[EPEL-devel] Fedora EPEL 9 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora EPEL 9 Security updates need testing:
 Age  URL
  19  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-c5986b2cf1   iaito-5.9.6-1.el9 radare2-5.9.6-1.el9
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-23b122f235   trafficserver-9.2.6-2.el9
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-97fdc539e2   cobbler-3.3.7-1.el9
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-1fa5fbde17   cobbler3.2-3.2.3-2.el9
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-7ac44bd3cc   python-aiohttp-3.9.5-2.el9


The following builds have been pushed to Fedora EPEL 9 updates-testing

    opendmarc-1.4.2-22.el9
    python-hvac-0.11.2-2.el9
    rust-pulldown-cmark-0.11.3-2.el9
    rust-rustls-0.23.17-1.el9
    rust-zlib-rs-0.4.0-1.el9
    snapd-2.66.1-0.el9
    zeal-0.7.2-1.el9

Details about builds:


================================================================================
 opendmarc-1.4.2-22.el9 (FEDORA-EPEL-2024-29c32c7e43)
 A DMARC milter and library
--------------------------------------------------------------------------------
Update Information:

Add missing Perl deps automatically
--------------------------------------------------------------------------------
ChangeLog:

* Sat Nov  9 2024 Mikel Olasagasti Uranga <mikel@xxxxxxxxxxxxxxx> - 1.4.2-22
- Add BR on perl-generators to avoid missing deps - Closes rhbz#2241932
  rhbz#2241894
--------------------------------------------------------------------------------


================================================================================
 python-hvac-0.11.2-2.el9 (FEDORA-EPEL-2024-2b2d10e137)
 HashiCorp Vault API client for Python
--------------------------------------------------------------------------------
Update Information:

This update contains fixes for kv2 api in hashicorp vault.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jun 13 2022 Python Maint <python-maint@xxxxxxxxxx> - 0.11.2-2
- Rebuilt for Python 3.11
* Fri Jan 21 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.10.7-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 rust-pulldown-cmark-0.11.3-2.el9 (FEDORA-EPEL-2024-0b86c2cd75)
 Pull parser for CommonMark
--------------------------------------------------------------------------------
Update Information:

Fix license tag and and breakdown that was accidentally dropped in the last
update.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 20 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 0.11.3-2
- Add back accidentally dropped license tag and breakdown
--------------------------------------------------------------------------------


================================================================================
 rust-rustls-0.23.17-1.el9 (FEDORA-EPEL-2024-3672733748)
 Modern TLS library written in Rust
--------------------------------------------------------------------------------
Update Information:

Update the rustls crate to version 0.23.17.
Update the zlib-rs crate to version 0.4.0.
The update to zlib-rs v0.4.0 also addresses CVE-2024-11249 (stack overflow
during decompression with malicious input). This issue had no actual impact in
Fedora, because no applications yet use the the zlib-rs feature of rustls and
rustls is the only dependent package of zlib-rs.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 20 2024 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.23.17-1
- Update to version 0.23.17; Fixes RHBZ#2326682
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2326411 - CVE-2024-11249 rust-zlib-rs: zlib-rs stack overflow during decompression with malicious input [epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2326411
--------------------------------------------------------------------------------


================================================================================
 rust-zlib-rs-0.4.0-1.el9 (FEDORA-EPEL-2024-3672733748)
 Memory-safe zlib implementation written in rust
--------------------------------------------------------------------------------
Update Information:

Update the rustls crate to version 0.23.17.
Update the zlib-rs crate to version 0.4.0.
The update to zlib-rs v0.4.0 also addresses CVE-2024-11249 (stack overflow
during decompression with malicious input). This issue had no actual impact in
Fedora, because no applications yet use the the zlib-rs feature of rustls and
rustls is the only dependent package of zlib-rs.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 20 2024 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.4.0-1
- Update to version 0.4.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2326411 - CVE-2024-11249 rust-zlib-rs: zlib-rs stack overflow during decompression with malicious input [epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2326411
--------------------------------------------------------------------------------


================================================================================
 snapd-2.66.1-0.el9 (FEDORA-EPEL-2024-52e1ba27fe)
 A transactional software package manager
--------------------------------------------------------------------------------
Update Information:

