Fedora EPEL 7 Update: sec-2.9.0-1.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2021-50f7bdb3cf
2021-05-29 00:37:40.425905
--------------------------------------------------------------------------------
Name : sec
Product : Fedora EPEL 7
Version : 2.9.0
Release : 1.el7
URL : https://simple-evcorr.github.io/
Summary : Simple Event Correlator script to filter log file entries
Description :
SEC is a simple event correlation tool that reads lines from files, named
pipes, or standard input, and matches the lines with regular expressions,
Perl subroutines, and other patterns for recognizing input events.
Events are then correlated according to the rules in configuration files,
producing output events by executing user-specified shell commands, by
writing messages to pipes or files, etc.
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 13 2021 Stefan Schulze Frielinghaus <stefansf(a)fedoraproject.org> - 2.9.0-1
- New upstream release
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update sec' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
2 years, 11 months
Fedora EPEL 7 Update: configsnap-0.20.1-1.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2021-b5c3437e7e
2021-05-29 00:37:40.425848
--------------------------------------------------------------------------------
Name : configsnap
Product : Fedora EPEL 7
Version : 0.20.1
Release : 1.el7
URL : https://github.com/rackerlabs/configsnap
Summary : Record and compare system state
Description :
configsnap records important system state information and can optionally compare
with a previous state and identify changes
--------------------------------------------------------------------------------
Update Information:
Update python binary for python3 based distros ---- Port configsnap to python3
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 12 2021 Christos Triantafyllidis <christos.triantafyllidis(a)rackspace.co.uk> - 0.20.1-1
- Update python binary for python3 based distros
* Fri May 7 2021 Nick Rhodes <nrhodes91(a)gmail.com> - 0.20.0-3
- Fix build issues in Koji
* Fri May 7 2021 Nick Rhodes <nrhodes91(a)gmail.com> - 0.20.0-1
- Port to python3 compatibility (PR 120)
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update configsnap' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
2 years, 11 months
Fedora EPEL 8 Update: tkrzw-0.9.16-1.el8
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2021-0f1c6f1360
2021-05-29 00:32:20.040223
--------------------------------------------------------------------------------
Name : tkrzw
Product : Fedora EPEL 8
Version : 0.9.16
Release : 1.el8
URL : https://dbmx.net/tkrzw/
Summary : A straightforward implementation of DBM
Description :
Tkrzw is a C++ library implementing DBM with various algorithms. It features
high degrees of performance, concurrency and durability.
--------------------------------------------------------------------------------
Update Information:
Version bump ---- Version bump
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 14 2021 TI_Eugene <ti.eugene(a)gmail.com> - 0.9.16-1
- Version bump
- el8 workaround (gcc10) removed
- 'make check' enabled again
* Tue May 11 2021 TI_Eugene <ti.eugene(a)gmail.com> - 0.9.15-1
- Version bump
- Added gcc10 as required for el8
- x32 enabled (#1920195)
- 'make check' temporary disabled
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update tkrzw' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
2 years, 11 months
Fedora EPEL 8 Update: knot-3.0.6-1.el8
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2021-9d2cc0872e
2021-05-29 00:32:20.040214
--------------------------------------------------------------------------------
Name : knot
Product : Fedora EPEL 8
Version : 3.0.6
Release : 1.el8
URL : https://www.knot-dns.cz
Summary : High-performance authoritative DNS server
Description :
Knot DNS is a high-performance authoritative DNS server implementation.
--------------------------------------------------------------------------------
Update Information:
Update to upstream 3.0.6
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 14 2021 Jakub Ru��i��ka <jakub.ruzicka(a)nic.cz> - 3.0.6-1
- Update to 3.0.6
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update knot' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
2 years, 11 months
Fedora EPEL 8 Update: ipmctl-02.00.00.3878-1.el8
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2021-fbc5044dff
2021-05-29 00:32:20.040206
--------------------------------------------------------------------------------
Name : ipmctl
Product : Fedora EPEL 8
Version : 02.00.00.3878
Release : 1.el8
URL : https://github.com/intel/ipmctl
Summary : Utility for managing Intel Optane DC persistent memory modules
Description :
Utility for managing Intel Optane DC persistent memory modules
Supports functionality to:
Discover DCPMMs on the platform.
Provision the platform memory configuration.
View and update the firmware on DCPMMs.
Configure data-at-rest security on DCPMMs.
Track health and performance of DCPMMs.
Debug and troubleshoot DCPMMs.
--------------------------------------------------------------------------------
Update Information:
Update to release v02.00.00.3878
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 13 2021 Steven Pontsler <steven.pontsler(a)intel.com> - 02.00.00.3878-1
- Release 02.00.00.3878
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update ipmctl' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
2 years, 11 months
Fedora EPEL 8 Update: python-pefile-2021.5.13-1.el8
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2021-f96ec82462
2021-05-29 00:32:20.040197
--------------------------------------------------------------------------------
Name : python-pefile
Product : Fedora EPEL 8
Version : 2021.5.13
Release : 1.el8
URL : https://github.com/erocarrera/pefile
Summary : Python module for working with Portable Executable files
Description :
pefile is a multi-platform Python module to read and work with Portable
Executable (aka PE) files. Most of the information in the PE Header is
accessible, as well as all the sections, section's information and data.
pefile requires some basic understanding of the layout of a PE file. Armed
with it it's possible to explore nearly every single feature of the file.
Some of the tasks that pefile makes possible are:
* Modifying and writing back to the PE image
* Header Inspection
* Sections analysis
* Retrieving data
* Warnings for suspicious and malformed values
* Packer detection with PEiD���s signatures
* PEiD signature generation
--------------------------------------------------------------------------------
Update Information:
bump to version 2021.5.13
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 13 2021 Michal Ambroz <rebus _AT seznam.cz> - 2021.5.13-1
- bump to version 2021.5.13
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1960414 - python-pefile-2021.5.13 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1960414
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update python-pefile' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
2 years, 11 months
Fedora EPEL 8 Update: drbd-9.17.0-1.el8
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2021-df31e47d8f
2021-05-29 00:32:20.040187
--------------------------------------------------------------------------------
Name : drbd
Product : Fedora EPEL 8
Version : 9.17.0
Release : 1.el8
URL : http://www.drbd.org/
Summary : DRBD user-land tools and scripts
Description :
DRBD refers to block devices designed as a building block to form high
availability (HA) clusters. This is done by mirroring a whole block device
via an assigned network. DRBD can be understood as network based raid-1.
This is a virtual package, installing the full user-land suite.
--------------------------------------------------------------------------------
Update Information:
Upstream release of 9.17.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 13 2021 Peter Hanecak <hany(a)hany.sk> - 9.17.0-1
- Upstream release of 9.17.0
- fixed permission for tmpfiles.d/drbd.conf
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1953557 - drbd-9.17.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1953557
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update drbd' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
2 years, 11 months
Fedora EPEL 8 Update: mingw-libidn2-2.3.1-1.el8
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2021-6b16d7928c
2021-05-29 00:32:20.040178
--------------------------------------------------------------------------------
Name : mingw-libidn2
Product : Fedora EPEL 8
Version : 2.3.1
Release : 1.el8
URL : https://www.gnu.org/software/libidn/#libidn2
Summary : MinGW Windows Internationalized Domain Name 2008 support library
Description :
Libidn2 is an implementation of the IDNA2008 specifications in RFC
5890, 5891, 5892, 5893 and TR46 for internationalized domain names
(IDN). It is a standalone library, without any dependency on libidn.
--------------------------------------------------------------------------------
Update Information:
Libidn2 2.3.1 (released 2021-05-12) =================================== *
Implement full roundtrip for lookup functionality With TR64 enabled
(default), `������i` was converted to `xn-- o-oia59s`. The output contains an
illegal space and thus could not be decoded any more. * Fix domain too long
error * doc: `idn2.1` and `libidn2.texi` automatically get `idn2 --help`
output. * Updated gnulib files and various build fixes. In particular,
it no longer attempts to detect a host CC compiler.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 12 2021 Robert Scheck <robert(a)fedoraproject.org> 2.3.1-1
- Upgrade to 2.3.1 (#1960007)
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.3.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Jul 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.3.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jan 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.3.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1960007 - mingw-libidn2-2.3.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1960007
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update mingw-libidn2' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
2 years, 11 months
[SECURITY] Fedora EPEL 8 Update: prosody-0.11.9-1.el8
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2021-86c73cc3af
2021-05-29 00:32:20.040168
--------------------------------------------------------------------------------
Name : prosody
Product : Fedora EPEL 8
Version : 0.11.9
Release : 1.el8
URL : https://prosody.im/
Summary : Flexible communications server for Jabber/XMPP
Description :
Prosody is a flexible communications server for Jabber/XMPP written in Lua.
It aims to be easy to use, and light on resources. For developers it aims
to be easy to extend and give a flexible system on which to rapidly develop
added functionality, or prototype new protocols.
--------------------------------------------------------------------------------
Update Information:
Prosody 0.11.9 ============== This release addresses a number of important
security issues that affect most deployments of Prosody. Full details are
available in a separate security advisory. Upstream recommends that all
deployments upgrade or apply the mitigations described in the advisory:
https://prosody.im/security/advisory_20210512/ Note: Upstream updated the
default config file. DNF or RPM will create a
`/etc/prosody/prosody.cfg.lua.rpmnew` file, so make sure you update your
existing `/etc/prosody/prosody.cfg.lua` to enable mod_limits after the upgrade.
Security -------- * mod_limits, prosody.cfg.lua: Enable rate limits by
default * certmanager: Disable renegotiation by default * mod_proxy65:
Restrict access to local c2s connections by default * util.startup: Set more
aggressive defaults for GC * mod_c2s, mod_s2s, mod_component, mod_bosh,
mod_websockets: Set default stanza size limits *
mod_auth_internal_{plain,hashed}: Use constant-time string comparison for
secrets * mod_dialback: Remove dialback-without-dialback feature *
mod_dialback: Use constant-time comparison with hmac Minor changes
------------- * util.hashes: Add constant-time string comparison (binding to
`CRYPTO_memcmp`) * mod_c2s: Don���t throw errors in async code when connections
are gone * mod_c2s: Fix traceback in session close when conn is nil *
core.certmanager: Improve detection of LuaSec/OpenSSL capabilities *
mod_saslauth: Use a defined SASL error * MUC: Add support for advertising
muc#roomconfig_allowinvites in room disco#info * mod_saslauth: Don���t throw
errors in async code when connections are gone * mod_pep: Advertise base
pubsub feature (fixes #1632: mod_pep missing pubsub feature in disco) *
prosodyctl check config: Add `gc` to list of global options * prosodyctl
about: Report libexpat version if known * util.xmppstream: Add API to
dynamically configure the stanza size limit for a stream * util.set: Add
`is_set()` to test if an object is a set * mod_http: Skip IP resolution in
non-proxied case * mod_c2s: Log about missing conn on async state changes *
util.xmppstream: Reduce internal default xmppstream limit to 1MB
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 13 2021 Robert Scheck <robert(a)fedoraproject.org> 0.11.9-1
- Upgrade to 0.11.9 (#1960244, #1960332, #1960335, #1960340,
* Fri Apr 30 2021 Robert Scheck <robert(a)fedoraproject.org> 0.11.8-4
- Added upstream patch to avoid '-Wl,--as-needed' removing linking
to libpthread when building with current libicu (#1954178)
* Tue Mar 2 2021 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 0.11.8-3
- Rebuilt for updated systemd-rpm-macros
See https://pagure.io/fesco/issue/2583.
* Fri Feb 26 2021 Robert Scheck <robert(a)fedoraproject.org> 0.11.8-2
- Added upstream patch to unbreak Lua 5.4 support (#1933063)
- Added %check to run some common commands (as a small testsuite)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1960332 - CVE-2021-32917 prosody: use of mod_proxy65 is unrestricted in default configuration
https://bugzilla.redhat.com/show_bug.cgi?id=1960332
[ 2 ] Bug #1960335 - CVE-2021-32918 prosody: DoS via insufficient memory consumption controls
https://bugzilla.redhat.com/show_bug.cgi?id=1960335
[ 3 ] Bug #1960340 - CVE-2021-32919 prosody: undocumented dialback-without-dialback option insecure
https://bugzilla.redhat.com/show_bug.cgi?id=1960340
[ 4 ] Bug #1960343 - CVE-2021-32920 prosody: DoS via repeated TLS renegotiation causing excessive CPU consumption
https://bugzilla.redhat.com/show_bug.cgi?id=1960343
[ 5 ] Bug #1960349 - CVE-2021-32921 prosody: use of timing-dependent string comparison with sensitive values
https://bugzilla.redhat.com/show_bug.cgi?id=1960349
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update prosody' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
2 years, 11 months
Fedora EPEL 8 Update: sec-2.9.0-1.el8
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2021-32d3ea7c89
2021-05-29 00:32:20.040156
--------------------------------------------------------------------------------
Name : sec
Product : Fedora EPEL 8
Version : 2.9.0
Release : 1.el8
URL : https://simple-evcorr.github.io/
Summary : Simple Event Correlator script to filter log file entries
Description :
SEC is a simple event correlation tool that reads lines from files, named
pipes, or standard input, and matches the lines with regular expressions,
Perl subroutines, and other patterns for recognizing input events.
Events are then correlated according to the rules in configuration files,
producing output events by executing user-specified shell commands, by
writing messages to pipes or files, etc.
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 13 2021 Stefan Schulze Frielinghaus <stefansf(a)fedoraproject.org> - 2.9.0-1
- New upstream release
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update sec' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
2 years, 11 months