November 2023 - package-announce - Fedora Mailing-Lists

[SECURITY] Fedora 38 Update: mingw-poppler-23.02.0-2.fc38

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-4eff9e2cd6 2023-11-30 03:33:42.162727 -------------------------------------------------------------------------------- Name : mingw-poppler Product : Fedora 38 Version : 23.02.0 Release : 2.fc38 URL : http://poppler.freedesktop.org/ Summary : MinGW Windows Poppler library Description : MinGW Windows Poppler library. -------------------------------------------------------------------------------- Update Information: Backport fix for CVE-2023-34872. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 21 2023 Sandro Mani <manisandro(a)gmail.com> - 23.02.0-2 - Backport patch for CVE-2023-34872 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2250822 - CVE-2023-34872 mingw-poppler: poppler: Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open. [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2250822 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-4eff9e2cd6' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

5 months, 3 weeks

1
0
0 / 0

Fedora 38 Update: python-pypandoc-1.12.post318-1.fc38

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-91efa0ce8f 2023-11-30 03:33:42.162718 -------------------------------------------------------------------------------- Name : python-pypandoc Product : Fedora 38 Version : 1.12.post318 Release : 1.fc38 URL : https://github.com/bebraw/pypandoc Summary : Thin wrapper for pandoc Description : pypandoc provides a thin Python wrapper for pandoc, a universal document converter, allowing parsing and conversion of pandoc-formatted text. -------------------------------------------------------------------------------- Update Information: Latest upstream version. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 21 2023 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 1.12.post318-1 - Version 1.12.post318 (rhbz#2244679) * Tue Nov 21 2023 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 1.11-1 - Version 1.11 (rhbz#2129434, rhbz#2174872) -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-91efa0ce8f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

5 months, 3 weeks

1
0
0 / 0

Fedora 38 Update: php-8.2.13-1.fc38

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-0482054a20 2023-11-30 03:33:42.162710 -------------------------------------------------------------------------------- Name : php Product : Fedora 38 Version : 8.2.13 Release : 1.fc38 URL : http://www.php.net/ Summary : PHP scripting language for creating dynamic web sites Description : PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. -------------------------------------------------------------------------------- Update Information: **PHP version 8.2.13** (23 Nov 2023) **Core:** * Fixed double-free of non- interned enum case name. (ilutov) * Fixed bug [GH-12457](https://github.com/php/php-src/issues/12457) (Incorrect result of stripos with single character needle). (SakiTakamachi) * Fixed bug [GH-12468](https://github.com/php/php-src/issues/12468) (Double-free of doc_comment when overriding static property via trait). (ilutov) * Fixed segfault caused by weak references to FFI objects. (sj-i) * Fixed max_execution_time: don't delete an unitialized timer. (K��vin Dunglas) * Fixed bug [GH-12558](https://github.com/php/php-src/issues/12558) (Arginfo soft-breaks with namespaced class return type if the class name starts with N). (kocsismate) **DOM:** * Fix registerNodeClass with abstract class crashing. (nielsdos) * Add missing NULL pointer error check. (icy17) * Fix validation logic of php:function() callbacks. (nielsdos) **Fiber:** * Fixed bug [GH-11121](https://github.com/php/php-src/issues/11121) (ReflectionFiber segfault). (danog, trowski, bwoebi) **FPM:** * Fixed bug [GH-9921](https://github.com/php/php-src/issues/9921) (Loading ext in FPM config does not register module handlers). (Jakub Zelenka) * Fixed bug [GH-12232](https://github.com/php/php-src/issues/12232) (FPM: segfault dynamically loading extension without opcache). (Jakub Zelenka) * Fixed bug php#76922 (FastCGI terminates conn after FCGI_GET_VALUES). (Jakub Zelenka) **Intl:** * Removed the BC break on IntlDateFormatter::construct which threw an exception with an invalid locale. (David Carlier) **Opcache:** * Added warning when JIT cannot be enabled. (danog) * Fixed bug [GH-8143](https://github.com/php/php-src/issues/8143) (Crashes in zend_accel_inheritance_cache_find since upgrading to 8.1.3 due to corrupt on- disk file cache). (turchanov) **OpenSSL:** * Fixed bug [GH-12489](https://github.com/php/php-src/issues/12489) (Missing sigbio creation checking in openssl_cms_verify). (Jakub Zelenka) **SOAP:** * Fixed bug [GH-12392](https://github.com/php/php-src/issues/12392) (Segmentation fault on SoapClient::__getTypes). (nielsdos) * Fixed bug php#66150 (SOAP WSDL cache race condition causes Segmentation Fault). (nielsdos) * Fixed bug php#67617 (SOAP leaves incomplete cache file on ENOSPC). (nielsdos) * Fix incorrect uri check in SOAP caching. (nielsdos) * Fix segfault and assertion failure with refcounted props and arrays. (nielsdos) * Fix potential crash with an edge case of persistent encoders. (nielsdos) * Fixed bug php#75306 (Memleak in SoapClient). (nielsdos) **Streams:** * Fixed bug php#75708 (getimagesize with "&$imageinfo" fails on StreamWrappers). (Jakub Zelenka) **XMLReader:** * Add missing NULL pointer error check. (icy17) **XMLWriter:** * Add missing NULL pointer error check. (icy17) **XSL:** * Add missing module dependency. (nielsdos) * Fix validation logic of php:function() callbacks. (nielsdos) -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 21 2023 Remi Collet <remi(a)remirepo.net> - 8.2.13-1 - Update to 8.2.13 - http://www.php.net/releases/8_2_13.php -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-0482054a20' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

5 months, 3 weeks

1
0
0 / 0

Fedora 38 Update: mozilla-privacy-badger-2023.10.31-1.fc38

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-fa30e33f6a 2023-11-30 03:33:42.162702 -------------------------------------------------------------------------------- Name : mozilla-privacy-badger Product : Fedora 38 Version : 2023.10.31 Release : 1.fc38 URL : https://www.eff.org/privacybadger Summary : Protects your privacy by blocking spying ads and invisible trackers Description : Privacy Badger is a browser add-on that stops advertisers and other third-party trackers from secretly tracking where you go and what pages you look at on the web. If an advertiser seems to be tracking you across multiple websites without your permission, Privacy Badger automatically blocks that advertiser from loading any more content in your browser. To the advertiser, it's like you suddenly disappeared. -------------------------------------------------------------------------------- Update Information: * Added widget replacement for embedded Tweets. Privacy Badger replaces potentially useful widgets with placeholders. These replacements protect privacy while letting you restore the original widget whenever you want it or need it for the page to function. * Fixed various site breakages * Improved Brazilian Portuguese and Swedish translations -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 21 2023 Dominik Mierzejewski <dominik(a)greysector.net> - 2023.10.31-1 - update to 2023.10.31 (#2247503) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2247503 - mozilla-privacy-badger-2023.10.31 is available https://bugzilla.redhat.com/show_bug.cgi?id=2247503 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-fa30e33f6a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

5 months, 3 weeks

1
0
0 / 0

Fedora 38 Update: mozilla-noscript-11.4.28-1.fc38

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-760adc735a 2023-11-30 03:33:42.162693 -------------------------------------------------------------------------------- Name : mozilla-noscript Product : Fedora 38 Version : 11.4.28 Release : 1.fc38 URL : http://noscript.net/ Summary : JavaScript white list extension for Mozilla Firefox Description : The NoScript extension provides extra protection for Firefox. It allows JavaScript, Java, Flash and other plug-ins to be executed only by trusted web sites of your choice (e.g. your online bank) and additionally provides Anti-XSS protection. -------------------------------------------------------------------------------- Update Information: * Prevent URL leaks from media placeholders (thanks NDevTK for report) * [nscl] Support for in-tree TLDs updates -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 21 2023 Dominik Mierzejewski <dominik(a)greysector.net> - 11.4.28-1 - update to 11.4.28 (#2242773) - bundled sha256 implementation is gone -------------------------------------------------------------------------------- References: [ 1 ] Bug #2242773 - mozilla-noscript-11.4.28 is available https://bugzilla.redhat.com/show_bug.cgi?id=2242773 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-760adc735a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

5 months, 3 weeks

1
0
0 / 0

Fedora 38 Update: libabigail-2.4-4.fc38

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-96c4615a6c 2023-11-30 03:33:42.162685 -------------------------------------------------------------------------------- Name : libabigail Product : Fedora 38 Version : 2.4 Release : 4.fc38 URL : https://sourceware.org/libabigail/ Summary : Set of ABI analysis tools Description : The libabigail package comprises seven command line utilities: abidiff, kmidiff, abipkgdiff, abicompat, abidw, and abilint. The abidiff command line tool compares the ABI of two ELF shared libraries and emits meaningful textual reports about changes impacting exported functions, variables and their types. Simarly, the kmidiff compares the kernel module interface of two Linux kernels. abipkgdiff compares the ABIs of ELF binaries contained in two packages. abicompat checks if a subsequent version of a shared library is still compatible with an application that is linked against it. abidw emits an XML representation of the ABI of a given ELF shared library. abilint checks that a given XML representation of the ABI of a shared library is correct. Install libabigail if you need to compare the ABI of ELF shared libraries. -------------------------------------------------------------------------------- Update Information: Fix SPDX licensing string ---- Fix sourceware.org/PR31017 -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 20 2023 Dodji Seketeli <dodji(a)redhat.com> - 2.4-4 - Fix SPDX licensing string * Wed Nov 15 2023 Dodji Seketeli <dodji(a)redhat.com> - 2.4-3 - Fix sourceware.org/PR31017 "Support Flex array conversion suppression" Apply patch 0002-suppression-Add-has_strict_flexible_array_data_membe.patch * Tue Nov 14 2023 Dodji Seketeli <dodji(a)redhat.com> - 2.4-2 - Fix sourceware.org/PR31045 "Don't try setting translation unit for unique types" Apply patch 0001-Bug-31045-Don-t-try-setting-translation-unit-for-uni.patch. That patch is applied in upstream mainline and will be available in libabigail 2.5. - Use %setup -q /usr/bin/git init -q /usr/bin/git config user.name "rpm-build" /usr/bin/git config user.email "<rpm-build>" /usr/bin/git config gc.auto 0 /usr/bin/git add --force . /usr/bin/git commit -q --allow-empty -a\ --author "rpm-build <rpm-build>" -m "libabigail-2.4 base" /usr/bin/git checkout --track -b rpm-build /usr/lib/rpm/rpmuncompress /builddir/build/SOURCES/0001-Bug-31045-Don-t-try-setting-translation-unit-for-uni.patch | /usr/bin/git apply --index --reject - /usr/bin/git commit -q -m 0001-Bug-31045-Don-t-try-setting-translation-unit-for-uni.patch --author "rpm-build <rpm-build>" /usr/lib/rpm/rpmuncompress /builddir/build/SOURCES/0002-suppression-Add-has_strict_flexible_array_data_membe.patch | /usr/bin/git apply --index --reject - /usr/bin/git commit -q -m 0002-suppression-Add-has_strict_flexible_array_data_membe.patch --author "rpm-build <rpm-build>" - Add git as a build requirement -------------------------------------------------------------------------------- References: [ 1 ] Bug #31017 - AMI Megaraid driver problem https://bugzilla.redhat.com/show_bug.cgi?id=31017 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-96c4615a6c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

5 months, 3 weeks

1
0
0 / 0

Fedora 38 Update: distrobox-1.6.0.1-1.fc38

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-4190293d69 2023-11-30 03:33:42.162677 -------------------------------------------------------------------------------- Name : distrobox Product : Fedora 38 Version : 1.6.0.1 Release : 1.fc38 URL : https://github.com/89luca89/distrobox Summary : Another tool for containerized command line environments on Linux Description : Use any linux distribution inside your terminal. Distrobox uses podman or docker to create containers using the linux distribution of your choice. Created container will be tightly integrated with the host, allowing to share the HOME directory of the user, external storage, external usb devices and graphical apps (X11/Wayland) and audio. -------------------------------------------------------------------------------- Update Information: Update to 1.6.0.1 ---- Update to 1.6.0 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 21 2023 Alessio <alciregi(a)fedoraproject.org> - 1.6.0.1-1 - Update to 1.6.0.1 * Mon Nov 20 2023 Alessio <alciregi(a)fedoraproject.org> - 1.6.0-1 - Update to 1.6.0 * Wed Jul 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.5.0.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-4190293d69' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

5 months, 3 weeks

1
0
0 / 0

Fedora 38 Update: ghc-rpm-macros-2.6.5-1.fc38

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-77f0be1eca 2023-11-30 03:33:42.162668 -------------------------------------------------------------------------------- Name : ghc-rpm-macros Product : Fedora 38 Version : 2.6.5 Release : 1.fc38 URL : https://src.fedoraproject.org/rpms/ghc-rpm-macros/ Summary : RPM macros for building Haskell packages for GHC Description : A set of macros for building GHC packages following the Haskell Guidelines of the Fedora Haskell SIG. -------------------------------------------------------------------------------- Update Information: ghc9.8: - rebuild with ghc-rpm-macros-2.6.5 to fix prof deps (thanks mimi1vx) ghc-rpm-macros: - ghc-deps.sh: ghc-9.8 prof fixes adapted from mimi1vx (opensuse) - improve ghc-info.sh with a show mode -------------------------------------------------------------------------------- ChangeLog: * Sun Nov 12 2023 Jens Petersen <petersen(a)redhat.com> - 2.6.5-1 - ghc-deps.sh: ghc-9.8 prof fixes adapted from mimi1vx (opensuse) - improve ghc-info.sh with a show mode * Thu Nov 9 2023 Jens Petersen <petersen(a)redhat.com> - 2.6.4-1 - fix my flatpak comments * Mon Oct 30 2023 Yaakov Selkowitz <yselkowi(a)redhat.com> - 2.6.3-1 - Fix flatpak builds -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-77f0be1eca' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

5 months, 3 weeks

1
0
0 / 0

Fedora 38 Update: ghc9.8-9.8.1-2.fc38

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-77f0be1eca 2023-11-30 03:33:42.162668 -------------------------------------------------------------------------------- Name : ghc9.8 Product : Fedora 38 Version : 9.8.1 Release : 2.fc38 URL : https://haskell.org/ghc/ Summary : Glasgow Haskell Compiler Description : GHC is a state-of-the-art, open source, compiler and interactive environment for the functional language Haskell. Highlights: - GHC supports the entire Haskell 2010 language plus a wide variety of extensions. - GHC has particularly good support for concurrency and parallelism, including support for Software Transactional Memory (STM). - GHC generates fast code, particularly for concurrent programs. Take a look at GHC's performance on The Computer Language Benchmarks Game. - GHC works on several platforms including Windows, Mac, Linux, most varieties of Unix, and several different processor architectures. - GHC has extensive optimisation capabilities, including inter-module optimisation. - GHC compiles Haskell code either directly to native code or using LLVM as a back-end. GHC can also generate C code as an intermediate target for porting to new platforms. The interactive environment compiles Haskell to bytecode, and supports execution of mixed bytecode/compiled programs. - Profiling is supported, both by time/allocation and various kinds of heap profiling. - GHC comes with several libraries, and thousands more are available on Hackage. -------------------------------------------------------------------------------- Update Information: ghc9.8: - rebuild with ghc-rpm-macros-2.6.5 to fix prof deps (thanks mimi1vx) ghc-rpm-macros: - ghc-deps.sh: ghc-9.8 prof fixes adapted from mimi1vx (opensuse) - improve ghc-info.sh with a show mode -------------------------------------------------------------------------------- ChangeLog: * Sun Nov 12 2023 Jens Petersen <petersen(a)redhat.com> - 9.8.1-2 - rebuild with ghc-rpm-macros-2.6.5 to fix prof deps (thanks mimi1vx) * Thu Oct 26 2023 Jens Petersen <petersen(a)redhat.com> - 9.8.1-1 - https://downloads.haskell.org/ghc/9.8.1/docs/users_guide/9.8.1-notes.html -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-77f0be1eca' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

5 months, 3 weeks

1
0
0 / 0

Fedora 38 Update: SoQt-1.6.0-13.fc38

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-2fa7f58f7d 2023-11-30 03:33:42.162659 -------------------------------------------------------------------------------- Name : SoQt Product : Fedora 38 Version : 1.6.0 Release : 13.fc38 URL : http://www.coin3d.org Summary : High-level 3D visualization library Description : SoQt is a Qt GUI component toolkit library for Coin. It is also compatible with SGI and TGS Open Inventor, and the API is based on the API of the InventorXt GUI component toolkit. -------------------------------------------------------------------------------- Update Information: Update to Coin 4.0.1. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 20 2023 Richard Shaw <hobbes1069(a)gmail.com> - 1.6.0-13 - Rebuild for Coin4. -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-2fa7f58f7d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

5 months, 3 weeks

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

package-announce November 2023