Fedora EPEL 7 updates-testing report - epel-devel - Fedora mailing-lists

9 Feb 2021


      The following Fedora EPEL 7 Security updates need testing:
 Age  URL
  52  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-4a9fc09599   openjpeg2-2.3.1-10.el7
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-4e3398c399   libssh-0.7.7-1.el7
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-c09d7045f3   seamonkey-2.53.6-1.el7
  11  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-ba217a684f   monitorix-3.13.1-1.el7
   8  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-5ecfbfc6f6   pngcheck-2.4.0-7.el7
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-6eebad70ee   SDL2-2.0.14-2.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
beakerlib-1.25-1.el7
    chromium-88.0.4324.150-1.el7
    distribution-gpg-keys-1.48-1.el7
    java-latest-openjdk-15.0.2.0.7-0.rolling.el7
    libburn1-1.5.4-1.el7
    libisoburn-1.5.4-1.el7
    libisofs1-1.5.4-1.el7
    mock-core-configs-34-1.el7
    openkim-models-2021.01.28-5.el7
    wdiff-1.2.2-19.el7
Details about builds:
================================================================================
 beakerlib-1.25-1.el7 (FEDORA-EPEL-2021-e2669a2fb8)
 A shell-level integration testing library
--------------------------------------------------------------------------------
Update Information:
- rebased yash to version 1.2, fixes the backtick iterpretation - docs fixes, by
��t��p��n N��mec snemec@redhat.com  ----  - rlImport --all imports only required
libraries, not recommend - implemented chkconfig fallback to systemctl - fixed
`make test` test suite execution   ----  - TestResults state indicator -
profiling code - rebased yash to 1.1 - fixed rlAssertLesser - fixed failed
library load name logging  ----  - ability to parse fmf id references - ability
the use simpler library name - library(foo), {url: '../foo.git', name: '/'},
meaming the library is n the root folder - ability put library even deeper in
the tree - library(foo/path/to/the/library), {url: '../foo.git', name:
'/path/to/the/library'} - rebased yash to 1.0 - and few more minor fixes
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb  9 2021 Dalibor Pospisil dapospis@redhat.com - 1.25-1
- rebased yash to version 1.2, fixes the backtick iterpretation
- docs fixes, by ��t��p��n N��mec snemec@redhat.com
* Sat Jan 30 2021 Dalibor Pospisil dapospis@redhat.com - 1.24-1
- rlImport --all imports only required libraries, not recommend
- implemented chkconfig fallback to systemctl
- fixed `make test` test suite execution
* Tue Jan 26 2021 Dalibor Pospisil dapospis@redhat.com - 1.23-1
- TestResults state indicator
- profiling code
- rebased yash to 1.1
- fixed rlAssertLesser
- fixed failed library load name logging
* Fri Jan 15 2021 Dalibor Pospisil dapospis@redhat.com - 1.22-1
- ability to parse fmf id references
- ability the use simpler library name - library(foo), {url: '../foo.git', name: '/'}, meaming the library is n the root folder
- ability put library even deeper in the tree - library(foo/path/to/the/library), {url: '../foo.git', name: '/path/to/the/library'}
- rebased yash to 1.0
- and few more minor fixes
--------------------------------------------------------------------------------
================================================================================
 chromium-88.0.4324.150-1.el7 (FEDORA-EPEL-2021-01679b76db)
 A WebKit (Blink) powered web browser
--------------------------------------------------------------------------------
Update Information:
Update to 88.0.4324.150. Fixes:   CVE-2021-21142 CVE-2021-21143 CVE-2021-21144
CVE-2021-21145 CVE-2021-21146 CVE-2021-21147 CVE-2021-21148  Please keep in mind
that this release fixes an actively exploited 0-day vulnerability.  ----  This
is probably not the update you want.  Let me be clear, it does fix the security
vulnerabilities in this list:  CVE-2020-16044 CVE-2021-21118 CVE-2021-21119
CVE-2021-21120 CVE-2021-21121 CVE-2021-21122 CVE-2021-21123 CVE-2021-21124
CVE-2021-21125 CVE-2021-21126 CVE-2021-21127 CVE-2021-21129 CVE-2021-21130
CVE-2021-21131 CVE-2021-21132 CVE-2021-21133 CVE-2021-21134 CVE-2021-21135
CVE-2021-21136 CVE-2021-21137 CVE-2021-21138 CVE-2021-21139 CVE-2021-21140
CVE-2021-21141 CVE-2021-21117 CVE-2021-21128  But it will not behave like Google
Chrome does.  Google has announced that it is cutting off access to the Sync and
"other Google Exclusive" APIs from all builds except Google Chrome. This will
make the EPEL Chromium build significantly less functional (along with every
other distro packaged Chromium). It is noteworthy that Google _gave_ the
builders of distribution Chromium packages these access rights back in 2013 via
API keys, specifically so that we could have open source builds of Chromium with
(near) feature parity to Chrome. And now they're taking it away. The reasoning
given for this change? Google does not want users to be able to "access their
personal Chrome Sync data (such as bookmarks) ... with a non-Google, Chromium-
based browser." They're not closing a security hole, they're just requiring that
everyone use Chrome.  Or to put it bluntly, they do not want you to access their
Google API functionality without using proprietary software (Google Chrome).
