The following Fedora EPEL 8 Security updates need testing:
Age URL
13
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-c18d19cbdc
fluidsynth-2.1.8-3.el8
9
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-0754fdd085
openvpn-2.4.11-1.el8
7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-24ab212ee8
p7zip-16.02-20.el8
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-3a1aaec707
pngcheck-2.4.0-8.el8
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-b308580516
perl-Image-ExifTool-12.16-3.el8
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-bbc31e5925
java-latest-openjdk-16.0.1.0.9-1.rolling.el8
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-33433b2f22
python-yara-4.1.0-1.el8 yara-4.1.0-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
genders-1.27.2-6.el8
lazarus-2.0.12-1.el8
libopenmpt-0.5.8-1.el8
packit-0.29.0-1.el8
rpminspect-1.5-1.el8
rpminspect-data-fedora-1.5-1.el8
tmt-1.5.0-1.el8
xrdp-0.9.16-1.el8
Details about builds:
================================================================================
genders-1.27.2-6.el8 (FEDORA-EPEL-2021-0596d03e62)
Static cluster configuration database
--------------------------------------------------------------------------------
Update Information:
Add genders to EPEL8
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
lazarus-2.0.12-1.el8 (FEDORA-EPEL-2021-a252ab9b09)
Lazarus Component Library and IDE for Freepascal
--------------------------------------------------------------------------------
Update Information:
Update to 2.0.12
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 30 2021 Artur Frenszek-Iwicki <fedora(a)svgames.pl> - 2.0.12-1
- Update to 2.0.12
- Use baserelease macro to fix the rpmdev-bumspec issues
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1946343 - Lazarus 2.0.12 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1946343
--------------------------------------------------------------------------------
================================================================================
libopenmpt-0.5.8-1.el8 (FEDORA-EPEL-2021-a3a4866065)
C/C++ library to decode tracker music module (MOD) files
--------------------------------------------------------------------------------
Update Information:
libopenmpt 0.5.8 (2021-04-11) ============================= * [Sec] Possible
null-pointer dereference read caused by a sequence of `openmpt::module::read`,
`openmpt::module::set_position_order_row` pointing to an invalid pattern, and
another `openmpt::module::read` call. To trigger the crash, pattern 0 must not
exist in the file and the tick speed before the position jump must be lower than
the initial speed of the module. (r14530) * [Bug] `libopenmpt.pc` did not list
required system libraries `ole32.lib` and `rpcrt4.lib` on Windows in
`Libs.Private` field for static builds. * [Bug] libopenmpt 0.5.7 broke seeking
in some subsongs. * The built-in LFO plugin did not load the correct initial
LFO frequency. * IT command S7x (instrument control) is now supported when
seeking with sample sync enabled. * libopenmpt_ext `play_note` was cutting of
channels even when there were plenty of free channels to use. * mpg123: Update
to v1.26.5 (2021-03-22).
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 30 2021 Michael Schwendt <mschwendt(a)fedoraproject.org> - 0.5.8-1
- update to 0.5.8 (security release for the 0.5 series)
--------------------------------------------------------------------------------
================================================================================
packit-0.29.0-1.el8 (FEDORA-EPEL-2021-664f88e61f)
A tool for integrating upstream projects with Fedora operating system
--------------------------------------------------------------------------------
Update Information:
New upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 30 2021 Jiri Popelka <jpopelka(a)redhat.com> - 0.29.0-1
- Source-git: add info about sources to packit.yaml when initiating a new source-git repo
and don't commit dist-git sources from the lookaside cache. (#1208, #1216)
- Source-git: fix SRPM creation failing with duplicate Patch IDs. (#1206)
- Support git repository cache. (#1214)
- Reflect removed COPR chroots in a COPR project. (#1197)
- Deprecate current_version_command and create_tarball_command. (#1212)
- Fix crashing push-updates command. (#1170)
- Improve fmf/tmt tests configuration. (#1192)
* Wed Mar 31 2021 Packit Service <user-cont-team+packit-service(a)redhat.com> -
0.28.0-1
- Remove the no-op `--dry-run` option.
- Handle `centos-stream` targets as `centos-stream-8`, in order to help with the name
change in Copr.
- `fmf_url` and `fmf_ref` can be used in a job's `metadata` to specify an external
repository and reference to be used to test the package.
- Introduce a `fedora-latest` alias for the latest _branched_ version of Fedora Linux.
- Add a top-level option `-c, --config` to specify a custom path for the package
configuration (aka `packit.yaml`).
- Source-git: enable using CentOS Stream 9 dist-git as a source.
- Source-git: rename the subdirectory to store downstream packaging files from `fedora` to
the more general `.distro`.
- Source-git: fix creating source-git repositories when Git is configured to call the
default branch something other then `master`.
--------------------------------------------------------------------------------
================================================================================
rpminspect-1.5-1.el8 (FEDORA-EPEL-2021-fc6f7264e7)
Build deviation compliance tool
--------------------------------------------------------------------------------
Update Information:
Upgrade to rpminspect-1.5
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 30 2021 David Cantrell <dcantrell(a)redhat.com> - 1.5-1
- Begin work on version 1.5
- Use llabs() instead of labs() in the filesize inspection
- Improve has invalid execstack flags reporting
- Use long unsigned int to report size changes in patches
- Fix some errors in the changedfiles inspection
- Update the changedfiles test cases
- Check DT_SONAME in is_elf_shared_library()
- Skip debuginfo and debugsource files in abidiff
- Make sure abidiff test cases add a DT_SONAME to the test lib
- Report INFO level for patches findings by default
- Python black fixes in test/test_abidiff.py
- Update the test/test_patches.py cases for patches changes
- Generate regular changelog in utils/srpm.h
- Skip branches without targets in submit-koji-builds.sh
- Fedora and CentOS systems in ci need diffstat
- opensuse-leap CI job requires diffstat
- Fix the Debian CI jobs in GitHub Actions
- Fix and enable the Ubuntu extra-ci job in GitHub Actions
- Use pip instead of pip3 for the Ubuntu command
- Use apt-get -y install in
- Enable the opensuse-tumbleweed GHA job again
- Make sure the Gentoo GHA job has diffstat
- Get the Arch Linux GHA job working again
- Use ubuntu:latest for the ubuntu GHA image
- Simplify the utils/determine-os.sh script
- Update license table in README.md
- Allow any number of builds specified for fetch only mode
- Handle old or broken versions of libmagic in changedfiles
- Update GitHub Action status badges in README.md
- Fix $(OS) check in the Makefile
- Fix the ubuntu GitHub Actions extra-ci job
- Make sure the centos8 job has git available before cloning
- Change strappend() to work as a variadic function
- Use json_tokener_parse_ex() to get better error reporting
- Fix reading of the javabytecode block in the config file
- Catch missing/losing -fPIC correctly on .a ELF objects (#352)
- Refactor elf_archive_tests() and its helper functions
- Followup fix for find_no_pic, find_pic, and find_all
- Install cpp-coveralls using pacman on Arch Linux
- Install cpp-coveralls using pip on Arch Linux
- Install cpp-coveralls in pre.sh on Arch Linux
- Install required Python modules in pre.sh on Arch Linux
- Do not upgrade pip on Arch Linux, go back to using pip.txt
- Drop DEBUG_PRINT from source generated by pic_bits.sh
- Do not run apt-get update as a second time on Debians systems
- The lost PIC tests need to invoke gcc with -fno-PIC
- Update the OpenSUSE Tumbleweed files, but disable it anyway
- Define inspection_ignores in struct rpminspect
- Clean up the config file section reading code
- Add add_ignore() to init.c
- Fix fetch only mode download directory
- Stub out libcurl download progress callback function
- Perform symbolic owner and group matching in ownership (#364)
- Restrict download_progress() to systems with CURLOPT_XFERINFOFUNCTION
- Read per-inspection ignore lists from the config file.
- Add commented out per-inspection ignore blocks
- Implement per-inspection path ignore support (#351)
- Report annocheck failures correctly in librpminspect.
- Note all regular expression settings use regex(7) syntax
- Allow size_threshold: info in the config file (#261)
- Check ignore list in files for path prefixes to ignore (#360)
- Support a list of expected empty RPMs in the config file (#355)
- Call mparse_reset() before mparse_readfd()
- Do not crash with the -c option specifies a non-existent file
- Update TODO list
- Make sure brp-compress is disabled in test_manpage.py
- Require/Recommend /usr/bin/annocheck
- Note size_threshold can be the keyword info
- Ensure ctxt->lastError.message is not NULL before strdup (#382)
- Handle corrupt compressed files in changedfiles (#382)
- Disable debugging output for the ignore lists in init.c
- Drop debugging output in the xml inspection
- Remove what working directories we can
- Correctly find icons for desktop files in subpackages (#367)
- Followup to the Icon= check in the desktop inspection (#367)
- BuildRequires libmandoc-devel >= 1.14.5
- Manually install mandoc on centos7 for now
--------------------------------------------------------------------------------
================================================================================
rpminspect-data-fedora-1.5-1.el8 (FEDORA-EPEL-2021-d4b9b0b98c)
Build deviation compliance tool data files
--------------------------------------------------------------------------------
Update Information:
Upgrade to rpminspect-1.5
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 30 2021 David Cantrell <dcantrell(a)redhat.com> - 1.5-1
- Add a 'rawhide' profile to disable a lot of inspections
- Add missing ID value to the npsl license entry
- /usr/lib/dracut and /usr/lib/udev are valid paths
- Update fedora.yaml with all current configuration file changes
- Explain size_threshold can be 'info'
* Wed Feb 24 2021 David Cantrell <dcantrell(a)redhat.com> - 1.4-1
- Increment the development tree version to 1.4.
