26 2023 Benjamin A. Beasley code@musicinmybrain.net - 2.9.1-1 - Update to 2.9.1 * Tue Feb 21 2023 Steve Cossette farchord@gmail.com - 2.9.0-1 - Update to 2.9.0 --------------------------------------------------------------------------------
================================================================================ radare2-5.8.2-2.el9 (FEDORA-EPEL-2023-06f86f0ae3) The reverse engineering framework -------------------------------------------------------------------------------- Update Information:
fix sdb generation from messon ---- update to 5.8.2, fixes several CVE issues -------------------------------------------------------------------------------- ChangeLog:
* Sun Feb 26 2023 Michal Ambroz <rebus at, seznam.cz> 5.8.2-2 - cherrypick upstream patch for fixing the sdb generation from mesosn * Wed Jan 25 2023 Michal Ambroz <rebus at, seznam.cz> 5.8.2-1 - bump to 5.8.2 - fix CVE-2023-0302 , CVE-2023-0302 * Fri Jan 20 2023 Fedora Release Engineering releng@fedoraproject.org - 5.7.8-1.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Tue Aug 2 2022 Michal Ambroz <rebus at, seznam.cz> 5.7.8-1 - bump to 5.7.8 * Tue Aug 2 2022 Michal Ambroz <rebus at, seznam.cz> 5.7.6-1 - bump to 5.7.6 - cherrypicked patch for new libmagic from upstream - fix CVE-2022-34502 * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 5.6.8-1.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Thu Apr 21 2022 Henrik Nordstrom henrik@henriknordstrom.net - 5.6.8-1 - bump to 5.6.8 * Wed Apr 13 2022 Henrik Nordstrom henrik@henriknordstrom.net 5.6.6-2 - refresh list of bundled libraries and associated cleanup * Tue Apr 12 2022 Henrik Nordstrom henrik@henriknordstrom.net 5.6.6-2 - Fixes for CVE-2022-1061 CVE-2022-1207 CVE-2022-1237 CVE-2022-1238 CVE-2022-1240 CVE-2022-1244 CVE-2022-1283 CVE-2022-1284 CVE-2022-1296 CVE-2022-1297 * Tue Apr 12 2022 Henrik Nordstrom henrik@henriknordstrom.net 5.6.6-1 - bump to 5.6.6 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2086386 - CVE-2022-1714 radare2: Heap-based Buffer Overflow 4 byte oob read in msp430 disassembler [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2086386 [ 2 ] Bug #2089714 - CVE-2022-1809 radare2: use of uninitialized function pointer [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2089714 [ 3 ] Bug #2092820 - CVE-2021-44974 radare2: NULL pointer dereference when parsing binary symbols in bin_symbols.c [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2092820 [ 4 ] Bug #2092822 - CVE-2021-44975 radare2: Buffer Overflow while parsing mach-o executables via /libr/core/anal_objc.c [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2092822 [ 5 ] Bug #2092972 - CVE-2022-1899 radare2: out of bounds read in string_scan_range [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2092972 [ 6 ] Bug #2105005 - CVE-2022-1437 radare2: Heap-based Buffer Overflow in radare2 prior to 5.7.0 [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2105005 [ 7 ] Bug #2111326 - CVE-2022-34502 radare2: heap buffer overflow via the function consume_encoded_name_new at format/wasm/wasm.c [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2111326 [ 8 ] Bug #2113988 - CVE-2022-34520 radare2: NULL pointer dereference [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2113988 [ 9 ] Bug #2152391 - CVE-2022-4398 radare2: dev-util/radare2: integer overflow vulnerability [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2152391 [ 10 ] Bug #2170036 - syscall detection is broken https://bugzilla.redhat.com/show_bug.cgi?id=2170036 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org