The following Fedora EPEL 9 Security updates need testing: Age URL 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-2bb96c1f9a rust-pyo3-0.22.4-1.el9 rust-pyo3-build-config-0.22.4-1.el9 rust-pyo3-ffi-0.22.4-1.el9 rust-pyo3-macros-0.22.4-1.el9 rust-pyo3-macros-backend-0.22.4-1.el9 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-78df19aaf3 yarnpkg-1.22.22-5.el9 The following builds have been pushed to Fedora EPEL 9 updates-testing algol68g-3.5.9-1.el9 podman-tui-1.2.3-1.el9 prometheus-podman-exporter-1.13.3-1.el9 radsecproxy-1.11.0-1.el9 rust-anyhow-1.0.90-1.el9 rust-libc-0.2.161-1.el9 rust-ripgrep-14.1.1-1.el9 rust-rustls-pemfile-2.2.0-1.el9 rust-rustls-pki-types-1.10.0-1.el9 rust-serde_json-1.0.131-1.el9 rust-unicase-2.8.0-1.el9 rust-winnow-0.6.20-1.el9 uwsgi-2.0.27-4.el9 virtme-ng-1.31-1.el9 Details about builds: ================================================================================ algol68g-3.5.9-1.el9 (FEDORA-EPEL-2024-3f77f3a295) Algol 68 Genie compiler-interpreter -------------------------------------------------------------------------------- Update Information: Update to 3.5.9 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 18 2024 Oleg Girko <ol@xxxxxxxxxxxxx> - 3.5.9-1 - Update to 3.5.9 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2317940 - algol68g-3.5.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=2317940 -------------------------------------------------------------------------------- ================================================================================ podman-tui-1.2.3-1.el9 (FEDORA-EPEL-2024-8a0d469cac) Podman Terminal User Interface -------------------------------------------------------------------------------- Update Information: release 1.2.3 -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 19 2024 Navid Yaghoobi <navidys@xxxxxxxxxxxxxxxxx> - 1.2.3-1 - release v1.2.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2317460 - CVE-2024-9675 podman-tui: Buildah allows arbitrary directory mount [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2317460 [ 2 ] Bug #2318167 - [Major Incident] CVE-2024-21626 podman-tui: file descriptor leak [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2318167 [ 3 ] Bug #2319016 - CVE-2024-9676 podman-tui: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS) [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2319016 -------------------------------------------------------------------------------- ================================================================================ prometheus-podman-exporter-1.13.3-1.el9 (FEDORA-EPEL-2024-0282083260) Prometheus exporter for podman environment -------------------------------------------------------------------------------- Update Information: release 1.13.3 -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 19 2024 Navid Yaghoobi <navidys@xxxxxxxxxxxxxxxxx> - 1.13.3-1 - release v1.13.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2317461 - CVE-2024-9675 prometheus-podman-exporter: Buildah allows arbitrary directory mount [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2317461 [ 2 ] Bug #2318168 - [Major Incident] CVE-2024-21626 prometheus-podman-exporter: file descriptor leak [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2318168 -------------------------------------------------------------------------------- ================================================================================ radsecproxy-1.11.0-1.el9 (FEDORA-EPEL-2024-f705a966fa) Generic RADIUS proxy with RadSec support -------------------------------------------------------------------------------- Update Information: radsecproxy 1.11.0 (2024-07-05) New features TLS-PSK Long hex-strings in config Reload complete TLS context on SIGHUP, reload client/server cert and key Implement SSLKEYLOGFILE mechanism Options to require Message-Authenticator Misc Re-verify certificates on SIGHUP and terminate invalid connections Implement recommendations for deprecating insecure transports Verify EAP message content length Close connection on radius attribute decode errors Bug Fixes Fix correct secret for DTLS (radius/dtls) Fix infinite loop when listening on tcp socket fails Fix crashes under high load -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 19 2024 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.11.0-1 - Upgrade to 1.11.0 (#2290989) * Fri Jul 19 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.10.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2290989 - radsecproxy-1.11.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2290989 -------------------------------------------------------------------------------- ================================================================================ rust-anyhow-1.0.90-1.el9 (FEDORA-EPEL-2024-0d32db89cb) Flexible concrete Error type built on std::error::Error -------------------------------------------------------------------------------- Update Information: Update to version 1.0.90. -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 19 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 1.0.90-1 - Update to version 1.0.90; Fixes RHBZ#2319784 -------------------------------------------------------------------------------- ================================================================================ rust-libc-0.2.161-1.el9 (FEDORA-EPEL-2024-9bf888f821) Raw FFI bindings to platform libraries like libc -------------------------------------------------------------------------------- Update Information: Update to version 0.2.161. -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 19 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 0.2.161-1 - Update to version 0.2.161; Fixes RHBZ#2319311 -------------------------------------------------------------------------------- ================================================================================ rust-ripgrep-14.1.1-1.el9 (FEDORA-EPEL-2024-4738832dca) Line-oriented search tool -------------------------------------------------------------------------------- Update Information: Update to version 14.1.1. -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 19 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 14.1.1-1 - Update to version 14.1.1; Fixes RHBZ#2310787 * Sat Jul 20 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 14.1.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ rust-rustls-pemfile-2.2.0-1.el9 (FEDORA-EPEL-2024-a64ddfe9c5) Basic .pem file parser for keys and certificates -------------------------------------------------------------------------------- Update Information: Update to version 2.2.0. -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 19 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 2.2.0-1 - Update to version 2.2.0; Fixes RHBZ#2315737 -------------------------------------------------------------------------------- ================================================================================ rust-rustls-pki-types-1.10.0-1.el9 (FEDORA-EPEL-2024-8d92fd02be) Shared types for the rustls PKI ecosystem -------------------------------------------------------------------------------- Update Information: Update to version 1.10.0. -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 19 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 1.10.0-1 - Update to version 1.10.0; Fixes RHBZ#2318728 -------------------------------------------------------------------------------- ================================================================================ rust-serde_json-1.0.131-1.el9 (FEDORA-EPEL-2024-6e97f090b3) JSON serialization file format -------------------------------------------------------------------------------- Update Information: Update to version 1.0.131. -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 19 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 1.0.131-1 - Update to version 1.0.131; Fixes RHBZ#2319475 -------------------------------------------------------------------------------- ================================================================================ rust-unicase-2.8.0-1.el9 (FEDORA-EPEL-2024-0ca9d42799) Case-insensitive wrapper around strings -------------------------------------------------------------------------------- Update Information: Update to version 2.8.0. -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 19 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 2.8.0-1 - Update to version 2.8.0; Fixes RHBZ#2319850 * Sat Jul 20 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.7.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Sat Jan 27 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.7.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ rust-winnow-0.6.20-1.el9 (FEDORA-EPEL-2024-67615ade8d) Byte-oriented, zero-copy, parser combinators library -------------------------------------------------------------------------------- Update Information: Update to version 0.6.20. -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 19 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 0.6.20-1 - Update to version 0.6.20; Fixes RHBZ#2314500 -------------------------------------------------------------------------------- ================================================================================ uwsgi-2.0.27-4.el9 (FEDORA-EPEL-2024-83c3af515a) Fast, self-healing, application container server -------------------------------------------------------------------------------- Update Information: Fix uWSGI auto-reloading on config change -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 14 2024 Ralf Ertzinger <ralf@xxxxxxxxxxx> - 2.0.27-4 - Fix uWSGI auto-reloading on config change * Mon Oct 14 2024 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.0.27-3 - rebuild for https://fedoraproject.org/wiki/Changes/php84 * Fri Sep 27 2024 Ralf Ertzinger <ralf@xxxxxxxxxxx> - 2.0.27-2 - Only build fiber plugin when rack plugin is also built -------------------------------------------------------------------------------- References: [ 1 ] Bug #2317782 - reload bug in uwsgi 2.0.27 leads to hanging application processes https://bugzilla.redhat.com/show_bug.cgi?id=2317782 -------------------------------------------------------------------------------- ================================================================================ virtme-ng-1.31-1.el9 (FEDORA-EPEL-2024-8631c81aea) Quickly build and run kernels inside a virtualized snapshot of your live system -------------------------------------------------------------------------------- Update Information: Update to version 1.31 The most noticeable changes in this new version are the initial support for NVIDIA GPUs passthrough (thanks to @ianm-nv), the possibility to use pre- compiled -rc kernels from Ubuntu mainline builds, the possibility to use virtiofs natively on arm64, some improvements to run virtme-ng cross- architecture and cross-distro and the usual set of bug fixes. https://github.com/arighi/virtme-ng/releases/tag/v1.30 https://github.com/arighi/virtme-ng/releases/tag/v1.31 -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 19 2024 Ondrej MosnáÄ?ek <omosnacek@xxxxxxxxx> - 1.31-1 - Update to version 1.31 (fedora#2319880) * Mon Oct 14 2024 Ondrej MosnáÄ?ek <omosnacek@xxxxxxxxx> - 1.30-1 - Update to version 1.30 (fedora#2318393) * Sat Sep 28 2024 Ondrej MosnáÄ?ek <omosnacek@xxxxxxxxx> - 1.29-2 - Use proper macro for bash completion dir * Wed Sep 11 2024 Ondrej MosnáÄ?ek <omosnacek@xxxxxxxxx> - 1.29-1 - Update to version 1.29 and remove packaging workaround --------------------------------------------------------------------------------
-- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue