The following Fedora EPEL 8 Security updates need testing:
Age URL
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-e85de73cdb
pdns-recursor-4.3.5-1.el8
10
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-6ef54b7a2d
tcpreplay-4.3.3-3.el8
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-4f4de3554d
fastd-21-1.el8
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-a2aa2f31cd
pngcheck-2.3.0-3.el8
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-5f50399d2e
chromium-86.0.4240.111-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
epel-release-8-9.el8
libntlm-1.6-1.el8
preproc-rpmspec-1.1-1.el8
python-freeipa-1.0.7-1.el8
rpkg-macros-1.0-1.el8
Details about builds:
================================================================================
epel-release-8-9.el8 (FEDORA-EPEL-2020-7bacc32a2f)
Extra Packages for Enterprise Linux repository configuration
--------------------------------------------------------------------------------
Update Information:
Add countme feature for epel. Fixes bug #1825984
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 31 2020 Kevin Fenzi <kevin(a)scrye.com> - 8-9
- Add countme feature for epel. Fixes bug #1825984
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1825984 - Enable new DNF countme option
https://bugzilla.redhat.com/show_bug.cgi?id=1825984
--------------------------------------------------------------------------------
================================================================================
libntlm-1.6-1.el8 (FEDORA-EPEL-2020-a0f02190ad)
NTLMv1 authentication library
--------------------------------------------------------------------------------
Update Information:
Update to security fix 1.6 version. Fixes CVE-2019-17455
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 31 2020 Kevin Fenzi <kevin(a)scrye.com> - 1.6-1
- Update to 1.6. Fixes CVE-2019-17455
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1768465 - CVE-2019-17455 libntlm: stack-based buffer overflow in
buildSmbNtlmAuthRequest in smbutil.c [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1768465
[ 2 ] Bug #1825591 - libntlm-1.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1825591
--------------------------------------------------------------------------------
================================================================================
preproc-rpmspec-1.1-1.el8 (FEDORA-EPEL-2020-0c29598887)
Minimalistic tool for rpm spec-file preprocessing
--------------------------------------------------------------------------------
Update Information:
New major versions of rpkg-macros (1.0) and preproc-rpmspec (1.1). Update
allowed per
https://pagure.io/fesco/issue/2488. preproc-rpmspec was only
changed to require rpkg-macros >= 1.0. More significant changes are in rpkg-
macros: - fix version check in git_pack - rpm-git-tag-sort is also required
during build for tests - add man pages for rpkg-macros, redirect there from
MACRO REFERENCE in man rpkg - fix parameter order for rpm-git-tag-sort in
git_merged_tag_refs - fix version parsing from the latest tag, package name may
contain dashes! - implement support for multiple Sources at once - use rpm-
git-tag-sort for tag sorting & filtering in git_merged_tag_refs submodules -
fix git_head for detached head state - in git_bumped_version, lead must be
numeric and greater than zero to output follow as zero + small code tweak in
git_version_generic - remove now unused git_bumped_release, set "" as default
for lead in git_bumped_version - make lead="" the only special case, otherwise
lead is lead - unify code and params for git_release and git_version - code
cleanup
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 8 2020 Michal Novotn�� <michal.novotny(a)comprimato.com> 1.1-1
- set lead to empty
* Mon Oct 5 2020 Michal Novotn�� <michal.novotny(a)comprimato.com> 1.0-1
- Require rpkg-macros >= 1.0
--------------------------------------------------------------------------------
================================================================================
python-freeipa-1.0.7-1.el8 (FEDORA-EPEL-2020-bea1d0fea7)
Lightweight FreeIPA client
--------------------------------------------------------------------------------
Update Information:
Bugfix update to 1.0.7
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 30 2020 Neal Gompa <ngompa13(a)gmail.com> - 1.0.7-1
- Update to 1.0.7 (#1893204)
* Wed Jul 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.6-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1893204 - python-freeipa-1.0.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1893204
--------------------------------------------------------------------------------
================================================================================
rpkg-macros-1.0-1.el8 (FEDORA-EPEL-2020-0c29598887)
Set of preproc macros for rpkg utility
--------------------------------------------------------------------------------
Update Information:
New major versions of rpkg-macros (1.0) and preproc-rpmspec (1.1). Update
allowed per
https://pagure.io/fesco/issue/2488. preproc-rpmspec was only
changed to require rpkg-macros >= 1.0. More significant changes are in rpkg-
macros: - fix version check in git_pack - rpm-git-tag-sort is also required
during build for tests - add man pages for rpkg-macros, redirect there from
MACRO REFERENCE in man rpkg - fix parameter order for rpm-git-tag-sort in
git_merged_tag_refs - fix version parsing from the latest tag, package name may
contain dashes! - implement support for multiple Sources at once - use rpm-
git-tag-sort for tag sorting & filtering in git_merged_tag_refs submodules -
fix git_head for detached head state - in git_bumped_version, lead must be
numeric and greater than zero to output follow as zero + small code tweak in
git_version_generic - remove now unused git_bumped_release, set "" as default
for lead in git_bumped_version - make lead="" the only special case, otherwise
lead is lead - unify code and params for git_release and git_version - code
cleanup
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 5 2020 clime <clime(a)fedoraproject.org> 1.0-1
- fix version check in git_pack
- rpm-git-tag-sort is also required during build for tests
- add man pages for rpkg-macros, redirect there from MACRO REFERENCE
in man rpkg
- fix parameter order for rpm-git-tag-sort in git_merged_tag_refs
- fix version parsing from the latest tag, package name may contain
dashes!
- implement support for multiple Sources at once
- use rpm-git-tag-sort for tag sorting & filtering in git_merged_tag_refs
submodules
- fix git_head for detached head state
- in git_bumped_version, lead must be numeric and greater than zero to output
follow as zero + small code tweak in git_version_generic
- remove now unused git_bumped_release, set "" as default for lead in
git_bumped_version
- make lead="" the only special case, otherwise lead is lead
- unify code and params for git_release and git_version
- code cleanup
--------------------------------------------------------------------------------