epel-devel December 2023

epel-devel@lists.fedoraproject.org

11 participants
86 discussions

Fedora EPEL 9 updates-testing report
by updates＠fedoraproject.org 09 Dec '23

09 Dec '23

The following Fedora EPEL 9 Security updates need testing: Age URL 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-8d617060ef chromium-120.0.6099.62-2.el9 The following builds have been pushed to Fedora EPEL 9 updates-testing MySQL-zrm-3.0-38.el9 cargo2rpm-0.1.15-1.el9 datovka-4.23.0-1.el9 libdatovka-0.5.1-1.el9 libnss-mysql-1.5-47.el9 mate-system-monitor-1.26.2-1.el9 mlt-7.22.0-1.el9 perl-XML-RSS-1.62-7.el9 rust-fast-srgb8-1.0.0-1.el9 rust-memmap2-0.9.0-2.el9 rust-memmap2_0.7-0.7.1-1.el9 rust-palette-0.7.3-1.el9 rust-palette0.6-0.6.0-1.el9 rust-palette_derive-0.7.3-1.el9 rust-palette_derive0.6-0.6.0-1.el9 system-config-printer-epel-1.5.15-0.4.el9.1 Details about builds: ================================================================================ MySQL-zrm-3.0-38.el9 (FEDORA-EPEL-2023-b5f96f92a8) MySQL backup manager -------------------------------------------------------------------------------- Update Information: Build for EPEL9 -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 8 2023 Orion Poplawski <orion(a)nwra.com> - 3.0-38 - Add patch to fix tar complaining that ". changed as we read it" * Thu Oct 12 2023 Orion Poplawski <orion(a)nwra.com> - 3.0-37 - Require /usr/bin/mail instead of mailx * Wed Jul 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0-36 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Wed Jan 18 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0-35 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Wed Jul 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0-34 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Mon May 30 2022 Jitka Plesnikova <jplesnik(a)redhat.com> - 3.0-33 - Perl 5.36 rebuild * Wed Jan 19 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0-32 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2237946 - please provide MySQL-zrm-3.0-23.el8 (or newer) for EPEL 9 https://bugzilla.redhat.com/show_bug.cgi?id=2237946 [ 2 ] Bug #2243747 - Please branch and build perl-XML-RSS for EPEL9 https://bugzilla.redhat.com/show_bug.cgi?id=2243747 -------------------------------------------------------------------------------- ================================================================================ cargo2rpm-0.1.15-1.el9 (FEDORA-EPEL-2023-db3c32480e) Translation layer between cargo and RPM -------------------------------------------------------------------------------- Update Information: Update to version 0.1.15. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 8 2023 Fabio Valentini <decathorpe(a)gmail.com> - 0.1.15-1 - Update to version 0.1.15; Fixes RHBZ#2253432 * Fri Dec 1 2023 Fabio Valentini <decathorpe(a)gmail.com> - 0.1.14-1 - Update to version 0.1.14; Fixes RHBZ#2252412 -------------------------------------------------------------------------------- ================================================================================ datovka-4.23.0-1.el9 (FEDORA-EPEL-2023-178df21262) A free graphical interface for Czech Databox (Datov�� schr��nky) -------------------------------------------------------------------------------- Update Information: These are new packages, Datovka and dependencies. -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 4 2023 Jaroslav ��karvada <jskarvad(a)redhat.com> - 4.23.0-1 - New version Resolves: rhbz#2251951 * Thu Nov 9 2023 Jaroslav ��karvada <jskarvad(a)redhat.com> - 4.22.1-5 - Rebuilt for new datovka * Tue Nov 7 2023 Jaroslav ��karvada <jskarvad(a)redhat.com> - 4.22.1-4 - Rebuild for new libdatovka * Tue Sep 5 2023 Jaroslav ��karvada <jskarvad(a)redhat.com> - 4.22.1-3 - Rebuild for new libdatovka * Wed Jul 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.22.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Wed Apr 26 2023 Jaroslav ��karvada <jskarvad(a)redhat.com> - 4.22.1-1 - New version Resolves: rhbz#2188035 * Thu Feb 23 2023 Jaroslav ��karvada <jskarvad(a)redhat.com> - 4.22.0-1 - New version Resolves: rhbz#2170063 * Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.21.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Tue Nov 22 2022 Jaroslav ��karvada <jskarvad(a)redhat.com> - 4.21.1-1 - New version Resolves: rhbz#2144857 * Thu Sep 29 2022 Jaroslav ��karvada <jskarvad(a)redhat.com> - 4.21.0-1 - New version Resolves: rhbz#2130187 * Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.20.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Thu Mar 17 2022 Jaroslav ��karvada <jskarvad(a)redhat.com> - 4.20.0-1 - New version Resolves: rhbz#2064316 * Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.19.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ libdatovka-0.5.1-1.el9 (FEDORA-EPEL-2023-178df21262) Client library for accessing SOAP services of ISDS (Czech Data Boxes) -------------------------------------------------------------------------------- Update Information: These are new packages, Datovka and dependencies. -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 9 2023 Jaroslav ��karvada <jskarvad(a)redhat.com> - 0.5.1-1 - New version Resolves: rhbz#2248718 * Tue Nov 7 2023 Jaroslav ��karvada <jskarvad(a)redhat.com> - 0.5.0-1 - New version Resolves: rhbz#2248448 * Tue Sep 5 2023 Jaroslav ��karvada <jskarvad(a)redhat.com> - 0.4.0-1 - New version Resolves: rhbz#2237212 * Thu Jul 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.3.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Thu Feb 23 2023 Jaroslav ��karvada <jskarvad(a)redhat.com> - 0.3.0-1 - New version Resolves: rhbz#2170064 * Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.2.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.2.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Wed Jan 26 2022 Jaroslav ��karvada <jskarvad(a)redhat.com> - 0.2.1-3 - Fixed FTBFS with gcc-12 Resolves: rhbz#2045792 * Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.2.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ libnss-mysql-1.5-47.el9 (FEDORA-EPEL-2023-ab457c4025) NSS library for MySQL -------------------------------------------------------------------------------- Update Information: Use mysql for initgroups nsswich.conf entry too -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 8 2023 J��n ONDREJ (SAL) <ondrejj(at)salstar.sk> - 1.5-47 - Use mysql for initgroups nsswich.conf entry too * Fri Sep 29 2023 J��n ONDREJ (SAL) <ondrejj(at)salstar.sk> - 1.5-46 - Build against the 'mariadb-connector-c-devel' package (PR#1) - Replace setup and patchN with autosetup macro - Use make macros * Thu Jul 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.5-45 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.5-44 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.5-43 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.5-42 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ mate-system-monitor-1.26.2-1.el9 (FEDORA-EPEL-2023-eb3d51b67e) Process and resource monitor -------------------------------------------------------------------------------- Update Information: - update to 1.26.2 -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 8 2023 Wolfgang Ulbrich <fedora(a)raveit.de> - 1.26.2-1 - update to 1.26.2 -------------------------------------------------------------------------------- ================================================================================ mlt-7.22.0-1.el9 (FEDORA-EPEL-2023-276e5d22a7) Toolkit for broadcasters, video editors, media players, transcoders -------------------------------------------------------------------------------- Update Information: Update mlt to 7.22.0 (#2252089) -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 7 2023 S��rgio Basto <sergio(a)serjux.com> - 7.22.0-1 - Update mlt to 7.22.0 (#2252089) * Thu Nov 30 2023 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 7.20.0-2 - Backport upstream PR for compilation with libxml2 2.12.