The following Fedora EPEL 8 Security updates need testing: Age URL 57 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-89ad385971 chromium-103.0.5060.114-1.el8 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-cd091ab1b1 libconfuse-3.3-7.el8 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-9d8794e452 ImageMagick-6.9.12.63-1.el8 The following builds have been pushed to Fedora EPEL 8 updates-testing coturn-4.6.0-1.el8 java-latest-openjdk-18.0.2.0.9-1.rolling.el8 kiwi-9.24.48-1.el8 kiwi-boxed-plugin-0.2.23-1.el8 libmd-1.0.4-2.el8 netplan-0.105-2.el8 zbar-0.23.90-5.el8 Details about builds: ================================================================================ coturn-4.6.0-1.el8 (FEDORA-EPEL-2022-e1f1abea12) TURN/STUN & ICE Server -------------------------------------------------------------------------------- Update Information: # Coturn 4.6.0 * Fix small issues reported by `cppcheck` * Fix long log line printing * Print `turnserver` version with `--version` * Do not write outside of a buffer in admin interface * Fix uclient certificate loading bug * Fix duplicate TCP flag in `run_tests.sh` script * Fix turn session leak * Document dependency of new-log-timestamp-format on new-log-timestamp * Enable compilation of coturn on Solaris 11.4 * First step to re-enable compilation with OpenSSL 1.0.x * Fix cmake build on macOS * Disable SSL renegotiation * Fix user quota release * Add more info to redis allocation status * Update `turnserver.conf` comment * Fix performance regression * Add syslog facility config * Add support for dual-stack prom listener * fix build with LibreSSL 3.4.0+ * Add CI tests workflow * Show error on invalid config * Add new prom allocations metric * Don't link in libintl * Fix access to freed memory * Configurable prom username labels * Configurable prometheus listener port * Fix build MariaDB connector * Fix `README` typo * Correct doc typo * Fix `sqlite3_shutdown` and `sqlite3_config` race * Prom server better * Define `OPENSSL_VERSION_1_1_1` on systems where it doesn't (yet) exist * Regression in 4.5.2 that cause issues in OpenSSL version < 1.1.1 * Typo fix in prometheus * Add hash algorithm for hmackey value to redis userdb schema docs * Replace `keep-address-family` with `allocation-default-address-family` (`keep-address- family` is deprecated and will be removed) * Restore `no_stdout_log` behavior * Support older MySQL client version in `configure` * Add to support cmake * Fix typo in `turnserver.conf` * Packaging scripts can miss out on these errors (exit code) * `Readme.turnserver`: how to run server as a daemon * SSL reload has hidden bugs which cause crashes * Try to mitigate STUN amplification attack * Add new option `--no-rfc5780` to force disable RFC8750 * Add new option `--no-stun-backward-compatibility` Disable handling old STUN binding requests and disable `MAPPED-ADDRESS` attribute in binding response (use only the `XOR-MAPPED-ADDRESS`) * Add new option `--response-origin-only-with-rfc5780` Add `RESPONSE_ORIGIN` attribute only if RFC8750 is enabled * Don't send `SOFTWARE` attribute if `--no-software- attribute set on` (breaking change) * Fix for `log_binding` (regression) -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 14 2022 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> - 4.6.0-1 - Upgrade to 4.6.0 (#2126875) * Wed Jul 20 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.5.2-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2126875 - coturn-4.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2126875 -------------------------------------------------------------------------------- ================================================================================ java-latest-openjdk-18.0.2.0.9-1.rolling.el8 (FEDORA-EPEL-2022-73672e02b0) OpenJDK 18 Runtime Environment -------------------------------------------------------------------------------- Update Information: July CPU update -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 22 2022 Andrew Hughes <gnu.andrew@xxxxxxxxxx> - 1:18.0.2.0.9-1.rolling - Update to jdk-18.0.2 release - Update release notes to 18.0.2 - Drop JDK-8282004 patch which is now upstreamed under JDK-8282231 - Exclude x86 where java_arches is undefined, in order to unbreak build * Fri Jul 22 2022 Jiri Vanek <gnu.andrew@xxxxxxxxxx> - 1:18.0.1.1.2-8.rolling - moved to build only on %{java_arches} -- https://fedoraproject.org/wiki/Changes/Drop_i686_JDKs - reverted : -- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild (always mess up release) -- Try to build on x86 again by creating a husk of a JDK which does not depend on itself -- Exclude x86 from builds as the bootstrap JDK is now completely broken and unusable -- Replaced binaries and .so files with bash-stubs on i686 - added ExclusiveArch: %{java_arches} -- this now excludes i686 -- this is safely backport-able to older fedoras, as the macro was backported properly (with i686 included) - https://bugzilla.redhat.com/show_bug.cgi?id=2104125 * Thu Jul 21 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1:18.0.1.1.2-7.rolling.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Tue Jul 19 2022 Andrew Hughes <gnu.andrew@xxxxxxxxxx> - 1:18.0.1.1.2-7.rolling - Try to build on x86 again by creating a husk of a JDK which does not depend on itself * Sun Jul 17 2022 Andrew Hughes <gnu.andrew@xxxxxxxxxx> - 1:18.0.1.1.2-6.rolling - Exclude x86 from builds as the bootstrap JDK is now completely broken and unusable * Wed Jul 13 2022 Andrew Hughes <gnu.andrew@xxxxxxxxxx> - 1:18.0.1.1.2-5.rolling - Explicitly require crypto-policies during build and runtime for system security properties * Wed Jul 13 2022 Jiri Vanek <jvanek@xxxxxxxxxx> - 1:18.0.1.1.2-4.rolling. - Replaced binaries and .so files with bash-stubs on i686 in preparation of the removal on that architecture: - https://fedoraproject.org/wiki/Changes/Drop_i686_JDKs * Wed Jul 13 2022 Andrew Hughes <gnu.andrew@xxxxxxxxxx> - 1:18.0.1.1.2-3.rolling - Make use of the vendor version string to store our version & release rather than an upstream release date * Tue Jul 12 2022 FeRD (Frank Dana) <ferdnyc@xxxxxxxxx> - 1:18.0.1.1.2-2.rolling - Add javaver- and origin-specific javadoc and javadoczip alternatives. * Mon Jul 11 2022 Andrew Hughes <gnu.andrew@xxxxxxxxxx> - 1:18.0.1.1.2-1.rolling - Update to jdk-18.0.1.1 interim release - Update release notes to actually reflect OpenJDK 18 and subsequent releases 18.0.1 & 18.0.1.1 - Print release file during build, which should now include a correct SOURCE value from .src-rev - Update tarball script with IcedTea GitHub URL and .src-rev generation - Include script to generate bug list for release notes - Update tzdata requirement to 2022a to match JDK-8283350 * Sat Jul 9 2022 Jayashree Huttanagoudar <jhuttana@xxxxxxxxxx> - 1:18.0.1.0.10-8.rolling - Fix issue where CheckVendor.java test erroneously passes when it should fail. - Add proper quoting so '&' is not treated as a special character by the shell. * Sat Jul 9 2022 Andrew Hughes <gnu.andrew@xxxxxxxxxx> - 1:18.0.1.0.10-8.rolling - Include a test in the RPM to check the build has the correct vendor information. * Fri Jul 8 2022 Andrew Hughes <gnu.andrew@xxxxxxxxxx> - 1:18.0.1.0.10-7.rolling - Fix whitespace in spec file * Fri Jul 8 2022 Andrew Hughes <gnu.andrew@xxxxxxxxxx> - 1:18.0.1.0.10-7.rolling - Sequence spec file sections as they are run by rpmbuild (build, install then test) * Fri Jul 8 2022 Andrew Hughes <gnu.andrew@xxxxxxxxxx> - 1:18.0.1.0.10-7.rolling - Turn on system security properties as part of the build's install section - Move cacerts replacement to install section and retain original of this and tzdb.dat - Run tests on the installed image, rather than the build image - Introduce variables to refer to the static library installation directories - Use relative symlinks so they work within the image - Run debug symbols check during build stage, before the install strips them * Thu Jul 7 2022 Stephan Bergmann <sbergman@xxxxxxxxxx> - 1:18.0.1.0.10-6.rolling - Fix flatpak builds by exempting them from bootstrap * Thu Jun 30 2022 Francisco Ferrari Bihurriet <fferrari@xxxxxxxxxx> - 1:18.0.1.0.10-5.rolling - RH2007331: SecretKey generate/import operations don't add the CKA_SIGN attribute in FIPS mode * Thu Jun 30 2022 Stephan Bergmann <sbergman@xxxxxxxxxx> - 1:18.0.1.0.10-4.rolling - Fix flatpak builds (catering for their uncompressed manual pages) * Fri Jun 24 2022 Andrew Hughes <gnu.andrew@xxxxxxxxxx> - 1:18.0.1.0.10-3.rolling - Update FIPS support to bring in latest changes - * RH2023467: Enable FIPS keys export - * RH2094027: SunEC runtime permission for FIPS - * RH2036462: sun.security.pkcs11.wrapper.PKCS11.getInstance breakage - * RH2090378: Revert to disabling system security properties and FIPS mode support together - Rebase RH1648249 nss.cfg patch so it applies after the FIPS patch - Enable system security properties in the RPM (now disabled by default in the FIPS repo) - Improve security properties test to check both enabled and disabled behaviour - Run security properties test with property debugging on - Minor sync-ups with java-17-openjdk spec file * Wed May 25 2022 Andrew Hughes <gnu.andrew@xxxxxxxxxx> - 1:18.0.1.0.10-2.rolling - Exclude s390x from the gdb test on RHEL 7 where we see failures with the portable build -------------------------------------------------------------------------------- ================================================================================ kiwi-9.24.48-1.el8 (FEDORA-EPEL-2022-319e03293e) Flexible operating system image builder -------------------------------------------------------------------------------- Update Information: Update kiwi and kiwi-boxed-plugin to get various fixes for building images -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 14 2022 Neal Gompa <ngompa@xxxxxxxxxxxxxxxxx> - 9.24.48-1 - Update to 9.24.48 (RH#2106248) * Thu Jul 21 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 9.24.44-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ kiwi-boxed-plugin-0.2.23-1.el8 (FEDORA-EPEL-2022-319e03293e) KIWI - Boxed Build Plugin -------------------------------------------------------------------------------- Update Information: Update kiwi and kiwi-boxed-plugin to get various fixes for building images -------------------------------------------------------------------------------- ChangeLog: * Fri Sep 2 2022 Neal Gompa <ngompa@xxxxxxxxxxxxxxxxx> - 0.2.23-1 - Update to 0.2.23 (RH#2065051) * Thu Jul 21 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.2.17-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Thu Jan 20 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.2.17-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ libmd-1.0.4-2.el8 (FEDORA-EPEL-2022-0f15aae53d) Library that provides message digest functions from BSD systems -------------------------------------------------------------------------------- Update Information: The libmd library provides a few message digest ("hash") functions, as found on various BSD systems, either on their libc or on a library with the same name, and with a compatible API. -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 14 2022 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.0.4-2 - Update license identifier to SPDX expression (#2094582 #c11) * Wed Jun 8 2022 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.0.4-1 - Upgrade to 1.0.4 (#2094582) - Initial spec file for Fedora and Red Hat Enterprise Linux -------------------------------------------------------------------------------- References: [ 1 ] Bug #2094582 - Review Request: libmd - Library that provides message digest functions from BSD systems https://bugzilla.redhat.com/show_bug.cgi?id=2094582 -------------------------------------------------------------------------------- ================================================================================ netplan-0.105-2.el8 (FEDORA-EPEL-2022-132408bfbc) Network configuration tool using YAML -------------------------------------------------------------------------------- Update Information: Remove Netplan configuration snippets accidentally shipped in the main package -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 14 2022 Neal Gompa <ngompa@xxxxxxxxxxxxxxxxx> - 0.105-2 - Fix configuration snippet file ownership -------------------------------------------------------------------------------- ================================================================================ zbar-0.23.90-5.el8 (FEDORA-EPEL-2022-5511cb72b8) Bar code reader -------------------------------------------------------------------------------- Update Information: Misc packaging cleanup -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 26 2022 Kalev Lember <klember@xxxxxxxxxx> - 0.23.90-5 - Misc packaging cleanup - Sort BuildRequires and Requires and split them out one per line - Move GObject Introspection bindings to -gtk and -gtk-devel subpackages - Split libzbar out to zbar-libs subpackage - Tighten subpackage deps with %{_isa} - Drop manual requires on pkgconfig and rely on rpm dep extractor - Rename zbar-python3 to python3-zbar as per latest Python guidelines - Use make_build and make_install macros * Mon Aug 1 2022 Gwyn Ciesla <gwync@xxxxxxxxxxxxxx> - 0.23.90-4 - Only build Java on supported platforms. * Sat Jul 23 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.23.90-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Mon Jun 13 2022 Python Maint <python-maint@xxxxxxxxxx> - 0.23.90-2 - Rebuilt for Python 3.11 * Tue May 31 2022 Gwyn Ciesla <gwync@xxxxxxxxxxxxxx> - 0.23.90-1 - 0.23.90 * Sat Feb 5 2022 Jiri Vanek <jvanek@xxxxxxxxxx> - 0.23-14 - Rebuilt for java-17-openjdk as system jdk * Sat Jan 22 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.23-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Wed Jan 12 2022 Gwyn Ciesla <gwync@xxxxxxxxxxxxxx> - 0.23-12 - Fix 3.11 FTBFS. -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
