The following Fedora EPEL 9 Security updates need testing:
Age URL
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-95d098a2d9
strongswan-5.9.10-1.el9
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-c14f77e922
dcmtk-3.6.6-12.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
heimdal-7.8.0-5.el9
openscap-report-0.2.0-0.el9
pack-0.29.0~rc1-1.el9
rdiff-backup-2.2.4-2.el9
rust-rayon-1.7.0-1.el9
rust-rayon-core-1.11.0-1.el9
rust-ref-cast-1.0.15-1.el9
rust-ref-cast-impl-1.0.15-1.el9
rust-serde-1.0.153-1.el9
rust-serde_derive-1.0.153-1.el9
rust-serde_test-1.0.153-1.el9
rust-thiserror-1.0.39-1.el9
rust-thiserror-impl-1.0.39-1.el9
tomcat-native-1.2.36-1.el9
yggdrasil-0.3.1-2.el9
zeromq-4.3.4-2.el9
Details about builds:
================================================================================
heimdal-7.8.0-5.el9 (FEDORA-EPEL-2023-b8decfde96)
A Kerberos 5 implementation without export restrictions
--------------------------------------------------------------------------------
Update Information:
Heimdal 7.8.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 8 2023 Alexander Bostr��m <abo(a)root.snowtree.se> - 7.8.0-5
- Remove conditionals prior to RHEL7
* Wed Mar 8 2023 Alexander Bostr��m <abo(a)root.snowtree.se> - 7.8.0-4
- remove _with_systemd conditional
- remove unused source files
* Wed Mar 8 2023 Alexander Bostr��m <abo(a)root.snowtree.se> - 7.8.0-3
- Move libraries to a lib subdirectory
- Include pkgconfig files (#1525462) (#1565954) (#1931072)
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 7.8.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Mon Nov 21 2022 Alexander Bostr��m <abo(a)root.snowtree.se> - 7.8.0-1
- Update to 7.8.0 (#2143478)
* Mon Nov 21 2022 Alexander Bostr��m <abo(a)root.snowtree.se> - 7.7.1-3
- Restart services on upgrade
* Mon Nov 21 2022 Alexander Bostr��m <abo(a)root.snowtree.se> - 7.7.1-2
- Delay service starts until after network is online (rhbz#2005501)
* Wed Nov 16 2022 Alexander Bostr��m <abo(a)root.snowtree.se> - 7.7.1-1
- Update to 7.7.1
- Remove upstreamed patch
- Replace patch with sed command
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 7.7.0-12
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 7.7.0-11
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 7.7.0-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Tue Apr 13 2021 Alexander Bostr��m <abo(a)root.snowtree.se> - 7.7.0-9
- Backport autoconf-2.70 fix
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2168549 - Please branch and build heimdal in epel9
https://bugzilla.redhat.com/show_bug.cgi?id=2168549
--------------------------------------------------------------------------------
================================================================================
openscap-report-0.2.0-0.el9 (FEDORA-EPEL-2023-00158799b6)
A tool for generating human-readable reports from (SCAP) XCCDF and ARF results
--------------------------------------------------------------------------------
Update Information:
0.2.0 (Jan Rodak)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 8 2023 Packit <hello(a)packit.dev> - 0.2.0-0
- 0.2.0 (Jan Rodak)
- Add JSON validator tool (Jan Rodak)
- Create tests (Jan Rodak)
- Update issue templates (Jan Rod��k)
- Impruve run time of unit tests (Jan Rodak)
- Add funtion for filtering JSON (Jan Rodak)
- Filter JSON keys (Jan Rodak)
- Adapt the tests and create a new test that tests the validation (Jan Rodak)
- Add an unsupported XML format to the result (Jan Rodak)
- Create validation of XCCDF files (Jan Rodak)
- Add XCCDF schemas (Jan Rodak)
- Fix typo in variable name (Jan Rodak)
- Fix problem that was spotted with new test and create test case (Jan Rodak)
- Add testcase of the crash when is used XCCDF result (Jan Rodak)
- Impruve raised expection info (Jan Rodak)
- Hide empty info about profile when isnt anvalible (Jan Rodak)
- Add missing else branch for if condition if is cpe_platform not defined in jinja (Jan
Rodak)
- Add unit tests for SharedStaticMethodsOfParser (Jan Rodak)
- Add check and check_existence atributes to report (Jan Rodak)
- Add information about OVAL state to report (Jan Rodak)
- Decompose OVALTestInfoParser class (Jan Rodak)
- Parse OVAL state (Jan Rodak)
- Add OVAL state class (Jan Rodak)
- Add info about comparison of endpoint values in OVAL test (Jan Rodak)
- Ignore deprecated settings of pylint (Jan Rodak)
- Update tests (Jan Rodak)
- Add category to report (Jan Rodak)
- Parse category of warning (Jan Rodak)
- Add Warning dataclass (Jan Rodak)
- Update pylint config (Jan Rodak)
- Reduce external dependencies of test suite (Jan Rodak)
- Fix data type (Jan Rodak)
- Change label of OVAL definition for CPE (Jan Rodak)
- Add HTML generation of CPE AL trees (Jan Rodak)
- Add css for CPE AL (Jan Rodak)
- Create place for graph with CPE AL (Jan Rodak)
- Integrate CPE AL parser (Jan Rodak)
- Create CPE AL parser (Jan Rodak)
- Add expection (Jan Rodak)
- Add imports to __init__ (Jan Rodak)
- Create cpe platform (Jan Rodak)
- Add cpe logical test (Jan Rodak)
- Create evaluation of CPE logical test (Jan Rodak)
- Use a more elegant way to copy dictionary (Jan Rodak)
- Disable automatic character escaping in jinja (Jan Rodak)
- Remove duplicite CPE trees for fedora platforms (Jan Rodak)
- Fix the classification of tests (Jan Rodak)
- Present new infromation in HTML report (Jan Rodak)
- Update test suite (Jan Rodak)
- Update jinja macros for new dataclasses (Jan Rodak)
- Replace jinja filter with methode call that use diffrent informations (Jan Rodak)
- Implement usage of TestResultOfScan and ProfileInfo dataclasses (Jan Rodak)
- Add parser of performed scan information (Jan Rodak)
- Create parser of profile information (Jan Rodak)
- Use new dataclasses in Report (Jan Rodak)
- Create ProfileInfo and TestResultOfScan dataclasses (Jan Rodak)
- Regenerate docs modules (Jan Rodak)
- Ignore old xslt codes for generating old style report for backwards compatibility (Jan
Rodak)
- Fix CWE-79 (Jan Rodak)
- Fix overwrite attribute get_report_dict, which was previously defined in superclass (Jan
Rodak)
- Explicitly import stdout, stdin with prefix sys (Jan Rodak)
- Close file after usage (Jan Rodak)
- Fix empty expections (Jan Rodak)
- Fix missing OVAL definitions in reports when is not present OVAL CPE checks (Jan Rodak)
- Fix key error platfrom without OVAL definition (Jan Rodak)
- Fix missing CPE checks (Jan Rodak)
- Update README.md (Evgeny Kolesnikov)
- Update README.md (Evgeny Kolesnikov)
- Fix parsing of checking engine result (Jan Rodak)
- Rename master branch to main in github action configs TODO : LINKS IN README etc. (Jan
Rodak)
- Rename master branch to main in realase script (Jan Rodak)
- Move comment of OVAL nodes behind result label (Jan Rodak)
- Display OVAL definitions details in the HTML report (Jan Rodak)
- Display comments in OVAL graphs (Jan Rodak)
- Replace the empty rule title with the rule id (Jan Rodak)
- Add srpm_build_deps (Jan Rodak)
- Update nodejs actions (Jan Rodak)
- Add CodeQL workflow for GitHub code scanning (LGTM Migrator)
- Add tests for oval definition (Jan Rodak)
- Reduce run time of test suite (Jan Rodak)
- Switch using oval_tree to oval_definition (Jan Rodak)
- Implement usage of OVAL definition parser (Jan Rodak)
- Create OVAL definition parser (Jan Rodak)
- Create OVAL reference (Jan Rodak)
- Create OVAL definition (Jan Rodak)
- Rename clases TestInfoParser to OVALTestInfoParser and OVALDefinitionParser to
OVALResultParser (Jan Rodak)
- Add Read the Docs configuration file (Jan Rodak)
- Improve readme (Jan Rodak)
- Update chapter layout (Jan Rodak)
- Add usage chapter to documentation (Jan Rodak)
- Add installation chapter to documentation (Jan Rodak)
- Regenerate modules (Jan Rodak)
- Add link to readthedocs (Jan Rodak)
- Fix typo (Jan Rodak)
- Add instalation and basic usage to readme (Jan Rodak)
- Fix mixing of Rule class and rule XML element (Jan Rodak)
- Rename groupe_parser to group_parser and info_of_test_parser to test_info_parser (Jan
Rodak)
- Create output format JSON-EVERYTHING (Jan Rodak)
- Use filter for generation JSON (Jan Rodak)
- Rename directory (Jan Rodak)
- Break methodes to smaller methods (Jan Rodak)
- Fix tests according to change of structure of SCAPResultsParser class (Jan Rodak)
