The following Fedora EPEL 8 Security updates need testing:
Age URL
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-bfa4482ae0
libmysofa-1.2-4.el8
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-71d1af6aca
isync-1.4.1-1.el8
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-fedb6fa69d
python-aiohttp-3.7.4-1.el8
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-6fed4b5ffb
nagios-4.4.6-3.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
asciinema-2.0.2-6.el8
chromium-88.0.4324.182-2.el8
distribution-gpg-keys-1.51-1.el8
knot-resolver-5.3.0-1.el8
lua-unbound-0.5-1.el8
mock-core-configs-34.2-1.el8
perl-Nmap-Parser-1.37-8.el8
privoxy-3.0.32-1.el8
python-contextlib2-0.6.0.post1-1.el8
python-django-contrib-comments-2.0.0-1.el8
qelectrotech-0.80-1.el8
x11vnc-0.9.16-3.el8
Details about builds:
================================================================================
asciinema-2.0.2-6.el8 (FEDORA-EPEL-2021-afea319b0b)
Terminal session recorder
--------------------------------------------------------------------------------
Update Information:
Initial EPEL8 package.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1931749 - asciinema: build for epel8
https://bugzilla.redhat.com/show_bug.cgi?id=1931749
--------------------------------------------------------------------------------
================================================================================
chromium-88.0.4324.182-2.el8 (FEDORA-EPEL-2021-a2e8a7475f)
A WebKit (Blink) powered web browser
--------------------------------------------------------------------------------
Update Information:
Fix issue with swiftshader where symbols were not properly generated for the
dlopened shared objects, preventing proper functionality. ---- Update to
88.0.4324.182. Fixes CVE-2021-21149 CVE-2021-21150 CVE-2021-21151
CVE-2021-21152 CVE-2021-21153 CVE-2021-21154 CVE-2021-21155 CVE-2021-21156
CVE-2021-21157
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 25 2021 Tom Callaway <spot(a)fedoraproject.org> - 88.0.4234.182-2
- fix swiftshader symbols in libEGL/libGLESv2 with gcc
* Wed Feb 17 2021 Tom Callaway <spot(a)fedoraproject.org> - 88.0.4234.182-1
- update to 88.0.4234.182
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1929523 - CVE-2021-21149 chromium-browser: Stack overflow in Data Transfer
https://bugzilla.redhat.com/show_bug.cgi?id=1929523
[ 2 ] Bug #1929524 - CVE-2021-21150 chromium-browser: Use after free in Downloads
https://bugzilla.redhat.com/show_bug.cgi?id=1929524
[ 3 ] Bug #1929525 - CVE-2021-21151 chromium-browser: Use after free in Payments
https://bugzilla.redhat.com/show_bug.cgi?id=1929525
[ 4 ] Bug #1929526 - CVE-2021-21152 chromium-browser: Heap buffer overflow in Media
https://bugzilla.redhat.com/show_bug.cgi?id=1929526
[ 5 ] Bug #1929527 - CVE-2021-21153 chromium-browser: Stack overflow in GPU Process
https://bugzilla.redhat.com/show_bug.cgi?id=1929527
[ 6 ] Bug #1929528 - CVE-2021-21154 chromium-browser: Heap buffer overflow in Tab Strip
https://bugzilla.redhat.com/show_bug.cgi?id=1929528
[ 7 ] Bug #1929529 - CVE-2021-21155 chromium-browser: Heap buffer overflow in Tab Strip
https://bugzilla.redhat.com/show_bug.cgi?id=1929529
[ 8 ] Bug #1929530 - CVE-2021-21156 chromium-browser: Heap buffer overflow in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1929530
[ 9 ] Bug #1929531 - CVE-2021-21157 chromium-browser: Use after free in Web Sockets
https://bugzilla.redhat.com/show_bug.cgi?id=1929531
--------------------------------------------------------------------------------
================================================================================
distribution-gpg-keys-1.51-1.el8 (FEDORA-EPEL-2021-664e7d3d7b)
GPG keys of various Linux distributions
--------------------------------------------------------------------------------
Update Information:
mock-core-config: - configs: use Fedora N-1 gpg keys for ELN distribution-gpg-
key: - update copr keys - Add missing CentOS SIG keys - add Fedora 36 key -
matrix of opengpg availablity - add intel new gpg key
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 1 2021 Miroslav Such�� <msuchy(a)redhat.com> 1.51-1
- update copr keys
- Add missing CentOS SIG keys
- add Fedora 36 key
- matrix of opengpg availablity
- add intel new gpg key
* Wed Feb 17 2021 Miroslav Such�� <msuchy(a)redhat.com> 1.50-1
- Add symlinks for F35
* Wed Feb 17 2021 Miroslav Such�� <msuchy(a)redhat.com> 1.49-1
- update copr keys
- add mariadb key
- document type61
- add Alma Linux
--------------------------------------------------------------------------------
================================================================================
knot-resolver-5.3.0-1.el8 (FEDORA-EPEL-2021-71cc757147)
Caching full DNS Resolver
--------------------------------------------------------------------------------
Update Information:
- update to upstream version 5.3.0 - add dnstap module subpackage
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 1 2021 Jakub Ru��i��ka <jakub.ruzicka(a)nic.cz> - 5.3.0-1
- update to upstream version 5.3.0
- add dnstap module subpackage
- required Knot DNS >= 2.9