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2252089 - mlt-7.22.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2252089 -------------------------------------------------------------------------------- ================================================================================ perl-XML-RSS-1.62-7.el9 (FEDORA-EPEL-2023-b5f96f92a8) Perl module for managing RDF Site Summary (RSS) files -------------------------------------------------------------------------------- Update Information: Build for EPEL9 -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.62-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Wed Jun 1 2022 Jitka Plesnikova <jplesnik(a)redhat.com> - 1.62-6 - Perl 5.36 rebuild * Fri Jan 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.62-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Fri Jul 23 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.62-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Sat May 22 2021 Jitka Plesnikova <jplesnik(a)redhat.com> - 1.62-3 - Perl 5.34 rebuild * Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.62-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Mon Oct 19 2020 Tom Callaway <spot(a)fedoraproject.org> - 1.62-1 - update to 1.62 * Tue Jul 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.61-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2237946 - please provide MySQL-zrm-3.0-23.el8 (or newer) for EPEL 9 https://bugzilla.redhat.com/show_bug.cgi?id=2237946 [ 2 ] Bug #2243747 - Please branch and build perl-XML-RSS for EPEL9 https://bugzilla.redhat.com/show_bug.cgi?id=2243747 -------------------------------------------------------------------------------- ================================================================================ rust-fast-srgb8-1.0.0-1.el9 (FEDORA-EPEL-2023-bdcabc7cc6) Very fast conversions between linear float and 8-bit sRGB -------------------------------------------------------------------------------- Update Information: - Update the palette and palette_derive crates to version 0.7.3. - Add compat packages for version 0.6 of the palette and palette_derive crates. - Initial packaging of the fast-srgb8 crate. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 8 2023 Fabio Valentini <decathorpe(a)gmail.com> - 1.0.0-1 - Initial import (#2252086) -------------------------------------------------------------------------------- ================================================================================ rust-memmap2-0.9.0-2.el9 (FEDORA-EPEL-2023-ccc8904ff9) Cross-platform Rust API for memory-mapped file IO -------------------------------------------------------------------------------- Update Information: - Update the memmap2 crate to version 0.9.0. - Add a compat package for version 0.7 of the memmap2 crate. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 8 2023 Fabio Valentini <decathorpe(a)gmail.com> - 0.9.0-2 - Skip a test that fails on ppc64le * Fri Dec 8 2023 Fabio Valentini <decathorpe(a)gmail.com> - 0.9.0-1 - Update to version 0.9.0; Fixes RHBZ#2240509 * Fri Jul 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.7.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ rust-memmap2_0.7-0.7.1-1.el9 (FEDORA-EPEL-2023-ccc8904ff9) Cross-platform Rust API for memory-mapped file IO -------------------------------------------------------------------------------- Update Information: - Update the memmap2 crate to version 0.9.0. - Add a compat package for version 0.7 of the memmap2 crate. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 8 2023 Fabio Valentini <decathorpe(a)gmail.com> - 0.7.1-1 - Initial import (memmap2 0.7 compat package) -------------------------------------------------------------------------------- ================================================================================ rust-palette-0.7.3-1.el9 (FEDORA-EPEL-2023-bdcabc7cc6) Convert and manage colors with a focus on correctness, flexibility and ease of use -------------------------------------------------------------------------------- Update Information: - Update the palette and palette_derive crates to version 0.7.3. - Add compat packages for version 0.6 of the palette and palette_derive crates. - Initial packaging of the fast-srgb8 crate. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 29 2023 Fabio Valentini <decathorpe(a)gmail.com> - 0.7.3-1 - Update to version 0.7.3; Fixes RHBZ#2107821 * Fri Jul 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.6.0-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ rust-palette0.6-0.6.0-1.el9 (FEDORA-EPEL-2023-bdcabc7cc6) Convert and manage colors with a focus on correctness, flexibility and ease of use -------------------------------------------------------------------------------- Update Information: - Update the palette and palette_derive crates to version 0.7.3. - Add compat packages for version 0.6 of the palette and palette_derive crates. - Initial packaging of the fast-srgb8 crate. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 8 2023 Fabio Valentini <decathorpe(a)gmail.com> - 0.6.0-1 - Initial import (palette 0.6 compat package) -------------------------------------------------------------------------------- ================================================================================ rust-palette_derive-0.7.3-1.el9 (FEDORA-EPEL-2023-bdcabc7cc6) Automatically implement traits from the palette crate -------------------------------------------------------------------------------- Update Information: - Update the palette and palette_derive crates to version 0.7.3. - Add compat packages for version 0.6 of the palette and palette_derive crates. - Initial packaging of the fast-srgb8 crate. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 29 2023 Fabio Valentini <decathorpe(a)gmail.com> - 0.7.3-1 - Update to version 0.7.3; Fixes RHBZ#2107822 * Fri Jul 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.6.0-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Fri Jun 23 2023 Fabio Valentini <decathorpe(a)gmail.com> - 0.6.0-8 - Regenerate with rust2rpm v24 -------------------------------------------------------------------------------- ================================================================================ rust-palette_derive0.6-0.6.0-1.el9 (FEDORA-EPEL-2023-bdcabc7cc6) Automatically implement traits from the palette crate -------------------------------------------------------------------------------- Update Information: - Update the palette and palette_derive crates to version 0.7.3. - Add compat packages for version 0.6 of the palette and palette_derive crates. - Initial packaging of the fast-srgb8 crate. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 8 2023 Fabio Valentini <decathorpe(a)gmail.com> - 0.6.0-1 - Initial import (palette_derive 0.6 compat package) -------------------------------------------------------------------------------- ================================================================================ system-config-printer-epel-1.5.15-0.4.el9.1 (FEDORA-EPEL-2023-ba55b17e3c) A printer administration tool -------------------------------------------------------------------------------- Update Information: Transformation of system-config-printer-1.5.15-4.el9 into system-config-printer- epel to achieve the missing system-config-printer and system-config-printer- applet packages. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 8 2023 Robert Scheck <robert(a)fedoraproject.org> - 1.5.15-0.4.el9.1 - Transformed system-config-printer-1.5.15-4.el9 from RHEL 9.3 GA into system-config-printer-epel to achieve the missing system-config-printer and system-config-printer-applet packages --------------------------------------------------------------------------------

1 0

Fedora EPEL 8 updates-testing report
by updates＠fedoraproject.org 09 Dec '23

09 Dec '23

The following Fedora EPEL 8 Security updates need testing: Age URL 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-d0b9bcb64f chromium-120.0.6099.62-2.el8 The following builds have been pushed to Fedora EPEL 8 updates-testing brise-0.38.20180515-1.el8 ibus-rime-1.3.0-1.el8 librime-1.3.2-1.el8 mate-system-monitor-1.26.2-1.el8 opencc-1.0.5-3.el8 seamonkey-2.53.18-1.el8 Details about builds: ================================================================================ brise-0.38.20180515-1.el8 (FEDORA-EPEL-2023-6103b5d30a) The official Rime schema repository -------------------------------------------------------------------------------- Update Information: - build ibus-rime for EPEL 8 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 21 2018 Peng Wu <pwu(a)redhat.com> - 0.38.20180515-1 - Update to 0.38.20180515 * Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.35-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Wed Feb 7 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.35-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Wed Aug 2 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.35-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Wed Jul 26 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.35-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Fri Feb 10 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.35-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild * Wed Feb 3 2016 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.35-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild * Wed Jun 17 2015 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.35-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Tue Jan 6 2015 Peng Wu <pwu(a)redhat.com> - 0.35-1 - Update to 0.35 * Fri Aug 15 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.32-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.32-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Fri Dec 27 2013 Peng Wu <pwu(a)redhat.com> - 0.32-1 - Update to 0.32 * Mon Dec 9 2013 Peng Wu <pwu(a)redhat.com> - 0.30-1 - Update to 0.30 * Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.22-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Wed May 22 2013 Peng Wu <pwu(a)redhat.com> - 0.22-2 - Fixes the spec * Thu May 9 2013 Peng Wu <pwu(a)redhat.com> - 0.22-1 - The Initial Version -------------------------------------------------------------------------------- References: [ 1 ] Bug #2135079 - Please branch and build ibus-rime in epel8 https://bugzilla.redhat.com/show_bug.cgi?id=2135079 -------------------------------------------------------------------------------- ================================================================================ ibus-rime-1.3.0-1.el8 (FEDORA-EPEL-2023-6103b5d30a) Rime Input Method Engine for IBus -------------------------------------------------------------------------------- Update Information: - build ibus-rime for EPEL 8 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 21 2018 Peng Wu <pwu(a)redhat.com> - 1.3.0-1 - Update to 1.3.0 * Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.2-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Wed Feb 7 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.2-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Wed Aug 2 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Wed Jul 26 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.2-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Fri Feb 10 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild * Thu Feb 4 2016 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild * Wed Jun 17 2015 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Tue Jan 6 2015 Peng Wu <pwu(a)redhat.com> - 1.2-1 - Update to 1.2 * Sat Aug 16 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Fri Dec 27 2013 Peng Wu <pwu(a)redhat.com> - 1.1-1 - Update to 1.1 * Mon Dec 9 2013 Peng Wu <pwu(a)redhat.com> - 1.0-1 - Update to 1.0 * Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.9.9-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Wed May 22 2013 Peng Wu <pwu(a)redhat.com> - 0.9.9-2 - Fixes the spec * Thu May 9 2013 Peng Wu <pwu(a)redhat.com> - 0.9.9-1 - The Initial Version -------------------------------------------------------------------------------- References: [ 1 ] Bug #2135079 - Please branch and build ibus-rime in epel8 https://bugzilla.redhat.com/show_bug.cgi?id=2135079 -------------------------------------------------------------------------------- ================================================================================ librime-1.3.2-1.el8 (FEDORA-EPEL-2023-6103b5d30a) Rime Input Method Engine Library -------------------------------------------------------------------------------- Update Information: - build ibus-rime for EPEL 8 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 21 2018 Peng Wu <pwu(a)redhat.com> - 1.3.2-1 - Update to 1.3.2 * Wed Oct 10 2018 S��rgio Basto <sergio(a)serjux.com> - 1.2-24 - Rebuit for gflags-2.2.1 * Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.2-23 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Wed Mar 7 2018 Adam Williamson <awilliam(a)redhat.com> - 1.2-22 - Rebuild to fix GCC 8 mis-compilation See https://da.gd/YJVwk ("GCC 8 ABI change on x86_64") * Wed Feb 14 2018 Richard Shaw <hobbes1069(a)gmail.com> - 1.2-21 - Rebuild for yaml-cpp 0.6.0. * Wed Feb 7 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.2-20 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Tue Jan 23 2018 Jonathan Wakely <jwakely(a)redhat.com> - 1.2-19 - Rebuilt for Boost 1.66 * Thu Aug 3 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.2-18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Wed Jul 26 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.2-17 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Wed Jul 19 2017 Jonathan Wakely <jwakely(a)redhat.com> - 1.2-16 - Rebuilt for s390x binutils bug * Tue Jul 18 2017 Jonathan Wakely <jwakely(a)redhat.com> - 1.2-15 - Rebuilt for Boost 1.64 * Mon May 15 2017 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.2-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_27_Mass_Rebuild * Fri Feb 10 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.2-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild * Sat Jan 28 2017 Jonathan Wakely <jwakely(a)redhat.com> - 1.2-12 - Rebuilt for Boost 1.63 * Tue Aug 23 2016 Richard Shaw <hobbes1069(a)gmail.com> - 1.2-11 - Rebuild for updated yaml-cpp * Tue May 17 2016 Jonathan Wakely <jwakely(a)redhat.com> - 1.2-10 - Rebuilt for linker errors in boost (#1331983) * Thu Feb 4 2016 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.2-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild * Mon Jan 18 2016 Jonathan Wakely <jwakely(a)redhat.com> - 1.2-8 - Rebuilt for Boost 1.60 * Thu Aug 27 2015 Jonathan Wakely <jwakely(a)redhat.com> - 1.2-7 - Rebuilt for Boost 1.59 * Wed Jul 29 2015 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.2-6 - Rebuilt for https://fedoraproject.org/wiki/Changes/F23Boost159 * Wed Jul 22 2015 David Tardon <dtardon(a)redhat.com> - 1.2-5 - rebuild for Boost 1.58 * Wed Jun 17 2015 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Mon May 4 2015 Kalev Lember <kalevlember(a)gmail.com> - 1.2-3 - Rebuilt for GCC 5 C++11 ABI change * Tue Jan 27 2015 Petr Machata <pmachata(a)redhat.com> - 1.2-2 - Rebuild for boost 1.57.0 * Tue Jan 6 2015 Peng Wu <pwu(a)redhat.com> - 1.2-1 - Update to 1.2 * Sun Aug 17 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.1-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Fri May 23 2014 Petr Machata <pmachata(a)redhat.com> - 1.1-4 - Rebuild for boost 1.55.0 * Thu May 22 2014 Brent Baude <baude(a)us.ibm.com> - 1.1-3 - FTBFS on all arches due to missing gflags.h - Adding BR for gflags-devel * Mon Dec 30 2013 Peng Wu <pwu(a)redhat.com> - 1.1-2 - Update arm patch * Fri Dec 27 2013 Peng Wu <pwu(a)redhat.com> - 1.1-1 - Update to 1.1 * Mon Dec 9 2013 Peng Wu <pwu(a)redhat.com> - 1.0-1 - Update to 1.0 * Mon Nov 25 2013 Peng Wu <pwu(a)redhat.com> - 0.9.9-1 - Update to 0.9.9 * Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.9.8-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Sat Jul 27 2013 pmachata(a)redhat.com - 0.9.8-4 - Rebuild for boost 1.54.0 * Mon Jul 15 2013 Peng Wu <pwu(a)redhat.com> - 0.9.8-3 - Fixes arm build * Thu May 16 2013 Peng Wu <pwu(a)redhat.com> - 0.9.8-2 - Improves the spec * Thu May 9 2013 Peng Wu <pwu(a)redhat.com> - 0.9.8-1 - The Initial Version -------------------------------------------------------------------------------- References: [ 1 ] Bug #2135079 - Please branch and build ibus-rime in epel8 https://bugzilla.redhat.com/show_bug.cgi?id=2135079 -------------------------------------------------------------------------------- ================================================================================ mate-system-monitor-1.26.2-1.el8 (FEDORA-EPEL-2023-4b15a5f07e) Process and resource monitor -------------------------------------------------------------------------------- Update Information: - update to 1.26.2 -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 8 2023 Wolfgang Ulbrich <fedora(a)raveit.de> - 1.26.2-1 - update to 1.26.2 -------------------------------------------------------------------------------- ================================================================================ opencc-1.0.5-3.el8 (FEDORA-EPEL-2023-6103b5d30a) Libraries for Simplified-Traditional Chinese Conversion -------------------------------------------------------------------------------- Update Information: - build ibus-rime for EPEL 8 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 17 2018 Peng Wu <pwu(a)redhat.com> - 1.0.5-3 - Security fix for CVE-2018-16982 * Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Thu Jun 28 2018 Peng Wu <pwu(a)redhat.com> - 1.0.5-1 - Update to 1.0.5 * Mon Mar 19 2018 Iryna Shcherbina <ishcherb(a)redhat.com> - 1.0.3-7 - Update Python 2 dependency declarations to new packaging standards (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3) * Thu Feb 8 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.3-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Thu Aug 3 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.3-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Thu Jul 27 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.3-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Mon May 15 2017 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.0.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_27_Mass_Rebuild * Sat Feb 11 2017 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild * Tue Feb 16 2016 Peng Wu <pwu(a)redhat.com> - 1.0.3-1 - Update to 1.0.3 * Thu Feb 4 2016 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.2-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild * Wed Jun 17 2015 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.0.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Sat May 2 2015 Kalev Lember <kalevlember(a)gmail.com> - 1.0.2-3 - Rebuilt for GCC 5 C++11 ABI change * Mon Jan 19 2015 Peng Wu <pwu(a)redhat.com> - 1.0.2-2 - Fixes postun script * Tue Jan 6 2015 Peng Wu <pwu(a)redhat.com> - 1.0.2-1 - Update to 1.0.2 * Sun Aug 17 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.4.3-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.4.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.4.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Tue May 28 2013 Peng Wu <pwu(a)redhat.com> - 0.4.3-1 - Update to 0.4.3 * Mon Mar 4 2013 Peng Wu <pwu(a)redhat.com> - 0.4.0-1 - Update to 0.4.0 * Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.3.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Wed Aug 22 2012 Peng Wu <pwu(a)redhat.com> - 0.3.0-4 - Fixes Download URL * Mon Jul 23 2012 Peng Wu <pwu(a)redhat.com> - 0.3.0-3 - Fixes cmake * Fri Jul 20 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.3.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Feb 2 2012 Peng Wu <pwu(a)redhat.com> - 0.3.0-1 - Update to 0.3.0, and fixes ctest * Wed Feb 1 2012 Peter Robinson <pbrobinson(a)fedoraproject.org> - 0.2.0-6 - Drop unnessary ExclusiveArch directive * Fri Jan 13 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.2.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Wed Nov 30 2011 Peng Wu <pwu(a)redhat.com> - 0.2.0-4 - Change i386 to i686 * Wed Nov 30 2011 Peng Wu <pwu(a)redhat.com> - 0.2.0-3 - Only build for i386 and x86_64 * Tue Feb 8 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.2.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Sat Dec 25 2010 BYVoid <byvoid.kcp(a)gmail.com> - 0.2.0-1 - Upstream release. - Use CMake instead of autotools. * Wed Sep 29 2010 jkeating - 0.1.2-2 - Rebuilt for gcc bug 634757 * Fri Sep 17 2010 BYVoid <byvoid.kcp(a)gmail.com> - 0.1.2-1 - Upstream release. * Thu Aug 12 2010 BYVoid <byvoid.kcp(a)gmail.com> - 0.1.1-1 - Upstream release. * Thu Jul 29 2010 BYVoid <byvoid.kcp(a)gmail.com> - 0.1.0-1 - Upstream release. * Fri Jul 16 2010 BYVoid <byvoid.kcp(a)gmail.com> - 0.0.4-1 - Initial release of RPM. -------------------------------------------------------------------------------- References: [ 1 ] Bug #2135079 - Please branch and build ibus-rime in epel8 https://bugzilla.redhat.com/show_bug.cgi?id=2135079 -------------------------------------------------------------------------------- ================================================================================ seamonkey-2.53.18-1.el8 (FEDORA-EPEL-2023-76db503610) Web browser, e-mail, news, IRC client, HTML editor -------------------------------------------------------------------------------- Update Information: Update to 2.53.18 -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 8 2023 Dmitry Butskoy <Dmitry(a)Butskoy.name> 2.53.18-1 - update to 2.53.18 - add patch for binutils >= 2.36 --------------------------------------------------------------------------------

1 0

Fedora EPEL 7 updates-testing report
by updates＠fedoraproject.org 09 Dec '23

09 Dec '23

The following Fedora EPEL 7 Security updates need testing: Age URL 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-259055935d chromium-120.0.6099.62-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing nodejs-16.20.2-1.el7 seamonkey-2.53.18-1.el7 Details about builds: ================================================================================ nodejs-16.20.2-1.el7 (FEDORA-EPEL-2023-8ea1dafefe) JavaScript runtime -------------------------------------------------------------------------------- Update Information: Update to final 16.20.2 release -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 8 2023 Stephen Gallagher <sgallagh(a)redhat.com> - 1:16.20.2-1 - Update to 16.20.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2253524 - Upgrade to last supported NodeJS 16 version https://bugzilla.redhat.com/show_bug.cgi?id=2253524 -------------------------------------------------------------------------------- ================================================================================ seamonkey-2.53.18-1.el7 (FEDORA-EPEL-2023-fd36857b5e) Web browser, e-mail, news, IRC client, HTML editor -------------------------------------------------------------------------------- Update Information: Update to 2.53.18 -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 8 2023 Dmitry Butskoy <Dmitry(a)Butskoy.name> 2.53.18-1 - update to 2.53.18 - add patch for binutils >= 2.36 --------------------------------------------------------------------------------

1 0

Fedora EPEL 7 updates-testing report
by updates＠fedoraproject.org 08 Dec '23

08 Dec '23

The following builds have been pushed to Fedora EPEL 7 updates-testing chromium-120.0.6099.62-1.el7 netdata-1.44.0-1.el7 Details about builds: ================================================================================ chromium-120.0.6099.62-1.el7 (FEDORA-EPEL-2023-259055935d) A WebKit (Blink) powered web browser that Google doesn't want you to use -------------------------------------------------------------------------------- Update Information: Update to 120.0.6099.62, upstream release fixes follow security issues: * High CVE-2023-6508: Use after free in Media Stream * High CVE-2023-6509: Use after free in Side Panel Search * Medium CVE-2023-6510: Use after free in Media Capture * Low CVE-2023-6511: Inappropriate implementation in Autofill * Low CVE-2023-6512: Inappropriate implementation in Web Browser UI ---- update to 119.0.6045.199, upstream security release * High CVE-2023-6348: Type Confusion in Spellcheck * High CVE-2023-6347: Use after free in Mojo * High CVE-2023-6346: Use after free in WebAudio * High CVE-2023-6350: Out of bounds memory access in libavif * High CVE-2023-6351: Use after free in libavif * High CVE-2023-6345: Integer overflow in Skia -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 5 2023 Than Ngo <than(a)redhat.com> - 120.0.6099.62-1 - update to 120.0.6099.62 - fixed bz#2252874, built with control flow integrity (CFI) support * Sat Dec 2 2023 Than Ngo <than(a)redhat.com> - 120.0.6099.56-1 - update to 120.0.6099.56 - enable qt6 UI backend * Sat Dec 2 2023 Than Ngo <than(a)redhat.com> - 119.0.6045.199-2 - fixed bz#2242271, built with bundleminizip in fedora > 39 - fixed bz#2251884, built with fstack-protector-strong for improved security * Wed Nov 29 2023 Than Ngo <than(a)redhat.com> - 119.0.6045.199-1 - update to 119.0.6045.199 * Sun Nov 19 2023 Than Ngo <than(a)redhat.com> - 119.0.6045.159-2 - fix ffmpeg conflicts -------------------------------------------------------------------------------- References: [ 1 ] Bug #2252009 - CVE-2023-6346 CVE-2023-6347 CVE-2023-6350 CVE-2023-6351 chromium: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2252009 [ 2 ] Bug #2252188 - CVE-2023-6345 chromium: chromium-browser: Integer overflow [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2252188 [ 3 ] Bug #2252191 - CVE-2023-6348 chromium: chromium-browser: Type Confusion in Spellcheck [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2252191 [ 4 ] Bug #2253151 - CVE-2023-6508 chromium: Use after free in Media Stream [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2253151 [ 5 ] Bug #2253154 - CVE-2023-6509 chromium: Use after free in Side Panel Search [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2253154 [ 6 ] Bug #2253157 - CVE-2023-6510 chromium: Use after free in Media Capture [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2253157 [ 7 ] Bug #2253161 - CVE-2023-6511 chromium: Inappropriate implementation in Autofill [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2253161 [ 8 ] Bug #2253164 - CVE-2023-6512 chromium: Inappropriate implementation in Web Browser UI [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2253164 -------------------------------------------------------------------------------- ================================================================================ netdata-1.44.0-1.el7 (FEDORA-EPEL-2023-e21ee694ce) Real-time performance monitoring -------------------------------------------------------------------------------- Update Information: Update from upstream -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 7 2023 Didier Fabert <didier.fabert(a)gmail.com> 1.44.0-1 - Update from upstream --------------------------------------------------------------------------------

1 0

Fedora EPEL 8 updates-testing report
by updates＠fedoraproject.org 08 Dec '23

08 Dec '23

The following builds have been pushed to Fedora EPEL 8 updates-testing chromium-120.0.6099.62-2.el8 java-latest-openjdk-21.0.1.0.12-1.rolling.el8 netdata-1.44.0-1.el8 Details about builds: ================================================================================ chromium-120.0.6099.62-2.el8 (FEDORA-EPEL-2023-d0b9bcb64f) A WebKit (Blink) powered web browser that Google doesn't want you to use -------------------------------------------------------------------------------- Update Information: Update to 120.0.6099.62, upstream release fixes follow security issues: * High CVE-2023-6508: Use after free in Media Stream * High CVE-2023-6509: Use after free in Side Panel Search * Medium CVE-2023-6510: Use after free in Media Capture * Low CVE-2023-6511: Inappropriate implementation in Autofill * Low CVE-2023-6512: Inappropriate implementation in Web Browser UI ---- update to 119.0.6045.199, upstream security release * High CVE-2023-6348: Type Confusion in Spellcheck * High CVE-2023-6347: Use after free in Mojo * High CVE-2023-6346: Use after free in WebAudio * High CVE-2023-6350: Out of bounds memory access in libavif * High CVE-2023-6351: Use after free in libavif * High CVE-2023-6345: Integer overflow in Skia -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 6 2023 Than Ngo <than(a)redhat.com> - 120.0.6099.62-2 - drop unsupported ldflag which caused build failure * Tue Dec 5 2023 Than Ngo <than(a)redhat.com> - 120.0.6099.62-1 - update to 120.0.6099.62 - fixed bz#2252874, built with control flow integrity (CFI) support * Sat Dec 2 2023 Than Ngo <than(a)redhat.com> - 120.0.6099.56-1 - update to 120.0.6099.56 - enable qt6 UI backend * Sat Dec 2 2023 Than Ngo <than(a)redhat.com> - 119.0.6045.199-2 - fixed bz#2242271, built with bundleminizip in fedora > 39 - fixed bz#2251884, built with fstack-protector-strong for improved security * Wed Nov 29 2023 Than Ngo <than(a)redhat.com> - 119.0.6045.199-1 - update to 119.0.6045.199 * Sun Nov 19 2023 Than Ngo <than(a)redhat.com> - 119.0.6045.159-2 - fix ffmpeg conflicts -------------------------------------------------------------------------------- References: [ 1 ] Bug #2252009 - CVE-2023-6346 CVE-2023-6347 CVE-2023-6350 CVE-2023-6351 chromium: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2252009 [ 2 ] Bug #2252188 - CVE-2023-6345 chromium: chromium-browser: Integer overflow [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2252188 [ 3 ] Bug #2252191 - CVE-2023-6348 chromium: chromium-browser: Type Confusion in Spellcheck [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2252191 [ 4 ] Bug #2253151 - CVE-2023-6508 chromium: Use after free in Media Stream [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2253151 [ 5 ] Bug #2253154 - CVE-2023-6509 chromium: Use after free in Side Panel Search [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2253154 [ 6 ] Bug #2253157 - CVE-2023-6510 chromium: Use after free in Media Capture [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2253157 [ 7 ] Bug #2253161 - CVE-2023-6511 chromium: Inappropriate implementation in Autofill [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2253161 [ 8 ] Bug #2253164 - CVE-2023-6512 chromium: Inappropriate implementation in Web Browser UI [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2253164 -------------------------------------------------------------------------------- ================================================================================ java-latest-openjdk-21.0.1.0.12-1.rolling.el8 (FEDORA-EPEL-2023-1cee9af347) OpenJDK 21 Runtime Environment -------------------------------------------------------------------------------- Update Information: updated to octrober cpu -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 22 2023 Jiri Vanek <jvanek(a)redhat.com> - 1:21.0.1.0.12-1.rolling - updated to OpenJDK 21.0.1 (2023-10-17) * Fri Sep 29 2023 Yaakov Selkowitz <yselkowi(a)redhat.com> - 1:21.0.0.0.35-3.rolling - Fix flatpak build by handling different installation prefixes of package dependencies * Tue Sep 19 2023 Jiri Vanek <jvanek(a)redhat.com> - 1:21.0.0.0.35-2.rolling - adapted to new path in sources - repacked alt-java from misc subpkg - adapted alt-java to grep correctly prctl - removed no longer prepared nss.cfg * Tue Aug 29 2023 Jiri Vanek <jvanek(a)redhat.com> - 1:21.0.0.0.35-1.rolling - updated to jdk 21 -------------------------------------------------------------------------------- ================================================================================ netdata-1.44.0-1.el8 (FEDORA-EPEL-2023-39976b127c) Real-time performance monitoring -------------------------------------------------------------------------------- Update Information: Update from upstream -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 7 2023 Didier Fabert <didier.fabert(a)gmail.com> 1.44.0-1 - Update from upstream --------------------------------------------------------------------------------