There is no good reason for Google to do this, other than to force people to use
Chrome.  I gave a lot of thought to whether I wanted to continue to maintain the
Chromium package in EPEL, given that many (most?) users will be confused/annoyed
when API functionality like sync and geolocation stops working for no good
reason. Ultimately, I decided to continue for now, because there were at least
some users who didn't mind, and if I stopped, someone else would start over and
run blindly into this problem.  I would say that you might want to reconsider
whether you want to use Chromium or not. If you want the full "Google"
experience, you can run the proprietary Chrome. If you want to use a FOSS
browser that isn't hobbled, there is a Firefox package in whatever EL flavor
you're using.  Oh, last, but not least, Google isn't shutting off the API access
until March 15, 2021, but I have gone ahead and disabled it starting with this
update. I'd rather you read about it here (even though most users will never see
this) than have it just happen.  ----  Update Chromium to 87.0.4280.141.  Fixes:
CVE-2021-21106 CVE-2021-21107 CVE-2021-21108 CVE-2021-21109 CVE-2021-21110
CVE-2021-21111 CVE-2021-21112  CVE-2021-21113 CVE-2020-16043 CVE-2021-21114
CVE-2020-15995 CVE-2021-21115 CVE-2021-21116
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb  5 2021 Tom Callaway spot@fedoraproject.org - 88.0.4234.150-1
- update to 88.0.4234.150
* Tue Feb  2 2021 Tom Callaway spot@fedoraproject.org - 88.0.4234.146-1
- update to 88.0.4234.146
* Tue Feb  2 2021 Tom Callaway spot@fedoraproject.org - 88.0.4234.96-4
- turn on the API key (just the API key, not the client_id or client_secret)
* Tue Jan 26 2021 Fedora Release Engineering releng@fedoraproject.org - 88.0.4324.96-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Mon Jan 25 2021 Tom Callaway spot@fedoraproject.org - 88.0.4324.96-2
- apply fix from Kevin Kofler for new glibc fstat sandbox handling
* Wed Jan 20 2021 Tom Callaway spot@fedoraproject.org - 88.0.4324.96-1
- 88 goes from beta to stable
- disable use of api keys (Google shut off API access)
* Wed Jan 13 2021 Tom Callaway spot@fedoraproject.org
- update to 87.0.4280.141
* Wed Dec 30 2020 Tom Callaway spot@fedoraproject.org - 88.0.4324.50-1
- update to 88.0.4324.50
- drop patches 74 & 75 (applied upstream)
* Thu Dec 17 2020 Tom Callaway spot@fedoraproject.org
- add two patches for missing headers to build with gcc 11
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1913624 - CVE-2021-21106 chromium-browser: Use after free in autofill
        https://bugzilla.redhat.com/show_bug.cgi?id=1913624
  [ 2 ] Bug #1913625 - CVE-2021-21107 chromium-browser: Use after free in drag and drop
        https://bugzilla.redhat.com/show_bug.cgi?id=1913625
  [ 3 ] Bug #1913626 - CVE-2021-21108 chromium-browser: Use after free in media
        https://bugzilla.redhat.com/show_bug.cgi?id=1913626
  [ 4 ] Bug #1913627 - CVE-2021-21109 chromium-browser: Use after free in payments
        https://bugzilla.redhat.com/show_bug.cgi?id=1913627
  [ 5 ] Bug #1913629 - CVE-2021-21110 chromium-browser: Use after free in safe browsing
        https://bugzilla.redhat.com/show_bug.cgi?id=1913629
  [ 6 ] Bug #1913630 - CVE-2021-21111 chromium-browser: Insufficient policy enforcement in WebUI
        https://bugzilla.redhat.com/show_bug.cgi?id=1913630
  [ 7 ] Bug #1913631 - CVE-2021-21112 chromium-browser: Use after free in Blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1913631
  [ 8 ] Bug #1913632 - CVE-2021-21113 chromium-browser: Heap buffer overflow in Skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1913632
  [ 9 ] Bug #1913633 - CVE-2020-16043 chromium-browser: Insufficient data validation in networking
        https://bugzilla.redhat.com/show_bug.cgi?id=1913633
  [ 10 ] Bug #1913634 - CVE-2021-21114 chromium-browser: Use after free in audio
        https://bugzilla.redhat.com/show_bug.cgi?id=1913634
  [ 11 ] Bug #1913635 - CVE-2020-15995 chromium-browser: Out of bounds write in V8
        https://bugzilla.redhat.com/show_bug.cgi?id=1913635
  [ 12 ] Bug #1913636 - CVE-2021-21115 chromium-browser: Use after free in safe browsing
        https://bugzilla.redhat.com/show_bug.cgi?id=1913636
  [ 13 ] Bug #1913637 - CVE-2021-21116 chromium-browser: Heap buffer overflow in audio
        https://bugzilla.redhat.com/show_bug.cgi?id=1913637
  [ 14 ] Bug #1918218 - CVE-2021-21118 chromium-browser: Insufficient data validation in V8
        https://bugzilla.redhat.com/show_bug.cgi?id=1918218
  [ 15 ] Bug #1918219 - CVE-2021-21119 chromium-browser: Use after free in Media
        https://bugzilla.redhat.com/show_bug.cgi?id=1918219
  [ 16 ] Bug #1918220 - CVE-2021-21120 chromium-browser: Use after free in WebSQL
        https://bugzilla.redhat.com/show_bug.cgi?id=1918220
  [ 17 ] Bug #1918222 - CVE-2021-21121 chromium-browser: Use after free in Omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1918222
  [ 18 ] Bug #1918223 - CVE-2021-21122 chromium-browser: Use after free in Blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1918223
  [ 19 ] Bug #1918224 - CVE-2021-21123 chromium-browser: Insufficient data validation in File System API
        https://bugzilla.redhat.com/show_bug.cgi?id=1918224
  [ 20 ] Bug #1918225 - CVE-2021-21124 chromium-browser: Potential user after free in Speech Recognizer
        https://bugzilla.redhat.com/show_bug.cgi?id=1918225
  [ 21 ] Bug #1918226 - CVE-2021-21125 chromium-browser: Insufficient policy enforcement in File System API
        https://bugzilla.redhat.com/show_bug.cgi?id=1918226
  [ 22 ] Bug #1918227 - CVE-2021-21126 chromium-browser: Insufficient policy enforcement in extensions
        https://bugzilla.redhat.com/show_bug.cgi?id=1918227
  [ 23 ] Bug #1918228 - CVE-2021-21127 chromium-browser: Insufficient policy enforcement in extensions
        https://bugzilla.redhat.com/show_bug.cgi?id=1918228
  [ 24 ] Bug #1918229 - CVE-2021-21129 chromium-browser: Insufficient policy enforcement in File System API
        https://bugzilla.redhat.com/show_bug.cgi?id=1918229
  [ 25 ] Bug #1918230 - CVE-2021-21130 chromium-browser: Insufficient policy enforcement in File System API
        https://bugzilla.redhat.com/show_bug.cgi?id=1918230
  [ 26 ] Bug #1918231 - CVE-2021-21131 chromium-browser: Insufficient policy enforcement in File System API
        https://bugzilla.redhat.com/show_bug.cgi?id=1918231
  [ 27 ] Bug #1918232 - CVE-2021-21132 chromium-browser: Inappropriate implementation in DevTools
        https://bugzilla.redhat.com/show_bug.cgi?id=1918232
  [ 28 ] Bug #1918233 - CVE-2021-21133 chromium-browser: Insufficient policy enforcement in Downloads
        https://bugzilla.redhat.com/show_bug.cgi?id=1918233
  [ 29 ] Bug #1918235 - CVE-2021-21134 chromium-browser: Incorrect security UI in Page Info
        https://bugzilla.redhat.com/show_bug.cgi?id=1918235
  [ 30 ] Bug #1918236 - CVE-2021-21135 chromium-browser: Inappropriate implementation in Performance API
        https://bugzilla.redhat.com/show_bug.cgi?id=1918236
  [ 31 ] Bug #1918237 - CVE-2021-21136 chromium-browser: Insufficient policy enforcement in WebView
        https://bugzilla.redhat.com/show_bug.cgi?id=1918237
  [ 32 ] Bug #1918238 - CVE-2021-21137 chromium-browser: Inappropriate implementation in DevTools
        https://bugzilla.redhat.com/show_bug.cgi?id=1918238
  [ 33 ] Bug #1918239 - CVE-2021-21138 chromium-browser: Use after free in DevTools
        https://bugzilla.redhat.com/show_bug.cgi?id=1918239
  [ 34 ] Bug #1918240 - CVE-2021-21139 chromium-browser: Inappropriate implementation in iframe sandbox
        https://bugzilla.redhat.com/show_bug.cgi?id=1918240
  [ 35 ] Bug #1918241 - CVE-2021-21140 chromium-browser: Uninitialized Use in USB
        https://bugzilla.redhat.com/show_bug.cgi?id=1918241
  [ 36 ] Bug #1918242 - CVE-2021-21141 chromium-browser: Insufficient policy enforcement in File System API
        https://bugzilla.redhat.com/show_bug.cgi?id=1918242
  [ 37 ] Bug #1924892 - CVE-2021-21143 chromium-browser: Heap buffer overflow in Extensions
        https://bugzilla.redhat.com/show_bug.cgi?id=1924892
  [ 38 ] Bug #1924893 - CVE-2021-21144 chromium-browser: Heap buffer overflow in Tab Groups
        https://bugzilla.redhat.com/show_bug.cgi?id=1924893
  [ 39 ] Bug #1924894 - CVE-2021-21145 chromium-browser: Use after free in Fonts
