The following Fedora EPEL 8 Security updates need testing: Age URL 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-fac3491880 xerces-c-3.2.3-5.el8 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-95ca32e505 java-latest-openjdk-19.0.1.0.10-1.rolling.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
baresip-2.9.0-1.el8 exim-4.96-4.el8 fedora-license-data-1.7-1.el8 libre-2.9.0-1.el8 librem-2.9.0-1.el8 python-yara-4.2.3-1.el8 yara-4.2.3-1.el8
Details about builds:
================================================================================ baresip-2.9.0-1.el8 (FEDORA-EPEL-2022-7974cfb964) Modular SIP user-agent with audio and video support -------------------------------------------------------------------------------- Update Information:
# Baresip 2.9.0 (2022-11-01) * sndfile: Filename includes `strm->cname` (i.e. `call->local_uri`) && `strm->peer` values (i.e. `call->peer_uri`) to derive source and destination of recorded call * log: optional timestamps * avcodec: remove H263 codec * mk: bump `PROJECT_NUMBER` in `Doxyfile` * stream: correct Doxygen for peer field * cmake: add pre version handling * cmake,debian: use `dh-cmake` * cmake: add pkgconfig * Avoid webrtc_aecm module C++20 extension warnings * cmake/ctrld_dbus: ninja and subdirectory fixes * cmake: link `CMAKE_CURRENT_BINARY_DIR` modules * cmake,debian: fix libbaresip dependency * cmake: set C only flags * FindPNG needs to find also include directory * FindVPX needs to find also include directory * Multicast send events on mcreg enable commands * call, menu: support display name for outgoing calls * call: hangup call on transp reset if necessary * portaudio: add `mediadev_add` with mediadev driver fields * call: fix mnat `call_streams_alloc` * jack: fix CodeQL uninitialized local variable * Avoid snapshot compiler warnings * avformat: remove old call to `avcodec_register_all()` * avformat: remove `LIBAVUTIL_VERSION_MAJOR` check * ua: wording for warning in `ua_refer_send()` * ua: use mbuf functions for `ua_connect_dir` * ci: use `actions/checkout@v3` * avcodec: remove `av_packet_free()` wrapper * selfview: create window in encode_update * alsa: use C11 threads * config: fix template for `avcodec_xxx` * avformat: use C11 threads * v4l2: use C11 threads * avcodec: remove `LIBAVUTIL_VERSION_MAJOR` check * multicast: use C11 threads * menu fix display name * account: do not complete dial URI if scheme is included * menu: simplify URI complete * gtk: use new function `account_uri_complete_strdup()` * Removed module avformat dependency on libpostproc * make: detect and add swscale module in modules.mk * cmake: add `APP_MODULES` symlinks * cmake: use `CMAKE_SHARED_MODULE_SUFFIX` # librem v2.9.0 (2022-11-01) * cmake: add pre-release version handling * `README.md`: Update build instructions for cmake * aubuf: exclude non compatible CXX functions * auframe: skip level calculation if format is RAW * ci: use `actions/checkout@v3` * vidframe_draw_point: add NV12 and NV21 pixel format # libre v2.9.0 (2022-11-01) * cmake,make: bump version and set dev identifier * udp: remove `udp_send_anon()` * cmake: enable export symbols for backtrace * `README.md`: Update build instructions for cmake * cmake: improve kqueue and epoll detection * fs: add `fs_stdio_hide()` and `fs_stdio_restore()` helpers * json: remove unknown type warning * http: fix warning arguments * net_if_getlinklocal: use AF from input parameter * fmt: add `str_itoa` * SDP support for <proto> udp * tls: remove some warnings * fmt: add `pl_trim` functions * aes/openssl: remove obsolete version check * http: use `str_dup()` instead of unsafe `strcpy()` * doxygen: update comments * reg: remove obsolete void cast * Tls connect debug * mk: update doxygen file * ci: use `actions/checkout@v3` * tls: remove ifdef from public API * sip: `sip_conncfg_set` pass by reference * dnsc get conf and skip hash alloc without hash size changes * sdp/media: fix reorder codecs (restore old behavior) * list: fix `list_flush` head and tail * prepare 2.9.0 -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 1 2022 Robert Scheck robert@fedoraproject.org 2.9.0-1 - Upgrade to 2.9.0 (#2139174) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2139163 - libre-2.9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2139163 [ 2 ] Bug #2139164 - librem-2.9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2139164 [ 3 ] Bug #2139174 - baresip-2.9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2139174 --------------------------------------------------------------------------------
================================================================================ exim-4.96-4.el8 (FEDORA-EPEL-2022-7b8daf83af) The exim mail transfer agent -------------------------------------------------------------------------------- Update Information:
Fixed use after free in dmarc_dns_lookup (CVE-2022-3620). -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 1 2022 Jaroslav ��karvada jskarvad@redhat.com - 4.96-4 - Fixed use after free in dmarc_dns_lookup Resolves: CVE-2022-3620 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2136729 - CVE-2022-3620 exim: UAF in dmarc_dns_lookup https://bugzilla.redhat.com/show_bug.cgi?id=2136729 --------------------------------------------------------------------------------
================================================================================ fedora-license-data-1.7-1.el8 (FEDORA-EPEL-2022-14711f81d8) Fedora Linux license data -------------------------------------------------------------------------------- Update Information:
- Also use rich-deps on EL 8 - Once again, abandon the toml module, use tomllib/tomli/tomli-w instead - Fix typos in license review template - rename [fedora]name to [fedora]legacy-name - rename [fedora]abbreviation to [fedora]legacy-abbreviation - Revise toml for GPL-2.0-or-later WITH x11vnc- openssl-exception - Add FSFULLRWD - Add OFL-1.1-RFN as allowed-fonts - use tomllib instead of toml - document availablity of fedora-licenses.json artifact -------------------------------------------------------------------------------- ChangeLog:
* Wed Nov 2 2022 Miroslav Such�� msuchy@redhat.com 1.7-1 - redefine JSON format - Also use rich-deps on EL 8 (miro@hroncok.cz) - Once again, abandon the toml module, use tomllib/tomli/tomli-w instead (miro@hroncok.cz) - Fix typos in license review template (dcavalca@fedoraproject.org) - rename [fedora]name to [fedora]legacy-name - rename [fedora]abbreviation to [fedora]legacy-abbreviation - Revise toml for GPL-2.0-or-later WITH x11vnc-openssl-exception (rfontana@redhat.com) - Add FSFULLRWD (rfontana@redhat.com) - Add OFL-1.1-RFN as allowed-fonts (rfontana@redhat.com) - use tomllib instead of toml - document availablity of fedora-licenses.json artifact --------------------------------------------------------------------------------
================================================================================ libre-2.9.0-1.el8 (FEDORA-EPEL-2022-7974cfb964) Generic library for real-time communications -------------------------------------------------------------------------------- Update Information:
# Baresip 2.9.0 (2022-11-01) * sndfile: Filename includes `strm->cname` (i.e. `call->local_uri`) && `strm->peer` values (i.e. `call->peer_uri`) to derive source and destination of recorded call * log: optional timestamps * avcodec: remove H263 codec * mk: bump `PROJECT_NUMBER` in `Doxyfile` * stream: correct Doxygen for peer field * cmake: add pre version handling * cmake,debian: use `dh-cmake` * cmake: add pkgconfig * Avoid webrtc_aecm module C++20 extension warnings * cmake/ctrld_dbus: ninja and subdirectory fixes * cmake: link `CMAKE_CURRENT_BINARY_DIR` modules * cmake,debian: fix libbaresip dependency * cmake: set C only flags * FindPNG needs to find also include directory * FindVPX needs to find also include directory * Multicast send events on mcreg enable commands * call, menu: support display name for outgoing calls * call: hangup call on transp reset if necessary * portaudio: add `mediadev_add` with mediadev driver fields * call: fix mnat `call_streams_alloc` * jack: fix CodeQL uninitialized local variable * Avoid snapshot compiler warnings * avformat: remove old call to `avcodec_register_all()` * avformat: remove `LIBAVUTIL_VERSION_MAJOR` check * ua: wording for warning in `ua_refer_send()` * ua: use mbuf functions for `ua_connect_dir` * ci: use `actions/checkout@v3` * avcodec: remove `av_packet_free()` wrapper * selfview: create window in encode_update * alsa: use C11 threads * config: fix template for `avcodec_xxx` * avformat: use C11 threads * v4l2: use C11 threads * avcodec: remove `LIBAVUTIL_VERSION_MAJOR` check * multicast: use C11 threads * menu fix display name * account: do not complete dial URI if scheme is included * menu: simplify URI complete * gtk: use new function `account_uri_complete_strdup()` * Removed module avformat dependency on libpostproc * make: detect and add swscale module in modules.mk * cmake: add `APP_MODULES` symlinks * cmake: use `CMAKE_SHARED_MODULE_SUFFIX` # librem v2.9.0 (2022-11-01) * cmake: add pre-release version handling * `README.md`: Update build instructions for cmake * aubuf: exclude non compatible CXX functions * auframe: skip level calculation if format is RAW * ci: use `actions/checkout@v3` * vidframe_draw_point: add NV12 and NV21 pixel format # libre v2.9.0 (2022-11-01) * cmake,make: bump version and set dev identifier * udp: remove `udp_send_anon()` * cmake: enable export symbols for backtrace * `README.md`: Update build instructions for cmake * cmake: improve kqueue and epoll detection * fs: add `fs_stdio_hide()` and `fs_stdio_restore()` helpers * json: remove unknown type warning * http: fix warning arguments * net_if_getlinklocal: use AF from input parameter * fmt: add `str_itoa` * SDP support for <proto> udp * tls: remove some warnings * fmt: add `pl_trim` functions * aes/openssl: remove obsolete version check * http: use `str_dup()` instead of unsafe `strcpy()` * doxygen: update comments * reg: remove obsolete void cast * Tls connect debug * mk: update doxygen file * ci: use `actions/checkout@v3` * tls: remove ifdef from public API * sip: `sip_conncfg_set` pass by reference * dnsc get conf and skip hash alloc without hash size changes * sdp/media: fix reorder codecs (restore old behavior) * list: fix `list_flush` head and tail * prepare 2.9.0 -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 1 2022 Robert Scheck robert@fedoraproject.org 2.9.0-1 - Upgrade to 2.9.0 (#2139163) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2139163 - libre-2.9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2139163 [ 2 ] Bug #2139164 - librem-2.9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2139164 [ 3 ] Bug #2139174 - baresip-2.9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2139174 --------------------------------------------------------------------------------
================================================================================ librem-2.9.0-1.el8 (FEDORA-EPEL-2022-7974cfb964) Audio and video processing media library -------------------------------------------------------------------------------- Update Information:
# Baresip 2.9.0 (2022-11-01) * sndfile: Filename includes `strm->cname` (i.e. `call->local_uri`) && `strm->peer` values (i.e. `call->peer_uri`) to derive source and destination of recorded call * log: optional timestamps * avcodec: remove H263 codec * mk: bump `PROJECT_NUMBER` in `Doxyfile` * stream: correct Doxygen for peer field * cmake: add pre version handling * cmake,debian: use `dh-cmake` * cmake: add pkgconfig * Avoid webrtc_aecm module C++20 extension warnings * cmake/ctrld_dbus: ninja and subdirectory fixes * cmake: link `CMAKE_CURRENT_BINARY_DIR` modules * cmake,debian: fix libbaresip dependency * cmake: set C only flags * FindPNG needs to find also include directory * FindVPX needs to find also include directory * Multicast send events on mcreg enable commands * call, menu: support display name for outgoing calls * call: hangup call on transp reset if necessary * portaudio: add `mediadev_add` with mediadev driver fields * call: fix mnat `call_streams_alloc` * jack: fix CodeQL uninitialized local variable * Avoid snapshot compiler warnings * avformat: remove old call to `avcodec_register_all()` * avformat: remove `LIBAVUTIL_VERSION_MAJOR` check * ua: wording for warning in `ua_refer_send()` * ua: use mbuf functions for `ua_connect_dir` * ci: use `actions/checkout@v3` * avcodec: remove `av_packet_free()` wrapper * selfview: create window in encode_update * alsa: use C11 threads * config: fix template for `avcodec_xxx` * avformat: use C11 threads * v4l2: use C11 threads * avcodec: remove `LIBAVUTIL_VERSION_MAJOR` check * multicast: use C11 threads * menu fix display name * account: do not complete dial URI if scheme is included * menu: simplify URI complete * gtk: use new function `account_uri_complete_strdup()` * Removed module avformat dependency on libpostproc * make: detect and add swscale module in modules.mk * cmake: add `APP_MODULES` symlinks * cmake: use `CMAKE_SHARED_MODULE_SUFFIX` # librem v2.9.0 (2022-11-01) * cmake: add pre-release version handling * `README.md`: Update build instructions for cmake * aubuf: exclude non compatible CXX functions * auframe: skip level calculation if format is RAW * ci: use `actions/checkout@v3` * vidframe_draw_point: add NV12 and NV21 pixel format # libre v2.9.0 (2022-11-01) * cmake,make: bump version and set dev identifier * udp: remove `udp_send_anon()` * cmake: enable export symbols for backtrace * `README.md`: Update build instructions for cmake * cmake: improve kqueue and epoll detection * fs: add `fs_stdio_hide()` and `fs_stdio_restore()` helpers * json: remove unknown type warning * http: fix warning arguments * net_if_getlinklocal: use AF from input parameter * fmt: add `str_itoa` * SDP support for <proto> udp * tls: remove some warnings * fmt: add `pl_trim` functions * aes/openssl: remove obsolete version check * http: use `str_dup()` instead of unsafe `strcpy()` * doxygen: update comments * reg: remove obsolete void cast * Tls connect debug * mk: update doxygen file * ci: use `actions/checkout@v3` * tls: remove ifdef from public API * sip: `sip_conncfg_set` pass by reference * dnsc get conf and skip hash alloc without hash size changes * sdp/media: fix reorder codecs (restore old behavior) * list: fix `list_flush` head and tail * prepare 2.9.0 -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 1 2022 Robert Scheck robert@fedoraproject.org 2.9.0-1 - Upgrade to 2.9.0 (#2139164) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2139163 - libre-2.9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2139163 [ 2 ] Bug #2139164 - librem-2.9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2139164 [ 3 ] Bug #2139174 - baresip-2.9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2139174 --------------------------------------------------------------------------------
================================================================================ python-yara-4.2.3-1.el8 (FEDORA-EPEL-2022-166223b21a) Python binding for the YARA pattern matching tool -------------------------------------------------------------------------------- Update Information:
Fix CVE-2021-45429 -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 1 2022 Michal Ambroz <rebus at, seznam.cz> - 4.2.3-1 - Rebuilt for yara-4.2.3 - second service :) * Tue Aug 9 2022 Mikel Olasagasti Uranga mikel@olasagasti.info - 4.2.0-5 - Rebuilt for yara-4.2.3 * Mon Aug 8 2022 Mikel Olasagasti Uranga mikel@olasagasti.info - 4.2.0-4 - Skip testModuleData again for F36, fixes rhbz#2116289 * Fri Jul 22 2022 Fedora Release Engineering releng@fedoraproject.org - 4.2.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Mon Jun 13 2022 Python Maint python-maint@redhat.com - 4.2.0-2 - Rebuilt for Python 3.11 * Fri May 27 2022 Mikel Olasagasti Uranga mikel@olasagasti.info - 4.2.0-1 - Bump to 4.2.0 rhbz#2063287 fixes FTBFS rhbz#2064646 - Minor changes to spec, like using https for URL - Simplify some of checks for different builds * Fri Jan 21 2022 Fedora Release Engineering releng@fedoraproject.org - 4.1.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2051369 - CVE-2021-45429 yara: A Buffer Overflow vulnerablity exists in YARA [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2051369 --------------------------------------------------------------------------------
================================================================================ yara-4.2.3-1.el8 (FEDORA-EPEL-2022-166223b21a) Pattern matching Swiss knife for malware researchers -------------------------------------------------------------------------------- Update Information:
Fix CVE-2021-45429 -------------------------------------------------------------------------------- ChangeLog:
* Tue Aug 9 2022 Mikel Olasagasti Uranga mikel@olasagasti.info - 4.2.3-1 - Update to 4.2.3 (#2116594) * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 4.2.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Mon Jul 18 2022 Mikel Olasagasti Uranga mikel@olasagasti.info - 4.2.2-1 - Update to 4.2.2 (#2103444) - BUGFIX: Fix buffer overrun in "dex" module (#1728). - BUGFIX: Wrong offset used when checking Version string of .net metadata (#1708). - BUGFIX: YARA doesn't compile if --with-debug-verbose flag is enabled (#1719). - BUGFIX: Null-pointer dereferences while loading corrupted compiled rules (#1727). * Mon May 23 2022 Michal Ambroz <rebus at, seznam.cz> - 4.2.1-1 - bump to 4.2.1 - adding changes based on proposal of Mikel Olasagasti Uranga: - change to BSD license as yara was relicensed in 2016 - minor changes to spec, like using https for URL - remove old patches - enable checks * Sat Mar 12 2022 Michal Ambroz <rebus at, seznam.cz> - 4.2.0-1 - bump to 4.2.0 * Thu Feb 17 2022 Michal Ambroz <rebus at, seznam.cz> - 4.2.0-0.rc1.1 - bump to 4.2.0-rc1 * Sat Jan 22 2022 Fedora Release Engineering releng@fedoraproject.org - 4.1.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2051369 - CVE-2021-45429 yara: A Buffer Overflow vulnerablity exists in YARA [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2051369 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org