The following Fedora EPEL 7 Security updates need testing:
Age URL
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-0b707dda92
chromium-110.0.5481.77-1.el7
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-1eae057392
apptainer-1.1.6-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
apachetop-0.23.2-1.el7
baresip-2.12.0-1.el7
clamav-0.103.8-1.el7
distribution-gpg-keys-1.84-1.el7
libre-2.12.0-1.el7
librem-2.12.0-1.el7
mock-core-configs-36.16-1.el7
sasutils-0.4.0-1.el7
Details about builds:
================================================================================
apachetop-0.23.2-1.el7 (FEDORA-EPEL-2023-ca57ff2a03)
Top-like display of Apache logs
--------------------------------------------------------------------------------
Update Information:
# ApacheTop 0.23.2 (15th February, 2023) * Switch to PCRE2, `--with-
pcre2=<path>` * Fix for c++17 * Fix a potential segfault, if regex is not
valid * If regex is not valid, treat the input as literal string
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 17 2023 Robert Scheck <robert(a)fedoraproject.org> - 0.23.2-1
- Upgrade to 0.23.2
- Switch from deprecated pcre to pcre2 (#2128271)
* Wed Jan 18 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.19.7-9
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Wed Jul 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.19.7-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Wed Jan 19 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.19.7-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Wed Jul 21 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.19.7-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.19.7-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Mon Jul 27 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.19.7-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jan 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.19.7-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Wed Jul 24 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.19.7-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2128271 - Please port your pcre dependency to pcre2. Pcre has been
deprecated
https://bugzilla.redhat.com/show_bug.cgi?id=2128271
--------------------------------------------------------------------------------
================================================================================
baresip-2.12.0-1.el7 (FEDORA-EPEL-2023-8ee1e41505)
Modular SIP user-agent with audio and video support
--------------------------------------------------------------------------------
Update Information:
# Baresip 2.12.0 (2023-02-15) - call: default status code for rejecting
incoming calls - dtls_srtp: enable single DTLS connection mode - ci: try to
fix flaky azure mirrors - cmake/pulse: Remove pulse-simple library lookup -
webrtc_aecm: use C11 mutex - pulse: replace obsolete string pulse_async (makes
baresip PipeWire compatible) - vidpacket: add keyframe flag - av1: use
keyframe instead of new-flag - av1: fix warnings - make rtcp interval
configureable - sndio: remove deprecated module - PRACK refactoring - ci:
merge build and cmake - menu: ringback/early audio handling for parallel calls
- magic: use C99 func macro - stream: remove `stream_decode` from internal API
- use `RE_ARRAY_SIZE()` macro - cmake: link `RESOLV_LIBRARY` - ci/build: fix
Ubuntu 22.04 workaround - avcapture: use `RE_ARRAY_SIZE` macro - pulse: remove
obsolete doxygen note to be experimental - gtk: return NULL on `mtx_init() !=
thrd_success` - ci: add libgtk-3-dev to build GTK+ 3 module - event: missing
class name case for `RTPESTAB` event - ci: add sanitizers - bump version
numbers to 2.12.0 # librem v2.12.0 (2023-02-15) - cmake: increment required
version - aubuf/ajb: reset reference timestamp if skew is too high - ci:
rename ccheck to lint - Use Ninja as CMake generator - use `RE_ARRAY_SIZE` -
fix doxygen warnings - bump version numbers to 2.12.0 # libre v2.12.0
(2023-02-15) - tls: remove `ifdef DTLS_CTRL_HANDLE_TIMEOUT` - cmake:
increment required version - dtls: add logging of DTLS packet content-type -
dtls: add single connection mode - ice: reduce conncheck start timer -
async,main: make `re_thread_async` itself thread safe - av1: remove old
packetizer - av1: fix chrome interop - av1: minor cleanups - trace: fix new
json start - make rtcp interval configureable - sa: proposal to always enable
`struct sockaddr_in6` - ci: rename ccheck to lint - ci: extend coverage test
with retest+select - main: remove poll support - ci: use Ninja as CMake
generator - ci/abi: fix abidiff paths - PRACK refactoring - types: add `RE_`
prefix to `ARRAY_SIZE()` - cmake: add `USE_TRACE` option (default `OFF`) - add
re prefix - tcp: add `RE_TCP_BACKLOG` - Fix doxygen warnings - mbuf: docs and
setters/getters - tcp,cmake: use `accept4` if supported - tcp: remove
`SO_LINGER` socket option - rtcp: update documentation - tcp: check `SO_ERROR`
only for active connections - cmake: add `HAVE_RESOLV` - hash: add
`hash_debug` - list: improve list_apply performance - rtp: add doxygen
comments - rtp: extra dox for `rtcp_encode` - ci: add thread and address
sanitizer - Do not change glibc feature selection macros in unsupported ways -
auth: replace `ETIME` with `ETIMEDOUT` - cmake: add min. OpenSSL 1.1.0 version
requirement - ci: fix flaky azure mirrors - tls: remove obsolete openssl
version check and fix libressl build - ci/ssl: fix openssl root dir - main:
add `re_thread_async_main` for `re_global` only - atomic: fix win32 atomic load
const warnings - atomic: fix `__iso_volatile_load64` deref - bump version
numbers to 2.12.0
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 18 2023 Robert Scheck <robert(a)fedoraproject.org> 2.12.0-1
- Upgrade to 2.12.0 (#2170292)
* Wed Feb 15 2023 Tom Callaway <spot(a)fedoraproject.org> - 2.11.0-3
- rebuild for libvpx
* Wed Jan 18 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.11.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2170292 - baresip-2.12.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2170292
[ 2 ] Bug #2170480 - libre-2.12.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2170480
[ 3 ] Bug #2170481 - librem-2.12.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2170481
--------------------------------------------------------------------------------
================================================================================
clamav-0.103.8-1.el7 (FEDORA-EPEL-2023-ef27d9fd2b)
End-user tools for the Clam Antivirus scanner
--------------------------------------------------------------------------------
Update Information:
ClamAV 0.103.8 is a critical patch release with the following fixes: *
CVE-2023-20032<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023...;:
Fixed a possible remote code execution vulnerability in the HFS+ file parser.
The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7
and earlier. Thank you to Simon Scannell for reporting this issue. *
CVE-2023-20052<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023...;:
Fixed a possible remote information leak vulnerability in the DMG file parser.
The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7
and earlier. Thank you to Simon Scannell for reporting this issue.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 17 2023 Orion Poplawski <orion(a)nwra.com> - 0.103.8-1
- Update to 0.103.8
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2170570 - Please build ClamAV 0.103.8 for EL7
https://bugzilla.redhat.com/show_bug.cgi?id=2170570
--------------------------------------------------------------------------------
================================================================================
distribution-gpg-keys-1.84-1.el7 (FEDORA-EPEL-2023-ac2ba90d12)
GPG keys of various Linux distributions
--------------------------------------------------------------------------------
Update Information:
- add tumbleweed key - Added RPM Fusion keys for Fedora 39. - update copr keys -
add elastic gpg key
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 16 2023 Miroslav Such�� <msuchy(a)redhat.com> 1.84-1
- add tumbleweed key
- Added RPM Fusion keys for Fedora 39.
- update copr keys
- add elastic gpg key
* Thu Feb 16 2023 Miroslav Such�� <msuchy(a)redhat.com>
- add tumbleweed key
- Added RPM Fusion keys for Fedora 39.
- update copr keys
- add elastic gpg key
--------------------------------------------------------------------------------
================================================================================
libre-2.12.0-1.el7 (FEDORA-EPEL-2023-8ee1e41505)
Generic library for real-time communications
--------------------------------------------------------------------------------
Update Information:
# Baresip 2.12.0 (2023-02-15) - call: default status code for rejecting
incoming calls - dtls_srtp: enable single DTLS connection mode - ci: try to
fix flaky azure mirrors - cmake/pulse: Remove pulse-simple library lookup -
webrtc_aecm: use C11 mutex - pulse: replace obsolete string pulse_async (makes
baresip PipeWire compatible) - vidpacket: add keyframe flag - av1: use
keyframe instead of new-flag - av1: fix warnings - make rtcp interval
configureable - sndio: remove deprecated module - PRACK refactoring - ci:
merge build and cmake - menu: ringback/early audio handling for parallel calls
- magic: use C99 func macro - stream: remove `stream_decode` from internal API
- use `RE_ARRAY_SIZE()` macro - cmake: link `RESOLV_LIBRARY` - ci/build: fix
Ubuntu 22.04 workaround - avcapture: use `RE_ARRAY_SIZE` macro - pulse: remove
obsolete doxygen note to be experimental - gtk: return NULL on `mtx_init() !=
thrd_success` - ci: add libgtk-3-dev to build GTK+ 3 module - event: missing
class name case for `RTPESTAB` event - ci: add sanitizers - bump version
numbers to 2.12.0 # librem v2.12.0 (2023-02-15) - cmake: increment required
version - aubuf/ajb: reset reference timestamp if skew is too high - ci:
rename ccheck to lint - Use Ninja as CMake generator - use `RE_ARRAY_SIZE` -
fix doxygen warnings - bump version numbers to 2.12.0 # libre v2.12.0
(2023-02-15) - tls: remove `ifdef DTLS_CTRL_HANDLE_TIMEOUT` - cmake:
increment required version - dtls: add logging of DTLS packet content-type -
dtls: add single connection mode - ice: reduce conncheck start timer -
async,main: make `re_thread_async` itself thread safe - av1: remove old
packetizer - av1: fix chrome interop - av1: minor cleanups - trace: fix new
json start - make rtcp interval configureable - sa: proposal to always enable
`struct sockaddr_in6` - ci: rename ccheck to lint - ci: extend coverage test
with retest+select - main: remove poll support - ci: use Ninja as CMake
generator - ci/abi: fix abidiff paths - PRACK refactoring - types: add `RE_`
prefix to `ARRAY_SIZE()` - cmake: add `USE_TRACE` option (default `OFF`) - add
re prefix - tcp: add `RE_TCP_BACKLOG` - Fix doxygen warnings - mbuf: docs and
setters/getters - tcp,cmake: use `accept4` if supported - tcp: remove
`SO_LINGER` socket option - rtcp: update documentation - tcp: check `SO_ERROR`
only for active connections - cmake: add `HAVE_RESOLV` - hash: add
`hash_debug` - list: improve list_apply performance - rtp: add doxygen
comments - rtp: extra dox for `rtcp_encode` - ci: add thread and address
sanitizer - Do not change glibc feature selection macros in unsupported ways -
auth: replace `ETIME` with `ETIMEDOUT` - cmake: add min. OpenSSL 1.1.0 version
requirement - ci: fix flaky azure mirrors - tls: remove obsolete openssl
version check and fix libressl build - ci/ssl: fix openssl root dir - main:
add `re_thread_async_main` for `re_global` only - atomic: fix win32 atomic load
const warnings - atomic: fix `__iso_volatile_load64` deref - bump version
numbers to 2.12.0
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 17 2023 Robert Scheck <robert(a)fedoraproject.org> 2.12.0-1
- Upgrade to 2.12.0 (#2170480)
* Thu Feb 2 2023 Florian Weimer <fweimer(a)redhat.com> - 2.11.0-3
- Fix C99 compatibility issues
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.11.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2170292 - baresip-2.12.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2170292
[ 2 ] Bug #2170480 - libre-2.12.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2170480
[ 3 ] Bug #2170481 - librem-2.12.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2170481
--------------------------------------------------------------------------------
================================================================================
librem-2.12.0-1.el7 (FEDORA-EPEL-2023-8ee1e41505)
Audio and video processing media library
--------------------------------------------------------------------------------
Update Information:
# Baresip 2.12.0 (2023-02-15) - call: default status code for rejecting
incoming calls - dtls_srtp: enable single DTLS connection mode - ci: try to
fix flaky azure mirrors - cmake/pulse: Remove pulse-simple library lookup -
webrtc_aecm: use C11 mutex - pulse: replace obsolete string pulse_async (makes
baresip PipeWire compatible) - vidpacket: add keyframe flag - av1: use
keyframe instead of new-flag - av1: fix warnings - make rtcp interval
configureable - sndio: remove deprecated module - PRACK refactoring - ci:
merge build and cmake - menu: ringback/early audio handling for parallel calls
- magic: use C99 func macro - stream: remove `stream_decode` from internal API
- use `RE_ARRAY_SIZE()` macro - cmake: link `RESOLV_LIBRARY` - ci/build: fix
Ubuntu 22.04 workaround - avcapture: use `RE_ARRAY_SIZE` macro - pulse: remove
obsolete doxygen note to be experimental - gtk: return NULL on `mtx_init() !=
thrd_success` - ci: add libgtk-3-dev to build GTK+ 3 module - event: missing
class name case for `RTPESTAB` event - ci: add sanitizers - bump version
numbers to 2.12.0 # librem v2.12.0 (2023-02-15) - cmake: increment required
version - aubuf/ajb: reset reference timestamp if skew is too high - ci:
rename ccheck to lint - Use Ninja as CMake generator - use `RE_ARRAY_SIZE` -
fix doxygen warnings - bump version numbers to 2.12.0 # libre v2.12.0
(2023-02-15) - tls: remove `ifdef DTLS_CTRL_HANDLE_TIMEOUT` - cmake:
increment required version - dtls: add logging of DTLS packet content-type -
dtls: add single connection mode - ice: reduce conncheck start timer -
async,main: make `re_thread_async` itself thread safe - av1: remove old
packetizer - av1: fix chrome interop - av1: minor cleanups - trace: fix new
json start - make rtcp interval configureable - sa: proposal to always enable
`struct sockaddr_in6` - ci: rename ccheck to lint - ci: extend coverage test
with retest+select - main: remove poll support - ci: use Ninja as CMake
generator - ci/abi: fix abidiff paths - PRACK refactoring - types: add `RE_`
prefix to `ARRAY_SIZE()` - cmake: add `USE_TRACE` option (default `OFF`) - add
re prefix - tcp: add `RE_TCP_BACKLOG` - Fix doxygen warnings - mbuf: docs and
setters/getters - tcp,cmake: use `accept4` if supported - tcp: remove
`SO_LINGER` socket option - rtcp: update documentation - tcp: check `SO_ERROR`
only for active connections - cmake: add `HAVE_RESOLV` - hash: add
`hash_debug` - list: improve list_apply performance - rtp: add doxygen
comments - rtp: extra dox for `rtcp_encode` - ci: add thread and address
sanitizer - Do not change glibc feature selection macros in unsupported ways -
auth: replace `ETIME` with `ETIMEDOUT` - cmake: add min. OpenSSL 1.1.0 version
requirement - ci: fix flaky azure mirrors - tls: remove obsolete openssl
version check and fix libressl build - ci/ssl: fix openssl root dir - main:
add `re_thread_async_main` for `re_global` only - atomic: fix win32 atomic load
const warnings - atomic: fix `__iso_volatile_load64` deref - bump version
numbers to 2.12.0
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 17 2023 Robert Scheck <robert(a)fedoraproject.org> 2.12.0-1
- Upgrade to 2.12.0 (#2170481)
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.11.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2170292 - baresip-2.12.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2170292
[ 2 ] Bug #2170480 - libre-2.12.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2170480
[ 3 ] Bug #2170481 - librem-2.12.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2170481
--------------------------------------------------------------------------------
================================================================================
mock-core-configs-36.16-1.el7 (FEDORA-EPEL-2023-ac2ba90d12)
Mock core config files basic chroots
--------------------------------------------------------------------------------
Update Information:
- add tumbleweed key - Added RPM Fusion keys for Fedora 39. - update copr keys -
add elastic gpg key
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 17 2023 Pavel Raiskup <praiskup(a)redhat.com> 36.16-1
- update gpg keys for Tumbleweed (msuchy(a)redhat.com)
--------------------------------------------------------------------------------
================================================================================
sasutils-0.4.0-1.el7 (FEDORA-EPEL-2023-eb25ffb1e2)
Serial Attached SCSI (SAS) utilities
--------------------------------------------------------------------------------
Update Information:
Update to version 0.4.0.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 16 2023 Stephane Thiell <sthiell(a)stanford.edu> 0.4.0-1
- update version
--------------------------------------------------------------------------------