* Fri Dec 18 2020 Jakub Ru��i��ka <jakub.ruzicka(a)nic.cz> - 5.2.1-1
- update to upstream version 5.2.1
* Wed Nov 11 2020 Jakub Ru��i��ka <jakub.ruzicka(a)nic.cz> 5.2.0-1
- update to upstream version 5.2.0
- sync packaging from upstream
--------------------------------------------------------------------------------
================================================================================
lua-unbound-0.5-1.el8 (FEDORA-EPEL-2021-4245c40478)
Binding to libunbound for Lua
--------------------------------------------------------------------------------
Update Information:
Lua bindings for the Unbound APIs.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1914678 - Review Request: lua-unbound - Binding to libunbound for Lua
https://bugzilla.redhat.com/show_bug.cgi?id=1914678
--------------------------------------------------------------------------------
================================================================================
mock-core-configs-34.2-1.el8 (FEDORA-EPEL-2021-664e7d3d7b)
Mock core config files basic chroots
--------------------------------------------------------------------------------
Update Information:
mock-core-config: - configs: use Fedora N-1 gpg keys for ELN distribution-gpg-
key: - update copr keys - Add missing CentOS SIG keys - add Fedora 36 key -
matrix of opengpg availablity - add intel new gpg key
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 22 2021 Pavel Raiskup <praiskup(a)redhat.com> 34.2-1
- configs: use Fedora N-1 gpg keys for ELN (praiskup(a)redhat.com)
--------------------------------------------------------------------------------
================================================================================
perl-Nmap-Parser-1.37-8.el8 (FEDORA-EPEL-2021-69e189b60c)
Parse nmap scan data with perl
--------------------------------------------------------------------------------
Update Information:
Added new package to EPEL 8
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1932429 - Please add perl-Nmap-Parser to epel8
https://bugzilla.redhat.com/show_bug.cgi?id=1932429
--------------------------------------------------------------------------------
================================================================================
privoxy-3.0.32-1.el8 (FEDORA-EPEL-2021-1073219045)
Privacy enhancing proxy
--------------------------------------------------------------------------------
Update Information:
3.0.32
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 1 2021 Gwyn Ciesla <gwync(a)protonmail.com> - 3.0.32-1
- 3.0.32
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1933424 - privoxy-3.0.32 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1933424
--------------------------------------------------------------------------------
================================================================================
python-contextlib2-0.6.0.post1-1.el8 (FEDORA-EPEL-2021-65e082736e)
Backports and enhancements for the contextlib module
--------------------------------------------------------------------------------
Update Information:
Initial EPEL8 build
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1754177 - python-contextlib2-0.6.0.post1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1754177
[ 2 ] Bug #1815843 - python-contextlib2: please, provide epel8 update
https://bugzilla.redhat.com/show_bug.cgi?id=1815843
--------------------------------------------------------------------------------
================================================================================
python-django-contrib-comments-2.0.0-1.el8 (FEDORA-EPEL-2021-98f27503ac)
The code formerly known as django.contrib.comments
--------------------------------------------------------------------------------
Update Information:
First epel8 build based on master.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
qelectrotech-0.80-1.el8 (FEDORA-EPEL-2021-7c97f4c8b4)
An electric diagrams editor
--------------------------------------------------------------------------------
Update Information:
QElectroTech is a Qt application to design electric diagrams. It uses XML files
for elements and diagrams, and includes both a diagram editor and an element
editor.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
x11vnc-0.9.16-3.el8 (FEDORA-EPEL-2021-fc2f1ff74c)
VNC server for the current X11 session
--------------------------------------------------------------------------------
Update Information:
This release fixes an insecure permissins of shared memory semgentes created by
an x11vnc server. Previously the segments were readable and writable for any
local user. Now they are accessible only to the user who executed the x11vnc
server.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 1 2021 Petr Pisar <ppisar(a)redhat.com> - 0.9.16-3
- Fix CVE-2020-29074 (insecure permissions on a shared memory) (bug #1933604)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1933602 - CVE-2020-29074 x11vnc: insecure permissions on shm
https://bugzilla.redhat.com/show_bug.cgi?id=1933602
--------------------------------------------------------------------------------