The following Fedora EPEL 8 Security updates need testing:
Age URL
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-1eb20196c7
cryptopp-8.6.0-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
chromium-94.0.4606.61-1.el8
gnustep-base-1.28.0-3.el8
gnustep-make-2.9.0-3.el8
openvpn-auth-ldap-2.0.4-6.el8
packit-0.38.0-1.el8
python-cligj-0.7.2-3.el8
python-ogr-0.30.0-1.el8
python-pyrsistent-0.17.3-6.el8
python-scp-0.14.1-1.el8
tmt-1.8.0-1.el8
unar-1.10.1-24.el8
Details about builds:
================================================================================
chromium-94.0.4606.61-1.el8 (FEDORA-EPEL-2021-a50497600b)
A WebKit (Blink) powered web browser that Google doesn't want you to use
--------------------------------------------------------------------------------
Update Information:
Update to 94.0.4606.61. As a reminder, there are no future releases of Chromium
for EL7, so if you are using Chromium on EL7, I strongly recommend that you
either upgrade to EL8 or uninstall Chromium. This release fixes a big old pile
of security issues: CVE-2021-30542 CVE-2021-30543 CVE-2021-30558 CVE-2021-30625
CVE-2021-30626 CVE-2021-30627 CVE-2021-30628 CVE-2021-30629 CVE-2021-30630
CVE-2021-30631 CVE-2021-30632 CVE-2021-30633 CVE-2021-37972 CVE-2021-37956
CVE-2021-37957 CVE-2021-37958 CVE-2021-37959 CVE-2021-37960 CVE-2021-37961
CVE-2021-37962 CVE-2021-37963 CVE-2021-37964 CVE-2021-37965 CVE-2021-37966
CVE-2021-37967 CVE-2021-37968 CVE-2021-37969 CVE-2021-37970 CVE-2021-37971
CVE-2021-37973
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 24 2021 Tom Callaway <spot(a)fedoraproject.org> - 94.0.4606.61-1
- update to 94.0.4606.61
* Thu Sep 23 2021 Tom Callaway <spot(a)fedoraproject.org> - 94.0.4606.54-1
- update to 94.0.4606.54
* Mon Sep 20 2021 Tom Callaway <spot(a)fedoraproject.org> - 93.0.4577.82-2
- add fix for harfbuzz v3 (thanks to Jan Beich @ FreeBSD)
* Thu Sep 16 2021 Tom Callaway <spot(a)fedoraproject.org> - 93.0.4577.82-1
- update to 93.0.4577.82
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2001877 - CVE-2021-30542 chromium-browser: Use after free in Tab Strip
https://bugzilla.redhat.com/show_bug.cgi?id=2001877
[ 2 ] Bug #2001879 - CVE-2021-30543 chromium-browser: Use after free in Tab Strip
https://bugzilla.redhat.com/show_bug.cgi?id=2001879
[ 3 ] Bug #2001881 - CVE-2021-30558 chromium-browser: Insufficient policy enforcement in
content security policy
https://bugzilla.redhat.com/show_bug.cgi?id=2001881
[ 4 ] Bug #2004087 - CVE-2021-30625 chromium-browser: Use after free in Selection API
https://bugzilla.redhat.com/show_bug.cgi?id=2004087
[ 5 ] Bug #2004088 - CVE-2021-30626 chromium-browser: Out of bounds memory access in
ANGLE
https://bugzilla.redhat.com/show_bug.cgi?id=2004088
[ 6 ] Bug #2004089 - CVE-2021-30627 chromium-browser: Type Confusion in Blink layout
https://bugzilla.redhat.com/show_bug.cgi?id=2004089
[ 7 ] Bug #2004090 - CVE-2021-30628 chromium-browser: Stack buffer overflow in ANGLE
https://bugzilla.redhat.com/show_bug.cgi?id=2004090
[ 8 ] Bug #2004091 - CVE-2021-30629 chromium-browser: Use after free in Permissions
https://bugzilla.redhat.com/show_bug.cgi?id=2004091
[ 9 ] Bug #2004092 - CVE-2021-30630 chromium-browser: Inappropriate implementation in
Blink
https://bugzilla.redhat.com/show_bug.cgi?id=2004092
[ 10 ] Bug #2004093 - CVE-2021-30631 chromium-browser: Type Confusion in Blink layout
https://bugzilla.redhat.com/show_bug.cgi?id=2004093
[ 11 ] Bug #2004095 - CVE-2021-30632 chromium-browser: Out of bounds write in V8
https://bugzilla.redhat.com/show_bug.cgi?id=2004095
[ 12 ] Bug #2004096 - CVE-2021-30633 chromium-browser: Use after free in Indexed DB API
https://bugzilla.redhat.com/show_bug.cgi?id=2004096
[ 13 ] Bug #2006914 - CVE-2021-37956 chromium-browser: Use after free in Offline use
https://bugzilla.redhat.com/show_bug.cgi?id=2006914
[ 14 ] Bug #2006915 - CVE-2021-37957 chromium-browser: Use after free in WebGPU
https://bugzilla.redhat.com/show_bug.cgi?id=2006915
[ 15 ] Bug #2006916 - CVE-2021-37958 chromium-browser: Inappropriate implementation in
Navigation
https://bugzilla.redhat.com/show_bug.cgi?id=2006916
[ 16 ] Bug #2006917 - CVE-2021-37959 chromium-browser: Use after free in Task Manager
https://bugzilla.redhat.com/show_bug.cgi?id=2006917
[ 17 ] Bug #2006918 - CVE-2021-37960 chromium-browser: Inappropriate implementation in
Blink graphics
https://bugzilla.redhat.com/show_bug.cgi?id=2006918
[ 18 ] Bug #2006919 - CVE-2021-37961 chromium-browser: Use after free in Tab Strip
https://bugzilla.redhat.com/show_bug.cgi?id=2006919
[ 19 ] Bug #2006920 - CVE-2021-37962 chromium-browser: Use after free in Performance
Manager
https://bugzilla.redhat.com/show_bug.cgi?id=2006920
[ 20 ] Bug #2006921 - CVE-2021-37963 chromium-browser: Side-channel information leakage
in DevTools
https://bugzilla.redhat.com/show_bug.cgi?id=2006921
[ 21 ] Bug #2006922 - CVE-2021-37964 chromium-browser: Inappropriate implementation in
ChromeOS Networking
https://bugzilla.redhat.com/show_bug.cgi?id=2006922
[ 22 ] Bug #2006923 - CVE-2021-37965 chromium-browser: Inappropriate implementation in
Background Fetch API
https://bugzilla.redhat.com/show_bug.cgi?id=2006923
[ 23 ] Bug #2006924 - CVE-2021-37966 chromium-browser: Inappropriate implementation in
Compositing
https://bugzilla.redhat.com/show_bug.cgi?id=2006924
[ 24 ] Bug #2006925 - CVE-2021-37967 chromium-browser: Inappropriate implementation in
Background Fetch API
https://bugzilla.redhat.com/show_bug.cgi?id=2006925
[ 25 ] Bug #2006926 - CVE-2021-37968 chromium-browser: Inappropriate implementation in
Background Fetch API
https://bugzilla.redhat.com/show_bug.cgi?id=2006926
[ 26 ] Bug #2006927 - CVE-2021-37969 chromium-browser: Inappropriate implementation in
Google Updater
https://bugzilla.redhat.com/show_bug.cgi?id=2006927
[ 27 ] Bug #2006928 - CVE-2021-37970 chromium-browser: Use after free in File System
API
https://bugzilla.redhat.com/show_bug.cgi?id=2006928
[ 28 ] Bug #2006929 - CVE-2021-37971 chromium-browser: Incorrect security UI in Web
Browser UI
https://bugzilla.redhat.com/show_bug.cgi?id=2006929
[ 29 ] Bug #2006930 - CVE-2021-37972 libjpeg-turbo: out-of-bounds read
https://bugzilla.redhat.com/show_bug.cgi?id=2006930
[ 30 ] Bug #2007725 - CVE-2021-37973 chromium-browser: Use after free in Portals
https://bugzilla.redhat.com/show_bug.cgi?id=2007725
--------------------------------------------------------------------------------
================================================================================
gnustep-base-1.28.0-3.el8 (FEDORA-EPEL-2021-7fcbbfcf40)
GNUstep Base library package
--------------------------------------------------------------------------------
Update Information:
- New RPMs gnustep-make, gnustep-base, openvpn-auth-ldap and unar - Use `gobjc`
for building on EPEL 8 only
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1981947 - Please build openvpn-auth-ldap for EPEL 8
https://bugzilla.redhat.com/show_bug.cgi?id=1981947
[ 2 ] Bug #1983417 - Please build gnustep-make for EPEL 8
https://bugzilla.redhat.com/show_bug.cgi?id=1983417
[ 3 ] Bug #1983421 - Please build gnustep-base for EPEL 8
https://bugzilla.redhat.com/show_bug.cgi?id=1983421
[ 4 ] Bug #2008326 - Please build unar for EPEL 8
https://bugzilla.redhat.com/show_bug.cgi?id=2008326
--------------------------------------------------------------------------------
================================================================================
gnustep-make-2.9.0-3.el8 (FEDORA-EPEL-2021-7fcbbfcf40)
GNUstep makefile package
--------------------------------------------------------------------------------
Update Information:
- New RPMs gnustep-make, gnustep-base, openvpn-auth-ldap and unar - Use `gobjc`
for building on EPEL 8 only
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1981947 - Please build openvpn-auth-ldap for EPEL 8
https://bugzilla.redhat.com/show_bug.cgi?id=1981947
[ 2 ] Bug #1983417 - Please build gnustep-make for EPEL 8
https://bugzilla.redhat.com/show_bug.cgi?id=1983417
[ 3 ] Bug #1983421 - Please build gnustep-base for EPEL 8
https://bugzilla.redhat.com/show_bug.cgi?id=1983421
[ 4 ] Bug #2008326 - Please build unar for EPEL 8
https://bugzilla.redhat.com/show_bug.cgi?id=2008326
--------------------------------------------------------------------------------
================================================================================
openvpn-auth-ldap-2.0.4-6.el8 (FEDORA-EPEL-2021-7fcbbfcf40)
OpenVPN plugin for LDAP authentication
--------------------------------------------------------------------------------
Update Information:
- New RPMs gnustep-make, gnustep-base, openvpn-auth-ldap and unar - Use `gobjc`
for building on EPEL 8 only
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1981947 - Please build openvpn-auth-ldap for EPEL 8
https://bugzilla.redhat.com/show_bug.cgi?id=1981947
[ 2 ] Bug #1983417 - Please build gnustep-make for EPEL 8
https://bugzilla.redhat.com/show_bug.cgi?id=1983417
[ 3 ] Bug #1983421 - Please build gnustep-base for EPEL 8
https://bugzilla.redhat.com/show_bug.cgi?id=1983421
[ 4 ] Bug #2008326 - Please build unar for EPEL 8
https://bugzilla.redhat.com/show_bug.cgi?id=2008326
--------------------------------------------------------------------------------
================================================================================
packit-0.38.0-1.el8 (FEDORA-EPEL-2021-e41beb7dda)
A tool for integrating upstream projects with Fedora operating system
--------------------------------------------------------------------------------
Update Information:
New upstream release 0.38.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 30 2021 Packit Service <user-cont-team+packit-service(a)redhat.com> -
0.38.0-1
- `packit validate-config` was updated to check if files to be synced
downstream are present in the upstream repo and emit a warning in case they
are missing. (#1366)
- Patch files are read as byte streams now, in order to support having
non-UTF-8 characters. (#1372)
--------------------------------------------------------------------------------
================================================================================
python-cligj-0.7.2-3.el8 (FEDORA-EPEL-2021-a47221b560)
Click params for GeoJSON CLI
--------------------------------------------------------------------------------
Update Information:
Introduce EPEL 8 package for python-cligj
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2009038 - Please build python-cligj for EPEL 8
https://bugzilla.redhat.com/show_bug.cgi?id=2009038
--------------------------------------------------------------------------------
================================================================================
python-ogr-0.30.0-1.el8 (FEDORA-EPEL-2021-5747e4e60e)
One API for multiple git forges
--------------------------------------------------------------------------------
Update Information:
New upstream release 0.30.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 30 2021 Packit Service <user-cont-team+packit-service(a)redhat.com> -
0.30.0-1
- New method to get pull request and issue comments by their comment ID on
GitHub and GitLab. (#640)
--------------------------------------------------------------------------------
================================================================================
python-pyrsistent-0.17.3-6.el8 (FEDORA-EPEL-2021-ce910b7de8)
Persistent/Functional/Immutable data structures
--------------------------------------------------------------------------------
Update Information:
Build PDF documentation instead of HTML
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 30 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.17.3-6
- Build PDF documentation instead of HTML
--------------------------------------------------------------------------------
================================================================================
python-scp-0.14.1-1.el8 (FEDORA-EPEL-2021-ed6c6ac76f)
Scp module for paramiko
--------------------------------------------------------------------------------
Update Information:
update to version 0.14.1
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 29 2021 Chedi Toueiti <chedi.toueiti(a)gmail.com> - 0.14.1-1
- Update to version 0.14.1 (#2003334)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2003334 - python-scp-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2003334
--------------------------------------------------------------------------------
================================================================================
tmt-1.8.0-1.el8 (FEDORA-EPEL-2021-bfb91f5ac9)
Test Management Tool
--------------------------------------------------------------------------------
Update Information:
Release 1.8.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 30 2021 Luk���� Zachar <lzachar(a)redhat.com> - 1.8.0-1
- Add support for reboot in a reused provision
- Solve the reboot race condition
- Adjust the current git remote improvement
- Use current git remote for url in fmf-id
- Implement option to exit after first failure
- Clarify and update spec for the discover step
- Adjust the multihost test specification
- Add the multihost testing specification
- Make run --force behave more expectably
- Increase duration for tests using containers
- Rename soon-to-be deprecated resultcallback
- Remove the minute.obsolete provision plugin
- Document how to create a new minor/major release
- Explicitly mention '.' as special value for names
- Add Github Action for PyPI releases
- Improve fetching remote environment files
- Adjust the check for rsync before pull and push
- Install `rsync` before guest.pull()
- Second chapter of the Guide: Under The Hood
- Simplify the search for step method options
- Produce better errors for unsupported plugins
- Add more ignored files, categorize gitignore more
- Extend .gitignore with a few more common patterns
- (robin/master) Export fields of a case should be checked by lint
- Adjust the bugzilla support in test export
- Test export can link case to bugzilla
- Document the support for `open` key in html report
- Allow html report to be opened by plan
- Require essential packages for tmt testing
- Skip the docs test until the Sphinx issue is fixed
--------------------------------------------------------------------------------
================================================================================
unar-1.10.1-24.el8 (FEDORA-EPEL-2021-7fcbbfcf40)
Multi-format extractor
--------------------------------------------------------------------------------
Update Information:
- New RPMs gnustep-make, gnustep-base, openvpn-auth-ldap and unar - Use `gobjc`
for building on EPEL 8 only
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1981947 - Please build openvpn-auth-ldap for EPEL 8
https://bugzilla.redhat.com/show_bug.cgi?id=1981947
[ 2 ] Bug #1983417 - Please build gnustep-make for EPEL 8
https://bugzilla.redhat.com/show_bug.cgi?id=1983417
[ 3 ] Bug #1983421 - Please build gnustep-base for EPEL 8
https://bugzilla.redhat.com/show_bug.cgi?id=1983421
[ 4 ] Bug #2008326 - Please build unar for EPEL 8
https://bugzilla.redhat.com/show_bug.cgi?id=2008326
--------------------------------------------------------------------------------