- Rework structure SCAPResultsParser class (Jan Rodak)
- Rework assembly of OVAL and CPE trees (Jan Rodak)
- Remove None comment (Jan Rodak)
- Remove None value from definition ID (Jan Rodak)
- Fix test of remediation (Jan Rodak)
- Specify data types of Rule (Jan Rodak)
- Specify data types of Report (Jan Rodak)
- Remove default id of Remediation (Jan Rodak)
- Specify data types of OvalTest (Jan Rodak)
- Specify data types of OvalObject (Jan Rodak)
- Specify data types of OvalNode (Jan Rodak)
- Specify data types of Group (Jan Rodak)
- Create objects Identifier and Reference (Jan Rodak)
- Use buildin function asdict (Jan Rodak)
- Generate json output from report structure (Jan Rodak)
- Ignore generated JSON reports (Jan Rodak)
- Create tests (Jan Rodak)
- Use report_generators sub package (Jan Rodak)
- Create a JSON generator shell (Jan Rodak)
- Create report_generators sub package (Jan Rodak)
- Add format JSON to cli (Jan Rodak)
- Fix W1514 (Jan Rodak)
- Update pylint config (Jan Rodak)
- Add a copy to the clipboard for the rule ID field (Jan Rodak)
- Fix problem with the formatting of command line options (Jan Rodak)
- Replace default value TextIOWrapper with name of file in man page (Jan Rodak)
- Remove enumerte of choices for alternative options (Jan Rodak)
- Format lists of descriptions of choices (Jan Rodak)
- Fix FIRST_HIDDEN_ELEMENT is null (Jan Rodak)
- Remove unused template file (Jan Rodak)
- Move CSS style to separate file (Jan Rodak)
- Minimalize the usage of inline styles (Jan Rodak)
- Add footer to report (Jan Rodak)
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.1.3-1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
pack-0.29.0~rc1-1.el9 (FEDORA-EPEL-2023-901871dabc)
Convert code into runnable images
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2022-41717, CVE-2022-24675, CVE-2022-28327 ---- Resolves:
#2161300 - set _fortify_level 3
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 8 2023 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.29.0~rc1-1
- bump to v0.29.0-rc1
* Wed Mar 8 2023 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.28.0-3
- Revert "Resolves: #2161300 - set _fortify_level 3"
* Mon Mar 6 2023 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.28.0-2
- Resolves: #2161300 - set _fortify_level 3
* Mon Mar 6 2023 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.28.0-1
- bump to v0.28.0
* Mon Mar 6 2023 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.28.0~rc2-4
- fix build flags specification
* Mon Mar 6 2023 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.28.0~rc2-3
- migrated to SPDX license
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> -
0.28.0~rc2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Mon Dec 12 2022 RH Container Bot <rhcontainerbot(a)fedoraproject.org> -
0.28.0~rc2-1
- auto bump to v0.28.0-rc2
* Mon Oct 10 2022 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.27.0-7
- update autosetup
* Mon Oct 10 2022 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.27.0-6
- add macros for getting correct version and add comment about Source0
tarball
* Wed Aug 17 2022 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.27.0-5
- use built_tag_strip macro instead of built_tag for rhcontainerbot
autobuilder
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.27.0-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jul 19 2022 Maxwell G <gotmax(a)e.email> - 0.27.0-3
- Rebuild for
CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang
* Sun Jul 10 2022 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 0.27.0-2
- Rebuild for CVE-2022-{24675,28327,29526 in golang}
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2077688 - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode
https://bugzilla.redhat.com/show_bug.cgi?id=2077688
[ 2 ] Bug #2077689 - CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized
scalar
https://bugzilla.redhat.com/show_bug.cgi?id=2077689
[ 3 ] Bug #2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive
memory growth in a Go server accepting HTTP/2 requests
https://bugzilla.redhat.com/show_bug.cgi?id=2161274
--------------------------------------------------------------------------------
================================================================================
rdiff-backup-2.2.4-2.el9 (FEDORA-EPEL-2023-5723591cac)
Convenient and transparent local/remote incremental mirror/backup
--------------------------------------------------------------------------------
Update Information:
Small Fix Release v2.2.4 - Fedora/EPEL Release
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 8 2023 Frank Crawford <frank(a)crawford.emu.id.au> - 2.2.4-2
- Small Fix Release v2.2.4 - Fedora/EPEL Release
* Tue Feb 28 2023 Frank Crawford <frank(a)crawford.emu.id.au> - 2.2.4-1
- Small Fix Release v2.2.4 - COPR Release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2173670 - rdiff-backup-2.2.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2173670
--------------------------------------------------------------------------------
================================================================================
rust-rayon-1.7.0-1.el9 (FEDORA-EPEL-2023-e7c1ee7366)
Simple work-stealing parallelism for Rust
--------------------------------------------------------------------------------
Update Information:
- Update the rayon crate to version 1.7.0. - Update the rayon-core crate to
version 1.11.0.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 7 2023 Fabio Valentini <decathorpe(a)gmail.com> - 1.7.0-1
- Update to version 1.7.0; Fixes RHBZ#2175353
--------------------------------------------------------------------------------
================================================================================
rust-rayon-core-1.11.0-1.el9 (FEDORA-EPEL-2023-e7c1ee7366)
Core APIs for Rayon
--------------------------------------------------------------------------------
Update Information:
- Update the rayon crate to version 1.7.0. - Update the rayon-core crate to
version 1.11.0.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 7 2023 Fabio Valentini <decathorpe(a)gmail.com> - 1.11.0-1
- Update to version 1.11.0; Fixes RHBZ#2175354
--------------------------------------------------------------------------------
================================================================================
rust-ref-cast-1.0.15-1.el9 (FEDORA-EPEL-2023-c6d9dd9021)
Safely cast &T to &U where the struct U contains a single field of type T
--------------------------------------------------------------------------------
Update Information:
Update the ref-cast and ref-cast-impl crates to version 1.0.15.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 7 2023 Fabio Valentini <decathorpe(a)gmail.com> - 1.0.15-1
- Update to version 1.0.15; Fixes RHBZ#2175345
--------------------------------------------------------------------------------
================================================================================
rust-ref-cast-impl-1.0.15-1.el9 (FEDORA-EPEL-2023-c6d9dd9021)
Derive implementation for ref_cast::RefCast
--------------------------------------------------------------------------------
Update Information:
Update the ref-cast and ref-cast-impl crates to version 1.0.15.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 7 2023 Fabio Valentini <decathorpe(a)gmail.com> - 1.0.15-1
- Update to version 1.0.15; Fixes RHBZ#2175346
--------------------------------------------------------------------------------
================================================================================
rust-serde-1.0.153-1.el9 (FEDORA-EPEL-2023-452b442f3a)
Generic serialization/deserialization framework
--------------------------------------------------------------------------------
Update Information:
Update the serde, serde_derive, and serde_test crates to version 1.0.153.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 7 2023 Fabio Valentini <decathorpe(a)gmail.com> - 1.0.153-1
- Update to version 1.0.153; Fixes RHBZ#2176251
--------------------------------------------------------------------------------
================================================================================
rust-serde_derive-1.0.153-1.el9 (FEDORA-EPEL-2023-452b442f3a)
Macros 1.1 implementation of #[derive(Serialize, Deserialize)]
--------------------------------------------------------------------------------
Update Information:
Update the serde, serde_derive, and serde_test crates to version 1.0.153.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 7 2023 Fabio Valentini <decathorpe(a)gmail.com> - 1.0.153-1
- Update to version 1.0.153; Fixes RHBZ#2176252
--------------------------------------------------------------------------------
================================================================================
rust-serde_test-1.0.153-1.el9 (FEDORA-EPEL-2023-452b442f3a)
Token De/Serializer for testing De/Serialize implementations
--------------------------------------------------------------------------------
Update Information:
Update the serde, serde_derive, and serde_test crates to version 1.0.153.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 7 2023 Fabio Valentini <decathorpe(a)gmail.com> - 1.0.153-1
- Update to version 1.0.153; Fixes RHBZ#2176253
--------------------------------------------------------------------------------
================================================================================
rust-thiserror-1.0.39-1.el9 (FEDORA-EPEL-2023-86bdd45490)
Derive(Error)
--------------------------------------------------------------------------------
Update Information:
Update the thiserror and thiserror-impl crates to version 1.0.39.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 7 2023 Fabio Valentini <decathorpe(a)gmail.com> - 1.0.39-1
- Update to version 1.0.39; Fixes RHBZ#2175594
--------------------------------------------------------------------------------
================================================================================
rust-thiserror-impl-1.0.39-1.el9 (FEDORA-EPEL-2023-86bdd45490)
Implementation detail of the thiserror crate
--------------------------------------------------------------------------------
Update Information:
Update the thiserror and thiserror-impl crates to version 1.0.39.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 7 2023 Fabio Valentini <decathorpe(a)gmail.com> - 1.0.39-1
- Update to version 1.0.39; Fixes RHBZ#2175593
--------------------------------------------------------------------------------
================================================================================
tomcat-native-1.2.36-1.el9 (FEDORA-EPEL-2023-7936b9ab36)
Tomcat native library
--------------------------------------------------------------------------------
Update Information:
Downgrade to 1.2.x. * RHBZ#2124703 Http11AprProtocol / SSL fails with tomcat-
native 2.x
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 8 2023 Hui Wang <huwang(a)redhat.com> - 1:1.2.36-1
- Downgrade to 1.2.36 (#2124703)
* Fri Nov 18 2022 Hui Wang <huwang(a)redhat.com> - 2.0.2-1
- Update to 2.0.2 (#2141021)
--------------------------------------------------------------------------------
================================================================================
yggdrasil-0.3.1-2.el9 (FEDORA-EPEL-2023-e0d2385c89)
Remote data transmission and processing client
--------------------------------------------------------------------------------
Update Information:
Update yggdrasil to 0.3.1
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 8 2023 Link Dupont <linkdupont(a)fedoraproject.org> - 0.3.1-2
- Initial package
--------------------------------------------------------------------------------
================================================================================
zeromq-4.3.4-2.el9 (FEDORA-EPEL-2023-8332829962)
Software library for fast, message-based applications
--------------------------------------------------------------------------------
Update Information:
Disable building with libunwind to fix C++ exceptions when a C application loads
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 7 2023 Ben Woodard <woodard(a)redhat.com> - 4.3.4-2
- disable building with libunwind to fix C++ exceptions when a C applicaion loads
a module written in C++ #2175966
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2175966 - zeromq includes libunwind
https://bugzilla.redhat.com/show_bug.cgi?id=2175966
--------------------------------------------------------------------------------