The following Fedora 37 Security updates need testing: Age URL 155 https://bodhi.fedoraproject.org/updates/FEDORA-2023-4b892d116d cutter-re-2.2.1-1.fc37 rizin-0.5.2-1.fc37 54 https://bodhi.fedoraproject.org/updates/FEDORA-2023-5c4718e547 containerd-1.6.23-1.fc37 10 https://bodhi.fedoraproject.org/updates/FEDORA-2023-e0ab860391 mbedtls-2.28.5-1.fc37 9 https://bodhi.fedoraproject.org/updates/FEDORA-2023-fff0c857d6 samba-4.17.12-1.fc37 9 https://bodhi.fedoraproject.org/updates/FEDORA-2023-881672fdab xen-4.16.5-3.fc37 7 https://bodhi.fedoraproject.org/updates/FEDORA-2023-fef2b8da32 curl-7.85.0-12.fc37 7 https://bodhi.fedoraproject.org/updates/FEDORA-2023-b2c50535cb nghttp2-1.51.0-2.fc37 7 https://bodhi.fedoraproject.org/updates/FEDORA-2023-fa9b5d57d3 thunderbird-115.3.2-1.fc37 5 https://bodhi.fedoraproject.org/updates/FEDORA-2023-954c2ec5bd matrix-synapse-1.80.0-7.fc37 4 https://bodhi.fedoraproject.org/updates/FEDORA-2023-c1535224de wordpress-6.2.3-1.fc37 4 https://bodhi.fedoraproject.org/updates/FEDORA-2023-562e77957f roundcubemail-1.6.4-1.fc37 4 https://bodhi.fedoraproject.org/updates/FEDORA-2023-8a285519da dotnet7.0-7.0.112-1.fc37 4 https://bodhi.fedoraproject.org/updates/FEDORA-2023-dcf59d2db2 dotnet6.0-6.0.123-1.fc37 3 https://bodhi.fedoraproject.org/updates/FEDORA-2023-e9c04d81c1 nodejs18-18.18.2-1.fc37 3 https://bodhi.fedoraproject.org/updates/FEDORA-2023-f66fc0f62a nodejs20-20.8.1-1.fc37 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-8a9087f089 redis-7.0.14-1.fc37 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-dede912109 python-urllib3-1.26.18-1.fc37 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-2a9214af5f cachelib-17^20231016-1.fc37 fb303-2023.10.16.00-1.fc37 fbthrift-2023.10.16.00-1.fc37 fizz-2023.10.16.00-1.fc37 folly-2023.10.16.00-1.fc37 mcrouter-0.41.0.20231016-1.fc37 mvfst-2023.10.16.00-1.fc37 proxygen-2023.10.16.00-1.fc37 wangle-2023.10.16.00-1.fc37 watchman-2021.05.10.00-24.fc37 wdt-1.32.1910230^20230711git3b52ef5-2.fc37
The following Fedora 37 Critical Path updates have yet to be approved: Age URL 15 https://bodhi.fedoraproject.org/updates/FEDORA-2023-4bef6f7a50 deepin-qt5integration-5.5.20-10.fc37 deepin-qt5platform-plugins-5.0.59.1-7.fc37 fcitx-qt5-1.2.6-14.fc37 fcitx5-qt-5.0.17-10.fc37 gammaray-2.11.3-10.fc37 keepassxc-2.7.6-2.fc37 kf5-akonadi-server-23.04.3-3.fc37 kf5-frameworkintegration-5.108.0-3.fc37 kf5-kwayland-5.108.0-3.fc37 layer-shell-qt-5.27.8-2.fc37 plasma-integration-5.27.8-2.fc37 python-qt5-5.15.9-3.fc37 qgnomeplatform-0.9.1-8.fc37 qt-creator-8.0.1-12.fc37 qt5-5.15.10-1.fc37 qt5-qt3d-5.15.10-1.fc37 qt5-qtbase-5.15.10-9.fc37 qt5-qtcharts-5.15.10-1.fc37 qt5-qtconnectivity-5.15.10-1.fc37 qt5-qtdatavis3d-5.15.10-1.fc37 qt5-qtdeclarative-5.15.10-1.fc37 qt5-qtdoc-5.15.10-1.fc37 qt5-qtgamepad-5.15.10-1.fc37 qt5-qtgraphicaleffects-5.15.10-1.fc37 qt5-qtimageformats-5.15.10-2.fc37 qt5-qtlocation-5.15.10-1.fc37 qt5-qtmultimedia-5.15.10-1.fc37 qt5-qtnetworkauth-5.15.10-1.fc37 qt5-qtquickcontrols-5.15.10-1.fc37 qt5-qtquickcontrols2-5.15.10-1.fc37 qt5-qtremoteobjects-5. 15.10-1.fc37 qt5-qtscript-5.15.10-1.fc37 qt5-qtscxml-5.15.10-1.fc37 qt5-qtsensors-5.15.10-1.fc37 qt5-qtserialbus-5.15.10-1.fc37 qt5-qtserialport-5.15.10-1.fc37 qt5-qtspeech-5.15.10-3.fc37 qt5-qtsvg-5.15.10-1.fc37 qt5-qttools-5.15.10-2.fc37 qt5-qttranslations-5.15.10-1.fc37 qt5-qtvirtualkeyboard-5.15.10-1.fc37 qt5-qtwayland-5.15.10-1.fc37 qt5-qtwebchannel-5.15.10-1.fc37 qt5-qtwebengine-5.15.12-6.fc37 qt5-qtwebkit-5.212.0-0.76alpha4.fc37 qt5-qtwebsockets-5.15.10-1.fc37 qt5-qtwebview-5.15.10-1.fc37 qt5-qtx11extras-5.15.10-1.fc37 qt5-qtxmlpatterns-5.15.10-1.fc37 qt5ct-1.1-17.fc37 13 https://bodhi.fedoraproject.org/updates/FEDORA-2023-bbf0e382b2 cmake-3.27.7-1.fc37 11 https://bodhi.fedoraproject.org/updates/FEDORA-2023-72316eb05d passt-0^20231004.gf851084-1.fc37 11 https://bodhi.fedoraproject.org/updates/FEDORA-2023-3284ad306e zimg-3.0.5-1.fc37 10 https://bodhi.fedoraproject.org/updates/FEDORA-2023-e0ab860391 mbedtls-2.28.5-1.fc37 10 https://bodhi.fedoraproject.org/updates/FEDORA-2023-6816a2a4d5 annobin-12.28-1.fc37 9 https://bodhi.fedoraproject.org/updates/FEDORA-2023-881672fdab xen-4.16.5-3.fc37 9 https://bodhi.fedoraproject.org/updates/FEDORA-2023-bc6bf2453f container-selinux-2.224.0-1.fc37 9 https://bodhi.fedoraproject.org/updates/FEDORA-2023-fff0c857d6 samba-4.17.12-1.fc37 7 https://bodhi.fedoraproject.org/updates/FEDORA-2023-e9c1531a82 rust-packaging-25.2-2.fc37 7 https://bodhi.fedoraproject.org/updates/FEDORA-2023-fa9b5d57d3 thunderbird-115.3.2-1.fc37 7 https://bodhi.fedoraproject.org/updates/FEDORA-2023-b2c50535cb nghttp2-1.51.0-2.fc37 7 https://bodhi.fedoraproject.org/updates/FEDORA-2023-fef2b8da32 curl-7.85.0-12.fc37 7 https://bodhi.fedoraproject.org/updates/FEDORA-2023-3a4ce663b0 distribution-gpg-keys-1.98-1.fc37 4 https://bodhi.fedoraproject.org/updates/FEDORA-2023-528783d2c6 slirp4netns-1.2.2-1.fc37 4 https://bodhi.fedoraproject.org/updates/FEDORA-2023-84542126e9 tomcat-9.0.82-2.fc37 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-511ce75c12 fedora-release-37-17 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-0c8af44a4c crun-1.10-1.fc37 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-c62ef568f1 mock-core-configs-39.2-1.fc37 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-ffcc95dfcc kobo-0.31.0-1.fc37 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-de8c54c440 dnf-4.18.0-2.fc37 libdnf-0.72.0-1.fc37 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-f235371fad librepo-1.17.0-1.fc37 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-dede912109 python-urllib3-1.26.18-1.fc37 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-db3c581ff7 libbytesize-2.10-1.fc37 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-3c79e1f9c2 selinux-policy-37.23-1.fc37
The following builds have been pushed to Fedora 37 updates-testing
aubit4gl-1.6.1.p3-1.fc37 bitcoin-core-25.1-1.fc37 davix-0.8.5-1.fc37 fbrnch-1.3.3-15.fc37 fotoxx-23.72-1.fc37 ghc-cached-json-file-0.1.1-14.fc37 glibc-2.36-16.fc37 golang-1.20.10-3.fc37 iotop-c-1.25-1.fc37 kernel-6.5.8-100.fc37 knot-3.3.2-1.fc37 koji-tool-1.1.1-1.fc37 libabigail-2.4-1.fc37 lutris-0.5.14-2.fc37 mmlib-1.4.2-8.fc37 ne-3.3.3-1.fc37 nginx-mod-fancyindex-0.5.2-1.fc37 oci-seccomp-bpf-hook-1.2.10-1.fc37 pipewire-0.3.83-1.fc37 plasma-discover-5.27.8-2.fc37 prometheus-podman-exporter-1.4.0-1.fc37 python-datrie-0.8.2-18.fc37 python-ncclient-0.6.15-1.fc37 rust-awc-3.2.0-2.fc37 rust-const_format-0.2.32-1.fc37 rust-const_format_proc_macros-0.2.32-1.fc37 rust-drain-0.1.1-1.fc37 rust-enum-as-inner-0.6.0-1.fc37 rust-etcetera-0.8.0-5.fc37 rust-nettle-sys-2.3.0-1.fc37 rust-reqwest-0.11.22-1.fc37 rust-sequoia-net-0.27.0-3.fc37 rust-target-lexicon-0.12.12-1.fc37 rust-thiserror-1.0.50-1.fc37 rust-thiserror-impl-1.0.50-1.fc37 rust-trust-dns-client-0.23.1-1.fc37 rust-trust-dns-proto-0.23.1-1.fc37 rust-trust-dns-recursor-0.23.1-1.fc37 rust-trust-dns-resolver-0.23.1-1.fc37 rust-trust-dns-server-0.23.1-1.fc37 scap-security-guide-0.1.70-1.fc37
Details about builds:
================================================================================ aubit4gl-1.6.1.p3-1.fc37 (FEDORA-2023-b97856acb3) IBM Informix 4GL compatible compiler -------------------------------------------------------------------------------- Update Information:
added configure option --with-informix -------------------------------------------------------------------------------- ChangeLog:
* Mon Oct 2 2023 Chad Lemmen rpm@stansoft.org - 1.6.1.p3-1 - added configure option --with-informix - cleaned up include directory to match upstream - updated to 1.6.1.p3 * Thu Sep 14 2023 Chad Lemmen rpm@stansoft.org - 1.6.1.p2-1 - updated to 1.6.1.p2 - applied patch to latest aubit4gl version for this post release * Fri Jul 28 2023 Chad Lemmen rpm@stansoft.org - 1.6.1.p1-1 - updated to 1.6.1.p1 - applied patch to latest aubit4gl version for this post release * Wed Feb 22 2023 Chad Lemmen rpm@stansoft.org - 1.6.1-1 - updated to 1.6.1 * Thu Dec 29 2022 Chad Lemmen rpm@stansoft.org - 1.5.3-1 - initial Fedora RPM packaging --------------------------------------------------------------------------------
================================================================================ bitcoin-core-25.1-1.fc37 (FEDORA-2023-a8e35a884a) Peer to Peer Cryptographic Currency -------------------------------------------------------------------------------- Update Information:
Update to 25.1. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Simone Caronni negativo17@gmail.com - 25.1-1 - Update to 25.1. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2240341 - [abrt] bitcoin-core-desktop: std::__atomic_base<int>::load(std::memory_order) const(): bitcoin-qt killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=2240341 [ 2 ] Bug #2245225 - bitcoin-core-25.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2245225 --------------------------------------------------------------------------------
================================================================================ davix-0.8.5-1.fc37 (FEDORA-2023-022a22f82e) Toolkit for http based file management -------------------------------------------------------------------------------- Update Information:
New upstream release 0.8.5 -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Mihai Patrascoiu mihai.patrascoiu@cern.ch - 0.8.5-1 - New upstream release 0.8.5 - Fix CVE 2023-38545 in the bundled curl library (EPEL 7 and 8) * Wed Jul 19 2023 Fedora Release Engineering releng@fedoraproject.org - 0.8.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ fbrnch-1.3.3-15.fc37 (FEDORA-2023-39f8faf24e) Fedora packager tool to build package branches -------------------------------------------------------------------------------- Update Information:
fbrnch: - https://hackage.haskell.org/package/fbrnch-1.3.3/changelog : - 'bump': add --dry-run - 'copr': track pkg name to output build results url on failure - 'create-review','update-review': prompt to offer scratch build (#43) - 'diff': allow origin as alias for origin/<branch> - 'import': encode url from bz comment if needed (#40) - 'import': prefix bug# with rhbz in commit (#38) - 'install': add --no-build to install existing built rpms - 'parallel': --delay to override default inter-package pause [default 3s] - 'parallel': use pkg name in changelog instead of nvr - 'request-repo': avoid head crash on firstname (#45) - 'request-repo': no longer post request url to avoid duplication - 'scratch': with --exclude-arch respect ExcludeArch: fields - 'unpushed': add --bump - 'unpushed': output improvements for --latest and dead.package/missing - 'update-sources': alias for "update-version --source-only" - 'update-version': only warn about branch if dist-git - 'update-version': rpm prep with --nodeps - 'update-version': take .gpg and .tgz file for lookaside archive! - Krb: loop fkinit until okay - Main: --dry-run options now better described - RpmBuild: prevent srpm creation from being interrupted (eg ctrl-c) - gitFetchSilent: use \r to hide "git fetching..." - kojiWatchTask: do not hardcode koji-tool path - pkgNameVerRel: use fedpkg to determine correct autorelease (#39) ghc-cached- json-file: - bump over fbrnch -------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 19 2023 Jens Petersen petersen@redhat.com - 1.3.3-15 - https://hackage.haskell.org/package/fbrnch-1.3.3/changelog : - 'bump': add --dry-run - 'copr': track pkg name to output build results url on failure - 'create-review','update-review': prompt to offer scratch build (#43) - 'diff': allow origin as alias for origin/<branch> - 'import': encode url from bz comment if needed (#40) - 'import': prefix bug# with rhbz in commit (#38) - 'install': add --no-build to install existing built rpms - 'parallel': --delay to override default inter-package pause [default 3s] - 'parallel': use pkg name in changelog instead of nvr - 'request-repo': avoid head crash on firstname (#45) - 'request-repo': no longer post request url to avoid duplication - 'scratch': with --exclude-arch respect ExcludeArch: fields - 'unpushed': add --bump - 'unpushed': output improvements for --latest and dead.package/missing - 'update-sources': alias for "update-version --source-only" - 'update-version': only warn about branch if dist-git - 'update-version': rpm prep with --nodeps - 'update-version': take .gpg and .tgz file for lookaside archive! - Krb: loop fkinit until okay - Main: --dry-run options now better described - RpmBuild: prevent srpm creation from being interrupted (eg ctrl-c) - gitFetchSilent: use \r to hide "git fetching..." - kojiWatchTask: do not hardcode koji-tool path - pkgNameVerRel: use fedpkg to determine correct autorelease (#39) * Fri Aug 4 2023 Jens Petersen petersen@redhat.com - 1.3.2-14 - ghc-cached-json-file is now packaged in Fedora * Sat Jul 29 2023 Jens Petersen petersen@redhat.com - 1.3.2-13 - rebuild * Wed Jul 19 2023 Fedora Release Engineering releng@fedoraproject.org - 1.3.2-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ fotoxx-23.72-1.fc37 (FEDORA-2023-ac9953ffe9) Photo editor -------------------------------------------------------------------------------- Update Information:
23.72 -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Gwyn Ciesla gwync@protonmail.com - 23.72-1 - 23.72 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2245248 - fotoxx-23.72 is available https://bugzilla.redhat.com/show_bug.cgi?id=2245248 --------------------------------------------------------------------------------
================================================================================ ghc-cached-json-file-0.1.1-14.fc37 (FEDORA-2023-39f8faf24e) Locally cache a json file obtained by http -------------------------------------------------------------------------------- Update Information:
fbrnch: - https://hackage.haskell.org/package/fbrnch-1.3.3/changelog : - 'bump': add --dry-run - 'copr': track pkg name to output build results url on failure - 'create-review','update-review': prompt to offer scratch build (#43) - 'diff': allow origin as alias for origin/<branch> - 'import': encode url from bz comment if needed (#40) - 'import': prefix bug# with rhbz in commit (#38) - 'install': add --no-build to install existing built rpms - 'parallel': --delay to override default inter-package pause [default 3s] - 'parallel': use pkg name in changelog instead of nvr - 'request-repo': avoid head crash on firstname (#45) - 'request-repo': no longer post request url to avoid duplication - 'scratch': with --exclude-arch respect ExcludeArch: fields - 'unpushed': add --bump - 'unpushed': output improvements for --latest and dead.package/missing - 'update-sources': alias for "update-version --source-only" - 'update-version': only warn about branch if dist-git - 'update-version': rpm prep with --nodeps - 'update-version': take .gpg and .tgz file for lookaside archive! - Krb: loop fkinit until okay - Main: --dry-run options now better described - RpmBuild: prevent srpm creation from being interrupted (eg ctrl-c) - gitFetchSilent: use \r to hide "git fetching..." - kojiWatchTask: do not hardcode koji-tool path - pkgNameVerRel: use fedpkg to determine correct autorelease (#39) ghc-cached- json-file: - bump over fbrnch -------------------------------------------------------------------------------- ChangeLog:
* Fri Aug 4 2023 Jens Petersen petersen@redhat.com - 0.1.1-14 - bump over fbrnch * Thu Feb 2 2023 Jens Petersen petersen@redhat.com - 0.1.1-1 - https://hackage.haskell.org/package/cached-json-file-0.1.1/changelog * Fri Nov 19 2021 Jens Petersen petersen@redhat.com - 0.1.0-2 - spec file generated by cabal-rpm-2.0.11 --------------------------------------------------------------------------------
================================================================================ glibc-2.36-16.fc37 (FEDORA-2023-eb57cdaf88) The GNU libc libraries -------------------------------------------------------------------------------- Update Information:
This update reverts problematic ELF destructor ordering changes (RHBZ#2239304) and replaces it with an alternative approach that fixes different application compatibility issues (RHBZ#2244992). -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Florian Weimer fweimer@redhat.com - 2.36-16 - Fix force-first handling in dlclose (#2244992) * Thu Oct 19 2023 Florian Weimer fweimer@redhat.com - 2.36-15 - Auto-sync with upstream branch release/2.36/master, commit 88d5d70b1e89c0a449352286134946e26f7a498a: - Revert "elf: Move l_init_called_next to old place of l_text_end in link map" - Revert "elf: Always call destructors in reverse constructor order (bug 30785)" - Revert "elf: Remove unused l_text_end field from struct link_map" -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2239304 - glibc: Revert change to run ELF destructor in reverse constructor order https://bugzilla.redhat.com/show_bug.cgi?id=2239304 [ 2 ] Bug #2244992 - glibc: Improve compatibility of ELF destructor ordering https://bugzilla.redhat.com/show_bug.cgi?id=2244992 --------------------------------------------------------------------------------
================================================================================ golang-1.20.10-3.fc37 (FEDORA-2023-4bf641255e) The Go Programming Language -------------------------------------------------------------------------------- Update Information:
This update includes a security fix to the net/http package. -------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 19 2023 Alejandro S��ez asm@redhat.com - 1.20.10-3 - Remove golang-race * Thu Oct 19 2023 Alejandro S��ez asm@redhat.com - 1.20.10-2 - Update bundled-deps.sh to follow the versioning guidelines * Thu Oct 19 2023 Alejandro S��ez asm@redhat.com - 1.20.10-1 - Update to Go 1.20.10 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2243617 - [Major Incident] CVE-2023-39325 golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2243617 [ 2 ] Bug #2243694 - CVE-2023-39323 golang: cmd/go: line directives allows arbitrary execution during build [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2243694 --------------------------------------------------------------------------------
================================================================================ iotop-c-1.25-1.fc37 (FEDORA-2023-caf0166b66) Simple top-like I/O monitor (implemented in C) -------------------------------------------------------------------------------- Update Information:
Update to latest ver 1.25 -------------------------------------------------------------------------------- ChangeLog:
* Sat Oct 14 2023 Boian Bonev bbonev@ipacct.com - 1.25-1 - Update to latest ver 1.25 --------------------------------------------------------------------------------
================================================================================ kernel-6.5.8-100.fc37 (FEDORA-2023-dcc88c3b85) The Linux kernel -------------------------------------------------------------------------------- Update Information:
The 6.5.8 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Augusto Caringi acaringi@redhat.com [6.5.8-0] - Linux v6.5.8 --------------------------------------------------------------------------------
================================================================================ knot-3.3.2-1.fc37 (FEDORA-2023-dc14c984b4) High-performance authoritative DNS server -------------------------------------------------------------------------------- Update Information:
Knot DNS 3.3.2 -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Jakub Ru��i��ka jakub.ruzicka@nic.cz - 3.3.2-1 - Update to 3.3.2 --------------------------------------------------------------------------------
