Fedora EPEL 8 updates-testing report - epel-devel - Fedora mailing-lists

8 Feb 2022


      The following Fedora EPEL 8 Security updates need testing:
 Age  URL
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-c11b187333   phoronix-test-suite-10.8.1-1.el8
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-ff9adfa937   rlwrap-0.45.2-1.el8
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-bd70e1ba58   kate-21.12.2-1.el8
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-ae246e412f   suricata-5.0.8-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
imapsync-2.140-2.el8
    liblxi-1.16-1.el8
    python-rencode-1.0.6-17.el8
    retrace-server-1.24.1-1.el8
    rpki-client-7.6-1.el8
    uglify-js3-3.15.1-1.el8
Details about builds:
================================================================================
 imapsync-2.140-2.el8 (FEDORA-EPEL-2022-ee40c68dbd)
 Tool to migrate email between IMAP servers
--------------------------------------------------------------------------------
Update Information:
* Update to 2.140 * Fix missing documentation * Fix missing dependency on
procps-ng
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb  7 2022 Nick Bebout nb@fedoraproject.org - 2.140-2
- Add dependency on procps-ng
* Mon Feb  7 2022 Nick Bebout nb@fedoraproject.org - 2.140-1
- Update to 2.140
* Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 1.977-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Thu Jul 22 2021 Fedora Release Engineering releng@fedoraproject.org - 1.977-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1769388 - imapsync missing documentation and broken symlinks
        https://bugzilla.redhat.com/show_bug.cgi?id=1769388
  [ 2 ] Bug #1963674 - imapsync misses dependency to ps
        https://bugzilla.redhat.com/show_bug.cgi?id=1963674
  [ 3 ] Bug #1990122 - imapsync-2.140 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1990122
--------------------------------------------------------------------------------
================================================================================
 liblxi-1.16-1.el8 (FEDORA-EPEL-2022-55bab0bd00)
 Library with simple API for communication with LXI devices
--------------------------------------------------------------------------------
Update Information:
# liblxi v1.16  - Fix handling of send errors for TCP/RAW connections
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb  3 2022 Robert Scheck robert@fedoraproject.org 1.16-1
- Upgrade to 1.16 (#2050367)
* Sun Jan 23 2022 Robert Scheck robert@fedoraproject.org 1.15-1
- Upgrade to 1.15 (#2043963)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2050367 - liblxi-1.16 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2050367
--------------------------------------------------------------------------------
================================================================================
 python-rencode-1.0.6-17.el8 (FEDORA-EPEL-2022-e04f53ab00)
 Web safe object pickling/unpickling
--------------------------------------------------------------------------------
Update Information:
add upstream commits with CVE-2021-40839 fix , which is the same bug issue of
"3-byte packet DoS"
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 25 2022 S��rgio Basto sergio@serjux.com - 1.0.6-17
- Fix CVE-2021-40839
* Fri Jan 21 2022 Fedora Release Engineering releng@fedoraproject.org - 1.0.6-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Fri Jul 23 2021 Fedora Release Engineering releng@fedoraproject.org - 1.0.6-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Fri Jun  4 2021 Python Maint python-maint@redhat.com - 1.0.6-14
- Rebuilt for Python 3.10
* Wed Jan 27 2021 Fedora Release Engineering releng@fedoraproject.org - 1.0.6-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Mon Oct  5 2020 Orion Poplawski orion@nwra.com - 1.0.6-12
- Add BR python3-setuptools
* Wed Jul 29 2020 Fedora Release Engineering releng@fedoraproject.org - 1.0.6-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2003754 - python-rencode: rencode 3-byte packet DoS [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2003754
  [ 2 ] Bug #2004110 - CVE-2021-40839 python-rencode: an infinite loop in typecode decoding allowing a remote DoS [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2004110
--------------------------------------------------------------------------------
================================================================================
 retrace-server-1.24.1-1.el8 (FEDORA-EPEL-2022-9f84c5d875)
 Application for remote coredump analysis
--------------------------------------------------------------------------------
Update Information:
New upstream release 1.24.1
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb  7 2022 Packit Service user-cont-team+packit-service@redhat.com - 1.24.1-1
- Release version 1.24.1-1 (Mat��j Grabovsk��)
- retrace-server-interact: Fix traceback for non-existent gid (Dave Wysochanski)
- Revert "Bump Meson dependency to 0.59.0" (Mat��j Grabovsk��)
- coverage: Set Git root directory (Mat��j Grabovsk��)
- Bump Meson dependency to 0.59.0 (Mat��j Grabovsk��)
- meson: Copy spec file to build directory (Mat��j Grabovsk��)
- bugzilla-query: Shorten lines that exceed 79 columns per PEP-0008 (Dave Wysochanski)
- bugzilla-query: Use 'limit' and search only recently modified bugs (Dave Wysochanski)
- manager: Add existence and permissions check of custom_url to avoid failed tasks (Dave Wysochanski)
- Replace TASK_RETRACE with TASK_COREDUMP and start_retrace with start_coredump (Dave Wysochanski)
- Fix typos (Michal Fabik)
- Update translations (Mat��j Grabovsk��)
- readme: Add Codecov badge (Mat��j Grabovsk��)
- test: Add test cases for human_readable_size() (Mat��j Grabovsk��)
- util: Print 1024 bytes as 1.00 kB (Mat��j Grabovsk��)
- Calculate and upload code coverage to Codecov (Mat��j Grabovsk��)
- retrace-server-task: Improve verbose error message when 'create' fails (Dave Wysochanski)
- retrace: Handle vmware .vmsn kernel version detection with heuristic (Dave Wysochanski)
- manager: Disallow NULL string in custom core location on manager page (Dave Wysochanski)
- man: Cleanup retrace-server-worker man page (Dave Wysochanski)
- retrace-server-task: Fix Traceback with no arguments (Dave Wysochanski)
- test: Fix for Python < 3.8 (Mat��j Grabovsk��)
- Update dependencies (Mat��j Grabovsk��)
- podman: Unify string quotes (Mat��j Grabovsk��)
- test: Expand Podman backend tests (Mat��j Grabovsk��)
- test: Remove old test, create new one (Mat��j Grabovsk��)
- c2p: Improve Pythonic code style (Mat��j Grabovsk��)
- retrace: Escape regex strings properly (Mat��j Grabovsk��)
- create: Be more explicit in calculations (Mat��j Grabovsk��)
- r-s-reposync-faf: Remove obsolete Pylint directive (Mat��j Grabovsk��)
- podman: Pass `check` explicitly to `run()` (Mat��j Grabovsk��)
- Add type annotations where appropriate (Mat��j Grabovsk��)
- retrace,util: Improve code style (Mat��j Grabovsk��)
- config: Iterate dictionary directly (Mat��j Grabovsk��)
- config: Rename variables for conformity (Mat��j Grabovsk��)
- plugin: Rename variables for conformity (Mat��j Grabovsk��)
- pylintrc: Do not warn about missing docstrings (Mat��j Grabovsk��)
- Fix bare `except` occurrences (Mat��j Grabovsk��)
- readme: Add badge for build status (Mat��j Grabovsk��)
--------------------------------------------------------------------------------
================================================================================
 rpki-client-7.6-1.el8 (FEDORA-EPEL-2022-10c31306b2)
 RPKI validator to support BGP Origin Validation
--------------------------------------------------------------------------------
Update Information:
# rpki-client 7.6    - Enforce the correct namespace of rrdp files.   - Fail
certificate verification if a certificate contains unknown critical extensions.
- Improve cleanup of rrdp directory contents.   - Introduce a validated cache
which holds all the files that have successfully been verified by `rpki-client`.
- Add a new option `-f <file>` to validate a signed object in a file against the
RPKI cache.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb  7 2022 Robert Scheck robert@fedoraproject.org 7.6-1
- Upgrade to 7.6 (#2051736)
* Fri Jan 21 2022 Fedora Release Engineering releng@fedoraproject.org - 7.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2051736 - rpki-client-7.6 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2051736
--------------------------------------------------------------------------------
================================================================================
 uglify-js3-3.15.1-1.el8 (FEDORA-EPEL-2022-5e35234faf)
 JavaScript parser, mangler/compressor and beautifier toolkit
--------------------------------------------------------------------------------
Update Information:
Uglify-JS 3.15.1
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb  7 2022 Mattias Ellert mattias.ellert@physics.uu.se - 3.15.1-1
- Update to 3.15.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2051343 - uglify-js-3.15.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2051343
--------------------------------------------------------------------------------