The following Fedora EPEL 9 Security updates need testing:
Age URL
5
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-d996eeff0f
rust-routinator-0.13.2-1.el9
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-c8094838a7
chromium-122.0.6261.111-1.el9
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-6bc0ac05e1
python-asyncssh-2.13.2-5.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
composer-2.7.2-1.el9
distrobox-1.7.0.1-1.el9
libuev-2.4.1-1.el9
lynis-3.1.0-1.el9
php-pear-Mail-Mime-1.10.12-1.el9
python-awscrt-0.20.5-1.el9
python-damo-2.2.5-1.el9
python-trove-classifiers-2024.3.3-1.el9
rust-lz4-sys-1.9.4-6.el9
Details about builds:
================================================================================
composer-2.7.2-1.el9 (FEDORA-EPEL-2024-d3c1190a7e)
Dependency Manager for PHP
--------------------------------------------------------------------------------
Update Information:
Version 2.7.2 - 2024-03-11
Added info about the PHP version when running composer --version (#11866)
Added warning when the root version cannot be detected (#11858)
Fixed plugins still being enabled in a few contexts when running as root
(c3efff91f)
Fixed outdated --ignore ... still attempting to load the latest version of the
ignored packages (#11863)
Fixed handling of broken symlinks in the middle of an install path (#11864)
Fixed update --lock still incorrectly updating some metadata (#11850, #11787)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 12 2024 Remi Collet <remi(a)remirepo.net> - 2.7.2-1
- update to 2.7.2
--------------------------------------------------------------------------------
================================================================================
distrobox-1.7.0.1-1.el9 (FEDORA-EPEL-2024-7830e4b9d9)
Another tool for containerized command line environments on Linux
--------------------------------------------------------------------------------
Update Information:
Update to 1.7.0.1
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 12 2024 alciregi <alciregi(a)fedoraproject.org> - 1.7.0.1-1
- Update to 1.7.0.1
* Wed Feb 28 2024 alciregi <alciregi(a)fedoraproject.org> - 1.7.0-1
- Update to 1.7.0
* Wed Jan 24 2024 Fedora Release Engineering <releng(a)fedoraproject.org> -
1.6.0.1-11
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jan 19 2024 Fedora Release Engineering <releng(a)fedoraproject.org> -
1.6.0.1-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Jan 10 2024 Alessio <alciregi(a)posteo.net> - 1.6.0.1-9
- Update .packit.yaml
* Wed Jan 10 2024 Alessio <alciregi(a)fedoraproject.org> - 1.6.0.1-8
- Packit
* Wed Jan 10 2024 alessio <alessio(a)f39.alessio.info.ms.fgm> - 1.6.0.1-7
- Packit
* Wed Jan 10 2024 alessio <alessio(a)f39.alessio.info.ms.fgm> - 1.6.0.1-6
- PackiPackitt
* Wed Jan 10 2024 alessio <alessio(a)f39.alessio.info.ms.fgm> - 1.6.0.1-5
- Playing with Packit
* Wed Jan 10 2024 alessio <alessio(a)f39.alessio.info.ms.fgm> - 1.6.0.1-4
- Playing with Packit
* Wed Jan 10 2024 alessio <alessio(a)f39.alessio.info.ms.fgm> - 1.6.0.1-3
- Configure Packit
* Wed Jan 10 2024 alessio <alessio(a)f39.alessio.info.ms.fgm> - 1.6.0.1-2
- Try autosetup instead of forgesetup
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2269128 - distrobox-1.7.0.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2269128
--------------------------------------------------------------------------------
================================================================================
libuev-2.4.1-1.el9 (FEDORA-EPEL-2024-42a2a0f9b6)
Simple event loop for Linux
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2022-48620
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 12 2024 Alessio <alciregi(a)fedoraproject.org> - 2.4.1-1
- Update to 2.4.1
* Thu Jan 25 2024 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.4.0-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.4.0-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Thu Jul 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.4.0-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.4.0-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.4.0-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2258050 - CVE-2022-48620 libuev: buffer overflow in epoll_wait() if maxevents
is a large number
https://bugzilla.redhat.com/show_bug.cgi?id=2258050
--------------------------------------------------------------------------------
================================================================================
lynis-3.1.0-1.el9 (FEDORA-EPEL-2024-7e636c0671)
Security and system auditing tool
--------------------------------------------------------------------------------
Update Information:
3.1.0
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 12 2024 Gwyn Ciesla <gwync(a)protonmail.com> - 3.1.0-1
- 3.1.0
* Thu Jan 25 2024 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0.9-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0.9-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Tue Dec 19 2023 Gwyn Ciesla <gwync(a)protonmail.com> - 3.0.9-5
- Additional egrep patch
* Wed Dec 6 2023 Gwyn Ciesla <gwync(a)protonmail.com> - 3.0.9-4
- pgrep patch
* Tue Sep 19 2023 Gwyn Ciesla <gwync(a)protonmail.com> - 3.0.9-3
- Additional egrep patch
* Mon Aug 7 2023 Gwyn Ciesla <gwync(a)protonmail.com> - 3.0.9-2
- Upstream patch to remove egrep usage
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2268997 - lynis-3.1.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2268997
--------------------------------------------------------------------------------
================================================================================
php-pear-Mail-Mime-1.10.12-1.el9 (FEDORA-EPEL-2024-bebfe5d484)
Classes to create MIME messages
--------------------------------------------------------------------------------
Update Information:
Version 1.10.12
Changelog:
Prevent from "PHP Deprecated: file_exists(): Passing null to parameter #1
($filename) of type string" [alec]
PHPDoc improvements [alec]
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 12 2024 Remi Collet <remi(a)remirepo.net> - 1.10.12-1
- update to 1.10.12
--------------------------------------------------------------------------------
================================================================================
python-awscrt-0.20.5-1.el9 (FEDORA-EPEL-2024-0c4030e936)
Python bindings for the AWS Common Runtime
--------------------------------------------------------------------------------
Update Information:
Automatic update for python-awscrt-0.20.5-1.el9.
Changelog for python-awscrt
* Mon Mar 11 2024 Packit <hello(a)packit.dev> - 0.20.5-1
- [packit] 0.20.5 upstream release
- Resolves rhbz#2260567
* Mon Mar 11 2024 Packit <hello(a)packit.dev> - 0.20.4-1
- [packit] 0.20.4 upstream release
- Resolves rhbz#2260567
Automatic update for python-awscrt-0.20.4-1.el9.
Changelog for python-awscrt
* Mon Mar 11 2024 Packit <hello(a)packit.dev> - 0.20.4-1
- [packit] 0.20.4 upstream release
- Resolves rhbz#2260567
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 11 2024 Packit <hello(a)packit.dev> - 0.20.5-1
- [packit] 0.20.5 upstream release
- Resolves rhbz#2260567
* Mon Mar 11 2024 Packit <hello(a)packit.dev> - 0.20.4-1
- [packit] 0.20.4 upstream release
- Resolves rhbz#2260567
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2260567 - python-awscrt-0.20.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2260567
--------------------------------------------------------------------------------
================================================================================
python-damo-2.2.5-1.el9 (FEDORA-EPEL-2024-8c1bc615bb)
Data Access Monitoring Operator
--------------------------------------------------------------------------------
Update Information:
Update to 2.2.5
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 11 2024 Packit <hello(a)packit.dev> - 2.2.5-1
- Update to 2.2.5
- Resolves rhbz#2269048
* Mon Mar 4 2024 Packit <hello(a)packit.dev> - 2.2.4-1
- Update to 2.2.4
- Resolves rhbz#2267809
* Mon Feb 26 2024 Packit <hello(a)packit.dev> - 2.2.3-1
- Update to 2.2.3
- Resolves rhbz#2266176
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2269048 - python-damo-2.2.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2269048
--------------------------------------------------------------------------------
================================================================================
python-trove-classifiers-2024.3.3-1.el9 (FEDORA-EPEL-2024-6e7faa3b00)
Canonical source for classifiers on PyPI (
pypi.org)
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 3 2024 Packit <hello(a)packit.dev> - 2024.3.3-1
- Update to 2024.3.3
- Resolves rhbz#2248519
--------------------------------------------------------------------------------
================================================================================
rust-lz4-sys-1.9.4-6.el9 (FEDORA-EPEL-2024-7c344c42a9)
Rust LZ4 sys package
--------------------------------------------------------------------------------
Update Information:
Use rust2rpm 26 features to reduce the amount of manual packaging work
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 11 2024 Benjamin A. Beasley <code(a)musicinmybrain.net> - 1.9.4-6
- Use rust2rpm 26 features to reduce the amount of manual packaging work
* Fri Jan 26 2024 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.9.4-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
--------------------------------------------------------------------------------