The following Fedora EPEL 8 Security updates need testing:
Age URL
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-f77315a931
seamonkey-2.53.8-1.el8
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-d4c3bbff96
libolm-3.2.4-2.el8
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-15c5b7660c
suricata-5.0.7-1.el8
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-ac096c00b0
libtpms-0.8.4-0.20210624gita594c4692a.el8.1
The following builds have been pushed to Fedora EPEL 8 updates-testing
R-Rcpp-1.0.7-1.el8
chromium-91.0.4472.114-2.el8
notcurses-2.3.8-1.el8
swift-lang-5.4.2-1.el8
testcloud-0.6.0-1.el8
Details about builds:
================================================================================
R-Rcpp-1.0.7-1.el8 (FEDORA-EPEL-2021-543d8a43d6)
Seamless R and C++ Integration
--------------------------------------------------------------------------------
Update Information:
Rcpp 1.0.7
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 8 2021 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 1.0.7-1
- Update to 1.0.7
* Mon Jun 7 2021 Tom Callaway <spot(a)fedoraproject.org> - 1.0.6-3
- Rebuilt for R 4.1.0
* Mon Jan 25 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.6-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
chromium-91.0.4472.114-2.el8 (FEDORA-EPEL-2021-f971d08ec9)
A WebKit (Blink) powered web browser that Google doesn't want you to use
--------------------------------------------------------------------------------
Update Information:
Fix crash in ThemeService (thanks to OpenSUSE) ---- This release is only being
done for EPEL-8. The code no longer builds sanely (even with extensive hacks) on
EL-7. You really should migrate off EL-7 at this point. Security fixes.
CVE-2021-30506 CVE-2021-30507 CVE-2021-30508 CVE-2021-30509 CVE-2021-30510
CVE-2021-30511 CVE-2021-30512 CVE-2021-30513 CVE-2021-30514 CVE-2021-30515
CVE-2021-30516 CVE-2021-30517 CVE-2021-30518 CVE-2021-30519 CVE-2021-30520
CVE-2021-30521 CVE-2021-30522 CVE-2021-30523 CVE-2021-30524 CVE-2021-30525
CVE-2021-30526 CVE-2021-30527 CVE-2021-30528 CVE-2021-30529 CVE-2021-30530
CVE-2021-30531 CVE-2021-30532 CVE-2021-30533 CVE-2021-30534 CVE-2021-30535
CVE-2021-30536 CVE-2021-30537 CVE-2021-30538 CVE-2021-30539 CVE-2021-30540
CVE-2021-30544 CVE-2021-30545 CVE-2021-30546 CVE-2021-30547 CVE-2021-30548
CVE-2021-30549 CVE-2021-30550 CVE-2021-30551 CVE-2021-30552 CVE-2021-30553
CVE-2021-30554 CVE-2021-30555 CVE-2021-30556 CVE-2021-30557
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 6 2021 Tom Callaway <spot(a)fedoraproject.org> - 91.0.4472.114-2
- fix ThemeService crash (thanks OpenSUSE)
* Wed Jun 23 2021 Tom Callaway <spot(a)fedoraproject.org> - 91.0.4472.114-1
- update to 91.0.4472.114
* Tue Jun 1 2021 Tom Callaway <spot(a)fedoraproject.org> - 91.0.4472.77-1
- update to 91.0.4472.77
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1965424 - CVE-2021-30521 chromium-browser: Heap buffer overflow in Autofill
https://bugzilla.redhat.com/show_bug.cgi?id=1965424
[ 2 ] Bug #1965425 - CVE-2021-30522 chromium-browser: Use after free in WebAudio
https://bugzilla.redhat.com/show_bug.cgi?id=1965425
[ 3 ] Bug #1965426 - CVE-2021-30523 chromium-browser: Use after free in WebRTC
https://bugzilla.redhat.com/show_bug.cgi?id=1965426
[ 4 ] Bug #1965427 - CVE-2021-30524 chromium-browser: Use after free in TabStrip
https://bugzilla.redhat.com/show_bug.cgi?id=1965427
[ 5 ] Bug #1965428 - CVE-2021-30525 chromium-browser: Use after free in TabGroups
https://bugzilla.redhat.com/show_bug.cgi?id=1965428
[ 6 ] Bug #1965429 - CVE-2021-30526 chromium-browser: Out of bounds write in TabStrip
https://bugzilla.redhat.com/show_bug.cgi?id=1965429
[ 7 ] Bug #1965430 - CVE-2021-30527 chromium-browser: Use after free in WebUI
https://bugzilla.redhat.com/show_bug.cgi?id=1965430
[ 8 ] Bug #1965431 - CVE-2021-30528 chromium-browser: Use after free in
WebAuthentication
https://bugzilla.redhat.com/show_bug.cgi?id=1965431
[ 9 ] Bug #1965432 - CVE-2021-30529 chromium-browser: Use after free in Bookmarks
https://bugzilla.redhat.com/show_bug.cgi?id=1965432
[ 10 ] Bug #1965433 - CVE-2021-30530 chromium-browser: Out of bounds memory access in
WebAudio
https://bugzilla.redhat.com/show_bug.cgi?id=1965433
[ 11 ] Bug #1965434 - CVE-2021-30531 chromium-browser: Insufficient policy enforcement
in Content Security Policy
https://bugzilla.redhat.com/show_bug.cgi?id=1965434
[ 12 ] Bug #1965435 - CVE-2021-30532 chromium-browser: Insufficient policy enforcement
in Content Security Policy
https://bugzilla.redhat.com/show_bug.cgi?id=1965435
[ 13 ] Bug #1965436 - CVE-2021-30533 chromium-browser: Insufficient policy enforcement
in PopupBlocker
https://bugzilla.redhat.com/show_bug.cgi?id=1965436
[ 14 ] Bug #1965437 - CVE-2021-30534 chromium-browser: Insufficient policy enforcement
in iFrameSandbox
https://bugzilla.redhat.com/show_bug.cgi?id=1965437
[ 15 ] Bug #1965438 - CVE-2021-30535 chromium-browser: Double free in ICU
https://bugzilla.redhat.com/show_bug.cgi?id=1965438
[ 16 ] Bug #1965439 - CVE-2021-30536 chromium-browser: Out of bounds read in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1965439
[ 17 ] Bug #1965440 - CVE-2021-30537 chromium-browser: Insufficient policy enforcement
in cookies
https://bugzilla.redhat.com/show_bug.cgi?id=1965440
[ 18 ] Bug #1965441 - CVE-2021-30538 chromium-browser: Insufficient policy enforcement
in content security policy
https://bugzilla.redhat.com/show_bug.cgi?id=1965441
[ 19 ] Bug #1965442 - CVE-2021-30539 chromium-browser: Insufficient policy enforcement
in content security policy
https://bugzilla.redhat.com/show_bug.cgi?id=1965442
[ 20 ] Bug #1965443 - CVE-2021-30540 chromium-browser: Incorrect security UI in
payments
https://bugzilla.redhat.com/show_bug.cgi?id=1965443
[ 21 ] Bug #1970106 - CVE-2021-30544 chromium-browser: Use after free in BFCache
https://bugzilla.redhat.com/show_bug.cgi?id=1970106
[ 22 ] Bug #1970107 - CVE-2021-30545 chromium-browser: Use after free in Extensions
https://bugzilla.redhat.com/show_bug.cgi?id=1970107
[ 23 ] Bug #1970108 - CVE-2021-30546 chromium-browser: Use after free in Autofill
https://bugzilla.redhat.com/show_bug.cgi?id=1970108
[ 24 ] Bug #1970109 - CVE-2021-30547 chromium-browser: Out of bounds write in ANGLE
https://bugzilla.redhat.com/show_bug.cgi?id=1970109
[ 25 ] Bug #1970110 - CVE-2021-30548 chromium-browser: Use after free in Loader
https://bugzilla.redhat.com/show_bug.cgi?id=1970110
[ 26 ] Bug #1970111 - CVE-2021-30549 chromium-browser: Use after free in Spell check
https://bugzilla.redhat.com/show_bug.cgi?id=1970111
[ 27 ] Bug #1970112 - CVE-2021-30550 chromium-browser: Use after free in Accessibility
https://bugzilla.redhat.com/show_bug.cgi?id=1970112
[ 28 ] Bug #1970113 - CVE-2021-30551 chromium-browser: Type Confusion in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1970113
[ 29 ] Bug #1970114 - CVE-2021-30552 chromium-browser: Use after free in Extensions
https://bugzilla.redhat.com/show_bug.cgi?id=1970114
[ 30 ] Bug #1970115 - CVE-2021-30553 chromium-browser: Use after free in Network
service
https://bugzilla.redhat.com/show_bug.cgi?id=1970115
[ 31 ] Bug #1971568 - CVE-2021-30506 chromium-browser: Incorrect security UI in Web App
Installs
https://bugzilla.redhat.com/show_bug.cgi?id=1971568
[ 32 ] Bug #1971569 - CVE-2021-30507 chromium-browser: Inappropriate implementation in
Offline
https://bugzilla.redhat.com/show_bug.cgi?id=1971569
[ 33 ] Bug #1971570 - CVE-2021-30508 chromium-browser: Heap buffer overflow in Media
Feeds
https://bugzilla.redhat.com/show_bug.cgi?id=1971570
[ 34 ] Bug #1971571 - CVE-2021-30509 chromium-browser: Out of bounds write in Tab Strip
https://bugzilla.redhat.com/show_bug.cgi?id=1971571
[ 35 ] Bug #1971572 - CVE-2021-30510 chromium-browser: Race in Aura
https://bugzilla.redhat.com/show_bug.cgi?id=1971572
[ 36 ] Bug #1971573 - CVE-2021-30511 chromium-browser: Out of bounds read in Tab Groups
https://bugzilla.redhat.com/show_bug.cgi?id=1971573
[ 37 ] Bug #1971574 - CVE-2021-30512 chromium-browser: Use after free in Notifications
https://bugzilla.redhat.com/show_bug.cgi?id=1971574
[ 38 ] Bug #1971575 - CVE-2021-30513 chromium-browser: Type Confusion in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1971575
[ 39 ] Bug #1971576 - CVE-2021-30514 chromium-browser: Use after free in Autofill
https://bugzilla.redhat.com/show_bug.cgi?id=1971576
[ 40 ] Bug #1971577 - CVE-2021-30516 chromium-browser: Heap buffer overflow in History
https://bugzilla.redhat.com/show_bug.cgi?id=1971577
[ 41 ] Bug #1971578 - CVE-2021-30517 chromium-browser: Type Confusion in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1971578
[ 42 ] Bug #1971579 - CVE-2021-30518 chromium-browser: Heap buffer overflow in Reader
Mode
https://bugzilla.redhat.com/show_bug.cgi?id=1971579
[ 43 ] Bug #1971580 - CVE-2021-30519 chromium-browser: Use after free in Payments
https://bugzilla.redhat.com/show_bug.cgi?id=1971580
[ 44 ] Bug #1971581 - CVE-2021-30520 chromium-browser: Use after free in Tab Strip
https://bugzilla.redhat.com/show_bug.cgi?id=1971581
[ 45 ] Bug #1973547 - CVE-2021-30554 chromium-browser: Use after free in WebGL
https://bugzilla.redhat.com/show_bug.cgi?id=1973547
[ 46 ] Bug #1973548 - CVE-2021-30555 chromium-browser: Use after free in Sharing
https://bugzilla.redhat.com/show_bug.cgi?id=1973548
[ 47 ] Bug #1973549 - CVE-2021-30556 chromium-browser: Use after free in WebAudio
https://bugzilla.redhat.com/show_bug.cgi?id=1973549
[ 48 ] Bug #1973550 - CVE-2021-30557 chromium-browser: Use after free in TabGroups
https://bugzilla.redhat.com/show_bug.cgi?id=1973550
--------------------------------------------------------------------------------
================================================================================
notcurses-2.3.8-1.el8 (FEDORA-EPEL-2021-48d9cf2abc)
Character graphics and TUI library
--------------------------------------------------------------------------------
Update Information:
bugfix release
https://github.com/dankamongmen/notcurses/releases/tag/v2.3.8
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jul 4 2021 Nick Black <dankamongmen(a)gmail.com> - 2.3.8-1
- New upstream release, bugfix-oriented
* Tue Jun 29 2021 Nick Black <dankamongmen(a)gmail.com> - 2.3.7-1
- New upstream release
--------------------------------------------------------------------------------
================================================================================
swift-lang-5.4.2-1.el8 (FEDORA-EPEL-2021-7ca04ade2f)
Apple's Swift programming language
--------------------------------------------------------------------------------
Update Information:
Updated to swift-5.4.2-RELEASE
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 5 2021 Ron Olson <tachoknight(a)gmail.com> - 5.4.2-1
- Updated to swift-5.4.2-RELEASE
--------------------------------------------------------------------------------
================================================================================
testcloud-0.6.0-1.el8 (FEDORA-EPEL-2021-b3771b0cd1)
Tool for running cloud images locally
--------------------------------------------------------------------------------
Update Information:
- SPEC: Use pytest macro - Merge downstream spec changes - README: Let's believe
in testcloud a bit more ���� - Simplify cli warning wording a bit - Remove forced
reboot from cli for CentOS user sessions - API: Allow to specify pci network
device - README: improve a tiny bit - Make url mandatory, cleanup cli instance
create a bit - Allow to specify number of CPU cores to be assigned - Change cli
layout for instance create a bit (A LOT ���� ) - get_debian_image_url: return None
on fail - Add a way to shutdown vms in a graceful way - use if hasattr insteadd
of try/except AttributeError - Use virtio-net-pci instead of e1000 for hostfwd
in qemu user sessions - implement synchronization using file lock for user
sessions - Don't directly alter config_object, use a copy of it - Fixup CentOS
short handle - Support Ubuntu and Debian images - Update url for oraculum -
Bunch of code shuffling - Bunch of improvements for get_fedora_image_url - Fixup
traceback for unknown distributions on un-defined variable - Fixups around
system x session instances handling - Dont blow out traceback on image download
404, fixup connection tooltip for CentOS - Support fetching the latest Fedora
Rawhide iso as fedora:rawhide url - Support CentOS and CentOS Stream versions
(hardcoded urls) - Support operating with Vagrant images - check whether the
instance existing before do the prepare work - Make the code more robust - Make
list and clean functions more robust to handle both system and user sessions -
add coreos test function
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 9 2021 Frantisek Zatloukal <fzatlouk(a)redhat.com> - 0.6.0-1
- SPEC: Use pytest macro
- Merge downstream spec changes
- README: Let's believe in testcloud a bit more ����
- Simplify cli warning wording a bit
- Remove forced reboot from cli for CentOS user sessions
- API: Allow to specify pci network device
- README: improve a tiny bit
- Make url mandatory, cleanup cli instance create a bit
- Allow to specify number of CPU cores to be assigned
- Change cli layout for instance create a bit (A LOT ���� )
- get_debian_image_url: return None on fail
- Add a way to shutdown vms in a graceful way
- use if hasattr insteadd of try/except AttributeError
- Use virtio-net-pci instead of e1000 for hostfwd in qemu user sessions
- implement synchronization using file lock for user sessions
- Don't directly alter config_object, use a copy of it
- Fixup CentOS short handle
- Support Ubuntu and Debian images
- Update url for oraculum
- Bunch of code shuffling
- Bunch of improvements for get_fedora_image_url
- Fixup traceback for unknown distributions on un-defined variable
- Fixups around system x session instances handling
- Dont blow out traceback on image download 404, fixup connection tooltip for CentOS
- Support fetching the latest Fedora Rawhide iso as fedora:rawhide url
- Support CentOS and CentOS Stream versions (hardcoded urls)
- Support operating with Vagrant images
- check whether the instance existing before do the prepare work
- Make the code more robust
- Make list and clean functions more robust to handle both system and user sessions
- add coreos test function
* Fri Jun 4 2021 Python Maint <python-maint(a)redhat.com> - 0.5.0-2
- Rebuilt for Python 3.10
--------------------------------------------------------------------------------