        https://bugzilla.redhat.com/show_bug.cgi?id=1924894
  [ 40 ] Bug #1924895 - CVE-2021-21146 chromium-browser: Use after free in Navigation
        https://bugzilla.redhat.com/show_bug.cgi?id=1924895
  [ 41 ] Bug #1924896 - CVE-2021-21147 chromium-browser: Inappropriate implementation in Skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1924896
  [ 42 ] Bug #1925434 - CVE-2021-21148 chromium-browser: Heap buffer overflow in V8
        https://bugzilla.redhat.com/show_bug.cgi?id=1925434
--------------------------------------------------------------------------------
================================================================================
 distribution-gpg-keys-1.48-1.el7 (FEDORA-EPEL-2021-61596a37bc)
 GPG keys of various Linux distributions
--------------------------------------------------------------------------------
Update Information:
GPG keys and mock configuration for Fedora 34 after branching  ----  - Add
Mageia 8 stable release configs (ngompa13@gmail.com) - Update Mageia Cauldron
configuration for Mageia 9 (ngompa13@gmail.com) - add RHEL 6 x86_64
configuration
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb  5 2021 Miroslav Such�� msuchy@redhat.com 1.48-1
- add Fedora 35
- update copr keys
--------------------------------------------------------------------------------
================================================================================
 java-latest-openjdk-15.0.2.0.7-0.rolling.el7 (FEDORA-EPEL-2021-ffcd06ffb6)
 OpenJDK 15 Runtime Environment
--------------------------------------------------------------------------------
Update Information:
January CPU update
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 22 2021 Andrew Hughes gnu.andrew@redhat.com - 1:15.0.2.0.7-0.rolling
- Update to jdk-15.0.2.0+7
- Add release notes for 15.0.1.0 & 15.0.2.0
- Use JEP-322 Time-Based Versioning so we can handle a future 11.0.9.1-like release correctly.
- Still use 15.0.x rather than 15.0.x.0 for file naming, as the trailing zero is omitted from tags.
- Cleanup debug package descriptions and version number placement.
- Remove unused patch files.
* Tue Jan 19 2021 Andrew Hughes gnu.andrew@redhat.com - 1:15.0.1.9-10.rolling
- Use -march=i686 for x86 builds if -fcf-protection is detected (needs CMOV)
* Tue Dec 22 2020 Jiri Vanek jvanek@redhat.com - 1:15.0.1.9-9.rolling
- fixed missing condition for fastdebug packages being counted as debug ones
* Sat Dec 19 2020 Jiri Vanek jvanek@redhat.com - 1:15.0.1.9-8.rolling
- removed lib-style provides for fastdebug_suffix_unquoted
* Sat Dec 19 2020 Jiri Vanek jvanek@redhat.com - 1:15.0.1.9-6.rolling
- many cosmetic changes taken from more maintained jdk11
- introduced debug_arches, bootstrap_arches, systemtap_arches, fastdebug_arches, sa_arches, share_arches, shenandoah_arches, zgc_arches 
  instead of various hardcoded ifarches
- updated systemtap
- added requires excludes for debug pkgs
- removed redundant logic around jsa files
- added runtime requires of lksctp-tools and libXcomposite%
- added and used Source15 TestSecurityProperties.java, but is made always positive as jdk15 now does not honor system policies
- s390x excluded form fastdebug build
* Thu Dec 17 2020 Andrew Hughes gnu.andrew@redhat.com - 1:15.0.1.9-5.rolling
- introduced nm based check to verify alt-java on x86_64 is patched, and no other alt-java or java is patched
- patch600 rh1750419-redhat_alt_java.patch amended to die, if it is used wrongly
- introduced ssbd_arches with currently only valid arch of x86_64 to separate real alt-java architectures
* Wed Dec  9 2020 Jiri Vanek jvanek@redhat.com - 1:15.0.1.9-4.rolling
- moved wrongly placed licenses to accompany other ones
- this bad placement was killng parallel-installability and thus having bad impact to leapp if used
* Tue Dec  1 2020 Jiri Vanek jvanek@redhat.com - 1:15.0.1.9-3.rolling
- added patch600, rh1750419-redhat_alt_java.patch, suprassing removed patch
- no longer copying of java->alt-java as it is created by  patch600
* Mon Nov 23 2020 Jiri Vanek jvanek@redhat.com - 1:15.0.1.9-2.rolling
- Create a copy of java as alt-java with alternatives and man pages
- java-11-openjdk doesn't have a JRE tree, so don't try and copy alt-java there...
* Sun Oct 25 2020 Petra Alice Mikova pmikova@redhat.com - 1:15.0.1.9-1.rolling
- updated to October CPU 2020 sources
* Thu Oct 22 2020 Severin Gehwolf sgehwolf@redhat.com - 1:15.0.0.36-4.rolling
- Fix directory ownership of -static-libs sub-package.
* Fri Oct  9 2020 Jiri Vanek jvanek@redhat.com - 1:15.0.0.36-3.rolling
- Build static-libs-image and add resulting files via -static-libs sub-package.
- Disable stripping of debug symbols for static libraries part of the -static-libs sub-package.
- JDK-8245832 increases the set of static libraries, so try and include them all with a wildcard.
- Update static-libs packaging to new layout
* Mon Sep 21 2020 Petra Alice Mikova pmikova@redhat.com - 1:15.0.0.36-2.rolling
- Add support for fastdebug builds on 64 bit architectures
* Tue Sep 15 2020 Severin Gehwolf sgehwolf@redhat.com - 1:15.0.0.36-1.rolling
- Remove EA designation
- Re-generate sources with PR3803 patch
* Mon Aug 31 2020 Petra Alice Mikova pmikova@redhat.com - 1:15.0.0.36-0.1.ea.rolling
- Update to jdk 15.0.0.36 tag
- Modify rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch
- Update vendor version string to 20.9
- jjs removed from packaging after JEP 372: Nashorn removal
- rmic removed from packaging after JDK-8225319
- moved to build by devtoolset-8 scl, as gcc in epel7 is to old: https://bugs.openjdk.java.net/browse/JDK-8249140
--------------------------------------------------------------------------------
================================================================================
 libburn1-1.5.4-1.el7 (FEDORA-EPEL-2021-cd67d1e18c)
 Library for reading, mastering and writing optical discs
--------------------------------------------------------------------------------
Update Information:
libisofs 1.5.4 ==============    * Bug fix: Large amounts of AAIP data or many
long file names could cause with zisofs an unreadable filesystem after the
warning "Calculated and written ECMA-119 tree end differ"   * Bug fix: Big-
Endian MIPS Volume Header boot file size was rounded up to full 2048   * Bug
fix: El Torito production failed if no catalog path is given and the first boot
image path contains no slash   * Bug fix: zisofs production was wrong on big-
endian machines   * Bug fix: Apple Partition Map entries wrote uninitialized
data   * Bug fix: Appended APM partitions without HFS+ production had start and
size 1   * Switched to usage of libjte-2.0.0   * Implemented production and
reading of zisofs2 for files larger than 4 GiB - 1.   * New `struct
iso_zisofs_ctrl` version 2   * New API call `iso_stream_get_zisofs_par()`   *
New API call `iso_stream_zisofs_discard_bpt()`   * New API call
`iso_image_zisofs_discard_bpt()`   * New flag bits 8 to 15 in API call
`iso_node_zf_by_magic()`   * New API call `iso_zisofs_ctrl_susp_z2()`   * New
API call `iso_read_opts_set_joliet_map()`, new default joliet_map=stripped   *
New API calls `iso_read_image_features_tree_loaded()` and
`iso_read_image_features_rr_loaded()`   libburn 1.5.4 =============    * Bug
fix: Early SCSI commands from `sg-linux.c` were not logged   * New API call
`burn_drive_set_speed_exact()`   * New API call `burn_nominal_slowdown()`
libisoburn 1.5.4 ================    * Bug fix: `-report_system_area as_mkisofs`
misrepresented GPT with appended partition and forced boot flag as
`-part_like_isohybrid`   * Bug fix: Boot catalog could get a wrong name if
`cat_path=` is explicitely given but not containing a slash character   * New
helper script `xorriso-dd-target`   * New command `-truncate_overwritable`   *
Switched to usage of libjte-2.0.0   * New `-jigdo` parameters
`checksum_algorithm`, `demand_checksum`, `-checksum-list`   * New `-as mkisofs`
options `-jigdo-checksum-algorithm`, `-checksum-list`, `-jigdo-force-checksum`
* New `-read_speed` prefixes `soft_force:` and `soft_corr:`   * New
`-check_media` option `data_to="-"` for standard output   * New `-zisofs`
parameters `version_2=`, `block_size_v2=`, `max_bpt=`, `max_bpt_f=`,
`bpt_target=`, `bpt_free_ratio=`, `by_magic=v2`, `susp_z2=`   * New `-as
mkisofs` options `--zisofs-version-2`, `--zisofs2-susp-z2`, `--zisofs2-susp-zf`
* Enabled recognition of zisofs by magic without zlib support   * New `-osirrox`
option `sparse=` controls extraction into sparse files   * New libisoburn
extension options `isoburn_ropt_map_joliet_stripped` and
`isoburn_ropt_map_joliet_unmapped`   * New command `-joliet_map`   * New command
`-extract_boot_images`   * New API call `isoburn_ropt_get_tree_loaded()`
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb  8 2021 Robert Scheck robert@fedoraproject.org 1.5.4-1
- Upgrade to 1.5.4 (#1926008)
* Tue Jan 26 2021 Fedora Release Engineering releng@fedoraproject.org - 1.5.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1926005 - libisoburn-1.5.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1926005
  [ 2 ] Bug #1926007 - libisofs-1.5.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1926007
  [ 3 ] Bug #1926008 - libburn-1.5.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1926008
--------------------------------------------------------------------------------
================================================================================
 libisoburn-1.5.4-1.el7 (FEDORA-EPEL-2021-cd67d1e18c)
 Library to enable creation and expansion of ISO-9660 filesystems
--------------------------------------------------------------------------------
Update Information:
libisofs 1.5.4 ==============    * Bug fix: Large amounts of AAIP data or many
long file names could cause with zisofs an unreadable filesystem after the
warning "Calculated and written ECMA-119 tree end differ"   * Bug fix: Big-
Endian MIPS Volume Header boot file size was rounded up to full 2048   * Bug
fix: El Torito production failed if no catalog path is given and the first boot
image path contains no slash   * Bug fix: zisofs production was wrong on big-
endian machines   * Bug fix: Apple Partition Map entries wrote uninitialized
data   * Bug fix: Appended APM partitions without HFS+ production had start and
size 1   * Switched to usage of libjte-2.0.0   * Implemented production and
reading of zisofs2 for files larger than 4 GiB - 1.   * New `struct
iso_zisofs_ctrl` version 2   * New API call `iso_stream_get_zisofs_par()`   *
New API call `iso_stream_zisofs_discard_bpt()`   * New API call
`iso_image_zisofs_discard_bpt()`   * New flag bits 8 to 15 in API call
`iso_node_zf_by_magic()`   * New API call `iso_zisofs_ctrl_susp_z2()`   * New
API call `iso_read_opts_set_joliet_map()`, new default joliet_map=stripped   *
New API calls `iso_read_image_features_tree_loaded()` and
`iso_read_image_features_rr_loaded()`   libburn 1.5.4 =============    * Bug
fix: Early SCSI commands from `sg-linux.c` were not logged   * New API call
`burn_drive_set_speed_exact()`   * New API call `burn_nominal_slowdown()`
libisoburn 1.5.4 ================    * Bug fix: `-report_system_area as_mkisofs`
misrepresented GPT with appended partition and forced boot flag as
`-part_like_isohybrid`   * Bug fix: Boot catalog could get a wrong name if
`cat_path=` is explicitely given but not containing a slash character   * New
helper script `xorriso-dd-target`   * New command `-truncate_overwritable`   *
Switched to usage of libjte-2.0.0   * New `-jigdo` parameters
`checksum_algorithm`, `demand_checksum`, `-checksum-list`   * New `-as mkisofs`
options `-jigdo-checksum-algorithm`, `-checksum-list`, `-jigdo-force-checksum`
* New `-read_speed` prefixes `soft_force:` and `soft_corr:`   * New
`-check_media` option `data_to="-"` for standard output   * New `-zisofs`
parameters `version_2=`, `block_size_v2=`, `max_bpt=`, `max_bpt_f=`,
`bpt_target=`, `bpt_free_ratio=`, `by_magic=v2`, `susp_z2=`   * New `-as
mkisofs` options `--zisofs-version-2`, `--zisofs2-susp-z2`, `--zisofs2-susp-zf`
* Enabled recognition of zisofs by magic without zlib support   * New `-osirrox`
option `sparse=` controls extraction into sparse files   * New libisoburn
extension options `isoburn_ropt_map_joliet_stripped` and
`isoburn_ropt_map_joliet_unmapped`   * New command `-joliet_map`   * New command
`-extract_boot_images`   * New API call `isoburn_ropt_get_tree_loaded()`
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb  8 2021 Robert Scheck robert@fedoraproject.org 1.5.4-1
- Upgrade to 1.5.4 (#1926005)
* Tue Jan 26 2021 Fedora Release Engineering releng@fedoraproject.org - 1.5.2-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Mon Dec 28 2020 Robert Scheck robert@fedoraproject.org 1.5.2-5
- Don't ship API docs twice (devel and doc subpackages)
- Reworked spec file to build libisoburn1 for RHEL >= 8
* Mon Sep 28 2020 Troy Dawson tdawson@redhat.com - 1.5.2-4
- No kde or kf5 filesystem for RHEL 8 or above.
* Tue Jul 28 2020 Fedora Release Engineering releng@fedoraproject.org - 1.5.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jan 29 2020 Fedora Release Engineering releng@fedoraproject.org - 1.5.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1926005 - libisoburn-1.5.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1926005
  [ 2 ] Bug #1926007 - libisofs-1.5.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1926007
  [ 3 ] Bug #1926008 - libburn-1.5.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1926008
--------------------------------------------------------------------------------
================================================================================
 libisofs1-1.5.4-1.el7 (FEDORA-EPEL-2021-cd67d1e18c)
 Library to create ISO 9660 disk images
--------------------------------------------------------------------------------
Update Information:
libisofs 1.5.4 ==============    * Bug fix: Large amounts of AAIP data or many
long file names could cause with zisofs an unreadable filesystem after the
warning "Calculated and written ECMA-119 tree end differ"   * Bug fix: Big-
Endian MIPS Volume Header boot file size was rounded up to full 2048   * Bug
fix: El Torito production failed if no catalog path is given and the first boot
image path contains no slash   * Bug fix: zisofs production was wrong on big-
endian machines   * Bug fix: Apple Partition Map entries wrote uninitialized
data   * Bug fix: Appended APM partitions without HFS+ production had start and
size 1   * Switched to usage of libjte-2.0.0   * Implemented production and
reading of zisofs2 for files larger than 4 GiB - 1.   * New `struct
iso_zisofs_ctrl` version 2   * New API call `iso_stream_get_zisofs_par()`   *
New API call `iso_stream_zisofs_discard_bpt()`   * New API call
`iso_image_zisofs_discard_bpt()`   * New flag bits 8 to 15 in API call
`iso_node_zf_by_magic()`   * New API call `iso_zisofs_ctrl_susp_z2()`   * New
API call `iso_read_opts_set_joliet_map()`, new default joliet_map=stripped   *
New API calls `iso_read_image_features_tree_loaded()` and
`iso_read_image_features_rr_loaded()`   libburn 1.5.4 =============    * Bug
fix: Early SCSI commands from `sg-linux.c` were not logged   * New API call
`burn_drive_set_speed_exact()`   * New API call `burn_nominal_slowdown()`
libisoburn 1.5.4 ================    * Bug fix: `-report_system_area as_mkisofs`
misrepresented GPT with appended partition and forced boot flag as
`-part_like_isohybrid`   * Bug fix: Boot catalog could get a wrong name if
`cat_path=` is explicitely given but not containing a slash character   * New
helper script `xorriso-dd-target`   * New command `-truncate_overwritable`   *
Switched to usage of libjte-2.0.0   * New `-jigdo` parameters
`checksum_algorithm`, `demand_checksum`, `-checksum-list`   * New `-as mkisofs`
options `-jigdo-checksum-algorithm`, `-checksum-list`, `-jigdo-force-checksum`
* New `-read_speed` prefixes `soft_force:` and `soft_corr:`   * New
`-check_media` option `data_to="-"` for standard output   * New `-zisofs`
parameters `version_2=`, `block_size_v2=`, `max_bpt=`, `max_bpt_f=`,
`bpt_target=`, `bpt_free_ratio=`, `by_magic=v2`, `susp_z2=`   * New `-as
mkisofs` options `--zisofs-version-2`, `--zisofs2-susp-z2`, `--zisofs2-susp-zf`
* Enabled recognition of zisofs by magic without zlib support   * New `-osirrox`
option `sparse=` controls extraction into sparse files   * New libisoburn
extension options `isoburn_ropt_map_joliet_stripped` and
`isoburn_ropt_map_joliet_unmapped`   * New command `-joliet_map`   * New command
`-extract_boot_images`   * New API call `isoburn_ropt_get_tree_loaded()`
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb  8 2021 Robert Scheck robert@fedoraproject.org 1.5.4-1
- Upgrade to 1.5.4 (#1926007)
* Tue Jan 26 2021 Fedora Release Engineering releng@fedoraproject.org - 1.5.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Jul 28 2020 Fedora Release Engineering releng@fedoraproject.org - 1.5.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jan 29 2020 Fedora Release Engineering releng@fedoraproject.org - 1.5.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1926005 - libisoburn-1.5.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1926005
  [ 2 ] Bug #1926007 - libisofs-1.5.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1926007
  [ 3 ] Bug #1926008 - libburn-1.5.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1926008
--------------------------------------------------------------------------------
================================================================================
 mock-core-configs-34-1.el7 (FEDORA-EPEL-2021-61596a37bc)
 Mock core config files basic chroots
--------------------------------------------------------------------------------
Update Information:
GPG keys and mock configuration for Fedora 34 after branching  ----  - Add
Mageia 8 stable release configs (ngompa13@gmail.com) - Update Mageia Cauldron
configuration for Mageia 9 (ngompa13@gmail.com) - add RHEL 6 x86_64
configuration
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb  8 2021 Pavel Raiskup praiskup@redhat.com 34-1
- add fedora 34 configs (msuchy@redhat.com)
- require distribution-gpg-keys with F35 keys (msuchy@redhat.com)
- make F35 symlink to rawhide (msuchy@redhat.com)
- Rename centos-stream centos-stream-8 (orion@nwra.com)
* Tue Feb  2 2021 Pavel Raiskup praiskup@redhat.com 33.6-1
- Add Mageia 8 stable release configs (ngompa13@gmail.com)
- Update Mageia Cauldron configuration for Mageia 9 (ngompa13@gmail.com)
- add RHEL 6 x86_64 configuration
--------------------------------------------------------------------------------
================================================================================
 openkim-models-2021.01.28-5.el7 (FEDORA-EPEL-2021-2c5ba52ed9)
 Open Knowledgebase of Interatomic Models
--------------------------------------------------------------------------------
Update Information:
Update to 2021.01.28
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb  4 2021 Ryan S. Elliott relliott@umn.edu - 2021.01.28-5
- Adjust spec again
* Thu Feb  4 2021 Ryan S. Elliott relliott@umn.edu - 2021.01.28-4
- Adjust spec again
* Thu Feb  4 2021 Ryan S. Elliott relliott@umn.edu - 2021.01.28-3
- Adjust spec again
* Tue Feb  2 2021 Ryan S. Elliott relliott@umn.edu - 2021.01.28-2
- Adjust spec
* Mon Feb  1 2021 Ryan S. Elliott relliott@umn.edu - 2021.01.28-1
- Version bump to 2021.01.28
* Tue Jan 26 2021 Fedora Release Engineering releng@fedoraproject.org - 2019.07.25-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Aug  4 2020 Christoph Junghans junghans@votca.org - 2019.07.25-4
- Fix out-of-source build on F33 (bug#1865159)
* Sat Aug  1 2020 Fedora Release Engineering releng@fedoraproject.org - 2019.07.25-3
- Second attempt - Rebuilt for
  https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jul 28 2020 Fedora Release Engineering releng@fedoraproject.org - 2019.07.25-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
 wdiff-1.2.2-19.el7 (FEDORA-EPEL-2021-be6f523cca)
 Compare files on a word per word basis
--------------------------------------------------------------------------------
Update Information:
Improve summary and description text; build HTML and PDF versions of the
documentation; fix License metadata; ensure termcap/curses support is available;
properly install license file; various packaging improvements.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb  8 2021 Benjamin A. Beasley code@musicinmybrain.net - 1.2.2-19
- Work around no ���install -D��� support in EPEL7
* Mon Feb  8 2021 Benjamin A. Beasley code@musicinmybrain.net - 1.2.2-18
- Improve summary and description text
- Build HTML and PDF versions of the documentation
- Add Latex2e to License field
* Sun Feb  7 2021 Benjamin A. Beasley code@musicinmybrain.net - 1.2.2-17
- Change URLs from HTTP to HTTPS
- Add source file signature verification
- Use %make_build and %make_install macros
- Reformatting and minor changes for personal style preference
- Fix man page glob
- Use less broad globs
- Add ABOUT-NLS, BACKLOG, and THANKS as %doc files
- Rebuild configure script at build time
- Add a %check section and run the tests
- Add ncurses-devel BR for termcap/curses support
- Add missing BR on gcc
- Rebuild man pages in RPM build
- Properly install license file (COPYING)
* Wed Jan 27 2021 Fedora Release Engineering releng@fedoraproject.org - 1.2.2-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Jul 29 2020 Fedora Release Engineering releng@fedoraproject.org - 1.2.2-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri Jan 31 2020 Fedora Release Engineering releng@fedoraproject.org - 1.2.2-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Sat Jul 27 2019 Fedora Release Engineering releng@fedoraproject.org - 1.2.2-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Wed Apr 24 2019 Bj��rn Esser besser82@fedoraproject.org - 1.2.2-12
- Remove hardcoded gzip suffix from GNU info pages
* Sun Feb  3 2019 Fedora Release Engineering releng@fedoraproject.org - 1.2.2-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Sat Jul 14 2018 Fedora Release Engineering releng@fedoraproject.org - 1.2.2-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Feb  9 2018 Fedora Release Engineering releng@fedoraproject.org - 1.2.2-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Thu Aug  3 2017 Fedora Release Engineering releng@fedoraproject.org - 1.2.2-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Thu Jul 27 2017 Fedora Release Engineering releng@fedoraproject.org - 1.2.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Sat Feb 11 2017 Fedora Release Engineering releng@fedoraproject.org - 1.2.2-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Fri Feb  5 2016 Fedora Release Engineering releng@fedoraproject.org - 1.2.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Fri Jun 19 2015 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.2.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
--------------------------------------------------------------------------------