The following Fedora EPEL 9 Security updates need testing: Age URL 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-14a54aad76 strongswan-5.9.8-1.el9 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-a2b7e4338d wordpress-6.0.3-1.el9 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-5761039b36 jhead-3.06.0.1-5.el9 The following builds have been pushed to Fedora EPEL 9 updates-testing beakerlib-1.29.3-1.el9 exim-4.96-3.el9 glances-3.3.0.1-1.el9 mongo-c-driver-1.23.1-1.el9 nginx-mod-vts-0.2.1-1.el9 python-google-auth-2.13.0-1.el9 python-libnacl-1.8.0-3.el9 python-pycares-4.2.2-1.el9 tio-2.2-1.el9 xorgxrdp-0.9.19-2.el9 xrootd-5.5.1-1.el9 xsecurelock-1.8.0-1.el9 Details about builds: ================================================================================ beakerlib-1.29.3-1.el9 (FEDORA-EPEL-2022-d2924191a6) A shell-level integration testing library -------------------------------------------------------------------------------- Update Information: - support for fmf_id nick attribute -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 20 2022 Dalibor Pospisil <dapospis(a)redhat.com&gt; - 1.29.3-1 - support for fmf_id nick attribute -------------------------------------------------------------------------------- ================================================================================ exim-4.96-3.el9 (FEDORA-EPEL-2022-dfc583594b) The exim mail transfer agent -------------------------------------------------------------------------------- Update Information: Fixed use after free in regex handler -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 19 2022 Jaroslav ��karvada <jskarvad(a)redhat.com&gt; - 4.96-3 - Fixed use after free in regex handler Resolves: CVE-2022-3559 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2135611 - CVE-2022-3559 exim: use after free in processing of the component Regex Handler https://bugzilla.redhat.com/show_bug.cgi?id=2135611 -------------------------------------------------------------------------------- ================================================================================ glances-3.3.0.1-1.el9 (FEDORA-EPEL-2022-c0e23d60cc) A cross-platform curses-based monitoring tool -------------------------------------------------------------------------------- Update Information: Update to 3.3.0.1 (RHBZ #2135228) and CVE-2022-25844 (RHBZ #2082542) -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 20 2022 Ali Erdinc Koroglu <aekoroglu(a)fedoraproject.org&gt; - 3.3.0.1-1 - Update to 3.3.0.1 (RHBZ #2135228) and CVE-2022-25844 (RHBZ #2082542) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2082542 - CVE-2022-25844 glances: angular: Regular Expression Denial of Service (ReDoS) in angular [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2082542 [ 2 ] Bug #2135228 - glances-3.3.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2135228 -------------------------------------------------------------------------------- ================================================================================ mongo-c-driver-1.23.1-1.el9 (FEDORA-EPEL-2022-60bd72a51d) Client library written in C for MongoDB -------------------------------------------------------------------------------- Update Information: **libbson 1.23.1** * No changes since 1.23.0 ---- **libmongoc 1.23.1** Bug fixes: * Fix connectivity to Atlas Data Lake * Fix crash when dropping a malformed Queryable Encryption collection. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 20 2022 Remi Collet <remi(a)remirepo.net&gt; - 1.23.1-1 - update to 1.23.1 -------------------------------------------------------------------------------- ================================================================================ nginx-mod-vts-0.2.1-1.el9 (FEDORA-EPEL-2022-fcdd8ad5ab) Nginx virtual host traffic status module -------------------------------------------------------------------------------- Update Information: Initial package for EPEL 9 -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 22 2022 Mikel Olasagasti Uranga <mikel(a)olasagasti.info&gt; - 0.2.1-1 - Bump to 0.2.1 rhbz#2124567 * Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 0.1.18-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Wed Jun 15 2022 Neal Gompa <ngompa(a)fedoraproject.org&gt; - 0.1.18-4 - Rebuild for nginx 1.22.0 * Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 0.1.18-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Mon Jan 3 2022 Neal Gompa <ngompa(a)fedoraproject.org&gt; - 0.1.18-2 - Rebuild for nginx 1.20.2 * Mon Aug 16 2021 Neal Gompa <ngompa(a)datto.com&gt; - 0.1.18-1 - Initial packaging -------------------------------------------------------------------------------- ================================================================================ python-google-auth-2.13.0-1.el9 (FEDORA-EPEL-2022-c34df1a7f8) Google Auth Python Library -------------------------------------------------------------------------------- Update Information: Update python-google-auth to 2.13.0 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 20 2022 Jason Montleon <jmontleo(a)redhat.com&gt; - 1:2.13.0-1 - Update to 2.13.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2136290 - python-google-auth-2.13.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2136290 -------------------------------------------------------------------------------- ================================================================================ python-libnacl-1.8.0-3.el9 (FEDORA-EPEL-2022-8ef1e52815) Python bindings for libsodium based on ctypes -------------------------------------------------------------------------------- Update Information: Initial import in EPEL9 -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 1.8.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Mon Jun 13 2022 Python Maint <python-maint(a)redhat.com&gt; - 1.8.0-2 - Rebuilt for Python 3.11 * Mon May 23 2022 Jonny Heggheim <hegjon(a)gmail.com&gt; - 1.8.0-1 - Updated to version 1.8.0 * Fri Jan 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 1.7.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Fri Jul 23 2021 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 1.7.2-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Fri Jun 4 2021 Python Maint <python-maint(a)redhat.com&gt; - 1.7.2-4 - Rebuilt for Python 3.10 * Fri May 7 2021 S��rgio Basto <sergio(a)serjux.com&gt; - 1.7.2-3 - (#1820150) Fix for TestRandomBytes.test_crypto_kdf_derive_from_key fails on 32-bit x86 * Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 1.7.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Wed Nov 4 2020 Jonny Heggheim <hegjon(a)gmail.com&gt; - 1.7.2-1 - Updated to version 1.7.2 * Mon Aug 31 2020 S��rgio Basto <sergio(a)serjux.com&gt; - 1.7.1-6 - Please BuildRequire python3-setuptools explicitly * Sat Aug 1 2020 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 1.7.1-5 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Wed Jul 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 1.7.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2135106 - Please branch and build python-libnacl in epel9 https://bugzilla.redhat.com/show_bug.cgi?id=2135106 -------------------------------------------------------------------------------- ================================================================================ python-pycares-4.2.2-1.el9 (FEDORA-EPEL-2022-51ef23e6b7) Python interface for c-ares -------------------------------------------------------------------------------- Update Information: Initial import in EPEL9 -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 22 2022 Matthieu Saulnier <fantom(a)fedoraproject.org&gt; - 4.2.2-1 - Update to 4.2.2 * Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 4.1.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Mon Jun 13 2022 Python Maint <python-maint(a)redhat.com&gt; - 4.1.2-2 - Rebuilt for Python 3.11 * Wed Mar 9 2022 Matthieu Saulnier <fantom(a)fedoraproject.org&gt; - 4.1.2-1 - Update to 4.1.2 - Fix Requires tag of the doc subpackage * Fri Jan 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 4.0.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Mon Aug 30 2021 Matthieu Saulnier <fantom(a)fedoraproject.org&gt; - 4.0.0-5 - Rebuild for CVE-2021-3672 in c-ares library * Fri Jul 23 2021 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 4.0.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Wed Jun 9 2021 Benjamin A. Beasley <code(a)musicinmybrain.net&gt; - 4.0.0-3 - Set PYCARES_USE_SYSTEM_LIB=1 (fix RHBZ#1965602) * Fri Jun 4 2021 Python Maint <python-maint(a)redhat.com&gt; - 4.0.0-2 - Rebuilt for Python 3.10 * Fri May 14 2021 Matthieu Saulnier <fantom(a)fedoraproject.org&gt; - 4.0.0-1 - Update to 4.0.0 - Add new BuildRequires (c-ares-devel) * Tue May 11 2021 Matthieu Saulnier <fantom(a)fedoraproject.org&gt; - 3.2.0-1 - Update to 3.2.0 - Use pytest to run tests suite - Re-order BuildRequires tags * Sun Feb 14 2021 Matthieu Saulnier <fantom(a)fedoraproject.org&gt; - 3.1.1-6 - Replace glob with %{python3_version} in %files section * Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 3.1.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2134147 - Please branch and build python-pycares in epel9 https://bugzilla.redhat.com/show_bug.cgi?id=2134147 -------------------------------------------------------------------------------- ================================================================================ tio-2.2-1.el9 (FEDORA-EPEL-2022-3c51bbd076) Simple TTY terminal I/O application -------------------------------------------------------------------------------- Update Information: # tio v2.2 * Add shell completion of sub-configuration names Does not work with sub configuration names that contains one or more white spaces. * Beautify help * Fix error message * Simplify configfile implementation -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 19 2022 Robert Scheck <robert(a)fedoraproject.org&gt; 2.2-1 - Upgrade to 2.2 (#2135930) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2135930 - tio-2.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2135930 -------------------------------------------------------------------------------- ================================================================================ xorgxrdp-0.9.19-2.el9 (FEDORA-EPEL-2022-e60495f8a6) Implementation of xrdp backend as Xorg modules -------------------------------------------------------------------------------- Update Information: Enable glamor, which should be good for performance, apparently. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 20 2022 Bojan Smojver <bojan(a)rexursive.com&gt; - 0.9.19-2 - Enable glamor, which apparently improves performance on Intel hardware -------------------------------------------------------------------------------- ================================================================================ xrootd-5.5.1-1.el9 (FEDORA-EPEL-2022-7fa08684a5) Extended ROOT file server -------------------------------------------------------------------------------- Update Information: XRootD 5.5.1 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 19 2022 Mattias Ellert <mattias.ellert(a)physics.uu.se&gt; - 1:5.5.1-1 - Update to version 5.5.1 - Drop doxygen patch accepted upstream - Check all sizes (8, 16, 32, 64) in <atomic> check - Check operator++ in <atomic> check -------------------------------------------------------------------------------- ================================================================================ xsecurelock-1.8.0-1.el9 (FEDORA-EPEL-2022-26cbaef89b) X11 screen lock utility with security in mind -------------------------------------------------------------------------------- Update Information: Latest upstream release. ---- Latest upstream release. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 19 2022 Sam P <survient(a)fedoraproject.org&gt; - 1.8.0-1 - Latest upstream release. * Tue Jul 12 2022 Sam P <survient(a)fedoraproject.org&gt; - 1.7.0-8 - Removed xscreensaver build option due to lack of package in EPEL 9 * Tue Jul 12 2022 Sam P <survient(a)fedoraproject.org&gt; - 1.7.0-7 - Added path to xscreensaver binary to build saver_xscreensaver * Sat Jan 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 1.7.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Fri Jul 23 2021 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 1.7.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Thu Jan 28 2021 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 1.7.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild --------------------------------------------------------------------------------