The following Fedora EPEL 9 Security updates need testing:
Age URL
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-b58697855e
wordpress-6.0.2-1.el9
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-30932b0236
libconfuse-3.3-7.el9
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-0cf315054d
ImageMagick-6.9.12.63-1.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
canl-java-2.8.2-1.el9
coturn-4.6.0-1.el9
java-latest-openjdk-18.0.2.0.9-1.rolling.el9
kiwi-9.24.48-1.el9
kiwi-boxed-plugin-0.2.23-1.el9
libmd-1.0.4-2.el9
netplan-0.105-2.el9
python-colorlog-6.7.0-1.el9
python-email-validator-1.1.1-8.el9
python-text-unidecode-1.3-10.el9
python-tox-3.26.0-1.el9
zbar-0.23.90-5.el9
Details about builds:
================================================================================
canl-java-2.8.2-1.el9 (FEDORA-EPEL-2022-759694b6cf)
EMI Common Authentication library - bindings for Java
--------------------------------------------------------------------------------
Update Information:
Canl Java 2.8.2
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 14 2022 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 2.8.2-1
- Update to 2.8.2
* Wed Jul 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.8.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
coturn-4.6.0-1.el9 (FEDORA-EPEL-2022-1f79d5d5e6)
TURN/STUN & ICE Server
--------------------------------------------------------------------------------
Update Information:
# Coturn 4.6.0 * Fix small issues reported by `cppcheck` * Fix long log
line printing * Print `turnserver` version with `--version` * Do not write
outside of a buffer in admin interface * Fix uclient certificate loading bug
* Fix duplicate TCP flag in `run_tests.sh` script * Fix turn session leak *
Document dependency of new-log-timestamp-format on new-log-timestamp * Enable
compilation of coturn on Solaris 11.4 * First step to re-enable compilation
with OpenSSL 1.0.x * Fix cmake build on macOS * Disable SSL renegotiation
* Fix user quota release * Add more info to redis allocation status * Update
`turnserver.conf` comment * Fix performance regression * Add syslog facility
config * Add support for dual-stack prom listener * fix build with LibreSSL
3.4.0+ * Add CI tests workflow * Show error on invalid config * Add new
prom allocations metric * Don't link in libintl * Fix access to freed memory
* Configurable prom username labels * Configurable prometheus listener port
* Fix build MariaDB connector * Fix `README` typo * Correct doc typo * Fix
`sqlite3_shutdown` and `sqlite3_config` race * Prom server better * Define
`OPENSSL_VERSION_1_1_1` on systems where it doesn't (yet) exist * Regression
in 4.5.2 that cause issues in OpenSSL version < 1.1.1 * Typo fix in prometheus
* Add hash algorithm for hmackey value to redis userdb schema docs * Replace
`keep-address-family` with `allocation-default-address-family` (`keep-address-
family` is deprecated and will be removed) * Restore `no_stdout_log` behavior
* Support older MySQL client version in `configure` * Add to support cmake *
Fix typo in `turnserver.conf` * Packaging scripts can miss out on these errors
(exit code) * `Readme.turnserver`: how to run server as a daemon * SSL
reload has hidden bugs which cause crashes * Try to mitigate STUN
amplification attack * Add new option `--no-rfc5780` to force disable
RFC8750 * Add new option `--no-stun-backward-compatibility` Disable
handling old STUN binding requests and disable `MAPPED-ADDRESS` attribute in
binding response (use only the `XOR-MAPPED-ADDRESS`) * Add new option
`--response-origin-only-with-rfc5780` Add `RESPONSE_ORIGIN` attribute only
if RFC8750 is enabled * Don't send `SOFTWARE` attribute if `--no-software-
attribute set on` (breaking change) * Fix for `log_binding` (regression)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 14 2022 Robert Scheck <robert(a)fedoraproject.org> - 4.6.0-1
- Upgrade to 4.6.0 (#2126875)
* Wed Jul 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.5.2-11
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2126875 - coturn-4.6.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2126875
--------------------------------------------------------------------------------
================================================================================
java-latest-openjdk-18.0.2.0.9-1.rolling.el9 (FEDORA-EPEL-2022-3bd4c9e300)
OpenJDK 18 Runtime Environment
--------------------------------------------------------------------------------
Update Information:
July CPU update
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 22 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:18.0.2.0.9-1.rolling
- Update to jdk-18.0.2 release
- Update release notes to 18.0.2
- Drop JDK-8282004 patch which is now upstreamed under JDK-8282231
- Exclude x86 where java_arches is undefined, in order to unbreak build
* Fri Jul 22 2022 Jiri Vanek <gnu.andrew(a)redhat.com> - 1:18.0.1.1.2-8.rolling
- moved to build only on %{java_arches}
--
https://fedoraproject.org/wiki/Changes/Drop_i686_JDKs
- reverted :
-- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild (always mess up
release)
-- Try to build on x86 again by creating a husk of a JDK which does not depend on itself
-- Exclude x86 from builds as the bootstrap JDK is now completely broken and unusable
-- Replaced binaries and .so files with bash-stubs on i686
- added ExclusiveArch: %{java_arches}
-- this now excludes i686
-- this is safely backport-able to older fedoras, as the macro was backported properly
(with i686 included)
-
https://bugzilla.redhat.com/show_bug.cgi?id=2104125
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
1:18.0.1.1.2-7.rolling.1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jul 19 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:18.0.1.1.2-7.rolling
- Try to build on x86 again by creating a husk of a JDK which does not depend on itself
* Sun Jul 17 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:18.0.1.1.2-6.rolling
- Exclude x86 from builds as the bootstrap JDK is now completely broken and unusable
* Wed Jul 13 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:18.0.1.1.2-5.rolling
- Explicitly require crypto-policies during build and runtime for system security
properties
* Wed Jul 13 2022 Jiri Vanek <jvanek(a)redhat.com> - 1:18.0.1.1.2-4.rolling.
- Replaced binaries and .so files with bash-stubs on i686 in preparation of the removal on
that architecture:
-
https://fedoraproject.org/wiki/Changes/Drop_i686_JDKs
* Wed Jul 13 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:18.0.1.1.2-3.rolling
- Make use of the vendor version string to store our version & release rather than an
upstream release date
* Tue Jul 12 2022 FeRD (Frank Dana) <ferdnyc(a)gmail.com> - 1:18.0.1.1.2-2.rolling
- Add javaver- and origin-specific javadoc and javadoczip alternatives.
* Mon Jul 11 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:18.0.1.1.2-1.rolling
- Update to jdk-18.0.1.1 interim release
- Update release notes to actually reflect OpenJDK 18 and subsequent releases 18.0.1 &
18.0.1.1
- Print release file during build, which should now include a correct SOURCE value from
.src-rev
- Update tarball script with IcedTea GitHub URL and .src-rev generation
- Include script to generate bug list for release notes
- Update tzdata requirement to 2022a to match JDK-8283350
* Sat Jul 9 2022 Jayashree Huttanagoudar <jhuttana(a)redhat.com> -
1:18.0.1.0.10-8.rolling
- Fix issue where CheckVendor.java test erroneously passes when it should fail.
- Add proper quoting so '&' is not treated as a special character by the
shell.
* Sat Jul 9 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:18.0.1.0.10-8.rolling
- Include a test in the RPM to check the build has the correct vendor information.
* Fri Jul 8 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:18.0.1.0.10-7.rolling
- Fix whitespace in spec file
* Fri Jul 8 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:18.0.1.0.10-7.rolling
- Sequence spec file sections as they are run by rpmbuild (build, install then test)
* Fri Jul 8 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:18.0.1.0.10-7.rolling
- Turn on system security properties as part of the build's install section
- Move cacerts replacement to install section and retain original of this and tzdb.dat
- Run tests on the installed image, rather than the build image
- Introduce variables to refer to the static library installation directories
- Use relative symlinks so they work within the image
- Run debug symbols check during build stage, before the install strips them
* Thu Jul 7 2022 Stephan Bergmann <sbergman(a)redhat.com> - 1:18.0.1.0.10-6.rolling
- Fix flatpak builds by exempting them from bootstrap
* Thu Jun 30 2022 Francisco Ferrari Bihurriet <fferrari(a)redhat.com> -
1:18.0.1.0.10-5.rolling
- RH2007331: SecretKey generate/import operations don't add the CKA_SIGN attribute in
FIPS mode
* Thu Jun 30 2022 Stephan Bergmann <sbergman(a)redhat.com> - 1:18.0.1.0.10-4.rolling
- Fix flatpak builds (catering for their uncompressed manual pages)
* Fri Jun 24 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:18.0.1.0.10-3.rolling
- Update FIPS support to bring in latest changes
- * RH2023467: Enable FIPS keys export
- * RH2094027: SunEC runtime permission for FIPS
- * RH2036462: sun.security.pkcs11.wrapper.PKCS11.getInstance breakage
- * RH2090378: Revert to disabling system security properties and FIPS mode support
together
- Rebase RH1648249 nss.cfg patch so it applies after the FIPS patch
- Enable system security properties in the RPM (now disabled by default in the FIPS repo)
- Improve security properties test to check both enabled and disabled behaviour
- Run security properties test with property debugging on
- Minor sync-ups with java-17-openjdk spec file
* Wed May 25 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:18.0.1.0.10-2.rolling
- Exclude s390x from the gdb test on RHEL 7 where we see failures with the portable build
* Wed Apr 27 2022 Jiri Vanek <jvanek(a)redhat.com> - 1:18.0.1.0.10-1.rolling.
- updated to CPU jdk-18.0.1+10 sources
* Wed Apr 6 2022 Jiri Vanek <jvanek(a)redhat.com> - 1:18.0.0.0.37-4.rolling
- Remove hardcoded /usr/lib/jvm by %{_jvmdir} to make rpmlint happy
* Wed Mar 23 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:18.0.0.0.37-3.rolling
- Automatically turn off building a fresh HotSpot first, if the bootstrap JDK is not the
same major version as that being built
* Mon Mar 21 2022 Jiri Vanek <jvanek(a)redhat.com> - 1:18.0.0.0.37-2.rolling
- replaced tabs by sets of spaces to make rpmlint happy
- set build jdk to 18
- as ga is 1, set vendor_version_string to 22.3
* Wed Mar 16 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:18.0.0.0.37-1.rolling
- Update to RC version of OpenJDK 18
- Support JVM variant zero following JDK-8273494 no longer installing Zero's libjvm.so
in the server directory
- Disable HotSpot-only pre-build which is incompatible with the boot JDK being a different
major version to that being built
- Rebase FIPS patches from fips-18u branch and simplify by using a single patch from that
repository
- Detect NSS at runtime for FIPS detection
- Turn off build-time NSS linking and go back to an explicit Requires on NSS
- Enable AlgorithmParameters and AlgorithmParameterGenerator services in FIPS mode
- Rebase RH1648249 nss.cfg patch so it applies after the FIPS patch
* Wed Mar 16 2022 Petra Alice Mikova <pmikova(a)redhat.com> - 1:18.0.0.0.37-1.rolling
- update to ea version of jdk18
- add new slave jwebserver and corresponding manpage
- adjust
rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-devel.patch
* Wed Feb 16 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:17.0.2.0.8-5
- Reinstate JIT builds on x86_32.
- Add JDK-8282004 to fix missing CALL effects on x86_32.
* Mon Feb 7 2022 Severin Gehwolf <sgehwolf(a)redhat.com> - 1:17.0.2.0.8-4
- Re-enable gdb backtrace check.
- Resolves RHBZ#2041970
* Fri Feb 4 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:17.0.2.0.8-3
- Temporarily move x86 to use Zero in order to get a working build
- Replace -mstackrealign with -mincoming-stack-boundary=2 -mpreferred-stack-boundary=4 on
x86_32 for stack alignment
- Support a HotSpot-only build so a freshly built libjvm.so can then be used in the
bootstrap JDK.
- Explicitly list JIT architectures rather than relying on those with slowdebug builds
- Disable the serviceability agent on Zero architectures even when the architecture itself
is supported
* Mon Jan 24 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:17.0.2.0.8-2.rolling
- Introduce stapinstall variable to set SystemTap arch directory correctly (e.g. arm64 on
aarch64)
- Need to support noarch for creating source RPMs for non-scratch builds.
* Mon Jan 24 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:17.0.2.0.8-1.rolling
- January 2022 security update to jdk 17.0.2+8
- Extend LTS check to exclude EPEL.
- Rename libsvml.so to libjsvml.so following JDK-8276025
- Remove JDK-8276572 patch which is now upstream.
- Rebase RH1995150 & RH1996182 patches following JDK-8275863 addition to
module-info.java
* Mon Jan 24 2022 Severin Gehwolf <sgehwolf(a)redhat.com> - 1:17.0.2.0.8-1.rolling
- Set LTS designator.
* Mon Jan 24 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:17.0.1.0.12-16.rolling
- Separate crypto policy initialisation from FIPS initialisation, now they are no longer
interdependent
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
1:17.0.1.0.12-15.rolling.1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Tue Jan 18 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:17.0.1.0.12-15.rolling
- Sync gdb test with java-1.8.0-openjdk and improve architecture restrictions.
- Disable on x86, x86_64, ppc64le & s390x while these are broken in rawhide.
* Thu Jan 13 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:17.0.1.0.12-14.rolling
- Fix FIPS issues in native code and with initialisation of java.security.Security
* Thu Dec 9 2021 Jiri Vanek <jvanek(a)redhat.com> - 1:17.0.1.0.12-13.rolling
- Storing and restoring alterntives during update manually
- Fixing Bug 2001567 - update of JDK/JRE is removing its manually selected alterantives
and select (as auto) system JDK/JRE
-- The move of alternatives creation to posttrans to fix:
-- Bug 1200302 - dnf reinstall breaks alternatives
-- Had caused the alternatives to be removed, and then created again,
-- instead of being added, and then removing the old, and thus persisting
-- the selection in family
-- Thus this fix, is storing the family of manually selected master, and if
-- stored, then it is restoring the family of the master
* Thu Dec 9 2021 Jiri Vanek <jvanek(a)redhat.com> - 1:17.0.1.0.12-12.rolling
- Family extracted to globals
* Thu Dec 9 2021 Jiri Vanek <jvanek(a)redhat.com> - 1:17.0.1.0.12-11.rolling
- javadoc-zip got its own provides next to plain javadoc ones
* Thu Dec 9 2021 Jiri Vanek <jvanek(a)redhat.com> - 1:17.0.1.0.12-10.rolling
- replaced tabs by sets of spaces to make rpmlint happy
* Mon Nov 29 2021 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:17.0.1.0.12-9.rolling
- Handle Fedora in distro conditionals that currently only pertain to RHEL.
* Fri Nov 5 2021 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:17.0.1.0.12-8.rolling
- Patch syslookup.c so it actually has some code to be compiled into libsyslookup
- Related: rhbz#2013846
* Wed Nov 3 2021 Severin Gehwolf <sgehwolf(a)redhat.com> - 1:17.0.1.0.12-7.rolling
- Use 'sql:' prefix in nss.fips.cfg as F35+ no longer ship the legacy
secmod.db file as part of nss
* Wed Nov 3 2021 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:17.0.1.0.12-6.rolling
- Turn off bootstrapping for slow debug builds, which are particularly slow on ppc64le.
* Thu Oct 28 2021 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:17.0.1.0.12-5.rolling
- Sync desktop files with upstream IcedTea release 3.15.0 using new script
* Tue Oct 26 2021 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:17.0.1.0.12-4.rolling
- Restructure the build so a minimal initial build is then used for the final build (with
docs)
- This reduces pressure on the system JDK and ensures the JDK being built can do a full
build
* Tue Oct 26 2021 Jiri Vanek <jvanek(a)redhat.com> - 1:17.0.1.0.12-3.rolling
- Minor cosmetic improvements to make spec more comparable between variants
* Thu Oct 21 2021 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:17.0.1.0.12-2.rolling
- Update tapsets from IcedTea 6.x repository with fix for JDK-8015774 changes
(_heap->_heaps) and @JAVA_SPEC_VER@
- Update icedtea_sync.sh with a VCS mode that retrieves sources from a Mercurial
repository
* Wed Oct 20 2021 Petra Alice Mikova <pmikova(a)redhat.com> - 1:17.0.1.0.12-1.rolling
- October CPU update to jdk 17.0.1+12
- dropped commented-out source line
* Sun Oct 10 2021 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:17.0.0.0.35-5.rolling
- Allow plain key import to be disabled with -Dcom.redhat.fips.plainKeySupport=false
* Sun Oct 10 2021 Martin Balao <mbalao(a)redhat.com> - 1:17.0.0.0.35-5.rolling
- Add patch to allow plain key import.
* Thu Sep 30 2021 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:17.0.0.0.35-4.rolling
- Fix unused function compiler warning found in systemconf.c
- Extend the default security policy to accomodate PKCS11 accessing jdk.internal.access.
* Thu Sep 30 2021 Martin Balao <mbalao(a)redhat.com> - 1:17.0.0.0.35-4.rolling
- Add patch to login to the NSS software token when in FIPS mode.
* Mon Sep 27 2021 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:17.0.0.0.35-3.rolling
- Update release notes to document the major changes between OpenJDK 11 & 17.
* Thu Sep 16 2021 Martin Balao <mbalao(a)redhat.com> - 1:17.0.0.0.35-2.rolling
- Add patch to disable non-FIPS crypto in the SUN and SunEC security providers.
* Tue Sep 14 2021 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:17.0.0.0.35-1.rolling
- Update to jdk-17+35, also known as jdk-17-ga.
- Switch to GA mode.
* Wed Sep 8 2021 Andrew Hughes <gnu.andrew(a)redhat.com> -
1:17.0.0.0.33-0.3.ea.rolling
- Minor code cleanups on FIPS detection patch and check for SECMOD_GetSystemFIPSEnabled in
configure.
- Remove unneeded Requires on NSS as it will now be dynamically linked and detected by
RPM.
* Wed Sep 8 2021 Martin Balao <mbalao(a)redhat.com> - 1:17.0.0.0.33-0.3.ea.rolling
- Detect FIPS using SECMOD_GetSystemFIPSEnabled in the new libsystemconf JDK library.
* Mon Sep 6 2021 Andrew Hughes <gnu.andrew(a)redhat.com> -
1:17.0.0.0.33-0.2.ea.rolling
- Update RH1655466 FIPS patch with changes in OpenJDK 8 version.
- SunPKCS11 runtime provider name is a concatenation of "SunPKCS11-" and the
name in the config file.
- Change nss.fips.cfg config name to "NSS-FIPS" to avoid confusion with
nss.cfg.
- No need to substitute path to nss.fips.cfg as java.security file supports a java.home
variable.
- Disable FIPS mode support unless com.redhat.fips is set to "true".
- Enable alignment with FIPS crypto policy by default (-Dcom.redhat.fips=false to
disable).
- Add explicit runtime dependency on NSS for the PKCS11 provider in FIPS mode
- Move setup of JavaSecuritySystemConfiguratorAccess to Security class so it always occurs
(RH1915071)
* Mon Sep 6 2021 Martin Balao <mbalao(a)redhat.com> - 1:17.0.0.0.33-0.2.ea.rolling
- Support the FIPS mode crypto policy (RH1655466)
- Use appropriate keystore types when in FIPS mode (RH1818909)
- Disable TLSv1.3 when the FIPS crypto policy and the NSS-FIPS provider are in use
(RH1860986)
* Mon Aug 30 2021 Jiri Vanek <jvanek(a)redhat.com> - 1:17.0.0.0.33-0.1.ea.rolling
- alternatives creation moved to posttrans
- Thus fixing the old reisntall issue:
-
https://bugzilla.redhat.com/show_bug.cgi?id=1200302
-
https://bugzilla.redhat.com/show_bug.cgi?id=1976053
* Fri Jul 30 2021 Andrew Hughes <gnu.andrew(a)redhat.com> -
1:17.0.0.0.33-0.0.ea.rolling
- Update to jdk-17+33, including JDWP fix and July 2021 CPU
- Resolves: rhbz#1972529
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
1:17.0.0.0.26-0.4.ea.rolling.1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Fri Jul 2 2021 Andrew Hughes <gnu.andrew(a)redhat.com> -
1:17.0.0.0.26-0.4.ea.rolling
- Use the "reverse" build loop (debug first) as the main and only build loop to
get more diagnostics.
- Remove restriction on disabling product build, as debug packages no longer have javadoc
packages.
* Mon Jun 28 2021 Petra Alice Mikova <pmikova(a)redhat.com> -
1:17.0.0.0.26-0.3.ea.rolling
- fix patch rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch which made
the SunPKCS provider show up again
- Resolves: rhbz#1971120
* Thu Jun 24 2021 Severin Gehwolf <sgehwolf(a)redhat.com> -
1:17.0.0.0.26-0.2.ea.rolling
- Re-enable TestSecurityProperties after inclusion of PR3695
* Thu Jun 24 2021 Andrew Hughes <gnu.andrew(a)redhat.com> -
1:17.0.0.0.26-0.2.ea.rolling
- Add PR3695 to allow the system crypto policy to be turned off
* Thu Jun 24 2021 Severin Gehwolf <sgehwolf(a)redhat.com> -
1:17.0.0.0.26-0.1.ea.rolling
- Update buildjdkver to 17 so as to build with itself
* Fri Jun 11 2021 Petra Alice Mikova <pmikova(a)redhat.com> -
1:17.0.0.0.26-0.0.ea.rolling
- update sources to jdk 17.0.0+26
- set is_ga to 0, as this is early access build
- change vendor_version_string
- change path to the version-numbers.conf
- removed rmid binary from files and from slaves
- removed JAVAC_FLAGS=-g from make command, as it breaks the build since JDK-8258407
- add lib/libsyslookup.so to files
- renamed lib/security/blacklisted.certs to lib/security/blocked.certs
- add lib/libsvml.so for intel
- skip debuginfo check for libsyslookup.so on s390x
* Fri May 7 2021 Jiri Vanek <jvanek(a)redhat.com> -1:16.0.1.0.9-3.rolling
- removed cjc backward comaptiblity, to fix when both rpm 4.16 and 4.17 are in
transaction
* Thu Apr 29 2021 Jiri Vanek <jvanek(a)redhat.com> - 1:16.0.1.0.9-2.rolling
- adapted to newst cjc to fix issue with rpm 4.17
- Disable copy-jdk-configs for Flatpak builds
* Sun Apr 25 2021 Petra Alice Mikova <pmikova(a)redhat.com> - 1:16.0.1.0.9-1.rolling
- update to 16.0.1+9 april cpu tag
- dropped jdk8259949-allow_cf-protection_on_x86.patch
* Thu Mar 11 2021 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:16.0.0.0.36-2.rolling
- Perform static library build on a separate source tree with bundled image libraries
- Make static library build optional
- Based on initial work by Severin Gehwolf
* Tue Mar 9 2021 Jiri Vanek <jvanek(a)redhat.com> - 1:16.0.0.0.36-1.rolling
- fixed suggests of wrong pcsc-lite-devel(aarch-64) to correct pcsc-lite-libs(aarch-64)
- bumped buildjdkver to build by itself - 16
* Fri Feb 19 2021 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:16.0.0.0.36-0.rolling
- Update to jdk-16.0.0.0+36
- Update tarball generation script to use git following OpenJDK's move to github
- Update tarball generation script to use PR3823 which handles JDK-8235710 changes
- Use upstream default for version-pre rather than setting it to "ea" or
""
- Drop libsunec.so which is no longer generated, thanks to JDK-8235710
- Drop unnecessary compiler flags, dating back to work on GCC 6 & 10
- Adapt RH1750419 alt-java patch to still apply after some variable re-naming in the
makefiles
- Update filever to remove any trailing zeros, as in the OpenJDK build, and use for source
filename
- Use system harfbuzz now this is supported.
- Pass SOURCE_DATE_EPOCH to build for reproducible builds
* Fri Feb 19 2021 Stephan Bergmann <sbergman(a)redhat.com> - 1:15.0.2.0.7-1.rolling
- Hardcode /usr/sbin/alternatives for Flatpak builds
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
1:15.0.2.0.7-0.rolling.1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Fri Jan 22 2021 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:15.0.2.0.7-0.rolling
- Update to jdk-15.0.2.0+7
- Add release notes for 15.0.1.0 & 15.0.2.0
- Use JEP-322 Time-Based Versioning so we can handle a future 11.0.9.1-like release
correctly.
- Still use 15.0.x rather than 15.0.x.0 for file naming, as the trailing zero is omitted
from tags.
- Cleanup debug package descriptions and version number placement.
- Remove unused patch files.
* Tue Jan 19 2021 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:15.0.1.9-10.rolling
- Use -march=i686 for x86 builds if -fcf-protection is detected (needs CMOV)
* Tue Dec 22 2020 Jiri Vanek <jvanek(a)redhat.com> - 1:15.0.1.9-9.rolling
- fixed missing condition for fastdebug packages being counted as debug ones
* Sat Dec 19 2020 Jiri Vanek <jvanek(a)redhat.com> - 1:15.0.1.9-8.rolling
- removed lib-style provides for fastdebug_suffix_unquoted
* Sat Dec 19 2020 Jiri Vanek <jvanek(a)redhat.com> - 1:15.0.1.9-6.rolling
- many cosmetic changes taken from more maintained jdk11
- introduced debug_arches, bootstrap_arches, systemtap_arches, fastdebug_arches,
sa_arches, share_arches, shenandoah_arches, zgc_arches
instead of various hardcoded ifarches
- updated systemtap
- added requires excludes for debug pkgs
- removed redundant logic around jsa files
- added runtime requires of lksctp-tools and libXcomposite%
- added and used Source15 TestSecurityProperties.java, but is made always positive as
jdk15 now does not honor system policies
- s390x excluded form fastdebug build
* Thu Dec 17 2020 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:15.0.1.9-5.rolling
- introduced nm based check to verify alt-java on x86_64 is patched, and no other alt-java
or java is patched
- patch600 rh1750419-redhat_alt_java.patch amended to die, if it is used wrongly
- introduced ssbd_arches with currently only valid arch of x86_64 to separate real
alt-java architectures
* Wed Dec 9 2020 Jiri Vanek <jvanek(a)redhat.com> - 1:15.0.1.9-4.rolling
- moved wrongly placed licenses to accompany other ones
- this bad placement was killng parallel-installability and thus having bad impact to
leapp if used
* Tue Dec 1 2020 Jiri Vanek <jvanek(a)redhat.com> - 1:15.0.1.9-3.rolling
- added patch600, rh1750419-redhat_alt_java.patch, suprassing removed patch
- no longer copying of java->alt-java as it is created by patch600
* Mon Nov 23 2020 Jiri Vanek <jvanek(a)redhat.com> - 1:15.0.1.9-2.rolling
- Create a copy of java as alt-java with alternatives and man pages
- java-11-openjdk doesn't have a JRE tree, so don't try and copy alt-java
there...
* Sun Oct 25 2020 Petra Alice Mikova <pmikova(a)redhat.com> - 1:15.0.1.9-1.rolling
- updated to October CPU 2020 sources
* Thu Oct 22 2020 Severin Gehwolf <sgehwolf(a)redhat.com> - 1:15.0.0.36-4.rolling
- Fix directory ownership of -static-libs sub-package.
* Fri Oct 9 2020 Jiri Vanek <jvanek(a)redhat.com> - 1:15.0.0.36-3.rolling
- Build static-libs-image and add resulting files via -static-libs sub-package.
- Disable stripping of debug symbols for static libraries part of the -static-libs
sub-package.
- JDK-8245832 increases the set of static libraries, so try and include them all with a
wildcard.
- Update static-libs packaging to new layout
* Mon Sep 21 2020 Petra Alice Mikova <pmikova(a)redhat.com> - 1:15.0.0.36-2.rolling
- Add support for fastdebug builds on 64 bit architectures
* Tue Sep 15 2020 Severin Gehwolf <sgehwolf(a)redhat.com> - 1:15.0.0.36-1.rolling
- Remove EA designation
- Re-generate sources with PR3803 patch
* Mon Aug 31 2020 Petra Alice Mikova <pmikova(a)redhat.com> -
1:15.0.0.36-0.1.ea.rolling
- Update to jdk 15.0.0.36 tag
- Modify rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch
- Update vendor version string to 20.9
- jjs removed from packaging after JEP 372: Nashorn removal
- rmic removed from packaging after JDK-8225319
* Mon Jul 27 2020 Severin Gehwolf <sgehwolf(a)redhat.com> - 1:14.0.2.12-2.rolling
- Disable LTO so as to pass debuginfo check
* Wed Jul 22 2020 Petra Alice Mikova <pmikova(a)redhat.com> - 1:14.0.2.12-1.rolling
- update to jdk 14.0.2.12 CPU version
- remove upstreamed patch jdk8237879-make_4_3_build_fixes.patch
- remove upstreamed patch jdk8235833-posixplatform_cpp_should_not_include_sysctl_h.patch
- remove upstreamed patch jdk8243059-build_fails_when_with_vendor_contains_comma.patch
--------------------------------------------------------------------------------
================================================================================
kiwi-9.24.48-1.el9 (FEDORA-EPEL-2022-086c50976e)
Flexible operating system image builder
--------------------------------------------------------------------------------
Update Information:
Update kiwi and kiwi-boxed-plugin to get various fixes for building images
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 14 2022 Neal Gompa <ngompa(a)fedoraproject.org> - 9.24.48-1
- Update to 9.24.48 (RH#2106248)
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 9.24.44-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
kiwi-boxed-plugin-0.2.23-1.el9 (FEDORA-EPEL-2022-086c50976e)
KIWI - Boxed Build Plugin
--------------------------------------------------------------------------------
Update Information:
Update kiwi and kiwi-boxed-plugin to get various fixes for building images
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 2 2022 Neal Gompa <ngompa(a)fedoraproject.org> - 0.2.23-1
- Update to 0.2.23 (RH#2065051)
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.2.17-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.2.17-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
libmd-1.0.4-2.el9 (FEDORA-EPEL-2022-7a50056ac1)
Library that provides message digest functions from BSD systems
--------------------------------------------------------------------------------
Update Information:
The libmd library provides a few message digest ("hash") functions, as found on
various BSD systems, either on their libc or on a library with the same name,
and with a compatible API.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 14 2022 Robert Scheck <robert(a)fedoraproject.org> 1.0.4-2
- Update license identifier to SPDX expression (#2094582 #c11)
* Wed Jun 8 2022 Robert Scheck <robert(a)fedoraproject.org> 1.0.4-1
- Upgrade to 1.0.4 (#2094582)
- Initial spec file for Fedora and Red Hat Enterprise Linux
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2094582 - Review Request: libmd - Library that provides message digest
functions from BSD systems
https://bugzilla.redhat.com/show_bug.cgi?id=2094582
--------------------------------------------------------------------------------
================================================================================
netplan-0.105-2.el9 (FEDORA-EPEL-2022-01480de241)
Network configuration tool using YAML
--------------------------------------------------------------------------------
Update Information:
Remove Netplan configuration snippets accidentally shipped in the main package
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 14 2022 Neal Gompa <ngompa(a)fedoraproject.org> - 0.105-2
- Fix configuration snippet file ownership
--------------------------------------------------------------------------------
================================================================================
python-colorlog-6.7.0-1.el9 (FEDORA-EPEL-2022-de6747e72d)
Colored formatter for the Python logging module
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release 6.7.0 (closes rhbz#2122243)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 14 2022 Fabian Affolter <mail(a)fabian-affolter.ch> - 6.7.0-1
- Update to latest upstream release 6.7.0 (closes rhbz#2122243)
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 6.6.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Mon Jun 13 2022 Python Maint <python-maint(a)redhat.com> - 6.6.0-2
- Rebuilt for Python 3.11
* Tue Feb 22 2022 Fabian Affolter <mail(a)fabian-affolter.ch> - 6.6.0-1
- Update to latest upstream release 6.6.0 (closes rhbz#2021282)
* Fri Jan 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 6.5.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Wed Oct 13 2021 Fabian Affolter <mail(a)fabian-affolter.ch> - 6.5.0-1
- Update to latest upstream release 6.5.0 (closes rhbz#2011781)
* Thu Aug 26 2021 Fabian Affolter <mail(a)fabian-affolter.ch> - 6.4.1-1
- Update to latest upstream release 6.4.1 (rhbz#1941570)
* Fri Jul 23 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.7.2-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Fri Jun 4 2021 Python Maint <python-maint(a)redhat.com> - 4.7.2-3
- Rebuilt for Python 3.10
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.7.2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Thu Jan 14 2021 Fabian Affolter <mail(a)fabian-affolter.ch> - 4.7.2-1
- Update to latest upstream release 4.7.2 (#1916286)
* Sun Dec 6 2020 Fabian Affolter <mail(a)fabian-affolter.ch> - 4.6.2-1
- Update to latest upstream release 4.6.2 (#1895866)
* Sun Nov 8 2020 Fabian Affolter <mail(a)fabian-affolter.ch> - 4.5.0-1
- Update to latest upstream release 4.5.0 (#1895334)
* Thu Oct 8 2020 Fabian Affolter <mail(a)fabian-affolter.ch> - 4.4.0-1
- Update to latest upstream release 4.4.0 (#1886516)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2125912 - Please branch and build python-colorlog in epel9
https://bugzilla.redhat.com/show_bug.cgi?id=2125912
--------------------------------------------------------------------------------
================================================================================
python-email-validator-1.1.1-8.el9 (FEDORA-EPEL-2022-c61594d1d0)
A robust email syntax and deliverability validation library
--------------------------------------------------------------------------------
Update Information:
Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1.1-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jun 14 2022 Python Maint <python-maint(a)redhat.com> - 1.1.1-7
- Rebuilt for Python 3.11
* Fri Jan 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1.1-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Fri Jul 23 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1.1-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Fri Jun 4 2021 Python Maint <python-maint(a)redhat.com> - 1.1.1-4
- Rebuilt for Python 3.10
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1.1-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Jul 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2070406 - [RFE: EPEL9] EPEL9 branch for python-email-validator
https://bugzilla.redhat.com/show_bug.cgi?id=2070406
--------------------------------------------------------------------------------
================================================================================
python-text-unidecode-1.3-10.el9 (FEDORA-EPEL-2022-4ca7965d0e)
A Python module for handling non-Roman text data
--------------------------------------------------------------------------------
Update Information:
Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Mon Jun 13 2022 Python Maint <python-maint(a)redhat.com> - 1.3-9
- Rebuilt for Python 3.11
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2081925 - Please branch and build python-text-unidecode in epel9
https://bugzilla.redhat.com/show_bug.cgi?id=2081925
--------------------------------------------------------------------------------
================================================================================
python-tox-3.26.0-1.el9 (FEDORA-EPEL-2022-9a08ef35e8)
Virtualenv-based automation of test activities
--------------------------------------------------------------------------------
Update Information:
Update to 3.26.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 14 2022 Miro Hron��ok <mhroncok(a)redhat.com> - 3.26.0-1
- Update to 3.26.0
* Wed Jul 13 2022 Lum��r Balhar <lbalhar(a)redhat.com> - 3.25.1-1
- Update to 3.25.1
--------------------------------------------------------------------------------
================================================================================
zbar-0.23.90-5.el9 (FEDORA-EPEL-2022-b2e05d0019)
Bar code reader
--------------------------------------------------------------------------------
Update Information:
Misc packaging cleanup
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 26 2022 Kalev Lember <klember(a)redhat.com> - 0.23.90-5
- Misc packaging cleanup
- Sort BuildRequires and Requires and split them out one per line
- Move GObject Introspection bindings to -gtk and -gtk-devel subpackages
- Split libzbar out to zbar-libs subpackage
- Tighten subpackage deps with %{_isa}
- Drop manual requires on pkgconfig and rely on rpm dep extractor
- Rename zbar-python3 to python3-zbar as per latest Python guidelines
- Use make_build and make_install macros
* Mon Aug 1 2022 Gwyn Ciesla <gwync(a)protonmail.com> - 0.23.90-4
- Only build Java on supported platforms.
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.23.90-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Mon Jun 13 2022 Python Maint <python-maint(a)redhat.com> - 0.23.90-2
- Rebuilt for Python 3.11
* Tue May 31 2022 Gwyn Ciesla <gwync(a)protonmail.com> - 0.23.90-1
- 0.23.90
* Sat Feb 5 2022 Jiri Vanek <jvanek(a)redhat.com> - 0.23-14
- Rebuilt for java-17-openjdk as system jdk
--------------------------------------------------------------------------------