================================================================================ koji-tool-1.1.1-1.fc37 (FEDORA-2023-3329b1be0a) Koji CLI tool for querying tasks and installing builds -------------------------------------------------------------------------------- Update Information:
https://hackage.haskell.org/package/koji-tool-1.1.1/changelog -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Jens Petersen petersen@redhat.com - 1.1.1-1 - https://hackage.haskell.org/package/koji-tool-1.1.1/changelog * Sat Jul 29 2023 Jens Petersen petersen@redhat.com - 1.1-2 - bump release --------------------------------------------------------------------------------
================================================================================ libabigail-2.4-1.fc37 (FEDORA-2023-01d58cdc5e) Set of ABI analysis tools -------------------------------------------------------------------------------- Update Information:
Update to upstream 2.4 tarball ---- Update to upstream 2.3 release -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Dodji Seketeli dodji@redhat.com - 2.4-1 - Update to upstream 2.4 tarball - Enable build with support for BTF - Added BuildRequires: libbpf-devel - Support soname bumped to libabigail.so.3.0.0 * Thu Apr 27 2023 Dodji Seketeli dodji@redhat.com - 2.3-1 - Update to upstream 2.3 release - Don't do "dos2unix doc/manuals/html/_static/jquery.js" The file doc/manuals/html/_static/jquery.js is no more. Hence, don't BuildRequires: dos2unix anymore. - The libaigail binary is now libabigail.so.2.0.0. --------------------------------------------------------------------------------
================================================================================ lutris-0.5.14-2.fc37 (FEDORA-2023-bd60e0cca2) Install and play any video game easily -------------------------------------------------------------------------------- Update Information:
Lutris update to 0.5.14 -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Steve Cossette farchord@gmail.com - 0.5.14-2 - RPMAUTOSPEC: unresolvable merge --------------------------------------------------------------------------------
================================================================================ mmlib-1.4.2-8.fc37 (FEDORA-2023-cae23d55ef) OS abstraction layer and helpers -------------------------------------------------------------------------------- Update Information:
Fix failure to build from source due to test failures. There are still flaky test failures on some architectures. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Benjamin A. Beasley code@musicinmybrain.net - 1.4.2-8 - Skip the wait_signal test on aarch64/ppc64le * Thu Oct 19 2023 Benjamin A. Beasley code@musicinmybrain.net - 1.4.2-7 - Skip getaddrinfo_tests for now - Close RHBZ#2244926 * Thu Oct 19 2023 Benjamin A. Beasley code@musicinmybrain.net - 1.4.2-6 - Work around failure in create_invalid_sockclient * Thu Oct 19 2023 Benjamin A. Beasley code@musicinmybrain.net - 1.4.2-5 - Fix two of the three failing subtests in socket-api-tests * Thu Oct 19 2023 Benjamin A. Beasley code@musicinmybrain.net - 1.4.2-4 - Fix running tests serially * Fri Mar 31 2023 Benjamin A. Beasley code@musicinmybrain.net - 1.4.2-2 - Update the comment about not building the documentation -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2244926 - mmlib: FTBFS in Fedora Rawhide https://bugzilla.redhat.com/show_bug.cgi?id=2244926 --------------------------------------------------------------------------------
================================================================================ ne-3.3.3-1.fc37 (FEDORA-2023-d5e9637b28) ne, the nice editor -------------------------------------------------------------------------------- Update Information:
First release -------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 19 2023 Sebastiano Vigna sebastiano.vigna@gmail.com - 3.3.3-1 - First release * Thu Jul 20 2023 Fedora Release Engineering releng@fedoraproject.org - 3.3.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Thu Jan 19 2023 Fedora Release Engineering releng@fedoraproject.org - 3.3.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ nginx-mod-fancyindex-0.5.2-1.fc37 (FEDORA-2023-52654dc7c3) Nginx FancyIndex module -------------------------------------------------------------------------------- Update Information:
Initial import into Fedora (#2235167) -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 LuK1337 priv.luk@gmail.com - 0.5.2-1 - Initial import into Fedora (#2235167) --------------------------------------------------------------------------------
================================================================================ oci-seccomp-bpf-hook-1.2.10-1.fc37 (FEDORA-2023-f81f315bef) OCI Hook to generate seccomp json files based on EBF syscalls used by container -------------------------------------------------------------------------------- Update Information:
bump to v1.2.10 -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Lokesh Mandvekar lsm5@redhat.com - 1.2.10-1 - bump to v1.2.10 * Thu Jul 20 2023 Fedora Release Engineering releng@fedoraproject.org - 1.2.9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2218663 - [abrt] oci-seccomp-bpf-hook: runtime.raise(): oci-seccomp-bpf-hook killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=2218663 --------------------------------------------------------------------------------
================================================================================ pipewire-0.3.83-1.fc37 (FEDORA-2023-168c2e8307) Media Sharing Server -------------------------------------------------------------------------------- Update Information:
Update version to 0.3.83 ---- Add patch for device detection for asahi linux. ---- Update version to 0.3.82 ---- Update version to 0.3.81 -------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 19 2023 Wim Taymans wtaymans@redhat.com - 0.3.83-1 - Update version to 0.3.83 * Mon Oct 16 2023 Wim Taymans wtaymans@redhat.com - 0.3.82-2 - Add patch for device detection for asahi linux. - Add patch to avoid crash in ALSA. * Fri Oct 13 2023 Wim Taymans wtaymans@redhat.com - 0.3.82-1 - Update version to 0.3.82 * Fri Oct 6 2023 Wim Taymans wtaymans@redhat.com - 0.3.81-1 - Update version to 0.3.81 --------------------------------------------------------------------------------
================================================================================ plasma-discover-5.27.8-2.fc37 (FEDORA-2023-3ac8de6ab8) KDE and Plasma resources management GUI -------------------------------------------------------------------------------- Update Information:
Improves loading times when starting Discover or refreshing updates -------------------------------------------------------------------------------- ChangeLog:
* Wed Oct 18 2023 Alessandro Astone ales.astone@gmail.com - 5.27.8-2 - Update force refresh patch from upstream --------------------------------------------------------------------------------
================================================================================ prometheus-podman-exporter-1.4.0-1.fc37 (FEDORA-2023-f253c0eaa3) Prometheus exporter for podman environment -------------------------------------------------------------------------------- Update Information:
Prometheus podman exporter -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Navid Yaghoobi navidys@fedoraproject.org - 1.4.0-1 - Initial import (fedora#2240313) --------------------------------------------------------------------------------
================================================================================ python-datrie-0.8.2-18.fc37 (FEDORA-2023-9296a87ade) Super-fast, efficiently stored Trie for Python -------------------------------------------------------------------------------- Update Information:
Convert License to SPDX; port to pyproject-rpm-macros -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.8.2-18 - Convert License to SPDX * Fri Oct 20 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.8.2-17 - Port to pyproject-rpm-macros * Fri Oct 20 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.8.2-16 - Better reference upstream PR from the corresponding patch * Fri Oct 20 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.8.2-12 - Stop using the deprecated zero-argument form of %pypi_source * Fri Oct 20 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.8.2-9 - Use new (rpm 4.17.1+) bcond style --------------------------------------------------------------------------------
================================================================================ python-ncclient-0.6.15-1.fc37 (FEDORA-2023-484eeaa08c) Python library for the NETCONF protocol -------------------------------------------------------------------------------- Update Information:
Update to 0.6.15: https://github.com/ncclient/ncclient/releases/tag/v0.6.15 -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.6.15-1 - Update to 0.6.15 (close RHBZ#2244719) * Fri Oct 20 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.6.13-9 - Remove obsolete rpmlintrc * Fri Oct 20 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.6.13-8 - Use a trailing slash when listing directories in files lists * Fri Oct 20 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.6.13-7 - Use new (rpm 4.17.1+) bcond style * Fri Oct 20 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.6.13-5 - Don���t assume %_smp_mflags is -j%_smp_build_ncpus * Thu Nov 24 2022 Benjamin A. Beasley code@musicinmybrain.net - 0.6.13-4 - Update License to SPDX -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2244719 - python-ncclient-0.6.15 is available https://bugzilla.redhat.com/show_bug.cgi?id=2244719 --------------------------------------------------------------------------------
================================================================================ rust-awc-3.2.0-2.fc37 (FEDORA-2023-00043976c7) Async HTTP and WebSocket client library -------------------------------------------------------------------------------- Update Information:
- Update the reqwest crate to version 0.11.22. - Update the trust-dns crates to version 0.23.1. - Port the awc crate to trust-dns v0.23. - Port the sequoia-net crate to trust-dns v0.23. - Update the enum-as-inner crate to version 0.6.0. - Initial packaging of the drain crate. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Fabio Valentini decathorpe@gmail.com - 3.2.0-2 - Bump trust-dns-resolver dependency from 0.22 to 0.23 --------------------------------------------------------------------------------
================================================================================ rust-const_format-0.2.32-1.fc37 (FEDORA-2023-fc00c7b9b1) Compile-time string formatting -------------------------------------------------------------------------------- Update Information:
Update the const_format and const_format_proc_macros crates to version 0.2.32. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Fabio Valentini decathorpe@gmail.com - 0.2.32-1 - Update to version 0.2.32; Fixes RHBZ#2244162 --------------------------------------------------------------------------------
================================================================================ rust-const_format_proc_macros-0.2.32-1.fc37 (FEDORA-2023-fc00c7b9b1) Implementation detail of the const_format crate -------------------------------------------------------------------------------- Update Information:
Update the const_format and const_format_proc_macros crates to version 0.2.32. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Fabio Valentini decathorpe@gmail.com - 0.2.32-1 - Update to version 0.2.32; Fixes RHBZ#2244163 --------------------------------------------------------------------------------
================================================================================ rust-drain-0.1.1-1.fc37 (FEDORA-2023-00043976c7) Support for graceful shutdown -------------------------------------------------------------------------------- Update Information:
- Update the reqwest crate to version 0.11.22. - Update the trust-dns crates to version 0.23.1. - Port the awc crate to trust-dns v0.23. - Port the sequoia-net crate to trust-dns v0.23. - Update the enum-as-inner crate to version 0.6.0. - Initial packaging of the drain crate. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Fabio Valentini decathorpe@gmail.com - 0.1.1-1 - Initial import (#2245236) --------------------------------------------------------------------------------
================================================================================ rust-enum-as-inner-0.6.0-1.fc37 (FEDORA-2023-00043976c7) Proc-macro for deriving inner field accessor functions on enums -------------------------------------------------------------------------------- Update Information:
- Update the reqwest crate to version 0.11.22. - Update the trust-dns crates to version 0.23.1. - Port the awc crate to trust-dns v0.23. - Port the sequoia-net crate to trust-dns v0.23. - Update the enum-as-inner crate to version 0.6.0. - Initial packaging of the drain crate. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Fabio Valentini decathorpe@gmail.com - 0.6.0-1 - Update to version 0.6.0; Fixes RHBZ#2211169 * Fri Jul 21 2023 Fedora Release Engineering releng@fedoraproject.org - 0.5.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Mon May 29 2023 Fabio Valentini decathorpe@gmail.com - 0.5.2-2 - Revert breaking changes from v0.5.2 * Sun May 28 2023 Fabio Valentini decathorpe@gmail.com - 0.5.2-1 - Update to version 0.5.2; Fixes RHBZ#2210501 --------------------------------------------------------------------------------
================================================================================ rust-etcetera-0.8.0-5.fc37 (FEDORA-2023-decf821d4c) Unopinionated library for obtaining configuration, data, cache, & other directories -------------------------------------------------------------------------------- Update Information:
Initial release -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Seth sethmb@pm.me - 0.8.0-5 - Third times the charm (fedora#2240793) * Fri Oct 20 2023 Seth sethmb@pm.me - 0.8.0-4 - Second import (fedora#2240793) * Fri Oct 20 2023 Seth sethmb@pm.me - 0.8.0-3 - Initial import (fedora#2240793) * Fri Oct 20 2023 Seth sethmb@pm.me - 0.8.0-2 - Shipping spec * Fri Oct 20 2023 Seth sethmb@pm.me - 0.8.0-1 - Initial attempt --------------------------------------------------------------------------------
================================================================================ rust-nettle-sys-2.3.0-1.fc37 (FEDORA-2023-860f9aa292) Low-level Rust bindings for the Nettle cryptographic library -------------------------------------------------------------------------------- Update Information:
Update to version 2.3.0. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Fabio Valentini decathorpe@gmail.com - 2.3.0-1 - Update to version 2.3.0; Fixes RHBZ#2243826 * Fri Jul 21 2023 Fedora Release Engineering releng@fedoraproject.org - 2.2.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ rust-reqwest-0.11.22-1.fc37 (FEDORA-2023-00043976c7) Higher level HTTP client library -------------------------------------------------------------------------------- Update Information:
- Update the reqwest crate to version 0.11.22. - Update the trust-dns crates to version 0.23.1. - Port the awc crate to trust-dns v0.23. - Port the sequoia-net crate to trust-dns v0.23. - Update the enum-as-inner crate to version 0.6.0. - Initial packaging of the drain crate. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Fabio Valentini decathorpe@gmail.com - 0.11.22-1 - Update to version 0.11.22; Fixes RHBZ#2241801 --------------------------------------------------------------------------------
================================================================================ rust-sequoia-net-0.27.0-3.fc37 (FEDORA-2023-00043976c7) Network services for OpenPGP -------------------------------------------------------------------------------- Update Information:
- Update the reqwest crate to version 0.11.22. - Update the trust-dns crates to version 0.23.1. - Port the awc crate to trust-dns v0.23. - Port the sequoia-net crate to trust-dns v0.23. - Update the enum-as-inner crate to version 0.6.0. - Initial packaging of the drain crate. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Fabio Valentini decathorpe@gmail.com - 0.27.0-3 - Bump trust-dns-resolver and trust-dns-client dependencies from 0.22 to 0.23 * Fri Jul 21 2023 Fedora Release Engineering releng@fedoraproject.org - 0.27.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ rust-target-lexicon-0.12.12-1.fc37 (FEDORA-2023-d4d73b8e39) Targeting utilities for compilers and related tools -------------------------------------------------------------------------------- Update Information:
Update to version 0.12.12. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Fabio Valentini decathorpe@gmail.com - 0.12.12-1 - Update to version 0.12.12; Fixes RHBZ#2245143 --------------------------------------------------------------------------------
================================================================================ rust-thiserror-1.0.50-1.fc37 (FEDORA-2023-d8c337a538) Derive(Error) -------------------------------------------------------------------------------- Update Information:
Update the thiserror and thiserror-impl crates to version 1.0.50. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Fabio Valentini decathorpe@gmail.com - 1.0.50-1 - Update to version 1.0.50; Fixes RHBZ#2245161 --------------------------------------------------------------------------------
================================================================================ rust-thiserror-impl-1.0.50-1.fc37 (FEDORA-2023-d8c337a538) Implementation detail of the thiserror crate -------------------------------------------------------------------------------- Update Information:
Update the thiserror and thiserror-impl crates to version 1.0.50. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Fabio Valentini decathorpe@gmail.com - 1.0.50-1 - Update to version 1.0.50; Fixes RHBZ#2245162 --------------------------------------------------------------------------------
================================================================================ rust-trust-dns-client-0.23.1-1.fc37 (FEDORA-2023-00043976c7) Trust-DNS is a safe and secure DNS library -------------------------------------------------------------------------------- Update Information:
- Update the reqwest crate to version 0.11.22. - Update the trust-dns crates to version 0.23.1. - Port the awc crate to trust-dns v0.23. - Port the sequoia-net crate to trust-dns v0.23. - Update the enum-as-inner crate to version 0.6.0. - Initial packaging of the drain crate. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Fabio Valentini decathorpe@gmail.com - 0.23.1-1 - Update to version 0.23.1; Fixes RHBZ#2233602 * Sat Jul 22 2023 Fedora Release Engineering releng@fedoraproject.org - 0.22.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ rust-trust-dns-proto-0.23.1-1.fc37 (FEDORA-2023-00043976c7) Trust-DNS is a safe and secure DNS library -------------------------------------------------------------------------------- Update Information:
- Update the reqwest crate to version 0.11.22. - Update the trust-dns crates to version 0.23.1. - Port the awc crate to trust-dns v0.23. - Port the sequoia-net crate to trust-dns v0.23. - Update the enum-as-inner crate to version 0.6.0. - Initial packaging of the drain crate. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Fabio Valentini decathorpe@gmail.com - 0.23.1-1 - Update to version 0.23.1; Fixes RHBZ#2233603 * Sat Jul 22 2023 Fedora Release Engineering releng@fedoraproject.org - 0.22.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ rust-trust-dns-recursor-0.23.1-1.fc37 (FEDORA-2023-00043976c7) Safe and secure DNS recursive resolver with DNSSEC support -------------------------------------------------------------------------------- Update Information:
- Update the reqwest crate to version 0.11.22. - Update the trust-dns crates to version 0.23.1. - Port the awc crate to trust-dns v0.23. - Port the sequoia-net crate to trust-dns v0.23. - Update the enum-as-inner crate to version 0.6.0. - Initial packaging of the drain crate. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Fabio Valentini decathorpe@gmail.com - 0.23.1-1 - Update to version 0.23.1; Fixes RHBZ#2233601 * Sat Jul 22 2023 Fedora Release Engineering releng@fedoraproject.org - 0.22.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ rust-trust-dns-resolver-0.23.1-1.fc37 (FEDORA-2023-00043976c7) Trust-DNS is a safe and secure DNS library -------------------------------------------------------------------------------- Update Information:
- Update the reqwest crate to version 0.11.22. - Update the trust-dns crates to version 0.23.1. - Port the awc crate to trust-dns v0.23. - Port the sequoia-net crate to trust-dns v0.23. - Update the enum-as-inner crate to version 0.6.0. - Initial packaging of the drain crate. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Fabio Valentini decathorpe@gmail.com - 0.23.1-1 - Update to version 0.23.1; Fixes RHBZ#2233604 * Sat Jul 22 2023 Fedora Release Engineering releng@fedoraproject.org - 0.22.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ rust-trust-dns-server-0.23.1-1.fc37 (FEDORA-2023-00043976c7) Trust-DNS is a safe and secure DNS server with DNSSEC support -------------------------------------------------------------------------------- Update Information:
- Update the reqwest crate to version 0.11.22. - Update the trust-dns crates to version 0.23.1. - Port the awc crate to trust-dns v0.23. - Port the sequoia-net crate to trust-dns v0.23. - Update the enum-as-inner crate to version 0.6.0. - Initial packaging of the drain crate. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 20 2023 Fabio Valentini decathorpe@gmail.com - 0.23.1-1 - Update to version 0.23.1; Fixes RHBZ#2233600 * Sat Jul 22 2023 Fedora Release Engineering releng@fedoraproject.org - 0.22.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ scap-security-guide-0.1.70-1.fc37 (FEDORA-2023-c7bda37083) Security guidance and baselines in SCAP formats -------------------------------------------------------------------------------- Update Information:
### Important Highlights - Add openembedded distro support (#10793) - Remove DRAFT wording for OpenShift STIG (#11100) - Remove test-function- check_playbook_file_removed_and_added test (#10982) - scap-security-guide: Add Poky support (#11046) ### New Rules and Profiles - Add rule `package_s-nail- installed` (#11144) - Fix in audit_rules_systadmin_actions and new rule audit_rules_sysadmi��� (#10685) ### Updated Rules and Profiles - A correction in the rule pam_disable_automatic_configuration (#10902) - accounts_umask_etc_bashrc: depend on bash being installed (#10915) - Add a two rules to RHEL 9 STIG (#10910) - Add additional rules from CIS Level 1 to SAP hardening profile (#10965) - Add missing CIS references for SLE platforms (#11024) - Add mount platform to mount_option_var_nosuid (#11037) - Add rule logind_session_timeout to OL8 STIG (#10917) - Add SELinux as platform (#11138) - Add SRG ID to logind_session_timeout (#10936) - Add tmux platform to tmux related rules (#11017) - Add UBTU-20-010044 to existing ansible remediation (#11073) - Add UBTU-20-010181 for generating audit record for unsuccessful attem��� (#11057) - Add UBTU-20-010401 to restrict kernel message buffer (#11063) - Add UBTU-20-010461 to ensure kernel module usb-storage is blacklisted��� (#11062) - Add UBTU-20-010462 to lock accounts without passwords (#11060) - Add UBTU-20-010463 to ensure system does not allow accounts configure��� (#11061) - Add variable support to `auditd_name_format` rule (#11019) - Add version for OCP CIS (#11152) - Add version for OCP STIG (#11153) - Add version metadata to the OCP PCI-DSS profile (#11155) - Add warning to network_configure_name_resolution (#10997) - Allow default permission for user.cfg file in UEFI systems (#10884) - ANSSI: add rules to enable auditing service (#11005) - Build OCP STIG profiles by default (#11132) - Change how example ROLE_LIST are formatted (#11123) - Change rule to use variable when auditing faillock (#11007) - Changes in SLE 12/15 profiles to support logrotate service (#10796) - Couple of fixes in PAM related rules for SLE platforms (#11014) - Create runtime_kernel_fips_enabled cpe and apply it to service_rngd_enabled for OL8 (#10916) - Deprecate UBTU-20-010180 (#11079) - Disable sysctl_kernel_yama_ptrace_scope rule for sle15 (#11139) - Drop hmac-ripemd160 sshd mac from strong MACs list (#10739) - Enable ansible and bash remediation for sssd for UBTU-20-010441 (#11097) - Enable logrotate.timer check on RHCOS4 (#11045) - Enable package_cryptsetup- luks_installed rule for RHEL9 (#10948) - Express more accurate per package platform limitation for firewall rules (#10812) - Fix excluded_files and recursive for UBTU-20-010416 (#11086) - Fix in audit_rules_systadmin_actions and new rule audit_rules_sysadmi��� (#10685) - Fix into the rule sysctl_kernel_randomize_va_space (#10555) - fix naming for UBTU-20-010430 (#11056) - Fix package_audit-libs_installed rule.yml (#11127) - Fix rule ubtu 20 010033 (#11065) - Fix STIG references for SLE15 (#10850) - Fix UBTU-20-010179 to use proper parameters and key (#11080) - Fix UBTU-20-010267 and deprecate STIGs (#11084) - Fix UBTU-20-10450 STIG (#11058) - Fix variable selection when selecting the default value (#11015) - Implement rules for CIS OCP Section 1.4 (#10840) - Include new options in var_accounts_minimum_age_login_defs (#11052) - Include RHEL indentifiers in logrotate related rules (#10904) - Introduce secure_boot & kernel_uek cpes and use them in sysctl_kernel_kexec_load_disabled (#10919) - iptables_ruleset_modifications: depend on iptables being installed (#11030) - no_rsh_trust_files: depend on rsh-server being installed (#10809) - OCP4 CIS: Re-add forgotten rules (#10864) - OCPBUGS-10508: Add quotes around SCC audit procedure (#10940) - OCPBUGS-16628: Fix namespace when checking the hosted clusters (#10987) - OCPBUGS-16877: Check for etcd pod specification in /etc/kubernetes/manifests (#10964) - OCPBUGS-16877: Update etcd member rules texts' to align with the checks (#10970) - OCPBUGS-17216: Update rotate certificates check for OCP 4.14 (#10973) - OCPBUGS-7455: Hide API warning messages (#10971) - OL7 DISA STIG v2r12 update (#10921) - Port over etcd encryption rule from CIS 1.3 controls (#10753) - Refactor display_login_attempts rule for simplicity and avoid noise (#10979) - Remove `controller_rotate_kubelet_server_certs` from OCP CIS v.1.4.0 (#10992) - Remove CIS reference from image policy webhook rule (#10932) - Remove DRAFT wording for OpenShift STIG (#11100) - Remove protect kernel default and sysctl rules from CIS (#10931) - remove rules not relevant to RHEL 9 from STIG profile (#10996) - Remove rules that cannot be applied during image build (#10946) - Remove sebool_secure_mode_insmod from anssi (#11001) - Remove the rule accounts_passwords_pam_faillock_interval from SLE pro��� (#11115) - Remove tickets from CIS control files (#10869) - RHCOS4 STIG: Cover the controls that correspond to the AU control family (#10732) - Select the `var_accounts_passwords_pam_faillock_dir=run` in RHEL7 profiles (#11163) - Standard Profile Improvements (#11109) - Ubuntu: Add missing nftables variables and improve remediation and checks (#11134) - Update CIS profiles to use control files (#10833) - Update kubelet event creation limit to 50 (#10950) - Update link to English version of ANSSI guide (#11038) - Update metadata of OSPP profile in RHEL8/9 (#10984) - Update OL8 STIG to V1R7 (#10918) - Update platform on bios_enable_execution_restrictions (#10880) - Update ssh stig HMACS and Ciphers allowed in OL8 STIG (#10920) - Update sshd_approved_ciphers value for RHEL in STIG profile (#10966) - Update Ubuntu 20.04 DISA Manual STIG to v1r9 (#11096) - Use var_accounts_passwords_pam_faillock_dir in audit_rules_login_events (#11110) - Version FedRAMP high and moderate profiles for OpenShift (#11154) ### Changes in Remediations - 0640 permission in permissions_local_var_log should only apply to files (#10856) - accounts_umask_etc_bashrc: ansible: Fix bashrc path for Ubuntu (#11124) - Add Ansible remediation for directory_group_ownership_var_log_audit (#11025) - Add Ansible Remediation for directory_ownership_var_log_audit (#11012) - Add RHEL as platform in su pam wheel group remidiation (#10995) - Add rsyslog ansible remediation for UBTU-20-010403 (#11094) - Avoid Ansible shell module if not necessary (#10887) - change hardcoded value to variable in ansible of accounts_password_set_min_life_existing (#10885) - Couple of small fixes (#11004) - Drop irrelevant return statement in bash remediation (#10988) - Fix ansible remediation of configure_ssh_crypto_policy (#11008) - Fix Ansible Tasks order (#11117) - Fix bash_sshd_remediation macro on OL exclusive code (#10980) - Fix into the rule sysctl_kernel_randomize_va_space (#10555) - Fix path and add ansible remediation UBTU-20-010298 (#11087) - Fix remediation of sssd_enable_smartcards (#10981) - Fix UBTU-20-010449 ansible remediation to proper path and substitution (#11068) - Fix umask bash and Ansible (#11108) - Improve Ansible remediation for dir_perms_world_writable_sticky_bits (#10951) - improve bash remediation of mount_option template (#11009) - Improve remediation for SSH global settings (#11032) - Improve template macros for grub command line (#10989) - Minor improvements in configure_opensc_nss_db (#11044) - Modify adie db exist path for UBTU-20-010450 (#11064) - OCPBUGS-11696: Update encryption type to support 4.13 deployments (#10974) - Refactor Ansible remediations that search local file systems (#10912) - Replace shell command with find for chrony.conf files on UBTU-20-010435 (#11095) - SLE Add journald configuration droping remediations (#10671) - SLE AIDE periodic check and remediation via systemd timer (#10589) - SLE Service timesyncd configured rule (#10670) - templates: file_permissions: Improve handling of directories in ansible remediation (#10882) - Update enable_fips_mode Ansible Remedation (#11026) - Update no_legacy_plus_entries_* Ansible Remedations (#11027) - Use parameter value in ansible lineinfile macro (#10958) - Use var_accounts_passwords_pam_faillock_dir in audit_rules_login_events (#11110) ### Changes in Checks - Couple of fixes in PAM related rules for SLE platforms (#11014) - enhance OVAL for enable_fips_mode (#10897) - Fix into the rule sysctl_kernel_randomize_va_space (#10555) - Improve OVAL readability in enable_fips_mode (#10911) - Improve sshd_use_approved_kex_ordered_stig (#11053) - Minor improvements in configure_opensc_nss_db (#11044) - Remove kernel cmdline check (#10961) - Select the `var_accounts_passwords_pam_faillock_dir=run` in RHEL7 profiles (#11163) - SLE15 audit rules mac modification usr share depends on selinux policy packages (#10883) - Sysctl template remediations do not modify package files (#10881) ### Changes in the Infrastructure - Add a faster alternative for generating HTML guides (#11036) - Add Dependabot (#11113) - Add manifests to zipfile target (#10944) - Add Merge Group Trigger to Required Jobs (#11162) - Add product as parameter when building profile reports (#11023) - Add SCAPVal to Stabilize task (#11043) - Add tickets key to control validation (#10872) - Add version to profile element in the data stream (#10909) - Allow k8s-content workflow to write (#11020) - Build profile bash scripts differently (#11028) - Bump paambaati/codeclimate-action from 4.0.0 to 5.0.0 (#11119) - Dependabot Preparation (#11112) - Fail build if profiles or controls contain invalid rule selections (#11135) - Fix Ansible Tasks order (#11117) - Fix multiple STIG id table generation (#11016) - Fix OrderedDict definition (#11121) - Fix Rawhide Build (#10953) - Fix scap delta tailoring (#11145) - Fix stig overlay (#11114) - Generate profile oriented Ansible Playbooks in a different way (#11033) - Grant packages write permissions to k8s-content workflow (#11021) - Introduce controleval_metrics.py tool to generate metrics in Prometheus format (#11040) - Make CCN references m -------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 12 2023 Matthew Burket mburket@redhat.com - 0.1.70-1 - Update to latest upstream SCAP-Security-Guide-0.1.70 release: https://github.com/ComplianceAsCode/content/releases/tag/v0.1.70 --------------------------------------------------------------------------------
test-reports@lists.fedoraproject.org