The following Fedora EPEL 9 Security updates need testing: Age URL 19 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-c5986b2cf1 iaito-5.9.6-1.el9 radare2-5.9.6-1.el9 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-23b122f235 trafficserver-9.2.6-2.el9 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-97fdc539e2 cobbler-3.3.7-1.el9 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-1fa5fbde17 cobbler3.2-3.2.3-2.el9 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-7ac44bd3cc python-aiohttp-3.9.5-2.el9 The following builds have been pushed to Fedora EPEL 9 updates-testing opendmarc-1.4.2-22.el9 python-hvac-0.11.2-2.el9 rust-pulldown-cmark-0.11.3-2.el9 rust-rustls-0.23.17-1.el9 rust-zlib-rs-0.4.0-1.el9 snapd-2.66.1-0.el9 zeal-0.7.2-1.el9 Details about builds: ================================================================================ opendmarc-1.4.2-22.el9 (FEDORA-EPEL-2024-29c32c7e43) A DMARC milter and library -------------------------------------------------------------------------------- Update Information: Add missing Perl deps automatically -------------------------------------------------------------------------------- ChangeLog: * Sat Nov 9 2024 Mikel Olasagasti Uranga <mikel@xxxxxxxxxxxxxxx> - 1.4.2-22 - Add BR on perl-generators to avoid missing deps - Closes rhbz#2241932 rhbz#2241894 -------------------------------------------------------------------------------- ================================================================================ python-hvac-0.11.2-2.el9 (FEDORA-EPEL-2024-2b2d10e137) HashiCorp Vault API client for Python -------------------------------------------------------------------------------- Update Information: This update contains fixes for kv2 api in hashicorp vault. -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 13 2022 Python Maint <python-maint@xxxxxxxxxx> - 0.11.2-2 - Rebuilt for Python 3.11 * Fri Jan 21 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.10.7-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ rust-pulldown-cmark-0.11.3-2.el9 (FEDORA-EPEL-2024-0b86c2cd75) Pull parser for CommonMark -------------------------------------------------------------------------------- Update Information: Fix license tag and and breakdown that was accidentally dropped in the last update. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 20 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 0.11.3-2 - Add back accidentally dropped license tag and breakdown -------------------------------------------------------------------------------- ================================================================================ rust-rustls-0.23.17-1.el9 (FEDORA-EPEL-2024-3672733748) Modern TLS library written in Rust -------------------------------------------------------------------------------- Update Information: Update the rustls crate to version 0.23.17. Update the zlib-rs crate to version 0.4.0. The update to zlib-rs v0.4.0 also addresses CVE-2024-11249 (stack overflow during decompression with malicious input). This issue had no actual impact in Fedora, because no applications yet use the the zlib-rs feature of rustls and rustls is the only dependent package of zlib-rs. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 20 2024 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.23.17-1 - Update to version 0.23.17; Fixes RHBZ#2326682 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2326411 - CVE-2024-11249 rust-zlib-rs: zlib-rs stack overflow during decompression with malicious input [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2326411 -------------------------------------------------------------------------------- ================================================================================ rust-zlib-rs-0.4.0-1.el9 (FEDORA-EPEL-2024-3672733748) Memory-safe zlib implementation written in rust -------------------------------------------------------------------------------- Update Information: Update the rustls crate to version 0.23.17. Update the zlib-rs crate to version 0.4.0. The update to zlib-rs v0.4.0 also addresses CVE-2024-11249 (stack overflow during decompression with malicious input). This issue had no actual impact in Fedora, because no applications yet use the the zlib-rs feature of rustls and rustls is the only dependent package of zlib-rs. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 20 2024 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.4.0-1 - Update to version 0.4.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2326411 - CVE-2024-11249 rust-zlib-rs: zlib-rs stack overflow during decompression with malicious input [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2326411 -------------------------------------------------------------------------------- ================================================================================ snapd-2.66.1-0.el9 (FEDORA-EPEL-2024-52e1ba27fe) A transactional software package manager -------------------------------------------------------------------------------- Update Information: AppArmor prompting (experimental): Fix kernel prompting support check Allow kernel snaps to have content slots Fix ignoring snaps in try mode when amending New upstream release 2.66 AppArmor prompting (experimental): expand kernel support checks AppArmor prompting (experimental): consolidate error messages and add error kinds AppArmor prompting (experimental): grant /v2/snaps/{name} via snap-interfaces-requests-control AppArmor prompting (experimental): add checks for duplicate pattern variants Registry views (experimental): add handlers that commit (and cleanup) registry transactions Registry views (experimental): add a snapctl fail command for rejecting registry transactions Registry views (experimental): allow custodian snaps to implement registry hooks that modify and save registry data Registry views (experimental): run view-changed hooks only for snaps plugging views affected by modified paths Registry views (experimental): make registry transactions serialisable Snap components: handle refreshing components to revisions that have been on the system before Snap components: enable creating Ubuntu Core images that contain components Snap components: handle refreshing components independently of snaps Snap components: handle removing components when refreshing a snap that no longer defines them Snap components: extend snapd Ubuntu Core installation API to allow for picking optional snaps and components to install Snap components: extend kernel.yaml with "dynamic-modules", allowing kernel to define a location for kmods from component hooks Snap components: renamed component type "test" to "standard" Desktop IDs: support installing desktop files with custom names based on desktop-file-ids desktop interface plug attr Auto-install snapd on classic systems as prerequisite for any non- essential snap install Support loading AppArmor profiles on WSL2 with non-default kernel and securityfs mounted Debian/Fedora packaging updates Add snap debug command for investigating execution aspects of the snap toolchain Improve snap pack error for easier parsing Add support for user services when refreshing snaps Add snap remove --terminate flag for terminating running snap processes Support building FIPS complaint snapd deb and snap Fix to not use nss when looking up for users/groups from snapd snap Fix ordering in which layout changes are saved Patch snapd snap dynamic linker to ignore LD_LIBRARY_PATH and related variables Fix libexec dir for openSUSE Slowroll Fix handling of the shared snap directory for parallel installs Allow writing to /run/systemd/journal/dev-log by default Avoid state lock during snap removal to avoid delaying other snapd operations Add nomad-support interface to enable running Hashicorp Nomad Add intel-qat interface u2f-devices interface: add u2f trustkey t120 product id and fx series fido u2f devices desktop interface: improve integration with xdg-desktop-portal desktop interface: add desktop-file-ids plug attr to desktop interface unity7 interface: support desktop-file-ids in desktop files rule generation desktop-legacy interface: support desktop-file-ids in desktop files rule generation desktop-legacy interface: grant access to gcin socket location login-session-observe interface: allow introspection custom-device interface: allow to explicitly identify matching device in udev tagging block system-packages-doc interface: allow reading /usr/share/javascript modem-manager interface: add new format of WWAN ports pcscd interface: allow pcscd to read opensc.conf cpu-control interface: add IRQ affinity control to cpu_control opengl interface: add support for cuda workloads on Tegra iGPU in opengl interface -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 20 2024 Zygmunt Krynicki <me@xxxxxxxxx> - Drop only patch, applied upstream. * Fri Oct 25 2024 Zygmunt Krynicki <me@xxxxxxxxx> - Cherry pick fix for SELinux timedatex problem from upstream * Fri Oct 11 2024 Ernest Lotter <ernest.lotter@xxxxxxxxxxxxx> - New upstream release 2.66.1 - AppArmor prompting (experimental): Fix kernel prompting support check - Allow kernel snaps to have content slots - Fix ignoring snaps in try mode when amending * Fri Oct 4 2024 Ernest Lotter <ernest.lotter@xxxxxxxxxxxxx> - New upstream release 2.66 - AppArmor prompting (experimental): expand kernel support checks - AppArmor prompting (experimental): consolidate error messages and add error kinds - AppArmor prompting (experimental): grant /v2/snaps/{name} via snap-interfaces-requests-control - AppArmor prompting (experimental): add checks for duplicate pattern variants - Registry views (experimental): add handlers that commit (and cleanup) registry transactions - Registry views (experimental): add a snapctl fail command for rejecting registry transactions - Registry views (experimental): allow custodian snaps to implement registry hooks that modify and save registry data - Registry views (experimental): run view-changed hooks only for snaps plugging views affected by modified paths - Registry views (experimental): make registry transactions serialisable - Snap components: handle refreshing components to revisions that have been on the system before - Snap components: enable creating Ubuntu Core images that contain components - Snap components: handle refreshing components independently of snaps - Snap components: handle removing components when refreshing a snap that no longer defines them - Snap components: extend snapd Ubuntu Core installation API to allow for picking optional snaps and components to install - Snap components: extend kernel.yaml with "dynamic-modules", allowing kernel to define a location for kmods from component hooks - Snap components: renamed component type "test" to "standard" - Desktop IDs: support installing desktop files with custom names based on desktop-file-ids desktop interface plug attr - Auto-install snapd on classic systems as prerequisite for any non- essential snap install - Support loading AppArmor profiles on WSL2 with non-default kernel and securityfs mounted - Debian/Fedora packaging updates - Add snap debug command for investigating execution aspects of the snap toolchain - Improve snap pack error for easier parsing - Add support for user services when refreshing snaps - Add snap remove --terminate flag for terminating running snap processes - Support building FIPS complaint snapd deb and snap - Fix to not use nss when looking up for users/groups from snapd snap - Fix ordering in which layout changes are saved - Patch snapd snap dynamic linker to ignore LD_LIBRARY_PATH and related variables - Fix libexec dir for openSUSE Slowroll - Fix handling of the shared snap directory for parallel installs - Allow writing to /run/systemd/journal/dev-log by default - Avoid state lock during snap removal to avoid delaying other snapd operations - Add nomad-support interface to enable running Hashicorp Nomad - Add intel-qat interface - u2f-devices interface: add u2f trustkey t120 product id and fx series fido u2f devices - desktop interface: improve integration with xdg-desktop-portal - desktop interface: add desktop-file-ids plug attr to desktop interface - unity7 interface: support desktop-file-ids in desktop files rule generation - desktop-legacy interface: support desktop-file-ids in desktop files rule generation - desktop-legacy interface: grant access to gcin socket location - login-session-observe interface: allow introspection - custom-device interface: allow to explicitly identify matching device in udev tagging block - system-packages-doc interface: allow reading /usr/share/javascript - modem-manager interface: add new format of WWAN ports - pcscd interface: allow pcscd to read opensc.conf - cpu-control interface: add IRQ affinity control to cpu_control - opengl interface: add support for cuda workloads on Tegra iGPU in opengl interface * Thu Sep 12 2024 Ernest Lotter <ernest.lotter@xxxxxxxxxxxxx> - New upstream release 2.65.3 - Fix missing aux info from store on snap setup * Fri Sep 6 2024 Ernest Lotter <ernest.lotter@xxxxxxxxxxxxx> - New upstream release 2.65.2 - Bump squashfuse from version 0.5.0 to 0.5.2 (used in snapd deb only) -------------------------------------------------------------------------------- ================================================================================ zeal-0.7.2-1.el9 (FEDORA-EPEL-2024-5322e342a7) Offline documentation browser inspired by Dash -------------------------------------------------------------------------------- Update Information: Initial EPEL 9 release -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 9 2024 Lumir Balhar <lbalhar@xxxxxxxxxx> - 0.7.2-1 - Update to 0.7.2 (rhbz#2310765) * Thu Jul 25 2024 Miroslav Suchý <msuchy@xxxxxxxxxx> - 0.7.1-4 - convert GPLv3+ license to SPDX * Sat Jul 20 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Tue Jul 2 2024 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.7.1-2 - Rebuild (qt6) * Tue May 28 2024 Lumir Balhar <lbalhar@xxxxxxxxxx> - 0.7.1-1 - Update to 0.7.1 (rhbz#2283580) * Tue May 21 2024 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.7.0-10 - Rebuild (qt6) * Thu Apr 4 2024 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.7.0-9 - Rebuild (qt6) * Thu Apr 4 2024 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.7.0-8 - Rebuild (qt6) * Fri Feb 16 2024 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.7.0-7 - Rebuild (qt6) * Sat Jan 27 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Wed Nov 29 2023 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.7.0-5 - Rebuild (qt6) * Mon Oct 16 2023 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.7.0-4 - Replace deprecated qAsConst() with std::as_const() * Fri Oct 13 2023 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.7.0-3 - Rebuild (qt6) * Sun Sep 24 2023 LumÃr Balhar <lbalhar@xxxxxxxxxx> - 0.7.0-1 - Update to 0.7.0 (rhbz#2240281) * Wed Jul 26 2023 Björn Esser <besser82@xxxxxxxxxxxxxxxxx> - 0.6.2-5.20230618.1cfa7c6 - Rebuild(qt6) * Sat Jul 22 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.6.2-4.20230618.1cfa7c6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Mon Jul 17 2023 LumÃr Balhar <lbalhar@xxxxxxxxxx> - 0.6.2-3.20230618.1cfa7c6 - Rebuild * Sun Jun 18 2023 LumÃr Balhar <lbalhar@xxxxxxxxxx> - 0.6.2-2.20230618.1cfa7c6 - Don't use obsoleted forge macros * Sat Jun 10 2023 Zephyr Lykos <fedora@xxxxxxxxx> - 0.6.2-1.git1cfa7c6 - Update to commit 1cfa7c6 - Migrate to Qt 6 - Use forge macros - Deprecate versioned cmake macros - Clean up BuildRequires - Reflect the actual version written in CMakeLists.txt * Sat Jan 21 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.6.1-14.20220826.00d4b9c - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2250710 - Please branch and build Zeal in epel9 https://bugzilla.redhat.com/show_bug.cgi?id=2250710 --------------------------------------------------------------------------------
-- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue