The following Fedora EPEL 9 Security updates need testing: Age URL 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-2775a88d84 lua-mpack-1.0.12-1.el9 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-5f0c4ba4b8 wolfssl-5.7.2-2.el9 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-87852e6d70 nextcloud-29.0.6-1.el9 The following builds have been pushed to Fedora EPEL 9 updates-testing composer-2.7.9-1.el9 libjodycode-3.1.1-1.el9 mod_maxminddb-1.2.0-8.el9 mongo-c-driver-1.27.6-1.el9 nexus-4.4.3-10.el9 nut-2.8.2-1.el9 openjph-0.15.0-6.el9 osc-1.9.1-420.1.1.el9 pam_mount-2.20-2.el9 python-django4.2-4.2.16-1.el9 python-webtest-3.0.1-1.el9 rust-arrayref-0.3.8-2.el9 spectre-meltdown-checker-0.46-5.el9 Details about builds: ================================================================================ composer-2.7.9-1.el9 (FEDORA-EPEL-2024-b96dfc9b83) Dependency Manager for PHP -------------------------------------------------------------------------------- Update Information: Version 2.7.9 - 2024-09-04 Fixed Docker detection breaking on constrained environments (#12095) Fixed upstream issue in bash completion script, it is recommended to update it using the completion command (#12015) -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 4 2024 Remi Collet <remi@xxxxxxxxxxxx> - 2.7.9-1 - update to 2.7.9 -------------------------------------------------------------------------------- ================================================================================ libjodycode-3.1.1-1.el9 (FEDORA-EPEL-2024-b6dea1dfff) General purpose utility functions -------------------------------------------------------------------------------- Update Information: update to 3.1.1 and first epel8/9 builds -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 4 2024 Jonathan Wright <jonathan@xxxxxxxxxxxxx> - 3.1.1-1 - update to 3.1.1 * Thu Jul 18 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Wed May 29 2024 David Cantrell <dcantrell@xxxxxxxxxx> - 3.1-4 - Use %autosetup in %prep * Thu Jan 25 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sun Jan 21 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Mon Nov 13 2023 David Cantrell <dcantrell@xxxxxxxxxx> - 3.1-1 - Upgrade to libjodycode-3.1 - Drop the forge macros because the project moved to an unsupported site * Thu Jul 20 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.0.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Tue Jun 20 2023 David Cantrell <dcantrell@xxxxxxxxxx> - 3.0.1-1 - Upgrade to libjodycode-3.0.1 * Thu Jun 15 2023 David Cantrell <dcantrell@xxxxxxxxxx> - 2.0.1-2 - Add a comment explaining Patch0 is for building and packaging on Fedora - Use %forgeautosetup macro in %prep - Do not package the static library - Move the header file to the devel subpackage - Do not use CFLAGS_EXTRA as that just duplicates the CFLAGS again * Tue Jun 13 2023 David Cantrell <dcantrell@xxxxxxxxxx> - 2.0.1-1 - Initial package -------------------------------------------------------------------------------- ================================================================================ mod_maxminddb-1.2.0-8.el9 (FEDORA-EPEL-2024-64cafce274) Module for the Apache web server to query MaxMind DB files -------------------------------------------------------------------------------- Update Information: Remove dependencies on outdated geolite2-country and geolite2-city RPMs -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 4 2024 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.2.0-8 - Remove dependencies on outdated geolite2-{country,city} RPMs * Thu Jul 18 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.2.0-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Thu Jan 25 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.2.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sun Jan 21 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.2.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Thu Jul 20 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.2.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Thu Jan 19 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.2.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ mongo-c-driver-1.27.6-1.el9 (FEDORA-EPEL-2024-c5eb6de9f3) Client library written in C for MongoDB -------------------------------------------------------------------------------- Update Information: libbson 1.27.6 Fixes: Fix handling of malformed extended JSON for special BSON types. Fix large string handling in bson_string_new and bson_string_append. libmongoc 1.27.6 Fixes: Fix TSan warning. Fix C23 compile. Improvements: Document expected behavior of command errors in a transaction. -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 4 2024 Remi Collet <remi@xxxxxxxxxxxx> - 1.27.6-1 - update to 1.27.6 -------------------------------------------------------------------------------- ================================================================================ nexus-4.4.3-10.el9 (FEDORA-EPEL-2024-94439f2d35) Libraries and tools for the NeXus scientific data file format -------------------------------------------------------------------------------- Update Information: New package build for EPEL9 branch -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 20 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.4.3-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Sun Nov 21 2021 Orion Poplawski <orion@xxxxxxxx> - 4.4.3-9 - Rebuild for hdf5 1.12.1 * Thu Jul 22 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.4.3-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Tue Jan 26 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.4.3-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Mon Aug 3 2020 Stuart Campbell <sic@xxxxxxxxxxxxxxxxx> - 4.4.3-6 - Added COPYING to devel package * Sun Aug 2 2020 Stuart Campbell <sic@xxxxxxxxxxxxxxxxx> - 4.4.3-5 - Removed static libraries * Sun Aug 2 2020 Stuart Campbell <sic@xxxxxxxxxxxxxxxxx> - 4.4.3-4 - Added License file, changes from package review * Sun Aug 2 2020 Stuart Campbell <sic@xxxxxxxxxxxxxxxxx> - 4.4.3-3 - Removed Fortran bindings, added nxtranslate XML fix -------------------------------------------------------------------------------- ================================================================================ nut-2.8.2-1.el9 (FEDORA-EPEL-2024-b2834799b9) Network UPS Tools -------------------------------------------------------------------------------- Update Information: updated to latest upstream version 2.8.2 -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 4 2024 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 2.8.2.1-1 - updated to 2.8.2 (rhbz#2307300) * Thu Nov 30 2023 Orion Poplawski <orion@xxxxxxxx> - 2.8.1-2 - Re-add nut.target to nut-client (bz#2156504) * Wed Nov 1 2023 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 2.8.1-1 - updated to 2.8.1 (#2247337) * Tue Oct 10 2023 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 2.8.0-14 - spec cleanup, based on PR#14 by Orion Poplawski * Thu Jul 20 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.8.0-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Tue Jun 13 2023 Python Maint <python-maint@xxxxxxxxxx> - 2.8.0-12 - Rebuilt for Python 3.12 * Wed Apr 26 2023 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 2.8.0-11 - update license tag format (SPDX migration) for https://fedoraproject.org/wiki/Changes/SPDX_Licenses_Phase_1 * Tue Feb 14 2023 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 2.8.0-10 - add nut-xml to nut recommends (#2151810) * Thu Jan 19 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.8.0-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Wed Jan 4 2023 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 2.8.0-8 - move upslog to nut-client, some small spec file changes (#2156504) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2227107 - wrong systemd-tmpfile usage in unit file / already fixed in fedora's patch file https://bugzilla.redhat.com/show_bug.cgi?id=2227107 [ 2 ] Bug #2307300 - Update Request: update nut to version 2.8.2 https://bugzilla.redhat.com/show_bug.cgi?id=2307300 -------------------------------------------------------------------------------- ================================================================================ openjph-0.15.0-6.el9 (FEDORA-EPEL-2024-267e5cb0ed) Open-source implementation of JPEG2000 Part-15 (or JPH or HTJ2K) -------------------------------------------------------------------------------- Update Information: New package OpenJPH. -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 4 2024 Simone Caronni <negativo17@xxxxxxxxx> - 0.15.0-6 - Leave autodetection of hardware extensions as per developer's comment at https://bugzilla.redhat.com/show_bug.cgi?id=2307795#c16 * Wed Sep 4 2024 Simone Caronni <negativo17@xxxxxxxxx> - 0.15.0-5 - Adjust SIMD selection again. * Fri Aug 30 2024 Simone Caronni <negativo17@xxxxxxxxx> - 0.15.0-4 - Switch on SIMD and drop AVX for old processors. * Fri Aug 30 2024 Simone Caronni <negativo17@xxxxxxxxx> - 0.15.0-3 - Fix instructions set typo. * Sun Aug 25 2024 Simone Caronni <negativo17@xxxxxxxxx> - 0.15.0-2 - Do not build on i686 (#2307782). * Sat Aug 24 2024 Simone Caronni <negativo17@xxxxxxxxx> - 0.15.0-1 - First build. -------------------------------------------------------------------------------- References: [ 1 ] Bug #2307698 - Review Request: openjph - Open-source implementation of JPEG2000 Part-15 (or JPH or HTJ2K) https://bugzilla.redhat.com/show_bug.cgi?id=2307698 -------------------------------------------------------------------------------- ================================================================================ osc-1.9.1-420.1.1.el9 (FEDORA-EPEL-2024-ebc9668713) Open Build Service Commander -------------------------------------------------------------------------------- Update Information: New upstream release 1.9.1, fixes CVE-2024-22034 -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 4 2024 Dan Ä?ermák <dan.cermak@xxxxxxxxxxxxxxxxxxx> - 1.9.1-415.1.1 - New upstream release 1.9.1, fixes CVE-2024-22034 and rhbz#2309529 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2309529 - osc-1.9.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2309529 -------------------------------------------------------------------------------- ================================================================================ pam_mount-2.20-2.el9 (FEDORA-EPEL-2024-872c6eb3ab) A PAM module that can mount volumes for a user session -------------------------------------------------------------------------------- Update Information: Update to upstream 2.20 and branch for epel9 (finally) -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 4 2024 Chen Chen <aflyhorse@xxxxxxxxxxx> - 2.20-2 - Fix License section * Wed Sep 4 2024 Chen Chen <aflyhorse@xxxxxxxxxxx> - 2.20-1 - Update to 2.20 * Mon Sep 2 2024 Miroslav Suchý <msuchy@xxxxxxxxxx> - 2.19-7 - convert license to SPDX * Thu Jul 18 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.19-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Thu Jan 25 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.19-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sun Jan 21 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.19-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Thu Jul 20 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.19-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Thu Jan 19 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.19-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Fri Dec 16 2022 Chen Chen <aflyhorse@xxxxxxxxxxx> - 2.19-1 - Update to 2.19 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2104332 - pam_mount-2.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=2104332 [ 2 ] Bug #2145153 - Please branch and build pam_mount in epel9. https://bugzilla.redhat.com/show_bug.cgi?id=2145153 -------------------------------------------------------------------------------- ================================================================================ python-django4.2-4.2.16-1.el9 (FEDORA-EPEL-2024-92f7377188) A high-level Python Web framework -------------------------------------------------------------------------------- Update Information: urlize and urlizetrunc were subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters. -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 4 2024 Michel Lind <salimma@xxxxxxxxxxxxxxxxx> - 4.2.16-1 - Update to version 4.2.16 - Fixes: CVE-2024-45230, RHBZ#2309747 * Fri Jul 19 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.2.14-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2309747 - CVE-2024-45230: Potential denial-of-service vulnerability in django.utils.html.urlize() https://bugzilla.redhat.com/show_bug.cgi?id=2309747 -------------------------------------------------------------------------------- ================================================================================ python-webtest-3.0.1-1.el9 (FEDORA-EPEL-2024-2be9071e54) Helper to test WSGI applications -------------------------------------------------------------------------------- Update Information: Update to upstream. -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 3 2024 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> - 3.0.1-1 - Update to upstream. * Fri Jul 19 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.0.0-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Sun Jun 16 2024 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> - 3.0.0-13 - Add buildrequires on legacy-cgi module * Fri Jun 14 2024 Python Maint <python-maint@xxxxxxxxxx> - 3.0.0-12 - Rebuilt for Python 3.13 * Fri Jan 26 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.0.0-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Mon Jan 22 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.0.0-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jul 21 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.0.0-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Wed Jun 28 2023 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> - 3.0.0-8 - Update to latest git commit, which fixes python 3.12 unittests * Wed Jun 14 2023 Python Maint <python-maint@xxxxxxxxxx> - 3.0.0-7 - Rebuilt for Python 3.12 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2309134 - python-webtest-3.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2309134 -------------------------------------------------------------------------------- ================================================================================ rust-arrayref-0.3.8-2.el9 (FEDORA-EPEL-2024-75cafff072) Macros to take array references of slices -------------------------------------------------------------------------------- Update Information: Patch for quickcheck 1.0, fixing some testing issues -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 3 2024 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.3.8-2 - Patch for quickcheck 1.0, fixing some testing issues -------------------------------------------------------------------------------- ================================================================================ spectre-meltdown-checker-0.46-5.el9 (FEDORA-EPEL-2024-2003295b20) Spectre & Meltdown vulnerability/mitigation checker for Linux -------------------------------------------------------------------------------- Update Information: Fix Retpoline detection for Linux 6.9+ (issue #490) #495 -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 2 2024 Charles R. Anderson <cra@xxxxxxxxxxxx> - 0.46-5 - Fix Retpoline detection for Linux 6.9+ (issue #490) PR#495 * Mon Jul 29 2024 Miroslav Suchý <msuchy@xxxxxxxxxx> - 0.46-4 - convert license to SPDX * Sat Jul 20 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.46-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Sat Jan 27 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.46-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild --------------------------------------------------------------------------------
-- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue