[EPEL-devel] Fedora EPEL 9 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora EPEL 9 Security updates need testing:
 Age  URL
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-2775a88d84   lua-mpack-1.0.12-1.el9
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-5f0c4ba4b8   wolfssl-5.7.2-2.el9
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-87852e6d70   nextcloud-29.0.6-1.el9


The following builds have been pushed to Fedora EPEL 9 updates-testing

    composer-2.7.9-1.el9
    libjodycode-3.1.1-1.el9
    mod_maxminddb-1.2.0-8.el9
    mongo-c-driver-1.27.6-1.el9
    nexus-4.4.3-10.el9
    nut-2.8.2-1.el9
    openjph-0.15.0-6.el9
    osc-1.9.1-420.1.1.el9
    pam_mount-2.20-2.el9
    python-django4.2-4.2.16-1.el9
    python-webtest-3.0.1-1.el9
    rust-arrayref-0.3.8-2.el9
    spectre-meltdown-checker-0.46-5.el9

Details about builds:


================================================================================
 composer-2.7.9-1.el9 (FEDORA-EPEL-2024-b96dfc9b83)
 Dependency Manager for PHP
--------------------------------------------------------------------------------
Update Information:

Version 2.7.9 -  2024-09-04
Fixed Docker detection breaking on constrained environments (#12095)
Fixed upstream issue in bash completion script, it is recommended to update it
using the completion command (#12015)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep  4 2024 Remi Collet <remi@xxxxxxxxxxxx> - 2.7.9-1
- update to 2.7.9
--------------------------------------------------------------------------------


================================================================================
 libjodycode-3.1.1-1.el9 (FEDORA-EPEL-2024-b6dea1dfff)
 General purpose utility functions
--------------------------------------------------------------------------------
Update Information:

update to 3.1.1 and first epel8/9 builds
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep  4 2024 Jonathan Wright <jonathan@xxxxxxxxxxxxx> - 3.1.1-1
- update to 3.1.1
* Thu Jul 18 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Wed May 29 2024 David Cantrell <dcantrell@xxxxxxxxxx> - 3.1-4
- Use %autosetup in %prep
* Thu Jan 25 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Mon Nov 13 2023 David Cantrell <dcantrell@xxxxxxxxxx> - 3.1-1
- Upgrade to libjodycode-3.1
- Drop the forge macros because the project moved to an unsupported site
* Thu Jul 20 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.0.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Tue Jun 20 2023 David Cantrell <dcantrell@xxxxxxxxxx> - 3.0.1-1
- Upgrade to libjodycode-3.0.1
* Thu Jun 15 2023 David Cantrell <dcantrell@xxxxxxxxxx> - 2.0.1-2
- Add a comment explaining Patch0 is for building and packaging on
  Fedora
- Use %forgeautosetup macro in %prep
- Do not package the static library
- Move the header file to the devel subpackage
- Do not use CFLAGS_EXTRA as that just duplicates the CFLAGS again
* Tue Jun 13 2023 David Cantrell <dcantrell@xxxxxxxxxx> - 2.0.1-1
- Initial package
--------------------------------------------------------------------------------


================================================================================
 mod_maxminddb-1.2.0-8.el9 (FEDORA-EPEL-2024-64cafce274)
 Module for the Apache web server to query MaxMind DB files
--------------------------------------------------------------------------------
Update Information:

Remove dependencies on outdated geolite2-country and geolite2-city RPMs
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep  4 2024 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.2.0-8
- Remove dependencies on outdated geolite2-{country,city} RPMs
* Thu Jul 18 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.2.0-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Thu Jan 25 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.2.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.2.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Thu Jul 20 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.2.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu Jan 19 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.2.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 mongo-c-driver-1.27.6-1.el9 (FEDORA-EPEL-2024-c5eb6de9f3)
 Client library written in C for MongoDB
--------------------------------------------------------------------------------
Update Information:

libbson 1.27.6
Fixes:
Fix handling of malformed extended JSON for special BSON types.
Fix large string handling in bson_string_new and bson_string_append.
libmongoc 1.27.6
Fixes:
Fix TSan warning.
Fix C23 compile.
Improvements:
Document expected behavior of command errors in a transaction.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep  4 2024 Remi Collet <remi@xxxxxxxxxxxx> - 1.27.6-1
- update to 1.27.6
--------------------------------------------------------------------------------


================================================================================
 nexus-4.4.3-10.el9 (FEDORA-EPEL-2024-94439f2d35)
 Libraries and tools for the NeXus scientific data file format
--------------------------------------------------------------------------------
Update Information:

New package build for EPEL9 branch
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 20 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.4.3-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Sun Nov 21 2021 Orion Poplawski <orion@xxxxxxxx> - 4.4.3-9
- Rebuild for hdf5 1.12.1
* Thu Jul 22 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.4.3-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Tue Jan 26 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.4.3-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Mon Aug  3 2020 Stuart Campbell <sic@xxxxxxxxxxxxxxxxx> - 4.4.3-6
- Added COPYING to devel package
* Sun Aug  2 2020 Stuart Campbell <sic@xxxxxxxxxxxxxxxxx> - 4.4.3-5
- Removed static libraries
* Sun Aug  2 2020 Stuart Campbell <sic@xxxxxxxxxxxxxxxxx> - 4.4.3-4
- Added License file, changes from package review
* Sun Aug  2 2020 Stuart Campbell <sic@xxxxxxxxxxxxxxxxx> - 4.4.3-3
- Removed Fortran bindings, added nxtranslate XML fix
--------------------------------------------------------------------------------


================================================================================
 nut-2.8.2-1.el9 (FEDORA-EPEL-2024-b2834799b9)
 Network UPS Tools
--------------------------------------------------------------------------------
Update Information:

updated to latest upstream version 2.8.2
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep  4 2024 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 2.8.2.1-1
- updated to 2.8.2 (rhbz#2307300)
* Thu Nov 30 2023 Orion Poplawski <orion@xxxxxxxx> - 2.8.1-2
- Re-add nut.target to nut-client (bz#2156504)
* Wed Nov  1 2023 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 2.8.1-1
- updated to 2.8.1 (#2247337)
* Tue Oct 10 2023 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 2.8.0-14
- spec cleanup, based on PR#14 by Orion Poplawski
* Thu Jul 20 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.8.0-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Tue Jun 13 2023 Python Maint <python-maint@xxxxxxxxxx> - 2.8.0-12
- Rebuilt for Python 3.12
* Wed Apr 26 2023 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 2.8.0-11
- update license tag format (SPDX migration) for https://fedoraproject.org/wiki/Changes/SPDX_Licenses_Phase_1
* Tue Feb 14 2023 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 2.8.0-10
- add nut-xml to nut recommends (#2151810)
* Thu Jan 19 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.8.0-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Wed Jan  4 2023 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 2.8.0-8
- move upslog to nut-client, some small spec file changes (#2156504)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2227107 - wrong systemd-tmpfile usage in unit file / already fixed in fedora's patch file
        https://bugzilla.redhat.com/show_bug.cgi?id=2227107
  [ 2 ] Bug #2307300 - Update Request: update nut to version 2.8.2
        https://bugzilla.redhat.com/show_bug.cgi?id=2307300
--------------------------------------------------------------------------------


================================================================================
 openjph-0.15.0-6.el9 (FEDORA-EPEL-2024-267e5cb0ed)
 Open-source implementation of JPEG2000 Part-15 (or JPH or HTJ2K)
--------------------------------------------------------------------------------
Update Information:

New package OpenJPH.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep  4 2024 Simone Caronni <negativo17@xxxxxxxxx> - 0.15.0-6
- Leave autodetection of hardware extensions as per developer's comment at
  https://bugzilla.redhat.com/show_bug.cgi?id=2307795#c16
* Wed Sep  4 2024 Simone Caronni <negativo17@xxxxxxxxx> - 0.15.0-5
- Adjust SIMD selection again.
* Fri Aug 30 2024 Simone Caronni <negativo17@xxxxxxxxx> - 0.15.0-4
- Switch on SIMD and drop AVX for old processors.
* Fri Aug 30 2024 Simone Caronni <negativo17@xxxxxxxxx> - 0.15.0-3
- Fix instructions set typo.
* Sun Aug 25 2024 Simone Caronni <negativo17@xxxxxxxxx> - 0.15.0-2
- Do not build on i686 (#2307782).
* Sat Aug 24 2024 Simone Caronni <negativo17@xxxxxxxxx> - 0.15.0-1
- First build.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2307698 - Review Request: openjph - Open-source implementation of JPEG2000 Part-15 (or JPH or HTJ2K)
        https://bugzilla.redhat.com/show_bug.cgi?id=2307698
--------------------------------------------------------------------------------


================================================================================
 osc-1.9.1-420.1.1.el9 (FEDORA-EPEL-2024-ebc9668713)
 Open Build Service Commander
--------------------------------------------------------------------------------
Update Information:

New upstream release 1.9.1, fixes CVE-2024-22034
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep  4 2024 Dan Ä?ermák <dan.cermak@xxxxxxxxxxxxxxxxxxx> - 1.9.1-415.1.1
- New upstream release 1.9.1, fixes CVE-2024-22034 and rhbz#2309529
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2309529 - osc-1.9.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2309529
--------------------------------------------------------------------------------


================================================================================
 pam_mount-2.20-2.el9 (FEDORA-EPEL-2024-872c6eb3ab)
 A PAM module that can mount volumes for a user session
--------------------------------------------------------------------------------
Update Information:

Update to upstream 2.20 and branch for epel9 (finally)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep  4 2024 Chen Chen <aflyhorse@xxxxxxxxxxx> - 2.20-2
- Fix License section
* Wed Sep  4 2024 Chen Chen <aflyhorse@xxxxxxxxxxx> - 2.20-1
- Update to 2.20
* Mon Sep  2 2024 Miroslav Suchý <msuchy@xxxxxxxxxx> - 2.19-7
- convert license to SPDX
* Thu Jul 18 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.19-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Thu Jan 25 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.19-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.19-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Thu Jul 20 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.19-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu Jan 19 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.19-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Dec 16 2022 Chen Chen <aflyhorse@xxxxxxxxxxx> - 2.19-1
- Update to 2.19
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2104332 - pam_mount-2.20 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2104332
  [ 2 ] Bug #2145153 - Please branch and build pam_mount in epel9.
        https://bugzilla.redhat.com/show_bug.cgi?id=2145153
--------------------------------------------------------------------------------


================================================================================
 python-django4.2-4.2.16-1.el9 (FEDORA-EPEL-2024-92f7377188)
 A high-level Python Web framework
--------------------------------------------------------------------------------
Update Information:

urlize and urlizetrunc were subject to a potential denial-of-service attack via
very large inputs with a specific sequence of characters.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep  4 2024 Michel Lind <salimma@xxxxxxxxxxxxxxxxx> - 4.2.16-1
- Update to version 4.2.16
- Fixes: CVE-2024-45230, RHBZ#2309747
* Fri Jul 19 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.2.14-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2309747 - CVE-2024-45230: Potential denial-of-service vulnerability in django.utils.html.urlize()
        https://bugzilla.redhat.com/show_bug.cgi?id=2309747
--------------------------------------------------------------------------------


================================================================================
 python-webtest-3.0.1-1.el9 (FEDORA-EPEL-2024-2be9071e54)
 Helper to test WSGI applications
--------------------------------------------------------------------------------
Update Information:

Update to upstream.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep  3 2024 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> - 3.0.1-1
- Update to upstream.
* Fri Jul 19 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.0.0-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Sun Jun 16 2024 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> - 3.0.0-13
- Add buildrequires on legacy-cgi module
* Fri Jun 14 2024 Python Maint <python-maint@xxxxxxxxxx> - 3.0.0-12
- Rebuilt for Python 3.13
* Fri Jan 26 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.0.0-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Mon Jan 22 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.0.0-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jul 21 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.0.0-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Jun 28 2023 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> - 3.0.0-8
- Update to latest git commit, which fixes python 3.12 unittests
* Wed Jun 14 2023 Python Maint <python-maint@xxxxxxxxxx> - 3.0.0-7
- Rebuilt for Python 3.12
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2309134 - python-webtest-3.0.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2309134
--------------------------------------------------------------------------------


================================================================================
 rust-arrayref-0.3.8-2.el9 (FEDORA-EPEL-2024-75cafff072)
 Macros to take array references of slices
--------------------------------------------------------------------------------
Update Information:

Patch for quickcheck 1.0, fixing some testing issues
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep  3 2024 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.3.8-2
- Patch for quickcheck 1.0, fixing some testing issues
--------------------------------------------------------------------------------


================================================================================
 spectre-meltdown-checker-0.46-5.el9 (FEDORA-EPEL-2024-2003295b20)
 Spectre & Meltdown vulnerability/mitigation checker for Linux
--------------------------------------------------------------------------------
Update Information:

Fix Retpoline detection for Linux 6.9+ (issue #490) #495
--------------------------------------------------------------------------------
ChangeLog:

* Mon Sep  2 2024 Charles R. Anderson <cra@xxxxxxxxxxxx> - 0.46-5
- Fix Retpoline detection for Linux 6.9+ (issue #490) PR#495
* Mon Jul 29 2024 Miroslav Suchý <msuchy@xxxxxxxxxx> - 0.46-4
- convert license to SPDX
* Sat Jul 20 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.46-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Sat Jan 27 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.46-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
--------------------------------------------------------------------------------


-- 
_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux