This email proposes upgrading the llhttp package in EPEL9 from 6.0.10 to
8.1.1, which would break the ABI and bump the SONAME version, under the
EPEL Incompatible Upgrades Policy[1].
The llhttp package is a C library (transpiled from TypeScript) that
provides the low-level HTTP support for NodeJS and for python-aiohttp.
Currently, only python-aiohttp depends on the llhttp package in EPEL9.
Versions of llhttp prior to 8.1.1 are affected by CVE-2023-30589[2], an
HTTP request smuggling vulnerability rated 7.7 HIGH in CVSS v3 and rated
Moderate by Red Hat. The GitHub advisory for llhttp is
GHSA-cggh-pq45-6h9x[3]; the advisory for python-aiohttp is
GHSA-45c4-8wx5-qw6w[4]. Upstream for python-aiohttp fixed this by
updating llhttp (which they bundle, but we unbundle) in release 3.8.5.
I am not comfortable attempting to backport the fix to an older release
of llhttp. My preferred solution would be to update llhttp to 8.1.1[5]
and (in the same side tag) update python-aiohttp to 3.8.5[6]. The ABI
break in llhttp would only affect python-aiohttp; the python-aiohttp
update itself is compatible (by upstream intent, and verified in
COPR[7]); and a number of packages that depend on python-aiohttp would
benefit from the fix.
If this exception request is not approved, my fallback plan is to
propose rebuilding python-aiohttp in EPEL9 with AIOHTTP_NO_EXTENSIONS=1,
which would convert it to a pure-Python package. This is a documented
mitigation, but comes with potentially serious performance regressions,
again affecting a number of dependent packages. The llhttp package would
become a leaf package and would remain unpatched.
The same incompatible update was approved by FESCo for Fedora 37[8].
The purpose of this email is to document and explain the proposed
update, to begin the minimum one-week discussion period mandated by the
EPEL Incompatible Upgrades Policy, and to request that the update be
added to the agenda for an upcoming EPEL meeting.
[1]
https://docs.fedoraproject.org/en-US/epel/epel-policy-incompatible-upgrades…
[2] https://access.redhat.com/security/cve/CVE-2023-30589
[3] https://github.com/advisories/GHSA-cggh-pq45-6h9x
[4]
https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w
[5] https://src.fedoraproject.org/rpms/llhttp/pull-request/14
[6] https://src.fedoraproject.org/rpms/python-aiohttp/pull-request/26
[7] https://copr.fedorainfracloud.org/coprs/music/aiohttp-epel9/packages/
[8] https://pagure.io/fesco/issue/3049
Would like to upgrade mlpack from 3.4.2 to 4.2.1
Version 3 is no longer maintained, and there do not seem to be
dependencies on mlpack, at least in Fedora. This is prompted by
CVE-2021-28021, CVE-2021-42715, CVE-2021-42716, and CVE-2022-28041
https://src.fedoraproject.org/rpms/mlpack/pull-request/12
The following Fedora EPEL 9 Security updates need testing:
Age URL
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-bc6b1f3139 stb-0^20231011gitbeebb24-12.el9
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-f45cb7e6ad suricata-6.0.15-1.el9
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-b475c743aa chromium-118.0.5993.117-1.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
logcheck-1.3.18-15.el9
mlpack-4.2.1-5.el9
packit-0.85.0-1.el9
python-ogr-0.47.1-1.el9
python-specfile-0.23.0-1.el9
salt-3005.4-1.el9
Details about builds:
================================================================================
logcheck-1.3.18-15.el9 (FEDORA-EPEL-2023-7ca2e7ca5f)
Analyzes log files and sends noticeable events as email
--------------------------------------------------------------------------------
Update Information:
Logcheck is a simple utility which is designed to allow a system administrator
to view the log-files which are produced upon hosts under their control. It does
this by mailing summaries of the log-files to them, after first filtering out
"normal" entries.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.18-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.18-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.18-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.18-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.18-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2031683 - logcheck is missing in CentOS Stream 9
https://bugzilla.redhat.com/show_bug.cgi?id=2031683
--------------------------------------------------------------------------------
================================================================================
mlpack-4.2.1-5.el9 (FEDORA-EPEL-2023-44e123cf66)
Fast, header-only C++ machine learning library
--------------------------------------------------------------------------------
Update Information:
Use RPM macros for python and cmake build directory ---- Ensure stb_image
contains the latest CVE patches
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 30 2023 Benson Muite <benson_muite(a)emailplus.org> - 4.2.1-5
- Use RPM macros for python and cmake build directory
* Fri Oct 27 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 4.2.1-4
- Ensure stb_image contains the latest CVE patches
* Wed Oct 25 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 4.2.1-3
- Ensure stb_image contains the latest CVE patches
* Mon Oct 16 2023 Ryan Curtin <ryan(a)ratml.org> - 4.2.1-2
- Attempt to reduce RAM usage on ppc64le.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2246895 - Rebuild for static stb_image CVE vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=2246895
--------------------------------------------------------------------------------
================================================================================
packit-0.85.0-1.el9 (FEDORA-EPEL-2023-f8edaa06d8)
A tool for integrating upstream projects with Fedora operating system
--------------------------------------------------------------------------------
Update Information:
Automatic update for packit-0.85.0-1.el9. ##### **Changelog for packit** ``` *
Mon Oct 30 2023 Packit <hello(a)packit.dev> - 0.85.0-1 - Packit no longer
downloads sources excluded using spec file conditions. (#2132) ```
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 30 2023 Packit <hello(a)packit.dev> - 0.85.0-1
- Packit no longer downloads sources excluded using spec file conditions. (#2132)
--------------------------------------------------------------------------------
================================================================================
python-ogr-0.47.1-1.el9 (FEDORA-EPEL-2023-9c0f1113d8)
One API for multiple git forges
--------------------------------------------------------------------------------
Update Information:
Automatic update for python-ogr-0.47.1-1.el9. ##### **Changelog for python-
ogr** ``` * Mon Oct 30 2023 Packit <hello(a)packit.dev> - 0.47.1-1 - Fixed an
issue where getting a list of GitLab merge requests using `.list()` would return
only 20 items. (#819) - Resolves rhbz#2246994 ```
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 30 2023 Packit <hello(a)packit.dev> - 0.47.1-1
- Fixed an issue where getting a list of GitLab merge requests using `.list()` would return only 20 items. (#819)
- Resolves rhbz#2246994
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2246994 - python-ogr-0.47.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2246994
--------------------------------------------------------------------------------
================================================================================
python-specfile-0.23.0-1.el9 (FEDORA-EPEL-2023-ab9b7d0c94)
A library for parsing and manipulating RPM spec files
--------------------------------------------------------------------------------
Update Information:
Automatic update for python-specfile-0.23.0-1.el9. ##### **Changelog for
python-specfile** ``` * Mon Oct 30 2023 Packit <hello(a)packit.dev> - 0.23.0-1 -
Sources now have a `valid` property that indicates whether a source is valid in
the current context, meaning it is not present in a false branch of any
condition. (#295) ```
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 30 2023 Packit <hello(a)packit.dev> - 0.23.0-1
- Sources now have a `valid` property that indicates whether a source is valid in the current context, meaning it is not present in a false branch of any condition. (#295)
--------------------------------------------------------------------------------
================================================================================
salt-3005.4-1.el9 (FEDORA-EPEL-2023-747e8b0ab1)
A parallel remote execution system
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2023-34049
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 30 2023 Gwyn Ciesla <gwync(a)protonmail.com> - 3005.4-1
- 3005.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2246812 - salt-3006.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2246812
[ 2 ] Bug #2246982 - CVE-2023-34049 salt: allows an attacker to force Salt-SSH to run their script [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2246982
--------------------------------------------------------------------------------
The following Fedora EPEL 8 Security updates need testing:
Age URL
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-49ef288135 stb-0-0.39.20231011gitbeebb24.el8
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-799d16fa93 suricata-6.0.15-1.el8
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-619e22a8fa chromium-118.0.5993.117-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
exfatprogs-1.2.2-1.el8
mlpack-4.2.1-4.el8
python-specfile-0.23.0-1.el8
zabbix6.0-6.0.22-2.el8
Details about builds:
================================================================================
exfatprogs-1.2.2-1.el8 (FEDORA-EPEL-2023-994daa9d32)
Userspace utilities for exFAT filesystems
--------------------------------------------------------------------------------
Update Information:
Update to bugfix release 1.2.2.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 28 2023 Simone Caronni <negativo17(a)gmail.com> - 1.2.2-1
- Update to 1.2.2.
* Wed Jul 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.2.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2246690 - exfatprogs-1.2.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2246690
--------------------------------------------------------------------------------
================================================================================
mlpack-4.2.1-4.el8 (FEDORA-EPEL-2023-672d5d9003)
Fast, header-only C++ machine learning library
--------------------------------------------------------------------------------
Update Information:
Use RPM macros for python and cmake build directory
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 30 2023 Benson Muite <benson_muite(a)emailplus.org> - 4.2.1-5
- Use RPM macros for python and cmake build directory
* Fri Oct 27 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 4.2.1-4
- Ensure stb_image contains the latest CVE patches
* Wed Oct 25 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 4.2.1-3
- Ensure stb_image contains the latest CVE patches
* Mon Oct 16 2023 Ryan Curtin <ryan(a)ratml.org> - 4.2.1-2
- Attempt to reduce RAM usage on ppc64le.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2246895 - Rebuild for static stb_image CVE vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=2246895
--------------------------------------------------------------------------------
================================================================================
python-specfile-0.23.0-1.el8 (FEDORA-EPEL-2023-812e1d5efb)
A library for parsing and manipulating RPM spec files
--------------------------------------------------------------------------------
Update Information:
Automatic update for python-specfile-0.23.0-1.el8. ##### **Changelog for
python-specfile** ``` * Mon Oct 30 2023 Packit <hello(a)packit.dev> - 0.23.0-1 -
Sources now have a `valid` property that indicates whether a source is valid in
the current context, meaning it is not present in a false branch of any
condition. (#295) ```
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 30 2023 Packit <hello(a)packit.dev> - 0.23.0-1
- Sources now have a `valid` property that indicates whether a source is valid in the current context, meaning it is not present in a false branch of any condition. (#295)
--------------------------------------------------------------------------------
================================================================================
zabbix6.0-6.0.22-2.el8 (FEDORA-EPEL-2023-1ab902b181)
Open-source monitoring solution for your IT infrastructure
--------------------------------------------------------------------------------
Update Information:
* Add dontaudit SELinux rules for spurious AVC denial messages (bz#2170630) *
Update to 6.0.22
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 30 2023 Orion Poplawski <orion(a)nwra.com> - 6.0.22-2
- Add dontaudit SELinux rules for spurious AVC denial messages (bz#2170630)
* Mon Oct 30 2023 Orion Poplawski <orion(a)nwra.com> - 6.0.22-1
- Update to 6.0.22
--------------------------------------------------------------------------------
The following Fedora EPEL 9 Security updates need testing:
Age URL
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-bc6b1f3139 stb-0^20231011gitbeebb24-12.el9
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-f45cb7e6ad suricata-6.0.15-1.el9
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-b475c743aa chromium-118.0.5993.117-1.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
baresip-3.6.0-1.el9
clamav-1.0.4-1.el9
go-rpm-macros-epel-3.3.0-1.el9
imapfilter-2.8.1-4.el9
libre-3.6.0-1.el9
perl-Math-Random-Secure-0.08.0001-21.el9
perl-WWW-Curl-4.17-29.el9
python-pyte-0.8.1-1.el9
radicale-3.1.8-55.el9
x2gokdrive-0.0.0.2-2.el9
Details about builds:
================================================================================
baresip-3.6.0-1.el9 (FEDORA-EPEL-2023-1f8e81ff00)
Modular SIP user-agent with audio and video support
--------------------------------------------------------------------------------
Update Information:
# Baresip v3.6.0 (2023-10-17) - test: call - replace stop_on_audio_video by
cancel rule - video: use const struct video for `videnc_update_h` and
`viddec_update_h` - misc: `fd_listen` fhs alloc rewrite - ctrl_tcp: fix
netstring enum warning - ua, static_menu: Fix 100rel cmd - tools: jbuf plots
- tools: fix and cleanup ajb plots - ua: move adding of norefersub extension to
`create_register_clients` - main: add `re_trace.json` if enabled - jbuf: move
from re to baresip - avcodec/decode: refactor `hw_frame` handling - call:
include `Referred-by:` tag in REFERs - ci: bump pr-dependency-action(a)v0.6 -
video: add video decode error trace - video: protect shared resources in
`video_debug` - video: delay `video_destructor` - avcodec/decode: revert
`hw_frame` handling and fix unref frame - avcodec/decode: fix last `av_frame`
memory leak - test: call - count video frames in videodir tests - test call -
fix logical and # libre v3.6.0 (2023-10-17) - ci/coverage: increase min.
coverage - Implement `aufile_set_position` - dialog: fix rtags of forking
`INVITE` with 100rel - tls/alloc: set default min proto TLS 1.2 - test: init
err to 0 in sdp test (cppcheck) - main: `fd_listen` fhs alloc rewrite - Expand
`RE_BREAKPOINT` macro on ARM64 - jbuf: trace data for plot - trace: use global
trace log - main: use ifdef for `RE_TRACE_ENABLED` - test/hexdump: hide output
- trace: remove global default trace json - ci/ssl: use tools repo and new
assets - fmt: doxygen correction in `print.c` - trace: use only explicit
`RE_TRACE_ENABLED` - cmake: enable C11 for Windows (not MINGW) - ci/coverage:
lower min. coverage - jbuf: move jbuf to baresip - ci/coverage: improve
coverage (enable trace) - ci: bump pr-dependency-action(a)v0.6 - ice: mDNS
refactoring - trace: add flush worker and optimize memory usage - rtp: fix
video jitter calculation and add arrival time rtp header - ci: remove `DARWIN`
compile flag from iOS build - thread: add trace thread name logging -
ci/coverage: reduce min. coverage
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 29 2023 Robert Scheck <robert(a)fedoraproject.org> 3.6.0-1
- Upgrade to 3.6.0 (#2244802)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2244802 - baresip-3.6.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2244802
[ 2 ] Bug #2244979 - libre-3.6.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2244979
--------------------------------------------------------------------------------
================================================================================
clamav-1.0.4-1.el9 (FEDORA-EPEL-2023-90d6559355)
End-user tools for the Clam Antivirus scanner
--------------------------------------------------------------------------------
Update Information:
* Update to 1.0.4 * Move docs back out of main package.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 29 2023 Orion Poplawski <orion(a)nwra.com> - 1.0.4-1
- Update to 1.0.4
- Remove docs again from main package (bz#2230512)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2230512 - Package clamav contains copy of html manual but it should only be in clamav-doc
https://bugzilla.redhat.com/show_bug.cgi?id=2230512
--------------------------------------------------------------------------------
================================================================================
go-rpm-macros-epel-3.3.0-1.el9 (FEDORA-EPEL-2023-5b535ea855)
Backport of certain Fedora Go RPM macros to EPEL
--------------------------------------------------------------------------------
Update Information:
- Update to new source git source - Remove go_mod_vendor.prov from this package.
It's already upstream. - Add -L flag to %%gometa and %%gorpmname - Add direct
dependency on go-rpm-macros-golist-symlink
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 29 2023 Maxwell G <maxwell(a)gtmx.me> - 3.3.0-1
- Update to new source git source
- Remove go_mod_vendor.prov from this package. It's already upstream.
- Add -L flag to %gometa and %gorpmname
- Add direct dependency on go-rpm-macros-golist-symlink
--------------------------------------------------------------------------------
================================================================================
imapfilter-2.8.1-4.el9 (FEDORA-EPEL-2023-62ef3af378)
A flexible client side mail filtering utility for IMAP servers
--------------------------------------------------------------------------------
Update Information:
Fix %doc and %license files
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 29 2023 Sandro <devel(a)penguinpee.nl> - 2.8.1-4
- Add Packit config
* Sun Oct 29 2023 Sandro <devel(a)penguinpee.nl> - 2.8.1-3
- Fix doc files
* Sun Oct 29 2023 Sandro <devel(a)penguinpee.nl> - 2.8.1-2
- Use forge macros consistently
--------------------------------------------------------------------------------
================================================================================
libre-3.6.0-1.el9 (FEDORA-EPEL-2023-1f8e81ff00)
Generic library for real-time communications
--------------------------------------------------------------------------------
Update Information:
# Baresip v3.6.0 (2023-10-17) - test: call - replace stop_on_audio_video by
cancel rule - video: use const struct video for `videnc_update_h` and
`viddec_update_h` - misc: `fd_listen` fhs alloc rewrite - ctrl_tcp: fix
netstring enum warning - ua, static_menu: Fix 100rel cmd - tools: jbuf plots
- tools: fix and cleanup ajb plots - ua: move adding of norefersub extension to
`create_register_clients` - main: add `re_trace.json` if enabled - jbuf: move
from re to baresip - avcodec/decode: refactor `hw_frame` handling - call:
include `Referred-by:` tag in REFERs - ci: bump pr-dependency-action(a)v0.6 -
video: add video decode error trace - video: protect shared resources in
`video_debug` - video: delay `video_destructor` - avcodec/decode: revert
`hw_frame` handling and fix unref frame - avcodec/decode: fix last `av_frame`
memory leak - test: call - count video frames in videodir tests - test call -
fix logical and # libre v3.6.0 (2023-10-17) - ci/coverage: increase min.
coverage - Implement `aufile_set_position` - dialog: fix rtags of forking
`INVITE` with 100rel - tls/alloc: set default min proto TLS 1.2 - test: init
err to 0 in sdp test (cppcheck) - main: `fd_listen` fhs alloc rewrite - Expand
`RE_BREAKPOINT` macro on ARM64 - jbuf: trace data for plot - trace: use global
trace log - main: use ifdef for `RE_TRACE_ENABLED` - test/hexdump: hide output
- trace: remove global default trace json - ci/ssl: use tools repo and new
assets - fmt: doxygen correction in `print.c` - trace: use only explicit
`RE_TRACE_ENABLED` - cmake: enable C11 for Windows (not MINGW) - ci/coverage:
lower min. coverage - jbuf: move jbuf to baresip - ci/coverage: improve
coverage (enable trace) - ci: bump pr-dependency-action(a)v0.6 - ice: mDNS
refactoring - trace: add flush worker and optimize memory usage - rtp: fix
video jitter calculation and add arrival time rtp header - ci: remove `DARWIN`
compile flag from iOS build - thread: add trace thread name logging -
ci/coverage: reduce min. coverage
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 29 2023 Robert Scheck <robert(a)fedoraproject.org> 3.6.0-1
- Upgrade to 3.6.0 (#2244979)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2244802 - baresip-3.6.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2244802
[ 2 ] Bug #2244979 - libre-3.6.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2244979
--------------------------------------------------------------------------------
================================================================================
perl-Math-Random-Secure-0.08.0001-21.el9 (FEDORA-EPEL-2023-f00c18e802)
Cryptographically-secure, cross-platform replacement for rand()
--------------------------------------------------------------------------------
Update Information:
This package contains the Perl module Math::Random::Secure, which is intended to
provide a cryptographically-secure replacement for Perl's built-in rand
function.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 20 2023 Emmanuel Seyman <emmanuel(a)seyman.fr> - 0.08.0001-21
- Migrated to SPDX license
- Use /usr/bin/perl instead of %{__perl}
- Use %{make_build} and %{make_install} where appropriate
- Pass NO_PERLLOCAL to Makefile.PL
* Thu Jul 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.08.0001-20
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Fri Jan 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.08.0001-19
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.08.0001-18
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Wed Jun 1 2022 Jitka Plesnikova <jplesnik(a)redhat.com> - 0.08.0001-17
- Perl 5.36 rebuild
* Fri Jan 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.08.0001-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2242157 - perl-Math-Random-Secure for EL9
https://bugzilla.redhat.com/show_bug.cgi?id=2242157
--------------------------------------------------------------------------------
================================================================================
perl-WWW-Curl-4.17-29.el9 (FEDORA-EPEL-2023-458b180abe)
Perl extension interface for libcurl
--------------------------------------------------------------------------------
Update Information:
WWW::Curl 4.17 tried to detect if libcurl defines CURLOPT_RESOLV but ended up
dropping it. This updates fixes the issue.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 29 2023 Emmanuel Seyman <emmanuel(a)seyman.fr> - 4.17-29
- Add back support for CURLOPT_RESOLV
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2245689 - perl-WWW-Curl core dumps perl if use of setopt CURLOPT_RESOLV
https://bugzilla.redhat.com/show_bug.cgi?id=2245689
--------------------------------------------------------------------------------
================================================================================
python-pyte-0.8.1-1.el9 (FEDORA-EPEL-2023-8468e66415)
In memory VT-compatible terminal emulator
--------------------------------------------------------------------------------
Update Information:
Initial build for pyte for EPEL9.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 24 2023 Terje Rosten <terje.rosten(a)ntnu.no> - 0.8.1-1
- 0.8.1
* Fri Jul 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.8.0-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Jun 14 2023 Python Maint <python-maint(a)redhat.com> - 0.8.0-11
- Rebuilt for Python 3.12
* Fri Jan 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.8.0-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.8.0-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Mon Jun 13 2022 Python Maint <python-maint(a)redhat.com> - 0.8.0-8
- Rebuilt for Python 3.11
* Fri Jan 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.8.0-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2246598 - Please branch and build python-pyte in epel9
https://bugzilla.redhat.com/show_bug.cgi?id=2246598
--------------------------------------------------------------------------------
================================================================================
radicale-3.1.8-55.el9 (FEDORA-EPEL-2023-8a702db8ed)
A simple CalDAV (calendar) and CardDAV (contact) server
--------------------------------------------------------------------------------
Update Information:
Debundle vobject as now available in EPEL9 (#2246219) Skip bundle setup in case
of nothing to bundle
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 29 2023 Peter Bieringer <pb(a)bieringer.de> - 3.1.8-55
- Debundle vobject as now available in EPEL9 (#2246219)
- Skip bundle setup in case of nothing to bundle
--------------------------------------------------------------------------------
================================================================================
x2gokdrive-0.0.0.2-2.el9 (FEDORA-EPEL-2023-dc3b3a1df8)
KDrive graphical server backend for X2GoServer
--------------------------------------------------------------------------------
Update Information:
X2Go KDrive is a KDrive-based Xserver for X2Go. It provides support for running
modern desktop environments like GNOME, KDE Plasma, Cinnamon, etc. in X2Go
Sessions. The X2Go KDrive graphical backend is not suitable for low bandwidth
WAN connections between X2Go Client and X2Go Server. It is supposed for X2Go
being used on the local area network.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 28 2023 Orion Poplawski <orion(a)nwra.com> - 0.0.0.2-2
- Fix License tag and add upstream copyright file
- Add %check
* Mon Sep 25 2023 Orion Poplawski <orion(a)nwra.com> - 0.0.0.2-1
- Update to 0.0.0.2
* Thu Jun 15 2023 Orion Poplawski <orion(a)nwra.com> - 0.0.0.1-1
- Initial Fedora package
--------------------------------------------------------------------------------
The following Fedora EPEL 7 Security updates need testing:
Age URL
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-b4ff3ac6b0 stb-0-0.39.20231011gitbeebb24.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-7d5cd32373 chromium-118.0.5993.117-1.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-b951076a0f golang-1.19.13-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
erfa-2.0.1-1.el7
xrootd-5.6.3-1.el7
Details about builds:
================================================================================
erfa-2.0.1-1.el7 (FEDORA-EPEL-2023-afefbaeddd)
Essential Routines for Fundamental Astronomy
--------------------------------------------------------------------------------
Update Information:
Update to version of SOFA 20231011
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 28 2023 Sergio Pascual <sergiopr at fedoraproject.org> - 2.0.1-1
- New upstream source (2.0.1)
- Building with meson
--------------------------------------------------------------------------------
================================================================================
xrootd-5.6.3-1.el7 (FEDORA-EPEL-2023-7d4000f585)
Extended ROOT file server
--------------------------------------------------------------------------------
Update Information:
xrootd 5.6.3
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 27 2023 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 1:5.6.3-1
- Update to version 5.6.3
- Drop patches accepted upstream or previously backported
- Enable tests and add check section
--------------------------------------------------------------------------------