AppArmor prompting (experimental): Fix kernel prompting support
   check
Allow kernel snaps to have content slots
Fix ignoring snaps in try mode when amending
New upstream release 2.66
AppArmor prompting (experimental): expand kernel support checks
AppArmor prompting (experimental): consolidate error messages and
   add error kinds
AppArmor prompting (experimental): grant /v2/snaps/{name} via
   snap-interfaces-requests-control
AppArmor prompting (experimental): add checks for duplicate
   pattern variants
Registry views (experimental): add handlers that commit (and
   cleanup) registry transactions
Registry views (experimental): add a snapctl fail command for
   rejecting registry transactions
Registry views (experimental): allow custodian snaps to implement
   registry hooks that modify and save registry data
Registry views (experimental): run view-changed hooks only for
   snaps plugging views affected by modified paths
Registry views (experimental): make registry transactions
   serialisable
Snap components: handle refreshing components to revisions that
   have been on the system before
Snap components: enable creating Ubuntu Core images that contain
   components
Snap components: handle refreshing components independently of
   snaps
Snap components: handle removing components when refreshing a snap
   that no longer defines them
Snap components: extend snapd Ubuntu Core installation API to
   allow for picking optional snaps and components to install
Snap components: extend kernel.yaml with "dynamic-modules",
   allowing kernel to define a location for kmods from component
   hooks
Snap components: renamed component type "test" to "standard"
Desktop IDs: support installing desktop files with custom names
   based on desktop-file-ids desktop interface plug attr
Auto-install snapd on classic systems as prerequisite for any non-
   essential snap install
Support loading AppArmor profiles on WSL2 with non-default kernel
   and securityfs mounted
Debian/Fedora packaging updates
Add snap debug command for investigating execution aspects of the
   snap toolchain
Improve snap pack error for easier parsing
Add support for user services when refreshing snaps
Add snap remove --terminate flag for terminating running snap
   processes
Support building FIPS complaint snapd deb and snap
Fix to not use nss when looking up for users/groups from snapd
   snap
Fix ordering in which layout changes are saved
Patch snapd snap dynamic linker to ignore LD_LIBRARY_PATH and
   related variables
Fix libexec dir for openSUSE Slowroll
Fix handling of the shared snap directory for parallel installs
Allow writing to /run/systemd/journal/dev-log by default
Avoid state lock during snap removal to avoid delaying other snapd
   operations
Add nomad-support interface to enable running Hashicorp Nomad
Add intel-qat interface
u2f-devices interface: add u2f trustkey t120 product id and fx
   series fido u2f devices
desktop interface: improve integration with xdg-desktop-portal
desktop interface: add desktop-file-ids plug attr to desktop
   interface
unity7 interface: support desktop-file-ids in desktop files rule
   generation
desktop-legacy interface: support desktop-file-ids in desktop
   files rule generation
desktop-legacy interface: grant access to gcin socket location
login-session-observe interface: allow introspection
custom-device interface: allow to explicitly identify matching
   device in udev tagging block
system-packages-doc interface: allow reading /usr/share/javascript
modem-manager interface: add new format of WWAN ports
pcscd interface: allow pcscd to read opensc.conf
cpu-control interface: add IRQ affinity control to cpu_control
opengl interface: add support for cuda workloads on Tegra iGPU in
   opengl interface
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 20 2024 Zygmunt Krynicki <me@xxxxxxxxx>
- Drop only patch, applied upstream.
* Fri Oct 25 2024 Zygmunt Krynicki <me@xxxxxxxxx>
- Cherry pick fix for SELinux timedatex problem from upstream
* Fri Oct 11 2024 Ernest Lotter <ernest.lotter@xxxxxxxxxxxxx>
- New upstream release 2.66.1
 - AppArmor prompting (experimental): Fix kernel prompting support
   check
 - Allow kernel snaps to have content slots
 - Fix ignoring snaps in try mode when amending
* Fri Oct  4 2024 Ernest Lotter <ernest.lotter@xxxxxxxxxxxxx>
- New upstream release 2.66
 - AppArmor prompting (experimental): expand kernel support checks
 - AppArmor prompting (experimental): consolidate error messages and
   add error kinds
 - AppArmor prompting (experimental): grant /v2/snaps/{name} via
   snap-interfaces-requests-control
 - AppArmor prompting (experimental): add checks for duplicate
   pattern variants
 - Registry views (experimental): add handlers that commit (and
   cleanup) registry transactions
 - Registry views (experimental): add a snapctl fail command for
   rejecting registry transactions
 - Registry views (experimental): allow custodian snaps to implement
   registry hooks that modify and save registry data
 - Registry views (experimental): run view-changed hooks only for
   snaps plugging views affected by modified paths
 - Registry views (experimental): make registry transactions
   serialisable
 - Snap components: handle refreshing components to revisions that
   have been on the system before
 - Snap components: enable creating Ubuntu Core images that contain
   components
 - Snap components: handle refreshing components independently of
   snaps
 - Snap components: handle removing components when refreshing a snap
   that no longer defines them
 - Snap components: extend snapd Ubuntu Core installation API to
   allow for picking optional snaps and components to install
 - Snap components: extend kernel.yaml with "dynamic-modules",
   allowing kernel to define a location for kmods from component
   hooks
 - Snap components: renamed component type "test" to "standard"
 - Desktop IDs: support installing desktop files with custom names
   based on desktop-file-ids desktop interface plug attr
 - Auto-install snapd on classic systems as prerequisite for any non-
   essential snap install
 - Support loading AppArmor profiles on WSL2 with non-default kernel
   and securityfs mounted
 - Debian/Fedora packaging updates
 - Add snap debug command for investigating execution aspects of the
   snap toolchain
 - Improve snap pack error for easier parsing
 - Add support for user services when refreshing snaps
 - Add snap remove --terminate flag for terminating running snap
   processes
 - Support building FIPS complaint snapd deb and snap
 - Fix to not use nss when looking up for users/groups from snapd
   snap
 - Fix ordering in which layout changes are saved
 - Patch snapd snap dynamic linker to ignore LD_LIBRARY_PATH and
   related variables
 - Fix libexec dir for openSUSE Slowroll
 - Fix handling of the shared snap directory for parallel installs
 - Allow writing to /run/systemd/journal/dev-log by default
 - Avoid state lock during snap removal to avoid delaying other snapd
   operations
 - Add nomad-support interface to enable running Hashicorp Nomad
 - Add intel-qat interface
 - u2f-devices interface: add u2f trustkey t120 product id and fx
   series fido u2f devices
 - desktop interface: improve integration with xdg-desktop-portal
 - desktop interface: add desktop-file-ids plug attr to desktop
   interface
 - unity7 interface: support desktop-file-ids in desktop files rule
   generation
 - desktop-legacy interface: support desktop-file-ids in desktop
   files rule generation
 - desktop-legacy interface: grant access to gcin socket location
 - login-session-observe interface: allow introspection
 - custom-device interface: allow to explicitly identify matching
   device in udev tagging block
 - system-packages-doc interface: allow reading /usr/share/javascript
 - modem-manager interface: add new format of WWAN ports
 - pcscd interface: allow pcscd to read opensc.conf
 - cpu-control interface: add IRQ affinity control to cpu_control
 - opengl interface: add support for cuda workloads on Tegra iGPU in
   opengl interface
* Thu Sep 12 2024 Ernest Lotter <ernest.lotter@xxxxxxxxxxxxx>
- New upstream release 2.65.3
 - Fix missing aux info from store on snap setup
* Fri Sep  6 2024 Ernest Lotter <ernest.lotter@xxxxxxxxxxxxx>
- New upstream release 2.65.2
 - Bump squashfuse from version 0.5.0 to 0.5.2 (used in snapd deb
   only)
--------------------------------------------------------------------------------


================================================================================
 zeal-0.7.2-1.el9 (FEDORA-EPEL-2024-5322e342a7)
 Offline documentation browser inspired by Dash
--------------------------------------------------------------------------------
Update Information:

Initial EPEL 9 release
--------------------------------------------------------------------------------
ChangeLog:

* Mon Sep  9 2024 Lumir Balhar <lbalhar@xxxxxxxxxx> - 0.7.2-1
- Update to 0.7.2 (rhbz#2310765)
* Thu Jul 25 2024 Miroslav Suchý <msuchy@xxxxxxxxxx> - 0.7.1-4
- convert GPLv3+ license to SPDX
* Sat Jul 20 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Tue Jul  2 2024 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.7.1-2
- Rebuild (qt6)
* Tue May 28 2024 Lumir Balhar <lbalhar@xxxxxxxxxx> - 0.7.1-1
- Update to 0.7.1 (rhbz#2283580)
* Tue May 21 2024 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.7.0-10
- Rebuild (qt6)
* Thu Apr  4 2024 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.7.0-9
- Rebuild (qt6)
* Thu Apr  4 2024 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.7.0-8
- Rebuild (qt6)
* Fri Feb 16 2024 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.7.0-7
- Rebuild (qt6)
* Sat Jan 27 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Nov 29 2023 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.7.0-5
- Rebuild (qt6)
* Mon Oct 16 2023 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.7.0-4
- Replace deprecated qAsConst() with std::as_const()
* Fri Oct 13 2023 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.7.0-3
- Rebuild (qt6)
* Sun Sep 24 2023 Lumír Balhar <lbalhar@xxxxxxxxxx> - 0.7.0-1
- Update to 0.7.0 (rhbz#2240281)
* Wed Jul 26 2023 Björn Esser <besser82@xxxxxxxxxxxxxxxxx> - 0.6.2-5.20230618.1cfa7c6
- Rebuild(qt6)
* Sat Jul 22 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.6.2-4.20230618.1cfa7c6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Mon Jul 17 2023 Lumír Balhar <lbalhar@xxxxxxxxxx> - 0.6.2-3.20230618.1cfa7c6
- Rebuild
* Sun Jun 18 2023 Lumír Balhar <lbalhar@xxxxxxxxxx> - 0.6.2-2.20230618.1cfa7c6
- Don't use obsoleted forge macros
* Sat Jun 10 2023 Zephyr Lykos <fedora@xxxxxxxxx> - 0.6.2-1.git1cfa7c6
- Update to commit 1cfa7c6
- Migrate to Qt 6
- Use forge macros
- Deprecate versioned cmake macros
- Clean up BuildRequires
- Reflect the actual version written in CMakeLists.txt
* Sat Jan 21 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.6.1-14.20220826.00d4b9c
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2250710 - Please branch and build Zeal in epel9
        https://bugzilla.redhat.com/show_bug.cgi?id=2250710
--------------------------------------------------------------------------------


-- 
_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux