The following Fedora EPEL 10.0 Security updates need testing: Age URL 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-cf97cda6e4 python-python-multipart-0.0.19-1.el10_0 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-5de3513c56 rust-rustls-0.23.19-1.el10_0 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-6392f1c6e3 retsnoop-0.10.1-3.el10_0 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-acbed9a263 radare2-5.9.8-4.el10_0 The following builds have been pushed to Fedora EPEL 10.0 updates-testing apptainer-1.3.6-1.el10_0 chromium-131.0.6778.108-1.el10_0 libsfdo-0.1.3-1.el10_0 python-itsdangerous-2.2.0-1.el10_0 python-sphinxcontrib-autoprogram-0.1.9-5.el10_0 rust-bstr-1.11.0-1.el10_0 rust-cargo-credential-0.4.7-1.el10_0 rust-cargo-credential-libsecret-0.4.9-1.el10_0 rust-cargo-platform-0.1.9-1.el10_0 rust-cargo-util-0.2.16-1.el10_0 rust-crates-io-0.40.6-1.el10_0 rust-rustfix-0.8.7-1.el10_0 rust-tokio-1.42.0-1.el10_0 rust-tokio-util-0.7.13-1.el10_0 rust-unicode-ident-1.0.14-1.el10_0 tpm-tools-1.3.9-19.el10_0 Details about builds: ================================================================================ apptainer-1.3.6-1.el10_0 (FEDORA-EPEL-2024-b7b8d40818) Application and environment virtualization formerly known as Singularity -------------------------------------------------------------------------------- Update Information: Update to upstream 13.6 -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 4 2024 Dave Dykstra <dwd@xxxxxxx> - 1.3.6 - Update to upstream 1.3.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2330437 - apptainer-1.3.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=2330437 -------------------------------------------------------------------------------- ================================================================================ chromium-131.0.6778.108-1.el10_0 (FEDORA-EPEL-2024-60aa72a3e6) A WebKit (Blink) powered web browser that Google doesn't want you to use -------------------------------------------------------------------------------- Update Information: Update to 131.0.6778.108 High CVE-2024-12053: Type Confusion in V8 -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 4 2024 Than Ngo <than@xxxxxxxxxx> - 131.0.6778.108-1 - Update to 131.0.6778.108 * High CVE-2024-12053: Type Confusion in V8 * Sat Nov 23 2024 Than Ngo <than@xxxxxxxxxx> - 131.0.6778.85-2 - Enable qt-ui - Workaround for random crash -------------------------------------------------------------------------------- References: [ 1 ] Bug #2329204 - CVE-2024-9369 chromium: Insufficient data validation in Mojo [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2329204 [ 2 ] Bug #2329205 - CVE-2024-9369 chromium: Insufficient data validation in Mojo [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2329205 [ 3 ] Bug #2329208 - CVE-2024-7025 chromium: Integer overflow in Layout [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2329208 [ 4 ] Bug #2329209 - CVE-2024-7025 chromium: Integer overflow in Layout [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2329209 [ 5 ] Bug #2330232 - CVE-2024-12053 chromium: Type Confusion in V8 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2330232 [ 6 ] Bug #2330233 - CVE-2024-12053 chromium: Type Confusion in V8 [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2330233 -------------------------------------------------------------------------------- ================================================================================ libsfdo-0.1.3-1.el10_0 (FEDORA-EPEL-2024-42565b2c77) A collection of libraries implementing freedesktop.org specifications -------------------------------------------------------------------------------- Update Information: Initial build on epel10 -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 26 2024 Steve Cossette <farchord@xxxxxxxxx> - 0.1.3-1 - 0.1.3 -------------------------------------------------------------------------------- ================================================================================ python-itsdangerous-2.2.0-1.el10_0 (FEDORA-EPEL-2024-8c1f57e11b) Library for passing trusted data to untrusted environments -------------------------------------------------------------------------------- Update Information: Initial build on epel10 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 19 2024 Frantisek Zatloukal <fzatlouk@xxxxxxxxxx> - 2.2.0-1 - Update to 2.2.0 (RHBZ#) * Fri Jul 19 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.1.2-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Fri Jun 7 2024 Python Maint <python-maint@xxxxxxxxxx> - 2.1.2-8 - Rebuilt for Python 3.13 * Fri Jan 26 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.1.2-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Mon Jan 22 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.1.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jul 21 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.1.2-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Wed Jun 14 2023 Python Maint <python-maint@xxxxxxxxxx> - 2.1.2-4 - Rebuilt for Python 3.12 * Fri Jan 20 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.1.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2330584 - Please branch and build python3-itsdangerous in epel10 https://bugzilla.redhat.com/show_bug.cgi?id=2330584 -------------------------------------------------------------------------------- ================================================================================ python-sphinxcontrib-autoprogram-0.1.9-5.el10_0 (FEDORA-EPEL-2024-a208fe567b) Sphinx extension for documenting CLI programs -------------------------------------------------------------------------------- Update Information: Fix working with newer setuptools (bz#2319720) -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 4 2024 mh <mh+fedora@xxxxxxxx> <msuchy@xxxxxxxxxx> - 0.1.9-5 - Fix working with newer setuptools (bz#2319720) - Adapt to correct licens * Wed Sep 4 2024 Miroslav Suchý <msuchy@xxxxxxxxxx> - 0.1.9-4 - convert license to SPDX * Fri Jul 19 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.1.9-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Fri Jun 7 2024 Python Maint <python-maint@xxxxxxxxxx> - 0.1.9-2 - Rebuilt for Python 3.13 * Fri Mar 15 2024 mh <mh+fedora@xxxxxxxx> - 0.1.9-1 - Update to 0.1.9 (#2169100) * Fri Jan 26 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.1.8-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Mon Jan 22 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.1.8-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jul 21 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.1.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Fri Jul 7 2023 mh <mh+fedora@xxxxxxxx> - 0.1.8-1 - Update to 0.1.8 (#2169100) - remove the upstreamed patch for argparse - Require python3-zombie-imp as a stopgap to workaround #2220964 * Wed Jun 14 2023 Python Maint <python-maint@xxxxxxxxxx> - 0.1.7-8 - Rebuilt for Python 3.12 * Fri Jan 20 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.1.7-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2324994 - Please branch and build python3-sphinxcontrib-autoprogram in epel10 https://bugzilla.redhat.com/show_bug.cgi?id=2324994 -------------------------------------------------------------------------------- ================================================================================ rust-bstr-1.11.0-1.el10_0 (FEDORA-EPEL-2024-0009f738c2) String type that is not required to be valid UTF-8 -------------------------------------------------------------------------------- Update Information: Update to version 1.11.0. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 4 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 1.11.0-1 - Update to version 1.11.0; Fixes RHBZ#2326142 -------------------------------------------------------------------------------- ================================================================================ rust-cargo-credential-0.4.7-1.el10_0 (FEDORA-EPEL-2024-a0545e0c86) Library to assist writing Cargo credential helpers -------------------------------------------------------------------------------- Update Information: Update to version 0.4.7. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 4 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 0.4.7-1 - Update to version 0.4.7; Fixes RHBZ#2329360 -------------------------------------------------------------------------------- ================================================================================ rust-cargo-credential-libsecret-0.4.9-1.el10_0 (FEDORA-EPEL-2024-105424577a) Cargo credential process that stores tokens with GNOME libsecret -------------------------------------------------------------------------------- Update Information: Update to version 0.4.9. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 4 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 0.4.9-1 - Update to version 0.4.9; Fixes RHBZ#2329361 -------------------------------------------------------------------------------- ================================================================================ rust-cargo-platform-0.1.9-1.el10_0 (FEDORA-EPEL-2024-4112d0a634) Cargo's representation of a target platform -------------------------------------------------------------------------------- Update Information: Update to version 0.1.9. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 4 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 0.1.9-1 - Update to version 0.1.9; Fixes RHBZ#2329362 -------------------------------------------------------------------------------- ================================================================================ rust-cargo-util-0.2.16-1.el10_0 (FEDORA-EPEL-2024-0bee970bc0) Miscellaneous support code used by Cargo -------------------------------------------------------------------------------- Update Information: Update to version 0.2.16. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 4 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 0.2.16-1 - Update to version 0.2.16; Fixes RHBZ#2329363 -------------------------------------------------------------------------------- ================================================================================ rust-crates-io-0.40.6-1.el10_0 (FEDORA-EPEL-2024-f6106f744d) Helpers for interacting with crates.io -------------------------------------------------------------------------------- Update Information: Update to version 0.40.6. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 4 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 0.40.6-1 - Update to version 0.40.6; Fixes RHBZ#2329364 -------------------------------------------------------------------------------- ================================================================================ rust-rustfix-0.8.7-1.el10_0 (FEDORA-EPEL-2024-111b897db6) Automatically apply the suggestions made by rustc -------------------------------------------------------------------------------- Update Information: Update to version 0.8.7. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 4 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 0.8.7-1 - Update to version 0.8.7; Fixes RHBZ#2329357 -------------------------------------------------------------------------------- ================================================================================ rust-tokio-1.42.0-1.el10_0 (FEDORA-EPEL-2024-569a3cccea) Event-driven, non-blocking I/O platform -------------------------------------------------------------------------------- Update Information: Update to version 1.42.0. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 4 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 1.42.0-1 - Update to version 1.42.0; Fixes RHBZ#2330158 -------------------------------------------------------------------------------- ================================================================================ rust-tokio-util-0.7.13-1.el10_0 (FEDORA-EPEL-2024-5c8d6f417b) Additional utilities for working with Tokio -------------------------------------------------------------------------------- Update Information: Update to version 0.7.13. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 4 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 0.7.13-1 - Update to version 0.7.13; Fixes RHBZ#2330329 -------------------------------------------------------------------------------- ================================================================================ rust-unicode-ident-1.0.14-1.el10_0 (FEDORA-EPEL-2024-b8e4a6fbbc) Determine whether characters have the XID_Start or XID_Continue properties -------------------------------------------------------------------------------- Update Information: Update to version 1.0.14. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 4 2024 Fabio Valentini <decathorpe@xxxxxxxxx> - 1.0.14-1 - Update to version 1.0.14; Fixes RHBZ#2327590 -------------------------------------------------------------------------------- ================================================================================ tpm-tools-1.3.9-19.el10_0 (FEDORA-EPEL-2024-2014e16b86) Management tools for the TPM hardware -------------------------------------------------------------------------------- Update Information: epel10 build -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 7 2024 Miroslav Suchý <msuchy@xxxxxxxxxx> - 1.3.9-19 - convert license to SPDX * Sat Jul 20 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.3.9-18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Sat Jan 27 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.3.9-17 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sat Jul 22 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.3.9-16 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Sat Jan 21 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.3.9-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild --------------------------------------------------------------------------------
-- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue