The following Fedora EPEL 8 Security updates need testing:
Age URL
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-a4cbda11c6
suricata-6.0.17-1.el8
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-8f366635a6
seamonkey-2.53.18.2-1.el8
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-fc233c6d2e
chromium-123.0.6312.58-1.el8
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-0ced8d6066
tinyxml-2.6.2-28.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
3proxy-0.9.4-5.el8
distrobox-1.7.1-2.el8
libopenmpt-0.7.6-1.el8
Details about builds:
================================================================================
3proxy-0.9.4-5.el8 (FEDORA-EPEL-2024-13ae896ed8)
Tiny but very powerful proxy
--------------------------------------------------------------------------------
Update Information:
Adapt manpages to reflect renamed proxy binary (fixes rhbz#2271587)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 29 2024 Tim Semeijn <tim(a)goat.re> - 0.9.4-4
- Adapt manpages to reflect renamed proxy binary (fixes rhbz#2271587)
--------------------------------------------------------------------------------
================================================================================
distrobox-1.7.1-2.el8 (FEDORA-EPEL-2024-e0e8dbadbe)
Another tool for containerized command line environments on Linux
--------------------------------------------------------------------------------
Update Information:
Added distrobox-host-exec to mangle_shebangs_exclude as per BZ#2271765
Update to 1.7.1
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 29 2024 Alessio <alciregi(a)fedoraproject.org> - 1.7.1-2
- Added distrobox-host-exec to mangle_shebangs_exclude as per BZ#2271765
* Mon Mar 25 2024 Alessio <alciregi(a)fedoraproject.org> - 1.7.1-1
- Update to 1.7.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2271707 - distrobox-1.7.1.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2271707
[ 2 ] Bug #2271765 - Exclude distrobox-host-exec from shebang mangling
https://bugzilla.redhat.com/show_bug.cgi?id=2271765
--------------------------------------------------------------------------------
================================================================================
libopenmpt-0.7.6-1.el8 (FEDORA-EPEL-2024-acb47e6aea)
C/C++ library to decode tracker music module (MOD) files
--------------------------------------------------------------------------------
Update Information:
libopenmpt 0.7.6 (2024-03-24)
[Sec] Potential heap out-of-bounds read or write past sample end with malformed
sustain loops in SymMOD files (r20420).
MED: Transposed samples were playing too low in some files (e.g. mix94.mmd1).
OKT: Some files with garbage at the end were rejected (e.g. katharsis - piano
lesson.okta).
Compressor DMO: It was possible that the plugin would not behave as intended at
mix rates above 500 kHz.
Avoid re-allocating the loop state map contents on every playthrough of the
module.
libopenmpt 0.7.5 (2024-03-17)
[Sec] Null-pointer write (32bit platforms) or excessive memory allocation (64bit
platforms) when reading close to 4GiB of data from unseekable files (r20336,
r20338).
[Sec] Write buffer overflow when reading unseekable files close to 4GiB in size
(r20339).
[Sec] Possible out-of-memory (32bit platforms) or excessive memory allocation
(64bit platforms) when reading malformed data from unseekable files (r20340).
[Sec] DMF: Possible null-pointer write or excessive memory allocation when
reading DMF files (r20323).
IT: In the previous version, Zxx macros in IT files made with older MPT versions
were no longer working.
There was a periodic click when playing a module using the Chorus or Flanger DMO
plugin at a mix rate exceeding ~136.5 kHz.
An older bugfix for undefined behaviour in the Distortion DMO plugin was
incorrect, causing the distorted sound to be different in some situations.
xmp-openmpt: Metadata retrievel for playlist items was broken.
libopenmpt 0.7.4 (2024-03-03)
[Bug] Makefile: libopenmpt 0.7.3 broke running the test suite for Emscripten
builds.
openmpt123: openmpt123 now uses a narrower layout on terminal windows with a
width of less than 72 characters.
Setting all possible load_skip flags resulted in nothing being loaded at all,
instead of just not loading the selected module parts.
When playing all subsongs, set_position_seconds didn���t always calculate the
correct subsong to jump to.
IT: A few more compatibility flags are now disabled for modules saved with
earlier Schism Tracker versions.
IT: MIDI macros were reset in IT 2.14 / 2.15 files that declared to be
compatible with older IT versions (fixes spx-visionsofthepast.it).
OKT: Work around missing negative arpeggio implementation by transposing the
notes up an octave.
OKT: Channel volume commands were sometimes lost over less important effects.
IMF: Ignore magic bytes in sample header. ���Leaving All Behind��� by Karsten Koch
uses unexpected magic bytes, Orpheus ignores them just like the instrument
header magic bytes.
zlib: Update to v1.3.1 (2024-01-22).
mpg123: Update to v1.32.5 (2024-02-17).
pugixml: Update to v1.14 (2023-10-01).
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 29 2024 Michael Schwendt <mschwendt(a)fedoraproject.org> - 0.7.6-1
- update to 0.7.6
* Thu Jan 25 2024 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.7.3-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.7.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2267561 - libopenmpt-0.7.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2267561
--------------------------------------------------------------------------------