- Document the release process and add another helper target to the
Makefile
- 'make koji' skips branches that lack Koji build targets
- Set VENDORBLD to the vendor build too in submit-koji-builds.sh
- Add NPSL
- Update fedora.yaml for the new 'badfuncs' inspection.
- The badfuncs inspection is in rpminspect >= 1.3, update spec file
- Add MIT-0 license
- Add runpath section to fedora.yaml
--------------------------------------------------------------------------------
================================================================================
tmt-1.5.0-1.el8 (FEDORA-EPEL-2021-955d05bf7e)
Test Management Tool
--------------------------------------------------------------------------------
Update Information:
Run progress, tmt clean, docs enhancements...
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 30 2021 Petr ��pl��chal <psplicha(a)redhat.com> - 1.5.0-1
- Enable and document `pre-commit` and `autopep8`
- Reorganize feature stories, fix title duplication
- Prepare/install story for package development.
- Add package preparation scenarios from Fedora CI
- Prepare/install story for released packages
- Add new stories related to package preparation
- Fix login not working for cloud images
- Work around a seccomp podman issue on centos-8
- Tag multihost tests during import from Makefile
- Adjust the simple test for ansible prepare
- Remove hardcoded ansible_python_interpreter=auto
- Fix lint and use it on the tmt repo itself
- Obsolete the minute provision plugin
- Update the documentation for contributors
- Do not assert installed packages for recommend
- Show link to the full debug log in the html report
- Implement tmt clean command
- Require a newer fmf which supports storing data
- Allow to specify port in provision.connect
- Surround classes and functions with 2 blank lines
- Fix order of imports, sort them alphabetically
- Update the provision step hardware specification
- Fix tmt plan lint for multiple configurations
- Add tmt status examples section
- Add a context adjust example for the prepare step
- Adjust the git suffix stripping for known forges
- Strip git suffix from pagure/gitlab/github repos
- Enable install plans for pull request testing
- Adjust the essential attributes description
- Document the essential class attributes
- Improve the prepare step documentation
- Correctly convert relevancy with the `!=` operator
- Print note in report.html if it exists
- Add note about error for beakerlib results
- Adjust progress bar for the internal executor
- Add test progress bar to non-verbose mode
- Adjust the attribute linting for tests
- Lint attribute names for test
- Human friendly names for VMs
--------------------------------------------------------------------------------
================================================================================
xrdp-0.9.16-1.el8 (FEDORA-EPEL-2021-59d1c3d1c6)
Open source remote desktop protocol (RDP) server
--------------------------------------------------------------------------------
Update Information:
Release notes for xrdp v0.9.15 (2020/12/28) New features - Allow token sign in
without autologon for SSO (#1667 #1668) - Norwegian keyboard support (#1675) -
Improved config support for chansrv (#1635) - Unified chansrv, sesman and
libxrdp logging (#1633 #1708 #1738) - thanks to @aquesnel - Support SUSE move to
/usr/etc (#1702) - Parameters may now be specified for user-specified shell
(#1270 #1695) - xrdp executables now allow alternative config files to be
specified with -c (#1588 #1650 #1651) - sesrun improvements (#1741) - Drive
redirection location can now be specified (#1048) - Now compiles on RISC-V
(#1761) Bug fixes - Additional buffer overflow checks (#1662) - FUSE support
now builds on 32-bit platforms (#1682) - genkeymap array size conflict fixed
(#1691) - Buffering issue with neutrinordp over a slow link fixed (#1608 1634) -
Various documentation fixes (#1704 #1741 #1755 #1759) - Prevent PAM info message
from causing authentication failure (#1727) - Cosmetic fixes for minor issues
(#1751 #1755 #1749) - Try harder to clean up socket files on session exit (#1740
#1756) - xrdp-chansrv become defunct in docker while file copy (#1658) Internal
changes - Compilation warnings with newer compilers (#1659 #1680) -
Continuation Integration checks on 32-bit platforms now include FUSE support
(#1682) - Continuation Integration builds now default to the Ubuntu Focal
platform (#1666) - FUSE type tidy-ups (#1686) - Switch from Travis CI to GitHub
Actions (#1728 #1732) - Easier to set up console logging for utilities (#1711)
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 1 2021 Bojan Smojver <bojan(a)rexurive.com> - 1:0.9.16-1
- Bump up to 0.9.16
* Thu Jan 28 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
1:0.9.15-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------