The following Fedora EPEL 9 Security updates need testing: Age URL 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-5445ead5e2 phpMyAdmin-5.2.1-1.el9 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-8eb5601fd8 shapelib-1.5.0-12.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
ImageMagick-6.9.12.77-1.el9 OpenImageIO-2.4.8.1-1.el9 SDL2_mixer-2.6.2-2.el9 apptainer-1.1.6-1.el9 bitstower-markets-0.5.4-1.el9 canl-c-3.0.0-16.el9 ffmpeg-5.1.2-9.el9 htop-3.2.2-1.el9 perl-Cairo-GObject-1.005-11.el9 perl-Gtk3-0.038-7.el9 php-pecl-krb5-1.1.5-1.el9 python-aiohttp-3.8.4-1.el9 python-hatch-vcs-0.2.1-1.el9 qxmledit-0.9.18-1.el9 xbae-4.60.4-36.el9 xmessage-1.0.6-2.el9
Details about builds:
================================================================================ ImageMagick-6.9.12.77-1.el9 (FEDORA-EPEL-2023-6a62d83adf) An X application for displaying and manipulating images -------------------------------------------------------------------------------- Update Information:
Update to 6.9.12-77 -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 14 2023 S��rgio Basto sergio@serjux.com - 1:6.9.12.77-1 - Update ImageMagick to 6.9.12.77 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2167595 - CVE-2022-44267 ImageMagick: Denial of Service when it parses a PNG image [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2167595 [ 2 ] Bug #2167599 - CVE-2022-44268 ImageMagick: vulnerable to Information Disclosure when it parses a PNG image [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2167599 --------------------------------------------------------------------------------
================================================================================ OpenImageIO-2.4.8.1-1.el9 (FEDORA-EPEL-2023-a101920015) Library for reading and writing images -------------------------------------------------------------------------------- Update Information:
Release 2.4.8.1 (13 Feb 2023) -- compared to 2.4.8.0 * Fix(targa): guard against corrupted tga files Fixes TALOS-2023-1707 / CVE-2023-24473, TALOS-2023-1708 / CVE-2023-22845. #3768 * Fix: race condition in TIFF reader, fixes TALOS-2023-1709 / CVE-2023-24472. * Windows: Fix unresolved external symbol for MSVS 2017 #3763 * Fix: Initialize OpenEXROutput::m_levelmode in init(). #3764 * Fix: improve thread safety for concurrent tiff loads. #3767 * Fix(fits): Make sure to close if open fails to find right magic number. -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 14 2023 Richard Shaw hobbes1069@gmail.com - 2.4.8.1-1 - Update to 2.4.8.1. * Thu Feb 2 2023 Richard Shaw hobbes1069@gmail.com - 2.4.8.0-1 - Update to 2.4.8.0. * Fri Jan 20 2023 Richard Shaw hobbes1069@gmail.com - 2.4.7.1-4 - Rebuild for opencv (again). * Wed Jan 18 2023 Fedora Release Engineering releng@fedoraproject.org - 2.4.7.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Mon Jan 16 2023 S��rgio Basto sergio@serjux.com - 2.4.7.1-2 - Rebuild for opencv 4.7.0 * Wed Jan 4 2023 Richard Shaw hobbes1069@gmail.com - 2.4.7.1-1 - Update to 2.4.7.1. * Mon Jan 2 2023 Richard Shaw hobbes1069@gmail.com - 2.4.7.0-1 - Update to 2.4.7.0. * Mon Jan 2 2023 Richard Shaw hobbes1069@gmail.com - 2.4.6.1-2 - Rebuilt for OpenVDB. * Thu Dec 22 2022 Richard Shaw hobbes1069@gmail.com - 2.4.6.1-1 - Update to 2.4.6.1. * Tue Dec 20 2022 Gwyn Ciesla gwync@protonmail.com - 2.4.4.2-3 - LibRaw rebuild * Tue Nov 15 2022 Richard Shaw hobbes1069@gmail.com - 2.4.4.2-2 - Rebuild for yaml-cpp 0.7.0. --------------------------------------------------------------------------------
================================================================================ SDL2_mixer-2.6.2-2.el9 (FEDORA-EPEL-2023-c75f9ec210) Simple DirectMedia Layer - Sample Mixer Library -------------------------------------------------------------------------------- Update Information:
Add perl-Gtk3, perl-CairoGObject and SDL2_Mixer to EPEL9 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 18 2023 Fedora Release Engineering releng@fedoraproject.org - 2.6.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Sat Dec 3 2022 Pete Walter pwalter@fedoraproject.org - 2.6.2-1 - Update to 2.6.2 * Wed Jul 20 2022 Fedora Release Engineering releng@fedoraproject.org - 2.0.4-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Wed Jan 19 2022 Fedora Release Engineering releng@fedoraproject.org - 2.0.4-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Wed Jul 21 2021 Fedora Release Engineering releng@fedoraproject.org - 2.0.4-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Mon Jan 25 2021 Fedora Release Engineering releng@fedoraproject.org - 2.0.4-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2063765 - Please build SDL2_mixer for EPEL-8 and EPEL-9 https://bugzilla.redhat.com/show_bug.cgi?id=2063765 [ 2 ] Bug #2125015 - perl-Gtk3 EPEL9 https://bugzilla.redhat.com/show_bug.cgi?id=2125015 --------------------------------------------------------------------------------
================================================================================ apptainer-1.1.6-1.el9 (FEDORA-EPEL-2023-5f32ecbc71) Application and environment virtualization formerly known as Singularity -------------------------------------------------------------------------------- Update Information:
Update to upstream 1.1.6 -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 14 2023 Dave Dykstra dwd@fnal.gov - 1.1.6-1 - Update to upstream 1.1.6. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2161895 - apptainer does not declare bundled dependencies https://bugzilla.redhat.com/show_bug.cgi?id=2161895 [ 2 ] Bug #2161899 - apptainer: vulnerable to CVE-2022-23538 https://bugzilla.redhat.com/show_bug.cgi?id=2161899 --------------------------------------------------------------------------------
================================================================================ bitstower-markets-0.5.4-1.el9 (FEDORA-EPEL-2023-6dca237fef) A stock and currency tracker -------------------------------------------------------------------------------- Update Information:
Initial EPEL build -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 14 2023 Yaakov Selkowitz yselkowi@redhat.com - 0.5.4-1 - Initial build -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2169246 - Review Request: bitstower-markets - A stock and currency tracker https://bugzilla.redhat.com/show_bug.cgi?id=2169246 --------------------------------------------------------------------------------
================================================================================ canl-c-3.0.0-16.el9 (FEDORA-EPEL-2023-ff6b911c95) EMI Common Authentication library - bindings for C -------------------------------------------------------------------------------- Update Information:
Add canl-c package to EPEL 9 -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 14 2023 Franti��ek Dvo����k valtri@civ.zcu.cz - 3.0.0-16 - Update license field to SPDX identifier - Cleanup LaTeX dependencies * Wed Jan 18 2023 Fedora Release Engineering releng@fedoraproject.org - 3.0.0-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Wed Jul 20 2022 Fedora Release Engineering releng@fedoraproject.org - 3.0.0-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Wed Jan 19 2022 Fedora Release Engineering releng@fedoraproject.org - 3.0.0-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Tue Sep 14 2021 Sahana Prasad sahana@redhat.com - 3.0.0-12 - Rebuilt with OpenSSL 3.0.0 * Wed Jul 21 2021 Fedora Release Engineering releng@fedoraproject.org - 3.0.0-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ ffmpeg-5.1.2-9.el9 (FEDORA-EPEL-2023-46c778698e) A complete solution to record, convert and stream audio and video -------------------------------------------------------------------------------- Update Information:
This update properly enables a few features that were expected to be enabled, but weren't. Details are in the RPM changelog. -------------------------------------------------------------------------------- ChangeLog:
* Mon Feb 13 2023 Yaakov Selkowitz yselkowi@redhat.com - 5.1.2-9 - Enable lcms2, lv2, placebo, rabbitmq, xv * Mon Feb 13 2023 Neal Gompa ngompa@fedoraproject.org - 5.1.2-8 - Disable flite for RHEL 9 as flite is too old * Fri Feb 3 2023 Yaakov Selkowitz yselkowi@redhat.com - 5.1.2-7 - Properly enable caca, flite, gme, iec61883 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2120747 - Please enable XV (XVideo) output device https://bugzilla.redhat.com/show_bug.cgi?id=2120747 --------------------------------------------------------------------------------
================================================================================ htop-3.2.2-1.el9 (FEDORA-EPEL-2023-4fd2d754e0) Interactive process viewer -------------------------------------------------------------------------------- Update Information:
Update to v3.2.2 -------------------------------------------------------------------------------- ChangeLog:
* Sun Feb 12 2023 Mukundan Ragavan nonamedotc@gmail.com - 3.2.2-1 - Update to v3.2.2 * Thu Jan 19 2023 Fedora Release Engineering releng@fedoraproject.org - 3.2.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Fri Oct 7 2022 Troy Dawson tdawson@redhat.com - 3.2.1-3 - platform-python is for rhel8 only. rhel9 and above follow Fedoras python naming * Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org - 3.2.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2167201 - htop-3.2.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2167201 --------------------------------------------------------------------------------
================================================================================ perl-Cairo-GObject-1.005-11.el9 (FEDORA-EPEL-2023-c75f9ec210) Integrate Cairo into the Glib type system -------------------------------------------------------------------------------- Update Information:
Add perl-Gtk3, perl-CairoGObject and SDL2_Mixer to EPEL9 -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 20 2023 Fedora Release Engineering releng@fedoraproject.org - 1.005-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Fri Jul 22 2022 Fedora Release Engineering releng@fedoraproject.org - 1.005-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Wed Jun 1 2022 Jitka Plesnikova jplesnik@redhat.com - 1.005-9 - Perl 5.36 rebuild * Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 1.005-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Thu Jul 22 2021 Fedora Release Engineering releng@fedoraproject.org - 1.005-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Sun May 23 2021 Jitka Plesnikova jplesnik@redhat.com - 1.005-6 - Perl 5.34 rebuild * Tue Jan 26 2021 Fedora Release Engineering releng@fedoraproject.org - 1.005-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2063765 - Please build SDL2_mixer for EPEL-8 and EPEL-9 https://bugzilla.redhat.com/show_bug.cgi?id=2063765 [ 2 ] Bug #2125015 - perl-Gtk3 EPEL9 https://bugzilla.redhat.com/show_bug.cgi?id=2125015 --------------------------------------------------------------------------------
================================================================================ perl-Gtk3-0.038-7.el9 (FEDORA-EPEL-2023-c75f9ec210) Perl interface to the 3.x series of the GTK+ toolkit -------------------------------------------------------------------------------- Update Information:
Add perl-Gtk3, perl-CairoGObject and SDL2_Mixer to EPEL9 -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 20 2023 Fedora Release Engineering releng@fedoraproject.org - 0.038-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Fri Jul 22 2022 Fedora Release Engineering releng@fedoraproject.org - 0.038-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Wed Jun 1 2022 Jitka Plesnikova jplesnik@redhat.com - 0.038-5 - Perl 5.36 rebuild * Fri Jan 21 2022 Fedora Release Engineering releng@fedoraproject.org - 0.038-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Thu Jul 22 2021 Fedora Release Engineering releng@fedoraproject.org - 0.038-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Sat May 22 2021 Jitka Plesnikova jplesnik@redhat.com - 0.038-2 - Perl 5.34 rebuild * Tue Feb 16 2021 S��rgio Basto sergio@serjux.com - 0.038-1 - Update perl-Gtk3 to 0.038 (#1918130) * Wed Jan 27 2021 Fedora Release Engineering releng@fedoraproject.org - 0.037-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2063765 - Please build SDL2_mixer for EPEL-8 and EPEL-9 https://bugzilla.redhat.com/show_bug.cgi?id=2063765 [ 2 ] Bug #2125015 - perl-Gtk3 EPEL9 https://bugzilla.redhat.com/show_bug.cgi?id=2125015 --------------------------------------------------------------------------------
================================================================================ php-pecl-krb5-1.1.5-1.el9 (FEDORA-EPEL-2023-26041246d1) Kerberos authentification extension -------------------------------------------------------------------------------- Update Information:
**Version 1.1.5** - [BUG] Fix reference handling of KRB5NegotiateAuth constructor spn parameter -------------------------------------------------------------------------------- ChangeLog:
* Mon Feb 13 2023 Remi Collet remi@remirepo.net - 1.1.5-1 - update to 1.1.5 - license is MIT --------------------------------------------------------------------------------
================================================================================ python-aiohttp-3.8.4-1.el9 (FEDORA-EPEL-2023-5476333dea) Python HTTP client/server for asyncio -------------------------------------------------------------------------------- Update Information:
## 3.8.4 (2023-02-12) ### Bugfixes - Fixed incorrectly overwriting cookies with the same name and domain, but different path. [#6638](https://github.com/aio-libs/aiohttp/issues/6638) - Fixed `ConnectionResetError` not being raised after client disconnection in SSL environments. [#7180](https://github.com/aio-libs/aiohttp/issues/7180) -------------------------------------------------------------------------------- ChangeLog:
* Mon Feb 13 2023 Benjamin A. Beasley code@musicinmybrain.net - 3.8.4-1 - Update to 3.8.4 (close RHBZ#2169212) * Fri Jan 20 2023 Benjamin A. Beasley code@musicinmybrain.net - 3.8.3-5 - Make three xfails non-strict (close RHBZ#2158175) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2169212 - python-aiohttp-3.8.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2169212 --------------------------------------------------------------------------------
================================================================================ python-hatch-vcs-0.2.1-1.el9 (FEDORA-EPEL-2023-9f8c338af1) Hatch plugin for versioning with your preferred VCS -------------------------------------------------------------------------------- Update Information:
Initial EPEL 9 package. -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 14 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.2.1-1 - Update to 0.2.1 * Tue Feb 14 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.2.0-6 - EPEL9: allow python-setuptools_scm 6.0.1 - Skip test_fallback, as upstream does for Python 2.7, due to the downgraded setuptools-scm version. * Tue Feb 14 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.2.0-5 - Confirm License is SPDX MIT * Sun Sep 11 2022 Benjamin A. Beasley code@musicinmybrain.net - 0.2.0-4 - Fix extra newline in description * Fri May 6 2022 Benjamin A. Beasley code@musicinmybrain.net - 0.2.0-3 - Use wheel-building support to generate BR���s * Sun May 1 2022 Benjamin A. Beasley code@musicinmybrain.net - 0.2.0-2 - Adjust for pyproject-rpm-macros >= 1.1.0 * Fri Apr 22 2022 Benjamin A. Beasley code@musicinmybrain.net - 0.2.0-1 - Initial package (close RHBZ#2077832) --------------------------------------------------------------------------------
================================================================================ qxmledit-0.9.18-1.el9 (FEDORA-EPEL-2023-6b57d31c50) Simple XML Editor and XSD Viewer -------------------------------------------------------------------------------- Update Information:
Version bump -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 14 2023 TI_Eugene ti.eugene@gmail.com - 0.9.18-1 - Version bump * Fri Jan 20 2023 Fedora Release Engineering releng@fedoraproject.org - 0.9.17-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 0.9.17-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ xbae-4.60.4-36.el9 (FEDORA-EPEL-2023-0942477d5d) Motif matrix, caption and text input widgets -------------------------------------------------------------------------------- Update Information:
Initial EL-9 build -------------------------------------------------------------------------------- ChangeLog:
* Sat Jan 21 2023 Fedora Release Engineering releng@fedoraproject.org - 4.60.4-36 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 4.60.4-35 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Sat Jan 22 2022 Fedora Release Engineering releng@fedoraproject.org - 4.60.4-34 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Fri Jul 23 2021 Fedora Release Engineering releng@fedoraproject.org - 4.60.4-33 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Wed Jan 27 2021 Fedora Release Engineering releng@fedoraproject.org - 4.60.4-32 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2169764 - Please branch and build xbae-devel in epel9. https://bugzilla.redhat.com/show_bug.cgi?id=2169764 --------------------------------------------------------------------------------
================================================================================ xmessage-1.0.6-2.el9 (FEDORA-EPEL-2023-9bddf8bad8) Display a message in a window -------------------------------------------------------------------------------- Update Information:
Update to 1.0.6; update License to SPDX; install ChangeLog and README; and other small packaging improvements. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 10 2023 Benjamin A. Beasley code@musicinmybrain.net - 1.0.6-2 - Improved License breakdown * Fri Feb 10 2023 Benjamin A. Beasley code@musicinmybrain.net - 1.0.6-1 - Update to 1.0.6 (close RHBZ#2106499) * Fri Feb 10 2023 Benjamin A. Beasley code@musicinmybrain.net - 1.0.5-14 - Update License to SPDX * Fri Feb 10 2023 Benjamin A. Beasley code@musicinmybrain.net - 1.0.5-7 - Add missing autoconf BR and drop bogus libtool BR - Add --force to autoreconf - Drop --disable-silent-rules configure argument, redundant with V=1 in make_build macro - Install ChangeLog and README - Add cryptographic source archive verification * Sat Jan 21 2023 Fedora Release Engineering releng@fedoraproject.org - 1.0.5-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 1.0.5-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2106499 - xmessage-1.0.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=2106499 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org