1 0

Fedora EPEL 9 updates-testing report
by updates＠fedoraproject.org 08 Dec '23

08 Dec '23

The following Fedora EPEL 9 Security updates need testing: Age URL 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-3d9a822df5 rust-pore-0.1.8-5.el9 The following builds have been pushed to Fedora EPEL 9 updates-testing chromium-120.0.6099.62-2.el9 initoverlayfs-0.98-1.el9 java-latest-openjdk-21.0.1.0.12-1.rolling.el9 libssh2-1.11.0-1.el9 netdata-1.44.0-1.el9 python-awscrt-0.19.19-2.el9 qt-creator-8.0.2-2.el9 rust-once_cell-1.19.0-1.el9 wordpress-6.4.2-1.el9 Details about builds: ================================================================================ chromium-120.0.6099.62-2.el9 (FEDORA-EPEL-2023-8d617060ef) A WebKit (Blink) powered web browser that Google doesn't want you to use -------------------------------------------------------------------------------- Update Information: Update to 120.0.6099.62, upstream release fixes follow security issues: * High CVE-2023-6508: Use after free in Media Stream * High CVE-2023-6509: Use after free in Side Panel Search * Medium CVE-2023-6510: Use after free in Media Capture * Low CVE-2023-6511: Inappropriate implementation in Autofill * Low CVE-2023-6512: Inappropriate implementation in Web Browser UI ---- update to 119.0.6045.199, upstream security release * High CVE-2023-6348: Type Confusion in Spellcheck * High CVE-2023-6347: Use after free in Mojo * High CVE-2023-6346: Use after free in WebAudio * High CVE-2023-6350: Out of bounds memory access in libavif * High CVE-2023-6351: Use after free in libavif * High CVE-2023-6345: Integer overflow in Skia -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 6 2023 Than Ngo <than(a)redhat.com> - 120.0.6099.62-2 - drop unsupported ldflag which caused build failure * Tue Dec 5 2023 Than Ngo <than(a)redhat.com> - 120.0.6099.62-1 - update to 120.0.6099.62 - fixed bz#2252874, built with control flow integrity (CFI) support * Sat Dec 2 2023 Than Ngo <than(a)redhat.com> - 120.0.6099.56-1 - update to 120.0.6099.56 - enable qt6 UI backend * Sat Dec 2 2023 Than Ngo <than(a)redhat.com> - 119.0.6045.199-2 - fixed bz#2242271, built with bundleminizip in fedora > 39 - fixed bz#2251884, built with fstack-protector-strong for improved security * Wed Nov 29 2023 Than Ngo <than(a)redhat.com> - 119.0.6045.199-1 - update to 119.0.6045.199 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2252009 - CVE-2023-6346 CVE-2023-6347 CVE-2023-6350 CVE-2023-6351 chromium: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2252009 [ 2 ] Bug #2252188 - CVE-2023-6345 chromium: chromium-browser: Integer overflow [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2252188 [ 3 ] Bug #2252191 - CVE-2023-6348 chromium: chromium-browser: Type Confusion in Spellcheck [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2252191 [ 4 ] Bug #2253151 - CVE-2023-6508 chromium: Use after free in Media Stream [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2253151 [ 5 ] Bug #2253154 - CVE-2023-6509 chromium: Use after free in Side Panel Search [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2253154 [ 6 ] Bug #2253157 - CVE-2023-6510 chromium: Use after free in Media Capture [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2253157 [ 7 ] Bug #2253161 - CVE-2023-6511 chromium: Inappropriate implementation in Autofill [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2253161 [ 8 ] Bug #2253164 - CVE-2023-6512 chromium: Inappropriate implementation in Web Browser UI [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2253164 -------------------------------------------------------------------------------- ================================================================================ initoverlayfs-0.98-1.el9 (FEDORA-EPEL-2023-6765518a30) An initial scalable filesystem for Linux operating systems -------------------------------------------------------------------------------- Update Information: Release 0.98 -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 7 2023 Stephen Smoogen <ssmoogen(a)redhat.com> - 0.98-1 - Release 0.98 - Improve documentation (PR31 and ecurtin) - Only wait for bootfs storage device if it is configured (PR32) * Fri Nov 17 2023 Eric Curtin <ecurtin(a)redhat.com> - 0.97-1 - Raspberry Pi 4 enablement. -------------------------------------------------------------------------------- ================================================================================ java-latest-openjdk-21.0.1.0.12-1.rolling.el9 (FEDORA-EPEL-2023-f623b9081e) OpenJDK 21 Runtime Environment -------------------------------------------------------------------------------- Update Information: updated to octrober cpu -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 22 2023 Jiri Vanek <jvanek(a)redhat.com> - 1:21.0.1.0.12-1.rolling - updated to OpenJDK 21.0.1 (2023-10-17) * Fri Sep 29 2023 Yaakov Selkowitz <yselkowi(a)redhat.com> - 1:21.0.0.0.35-3.rolling - Fix flatpak build by handling different installation prefixes of package dependencies * Tue Sep 19 2023 Jiri Vanek <jvanek(a)redhat.com> - 1:21.0.0.0.35-2.rolling - adapted to new path in sources - repacked alt-java from misc subpkg - adapted alt-java to grep correctly prctl - removed no longer prepared nss.cfg * Tue Aug 29 2023 Jiri Vanek <jvanek(a)redhat.com> - 1:21.0.0.0.35-1.rolling - updated to jdk 21 -------------------------------------------------------------------------------- ================================================================================ libssh2-1.11.0-1.el9 (FEDORA-EPEL-2023-1b67b5f664) A library implementing the SSH2 protocol -------------------------------------------------------------------------------- Update Information: This is an update to the current upstream release version, with a number of enhancements including Ed25519, ETM-MAC and AES-GCM support. -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 1 2023 Paul Howarth <paul(a)city-fan.org> - 1.11.0-1 - Update to 1.11.0 (rhbz#2211200) - Adds support for encrypt-then-mac (ETM) MACs - Adds support for AES-GCM crypto protocols - Adds support for sk-ecdsa-sha2-nistp256 and sk-ssh-ed25519 keys - Adds support for RSA certificate authentication - Adds FIDO support with *_sk() functions - Adds RSA-SHA2 key upgrading to OpenSSL, WinCNG, mbedTLS, OS400 backends - Adds Agent Forwarding and libssh2_agent_sign() - Adds support for Channel Signal message libssh2_channel_signal_ex() - Adds support to get the user auth banner message libssh2_userauth_banner() - Adds LIBSSH2_NO_{MD5, HMAC_RIPEMD, DSA, RSA, RSA_SHA1, ECDSA, ED25519, AES_CBC, AES_CTR, BLOWFISH, RC4, CAST, 3DES} options - Adds direct stream UNIX sockets with libssh2_channel_direct_streamlocal_ex() - Adds wolfSSL support to CMake file - Adds mbedTLS 3.x support - Adds LibreSSL 3.5 support - Adds support for CMake "unity" builds - Adds CMake support for building shared and static libs in a single pass - Adds symbol hiding support to CMake - Adds support for libssh2.rc for all build tools - Adds .zip, .tar.xz and .tar.bz2 release tarballs - Enables ed25519 key support for LibreSSL 3.7.0 or higher - Improves OpenSSL 1.1 and 3 compatibility - Now requires OpenSSL 1.0.2 or newer - Now requires CMake 3.1 or newer - SFTP: Adds libssh2_sftp_open_ex_r() and libssh2_sftp_open_r() extended APIs - SFTP: No longer has a packet limit when reading a directory - SFTP: Now parses attribute extensions if they exist - SFTP: No longer will busy loop if SFTP fails to initialize - SFTP: Now clear various errors as expected - SFTP: No longer skips files if the line buffer is too small - SCP: Add option to not quote paths - SCP: Enables 64-bit offset support unconditionally - Now skips leading \r and \n characters in banner_receive() - Enables secure memory zeroing with all build tools on all platforms - No longer logs SSH_MSG_REQUEST_FAILURE packets from keepalive - Speed up base64 encoding by 7x - Assert if there is an attempt to write a value that is too large - WinCNG: fix memory leak in _libssh2_dh_secret() - Added protection against possible null pointer dereferences - Agent now handles overly large comment lengths - Now ensure KEX replies don't include extra bytes - Fixed possible buffer overflow when receiving SSH_MSG_USERAUTH_BANNER - Fixed possible buffer overflow in keyboard interactive code path - Fixed overlapping memcpy() - Fixed Windows UWP builds - Fixed DLL import name - Renamed local RANDOM_PADDING macro to avoid unexpected define on Windows - Support for building with gcc versions older than 8 - Improvements to CMake, Makefile, NMakefile, GNUmakefile, autoreconf files - Restores ANSI C89 compliance - Enabled new compiler warnings and fixed/silenced them - Improved error messages - Now uses CIFuzz - Numerous minor code improvements - Improvements to CI builds - Improvements to unit tests - Improvements to doc files - Improvements to example files - Removed "old gex" build option - Removed no-encryption/no-mac builds - Removed support for NetWare and Watcom wmake build files - Avoid use of deprecated patch syntax - Build static library but don't package it since it's required for the test suite (https://github.com/libssh2/libssh2/issues/1056) - Remove redundant references to %{_libdir} from pkgconfig file - Add patch to work around strict permissions issues for sshd tests * Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.10.0-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Fri Oct 28 2022 Todd Zullinger <tmz(a)pobox.com> - 1.10.0-6 - Verify upstream release signatures * Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.10.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Sun Jan 23 2022 Paul Howarth <paul(a)city-fan.org> - 1.10.0-4 - In 8.8 OpenSSH disabled sha1 rsa-sha keys out of the box, so we need to re-enable them as a workaround for the test suite until upstream updates the tests See: https://github.com/libssh2/libssh2/issues/630 - Drop other test workarounds, none of them being needed any longer * Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.10.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Tue Sep 14 2021 Sahana Prasad <sahana(a)redhat.com> - 1.10.0-2 - Rebuilt with OpenSSL 3.0.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2253412 - Please rebase libssh2 in EPEL 9 to 1.11.0 https://bugzilla.redhat.com/show_bug.cgi?id=2253412 -------------------------------------------------------------------------------- ================================================================================ netdata-1.44.0-1.el9 (FEDORA-EPEL-2023-c76dcf8d1f) Real-time performance monitoring -------------------------------------------------------------------------------- Update Information: Update from upstream -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 7 2023 Didier Fabert <didier.fabert(a)gmail.com> 1.44.0-1 - Update from upstream -------------------------------------------------------------------------------- ================================================================================ python-awscrt-0.19.19-2.el9 (FEDORA-EPEL-2023-910ad77450) Python bindings for the AWS Common Runtime -------------------------------------------------------------------------------- Update Information: Update for python-awscrt-0.19.19-2.el9. ##### **Changelog for python-awscrt** ``` * Wed Dec 06 2023 Nikola Forr�� <nforro(a)redhat.com> - 0.19.19-2 - Add Packit config * Thu Nov 30 2023 Packit <hello(a)packit.dev> - 0.19.19-1 - [packit] 0.19.19 upstream release - Resolves rhbz#2250726 * Fri Nov 17 2023 Packit <hello(a)packit.dev> - 0.19.13-1 - [packit] 0.19.13 upstream release - Resolves rhbz#2247105 * Wed Oct 25 2023 Packit <hello(a)packit.dev> - 0.19.6-1 - [packit] 0.19.6 upstream release - Resolves rhbz#2211521 Upstream tag: v0.19.6 Upstream commit: b83949d0 * Mon Oct 16 2023 Packit <hello(a)packit.dev> - 0.19.3-1 - [packit] 0.19.3 upstream release * Mon Oct 02 2023 Packit <hello(a)packit.dev> - 0.19.2-1 - [packit] 0.19.2 upstream release ``` -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 6 2023 Nikola Forr�� <nforro(a)redhat.com> - 0.19.19-2 - Add Packit config * Thu Nov 30 2023 Packit <hello(a)packit.dev> - 0.19.19-1 - [packit] 0.19.19 upstream release - Resolves rhbz#2250726 * Fri Nov 17 2023 Packit <hello(a)packit.dev> - 0.19.13-1 - [packit] 0.19.13 upstream release - Resolves rhbz#2247105 * Wed Oct 25 2023 Packit <hello(a)packit.dev> - 0.19.6-1 - [packit] 0.19.6 upstream release - Resolves rhbz#2211521 Upstream tag: v0.19.6 Upstream commit: b83949d0 * Mon Oct 16 2023 Packit <hello(a)packit.dev> - 0.19.3-1 - [packit] 0.19.3 upstream release * Mon Oct 2 2023 Packit <hello(a)packit.dev> - 0.19.2-1 - [packit] 0.19.2 upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #2250726 - python-awscrt-0.19.19 is available https://bugzilla.redhat.com/show_bug.cgi?id=2250726 -------------------------------------------------------------------------------- ================================================================================ qt-creator-8.0.2-2.el9 (FEDORA-EPEL-2023-4f4cc2f9b2) Cross-platform IDE for Qt -------------------------------------------------------------------------------- Update Information: Update to version 8.0.2 -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 7 2023 Thomas Zimmermann <thomas.zimmermann(a)voestalpine.com> - 8.0.2-1 - Update to Version 8.0.2 - Unbundle clang -------------------------------------------------------------------------------- References: [ 1 ] Bug #2102604 - qt-creator requires rebuild due to clang-libs update 14.0.5 https://bugzilla.redhat.com/show_bug.cgi?id=2102604 [ 2 ] Bug #2253404 - Request to rebuild qt-creator for RHEL 9.3 https://bugzilla.redhat.com/show_bug.cgi?id=2253404 -------------------------------------------------------------------------------- ================================================================================ rust-once_cell-1.19.0-1.el9 (FEDORA-EPEL-2023-cbc8151b4a) Single assignment cells and lazy values -------------------------------------------------------------------------------- Update Information: Update to version 1.19.0. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 7 2023 Jan Stan��k <jstanek(a)redhat.com> - 1.19.0-1 - Update to version 1.19.0 (rhbz#2253436) -------------------------------------------------------------------------------- ================================================================================ wordpress-6.4.2-1.el9 (FEDORA-EPEL-2023-af4a7bbba9) Blog tool and publishing platform -------------------------------------------------------------------------------- Update Information: **WordPress 6.4.2 Maintenance & Security Release** Security updates included in this release * A Remote Code Execution vulnerability that is not directly exploitable in core, however the security team feels that there is a potential for high severity when combined with some plugins, especially in multisite installs. See [Upstream announcement](https://wordpress.org/news/2023/12/wordpress-6-4-2-maintenanc… security-release/) -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 7 2023 Remi Collet <remi(a)remirepo.net> - 6.4.2-1 - WordPress 6.4.2 Maintenance & Security Release --------------------------------------------------------------------------------

1 0

Fedora EPEL 7 updates-testing report
by updates＠fedoraproject.org 07 Dec '23

07 Dec '23

The following Fedora EPEL 7 Security updates need testing: Age URL 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-46696cc30b chromium-119.0.6045.199-1.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing wsdd-0.7.1-1.el7 Details about builds: ================================================================================ wsdd-0.7.1-1.el7 (FEDORA-EPEL-2023-4e7c9d636e) Web Services Dynamic Discovery host daemon -------------------------------------------------------------------------------- Update Information: Latest upstream release. Includes https://src.fedoraproject.org/rpms/wsdd/pull- request/1 . -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 6 2023 Ondrej Holy <oholy(a)redhat.com> - 0.7.1-1 - Update to 0.7.1. * Sat Jul 22 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.7.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Sat Jan 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.7.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.7.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Sat Jan 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.7.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild --------------------------------------------------------------------------------

2 1

Fedora EPEL 8 updates-testing report
by updates＠fedoraproject.org 07 Dec '23

07 Dec '23

The following Fedora EPEL 8 Security updates need testing: Age URL 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-d47bce8e4e chromium-119.0.6045.199-1.el8 The following builds have been pushed to Fedora EPEL 8 updates-testing java-latest-openjdk-portable-21.0.1.0.12-2.rolling.el8 root-6.30.02-1.el8 wsdd-0.7.1-1.el8 Details about builds: ================================================================================ java-latest-openjdk-portable-21.0.1.0.12-2.rolling.el8 (FEDORA-EPEL-2023-8ce17c621c) OpenJDK 21 Runtime Environment portable edition -------------------------------------------------------------------------------- Update Information: updated to october CPU -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 22 2023 Jiri Vanek <jvanek(a)redhat.com> - 1:21.0.1.0.12-2.rolling - updated to OpenJDK 21.0.1 (2023-10-17) - adjsuted generate_source_tarball - removed icedtea_sync - dropped standalone licenses - added usntripped subpkg - added docs subpkg - adjsuted versions of bundled libraries - build refactored to several solid methods following gnu_andrew - removed no longer needed jdk8296108-tzdata2022f.patch, jdk8296715-cldr2022f.patch, rh1648644-java_access_bridge_privileged_security.patch - added jdk8311630-s390_ffmapi.patch to support virtual threads on s390x - aligned fips-21u-75ffdc48eda.patch (gnu_andrew) - fixed '--without release' build-ability by moving docs and misc to if-release only * Wed Sep 20 2023 Jiri Vanek <jvanek(a)redhat.com> - 1:21.0.0.0.35-4.rolling - removed %{1} from miscportablename * Fri Sep 15 2023 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:21.0.0.0.35-3.rolling - Update documentation (README.md, add missing JEP to release notes) - Replace alt-java patch with a binary separate from the JDK - Drop stale patches that are of little use any more: - * nss.cfg has been disabled since early PKCS11 work and long superseded by FIPS work - * No accessibility subpackage to warrant RH1648242 patch any more - * No use of system libjpeg turbo to warrant RH649512 patch any more - Replace RH1684077 pcsc-lite-libs patch with better JDK-8009550 fix being upstreamed - Update generate_tarball.sh to sync with upstream vanilla script - Change top_level_dir_name to use the VCS tag, matching new upstream release style tarball - Use upstream release URL for OpenJDK source - Port misc tarball from RHEL to house alt-java outside the JDK tree - Port improved tarball creation and checking from RHEL so tarballs are verified * Thu Sep 14 2023 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:21.0.0.0.35-2.rolling - Bump buildjdkver now that java-21-openjdk is available in the buildroot * Tue Aug 8 2023 Petra Alice Mikova <pmikova(a)redhat.com> 1:21.0.0.0.35-1.rolling - updated to jdk-21+35, which is no longer EA * Tue Aug 8 2023 Petra Alice Mikova <pmikova(a)redhat.com> 1:21.0.0.0.34-0.1.ea.rolling - initial update to jdk21 - commented out fips patches - updated to jdk21 ea - updated patch 1001 - rh1648249-add_commented_out_nss_cfg_provider_to_java_security - replace smoketests in staticlibs test, as the previous files used were removed by a patch in JDK - require tzdata 2023c - Update FIPS support to bring in latest changes - * RH2048582: Support PKCS#12 keystores - * RH2020290: Support TLS 1.3 in FIPS mode - * Add nss.fips.cfg support to OpenJDK tree - * RH2117972: Extend the support for NSS DBs (PKCS11) in FIPS mode - * Remove forgotten dead code from RH2020290 and RH2104724 - * OJ1357: Fix issue on FIPS with a SecurityManager in place - * RH2134669: Add missing attributes when registering services in FIPS mode. - * test/jdk/sun/security/pkcs11/fips/VerifyMissingAttributes.java: fixed jtreg main class - * RH1940064: Enable XML Signature provider in FIPS mode - * Remove GCC minor versioning (JDK-8284772) to unbreak testing - Drop local nss.fips.cfg.in handling now this is handled in the patched OpenJDK build -------------------------------------------------------------------------------- ================================================================================ root-6.30.02-1.el8 (FEDORA-EPEL-2023-5cf6b377b2) Numerical data analysis framework -------------------------------------------------------------------------------- Update Information: ROOT 6.30.02 -------------------------------------------------------------------------------- ChangeLog: * Sat Dec 2 2023 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 6.30.02-1 - Update to 6.30.02 -------------------------------------------------------------------------------- ================================================================================ wsdd-0.7.1-1.el8 (FEDORA-EPEL-2023-e43ee1ef96) Web Services Dynamic Discovery host daemon -------------------------------------------------------------------------------- Update Information: Latest upstream release. Includes https://src.fedoraproject.org/rpms/wsdd/pull- request/1 . -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 6 2023 Ondrej Holy <oholy(a)redhat.com> - 0.7.1-1 - Update to 0.7.1. * Sat Jul 22 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.7.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Sat Jan 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.7.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.7.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Sat Jan 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.7.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild --------------------------------------------------------------------------------

1 0

Fedora EPEL 9 updates-testing report
by updates＠fedoraproject.org 07 Dec '23

07 Dec '23

The following Fedora EPEL 9 Security updates need testing: Age URL 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-2537ccf8b5 chromium-119.0.6045.199-1.el9 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-3d9a822df5 rust-pore-0.1.8-5.el9 The following builds have been pushed to Fedora EPEL 9 updates-testing bluechi-0.6.0-1.el9 java-latest-openjdk-portable-21.0.1.0.12-2.rolling.el9 nickle-2.96-1.el9 python-google-auth-2.25.1-1.el9 root-6.30.02-1.el9 snakeyaml-1.33-1.el9 wsdd-0.7.1-1.el9 Details about builds: ================================================================================ bluechi-0.6.0-1.el9 (FEDORA-EPEL-2023-73c4c9c7aa) A systemd service controller for multi-nodes environments -------------------------------------------------------------------------------- Update Information: Version 0.6.0 includes the following changes and updates: - Renamed bluechi to bluechi-controller for binary, rpm and documentation - Moved bluechi binaries to /usr/libexec for auto-completion - Added properties and signals for connection status and disconnected timestamp to Agent's public API - Removed duplicate NodeConnectionStateChanged signal from bluechi-controller - CLI option for the version (-v) prints version and git commit hash for non-release builds - Extended BlueChi's public D-Bus API specification by inline-comments - Added EmitsChangedSignal annotation to properties in BlueChi's public D-Bus API specification - Enhanced typed python bindings generator to use inline- comments from specification - Enhanced typed python bindings generator to provide listener functions for property changed signals - Fixes in the D-Bus API description - Improved error messages returned by D-Bus API - Added static code analysis from gcc and fixed detected issues - Added a graceful node shutdown in bluechi-controller - Fixed a few smaller memory leaks - Fixed bug where configured manager address was overridden on connection failure - Fixed bug where removing a subscription was not prevented - Fixed race condition leading bluechi-proxy and bluechi-dep service to transition into failed state - Aligned and added API examples for Python, Go and Rust - Changed the license for python bindings to MIT-0 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 29 2023 Michael Engel <mengel(a)redhat.com> - 0.6.0-1 - Update to 0.6.0 - Rename bluechi package to controller -------------------------------------------------------------------------------- ================================================================================ java-latest-openjdk-portable-21.0.1.0.12-2.rolling.el9 (FEDORA-EPEL-2023-a52c6ecf48) OpenJDK 21 Runtime Environment portable edition -------------------------------------------------------------------------------- Update Information: updated to october CPU -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 22 2023 Jiri Vanek <jvanek(a)redhat.com> - 1:21.0.1.0.12-2.rolling - updated to OpenJDK 21.0.1 (2023-10-17) - adjsuted generate_source_tarball - removed icedtea_sync - dropped standalone licenses - added usntripped subpkg - added docs subpkg - adjsuted versions of bundled libraries - build refactored to several solid methods following gnu_andrew - removed no longer needed jdk8296108-tzdata2022f.patch, jdk8296715-cldr2022f.patch, rh1648644-java_access_bridge_privileged_security.patch - added jdk8311630-s390_ffmapi.patch to support virtual threads on s390x - aligned fips-21u-75ffdc48eda.patch (gnu_andrew) - fixed '--without release' build-ability by moving docs and misc to if-release only * Wed Sep 20 2023 Jiri Vanek <jvanek(a)redhat.com> - 1:21.0.0.0.35-4.rolling - removed %{1} from miscportablename * Fri Sep 15 2023 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:21.0.0.0.35-3.rolling - Update documentation (README.md, add missing JEP to release notes) - Replace alt-java patch with a binary separate from the JDK - Drop stale patches that are of little use any more: - * nss.cfg has been disabled since early PKCS11 work and long superseded by FIPS work - * No accessibility subpackage to warrant RH1648242 patch any more - * No use of system libjpeg turbo to warrant RH649512 patch any more - Replace RH1684077 pcsc-lite-libs patch with better JDK-8009550 fix being upstreamed - Update generate_tarball.sh to sync with upstream vanilla script - Change top_level_dir_name to use the VCS tag, matching new upstream release style tarball - Use upstream release URL for OpenJDK source - Port misc tarball from RHEL to house alt-java outside the JDK tree - Port improved tarball creation and checking from RHEL so tarballs are verified * Thu Sep 14 2023 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:21.0.0.0.35-2.rolling - Bump buildjdkver now that java-21-openjdk is available in the buildroot * Tue Aug 8 2023 Petra Alice Mikova <pmikova(a)redhat.com> 1:21.0.0.0.35-1.rolling - updated to jdk-21+35, which is no longer EA * Tue Aug 8 2023 Petra Alice Mikova <pmikova(a)redhat.com> 1:21.0.0.0.34-0.1.ea.rolling - initial update to jdk21 - commented out fips patches - updated to jdk21 ea - updated patch 1001 - rh1648249-add_commented_out_nss_cfg_provider_to_java_security - replace smoketests in staticlibs test, as the previous files used were removed by a patch in JDK - require tzdata 2023c - Update FIPS support to bring in latest changes - * RH2048582: Support PKCS#12 keystores - * RH2020290: Support TLS 1.3 in FIPS mode - * Add nss.fips.cfg support to OpenJDK tree - * RH2117972: Extend the support for NSS DBs (PKCS11) in FIPS mode - * Remove forgotten dead code from RH2020290 and RH2104724 - * OJ1357: Fix issue on FIPS with a SecurityManager in place - * RH2134669: Add missing attributes when registering services in FIPS mode. - * test/jdk/sun/security/pkcs11/fips/VerifyMissingAttributes.java: fixed jtreg main class - * RH1940064: Enable XML Signature provider in FIPS mode - * Remove GCC minor versioning (JDK-8284772) to unbreak testing - Drop local nss.fips.cfg.in handling now this is handled in the patched OpenJDK build -------------------------------------------------------------------------------- ================================================================================ nickle-2.96-1.el9 (FEDORA-EPEL-2023-ce4a3d610e) A programming language-based prototyping environment -------------------------------------------------------------------------------- Update Information: Update to latest `nickle` release nickle (2.96) unstable; urgency=medium * Fix LDFLAGS in debian package. -- Keith Packard <keithp(a)keithp.com> Sat, 02 Dec 2023 22:21:27 -0800 nickle (2.95) unstable; urgency=medium * Handle empty objects and arrays in JSON input * Initialize SymbolLocal code member in allocator to prevent fault when GC runs before correct value is set. -- Keith Packard <keithp(a)keithp.com> Sat, 02 Dec 2023 12:52:05 -0800 nickle (2.94) unstable; urgency=medium * Add true/false/null support to json.5c * Add file input/output to json.5c -- Keith Packard <keithp(a)keithp.com> Thu, 30 Nov 2023 12:13:48 -0800 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 5 2023 Michel Lind <salimma(a)fedoraproject.org> - 2.96-1 - Update to 2.96 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2252324 - nickle-2.96 is available https://bugzilla.redhat.com/show_bug.cgi?id=2252324 -------------------------------------------------------------------------------- ================================================================================ python-google-auth-2.25.1-1.el9 (FEDORA-EPEL-2023-27d28fb954) Google Auth Python Library -------------------------------------------------------------------------------- Update Information: Update python-google-auth to 2.25 -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 6 2023 Fedora Release Monitoring <release-monitoring(a)fedoraproject.org> - 1:2.25.1-1 - Update to 2.25.1 (#2252361) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2252361 - python-google-auth-2.25.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2252361 -------------------------------------------------------------------------------- ================================================================================ root-6.30.02-1.el9 (FEDORA-EPEL-2023-b71d101c25) Numerical data analysis framework -------------------------------------------------------------------------------- Update Information: ROOT 6.30.02 -------------------------------------------------------------------------------- ChangeLog: * Sat Dec 2 2023 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 6.30.02-1 - Update to 6.30.02 -------------------------------------------------------------------------------- ================================================================================ snakeyaml-1.33-1.el9 (FEDORA-EPEL-2023-a7a7801f83) YAML parser and emitter for Java -------------------------------------------------------------------------------- Update Information: Updated to upstream 1.33 release. -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 23 2023 Stefan Bluhm <stefan.bluhm(a)clacee.eu> - 1.33-1 - Updated to upstream 1.33 release. * Sat Jul 22 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.32-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Sat Jan 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.32-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ wsdd-0.7.1-1.el9 (FEDORA-EPEL-2023-c9101e8a4b) Web Services Dynamic Discovery host daemon -------------------------------------------------------------------------------- Update Information: Latest upstream release. Includes https://src.fedoraproject.org/rpms/wsdd/pull- request/1 . -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 6 2023 Ondrej Holy <oholy(a)redhat.com> - 0.7.1-1 - Update to 0.7.1. * Sat Jul 22 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.7.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Sat Jan 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.7.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild --------------------------------------------------------------------------------

1 0

Proposed incompatible security update for llhttp in EPEL9
by Ben Beasley 06 Dec '23

06 Dec '23

This email proposes upgrading the llhttp package in EPEL9 from 6.0.10 to 8.1.1, which would break the ABI and bump the SONAME version, under the EPEL Incompatible Upgrades Policy[1]. The llhttp package is a C library (transpiled from TypeScript) that provides the low-level HTTP support for NodeJS and for python-aiohttp. Currently, only python-aiohttp depends on the llhttp package in EPEL9. Versions of llhttp prior to 8.1.1 are affected by CVE-2023-30589[2], an HTTP request smuggling vulnerability rated 7.7 HIGH in CVSS v3 and rated Moderate by Red Hat. The GitHub advisory for llhttp is GHSA-cggh-pq45-6h9x[3]; the advisory for python-aiohttp is GHSA-45c4-8wx5-qw6w[4]. Upstream for python-aiohttp fixed this by updating llhttp (which they bundle, but we unbundle) in release 3.8.5. I am not comfortable attempting to backport the fix to an older release of llhttp. My preferred solution would be to update llhttp to 8.1.1[5] and (in the same side tag) update python-aiohttp to 3.8.5[6]. The ABI break in llhttp would only affect python-aiohttp; the python-aiohttp update itself is compatible (by upstream intent, and verified in COPR[7]); and a number of packages that depend on python-aiohttp would benefit from the fix. If this exception request is not approved, my fallback plan is to propose rebuilding python-aiohttp in EPEL9 with AIOHTTP_NO_EXTENSIONS=1, which would convert it to a pure-Python package. This is a documented mitigation, but comes with potentially serious performance regressions, again affecting a number of dependent packages. The llhttp package would become a leaf package and would remain unpatched. The same incompatible update was approved by FESCo for Fedora 37[8]. The purpose of this email is to document and explain the proposed update, to begin the minimum one-week discussion period mandated by the EPEL Incompatible Upgrades Policy, and to request that the update be added to the agenda for an upcoming EPEL meeting. [1] https://docs.fedoraproject.org/en-US/epel/epel-policy-incompatible-upgrades… [2] https://access.redhat.com/security/cve/CVE-2023-30589 [3] https://github.com/advisories/GHSA-cggh-pq45-6h9x [4] https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w [5] https://src.fedoraproject.org/rpms/llhttp/pull-request/14 [6] https://src.fedoraproject.org/rpms/python-aiohttp/pull-request/26 [7] https://copr.fedorainfracloud.org/coprs/music/aiohttp-epel9/packages/ [8] https://pagure.io/fesco/issue/3049

3 6

← Newer
1
2
3
4
5
6
7
8
9
Older →

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

epel-devel December 2023