The following Fedora EPEL 8 Security updates need testing:
Age URL
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-3a1aaec707
pngcheck-2.4.0-8.el8
11
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-b308580516
perl-Image-ExifTool-12.16-3.el8
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-bbc31e5925
java-latest-openjdk-16.0.1.0.9-1.rolling.el8
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-33433b2f22
python-yara-4.1.0-1.el8 yara-4.1.0-1.el8
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-a3a4866065
libopenmpt-0.5.8-1.el8
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-9be66bdb10
python-markdown2-2.4.0-1.el8
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-e8421e33b3
chromium-90.0.4430.93-1.el8
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-e393e03d96
screen-4.6.2-12.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
audacious-plugins-4.0.5-4.el8
knot-resolver-5.3.2-1.el8
libQGLViewer-2.6.4-6.el8
python-impacket-0.9.22-3.el8
qsynth-0.9.2-2.el8
Details about builds:
================================================================================
audacious-plugins-4.0.5-4.el8 (FEDORA-EPEL-2021-53c566e0a6)
Plugins for the Audacious audio player
--------------------------------------------------------------------------------
Update Information:
Rebuilds of qsynth and audacious-plugins due to an unannounced soname bump in
fluidsynth. ---- Update to version 0.9.2
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 7 2021 Carl George <carl(a)george.computer> - 4.0.5-4
- Rebuilt for fluidsynth soname bump rhbz#1958008
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1958008 - fluidsynth-libs: incompatible upgrade from libfluidsynth.so.1 to
libfluidsynth.so.2 (EPEL8)
https://bugzilla.redhat.com/show_bug.cgi?id=1958008
--------------------------------------------------------------------------------
================================================================================
knot-resolver-5.3.2-1.el8 (FEDORA-EPEL-2021-8c1b6be34d)
Caching full DNS Resolver
--------------------------------------------------------------------------------
Update Information:
new upstream release 5.3.2
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 7 2021 Jakub Ru��i��ka <jakub.ruzicka(a)nic.cz> - 5.3.2-1
- update to upstream version 5.3.2
--------------------------------------------------------------------------------
================================================================================
libQGLViewer-2.6.4-6.el8 (FEDORA-EPEL-2021-9e807a3ab7)
Qt based OpenGL generic 3D viewer library
--------------------------------------------------------------------------------
Update Information:
Introduce libQGLViewer into EPEL8
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
python-impacket-0.9.22-3.el8 (FEDORA-EPEL-2021-80b9d6d879)
Collection of Python classes providing access to network packets
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2021-31800 - #1957428, #1957427 - fix path traversal in
smbserver.py ---- Updated to new upstream release 0.9.22
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 7 2021 Michal Ambroz <rebus _AT seznam.cz> - 0.9.22-3
- fix CVE-2021-31800 - #1957428, #1957427 during 0.9.22 lifecycle
* Sun May 2 2021 Michal Ambroz <rebus _AT seznam.cz> - 0.9.22-2
- fix dependencies for EPEL7 as of #1893859
* Wed Apr 14 2021 Michal Ambroz <rebus _AT seznam.cz> - 0.9.22-1
- Updated to new upstream release 0.9.22
- modernize specfile with bconds
- upstream patch for python39 compatibility (needed for FC34+)
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.9.21-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Jul 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.9.21-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue May 26 2020 Miro Hron��ok <mhroncok(a)redhat.com> - 0.9.21-6
- Rebuilt for Python 3.9
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1957426 - CVE-2021-31800 python-impacket: Multiple path traversal
vulnerabilities in smbserver.py
https://bugzilla.redhat.com/show_bug.cgi?id=1957426
--------------------------------------------------------------------------------
================================================================================
qsynth-0.9.2-2.el8 (FEDORA-EPEL-2021-53c566e0a6)
Qt based Fluidsynth GUI front end
--------------------------------------------------------------------------------
Update Information:
Rebuilds of qsynth and audacious-plugins due to an unannounced soname bump in
fluidsynth. ---- Update to version 0.9.2
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 7 2021 Carl George <carl(a)george.computer> - 0.9.2-2
- Rebuilt for fluidsynth soname bump rhbz#1958008
* Sun Mar 14 2021 Christoph Karl <pampelmuse [AT] gmx [DOT] at> - 0.9.2-1
- Update to new version 0.9.2
* Sun Feb 7 2021 Christoph Karl <pampelmuse [AT] gmx [DOT] at> - 0.9.1-1
- Update to new version 0.9.1
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.9.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Dec 23 2020 Christoph Karl <pampelmuse [AT] gmx [DOT] at> - 0.9.0-1
- Update to new version 0.9.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1958008 - fluidsynth-libs: incompatible upgrade from libfluidsynth.so.1 to
libfluidsynth.so.2 (EPEL8)
https://bugzilla.redhat.com/show_bug.cgi?id=1958008
--------------------------------------------------------------------------------