The following Fedora EPEL 8 Security updates need testing: Age URL 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-02e26b51d5 suricata-7.0.8-1.el8 The following builds have been pushed to Fedora EPEL 8 updates-testing dislocker-0.7.3-17.el8 netcat-1.229-1.el8 xorgxrdp-0.10.3-5.el8 xrdp-0.10.2-7.el8 Details about builds: ================================================================================ dislocker-0.7.3-17.el8 (FEDORA-EPEL-2025-c4fc680a28) Utility to access BitLocker encrypted volumes -------------------------------------------------------------------------------- Update Information: Add patch with upstream changes, fixes and mbedTLS 3.x support Add updated patch for multibyte character support in passwords -------------------------------------------------------------------------------- ChangeLog: * Sun Jan 5 2025 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 0.7.3-17 - Add patch with upstream changes, fixes and mbedTLS 3.x support - Add updated patch for multibyte character support in passwords * Tue Sep 3 2024 Morten Stevens <mstevens@xxxxxxxxxxxxxxxxx> - 0.7.3-16 - Rebuilt for mbedTLS 3.6.1 * Wed Jul 17 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.3-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Wed Jan 24 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.3-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jan 19 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.3-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Wed Jan 3 2024 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 0.7.3-12 - Rebuild for https://fedoraproject.org/wiki/Changes/Ruby_3.3 * Wed Jul 19 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.3-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Thu Jan 19 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.3-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Wed Jan 4 2023 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 0.7.3-9 - Rebuild for https://fedoraproject.org/wiki/Changes/Ruby_3.2 * Thu Jul 21 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.3-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Wed Jan 26 2022 VÃt Ondruch <vondruch@xxxxxxxxxx> - 0.7.3-7 - Rebuilt for https://fedoraproject.org/wiki/Changes/Ruby_3.1 -------------------------------------------------------------------------------- ================================================================================ netcat-1.229-1.el8 (FEDORA-EPEL-2025-74bcf45cac) OpenBSD netcat to read and write data across connections using TCP or UDP -------------------------------------------------------------------------------- Update Information: OpenBSD netcat 1.229 Drop caddr_t cast. It's not needed and not portable. -------------------------------------------------------------------------------- ChangeLog: * Sun Jan 5 2025 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.229-1 - Upgrade to 1.229 -------------------------------------------------------------------------------- ================================================================================ xorgxrdp-0.10.3-5.el8 (FEDORA-EPEL-2024-02bc5d21b1) Implementation of xrdp backend as Xorg modules -------------------------------------------------------------------------------- Update Information: IMPORTANT: xrdp now runs under an unprivileged user account. Release notes for xrdp v0.10.2 (2024/12/24) General announcements Power Up Privacy and @CyberTrust sponsored H.264 encoding (mentioned later). We greatly appreciate the sponsorship. If you like xrdp, please consider sponsoring or donating to the project. We accept financial contributions through Open Collective, and direct donations to individual developers via GitHub Sponsors are also welcome. Highlights H.264 encoding Weâ??re very excited to announce that xrdp has supported H.264 encoding in graphics remoting since v0.10.2. xrdp with H.264 encoding reduces the amount of data transmitted over the network and provides a much smoother and more responsive experience compared to previous versions when using graphics- intensive applications. For details, see the H.264 encoding page on the wiki and also check the Known Issues section. Unprivileged xrdp daemon Since v0.10.2, xrdp officially supports running xrdp daemon as an unprivileged user. xrdp-sesman daemon still needs to be run as a privileged user because it handles user authentication and session management. Running xrdp daemon as an unprivileged user requires some adjustments, such as user/group and files/directory permissions. We have bundled a script named xrdp- chkpriv with xrdp to check if it is ready to run xrdp as an unprivileged user. The script is typically installed into /usr/share/xrdp/xrdp-chkpriv. See also the man page of xrdp.ini for more configuration information. Security fixes None New features FUSE operations can now use direct I/O to bypass the block cache (#3260) Supported clients can now skip channel join messages (#3282) Frame capture interval (frame rate) can now be configured separately via xrdp for H.264 and RFX (neutrinolabs/xorgxrdp#347 #3317) The statvfs system call is now supported on the FUSE filesystem (#3304) A path can now be specified for the chansrv log file (#3344) Add Czech keyboard (#3348 #3358) Bug fixes Redirector improvements. Removed some unnecessary limitations on filename lengths, and improved compatibility with FreeRDP (#3165 #3194). Special thanks to @tsz8899 for raising this and working with the team. Fix misreported cache size (#3212) Clarified Policy setting in sesman.ini (#3235) Fixed a regression in support for non-resizeable VNC sessions (#3242) A regression in chansrv functionality when used in standalone mode for VNC sessions has been fixed (#3283). This was introduced by the move to the v0.10.x sockets dir layout Fix AltGr on Spanish keyboard (#3313) The KDE Dolphin file manager can now save files to a mapped drive (#3300) pam_limits.so is now included explicitly for Debian and derivatives (#3347) Internal changes CI version updates : cppcheck to v2.15.0 and astyle to 3.4.14 (#3232 #3309 #3314) Remove xrdp_sec_in_mcs_data() function (#3273) Changes for users xrdp.ini has some new configuration parameters for H.264 (#3317). When updating from v0.10.1 to v0.10.2, make sure to merge the new xrdp.ini with the old one. If moving from v0.9.x, read the v0.10.0 release note. Changes for packagers or developers xrdp.ini and sesman.ini are now dynamically substituted during the build process (it was not working as intended before) (#3187 #3188) Running xrdp daemon as an unprivileged user is now officially supported. It is optional but consider creating a user/group for xrdp daemon in the post-install script or an appropriate location. The libfuse version required is now > 3.1.0 (#3284) If moving from v0.9.x, read the v0.10.0 release note. Release notes for xorgxrdp v0.10.3 (2024/12/15) General announcements Power Up Privacy and @CyberTrust sponsored H.264 encoding. We greatly appreciate the sponsorship. Please consider sponsoring or making a donation to the project if you like xrdp. We accept financial contributions via Open Collective. Direct donations to each developer via GitHub Sponsors are also welcomed. Security fixes None New features H.264 capture is now supported, see xrdp v0.10.2 release note for details (#355) Frame capture interval (frame rate) can now be configured separately via xrdp for H.264 and RFX (#347 #353) Bug fixes Fix dependency when building without glamor (#330) RandR is now aware of physical monitor sizes if these have been passed to the client (#337) Glamor whitelist now supports amdgpu (#329) and msm (#346) drivers. Some users of this hardware had reported a regression following the introduction of #322 in v0.10.2 Internal changes None Known issues None Changes for packagers or developers This version is intended to be used together with xrdp v0.10.2 or later. Please build against xrdp v0.10.2 and provide both xrdp v0.10.2 and xorgxrdp v0.10.3 at the same time. -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 29 2024 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 0.10.3-5 - Change /usr/libexec/Xorg dependency to xorg-x11-server-Xorg * Thu Dec 26 2024 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 0.10.3-2 - Add /usr/libexec/Xorg dependency * Mon Dec 16 2024 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 0.10.3-1 - Bump up to 0.10.3 * Fri Sep 27 2024 Sérgio Basto <sergio@xxxxxxxxxx> - 0.10.2-2 - Rebuild for rebase of xorg-server to versions 21.1.x -------------------------------------------------------------------------------- References: [ 1 ] Bug #2332456 - xorgxrdp-0.10.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2332456 -------------------------------------------------------------------------------- ================================================================================ xrdp-0.10.2-7.el8 (FEDORA-EPEL-2024-02bc5d21b1) Open source remote desktop protocol (RDP) server -------------------------------------------------------------------------------- Update Information: IMPORTANT: xrdp now runs under an unprivileged user account. Release notes for xrdp v0.10.2 (2024/12/24) General announcements Power Up Privacy and @CyberTrust sponsored H.264 encoding (mentioned later). We greatly appreciate the sponsorship. If you like xrdp, please consider sponsoring or donating to the project. We accept financial contributions through Open Collective, and direct donations to individual developers via GitHub Sponsors are also welcome. Highlights H.264 encoding Weâ??re very excited to announce that xrdp has supported H.264 encoding in graphics remoting since v0.10.2. xrdp with H.264 encoding reduces the amount of data transmitted over the network and provides a much smoother and more responsive experience compared to previous versions when using graphics- intensive applications. For details, see the H.264 encoding page on the wiki and also check the Known Issues section. Unprivileged xrdp daemon Since v0.10.2, xrdp officially supports running xrdp daemon as an unprivileged user. xrdp-sesman daemon still needs to be run as a privileged user because it handles user authentication and session management. Running xrdp daemon as an unprivileged user requires some adjustments, such as user/group and files/directory permissions. We have bundled a script named xrdp- chkpriv with xrdp to check if it is ready to run xrdp as an unprivileged user. The script is typically installed into /usr/share/xrdp/xrdp-chkpriv. See also the man page of xrdp.ini for more configuration information. Security fixes None New features FUSE operations can now use direct I/O to bypass the block cache (#3260) Supported clients can now skip channel join messages (#3282) Frame capture interval (frame rate) can now be configured separately via xrdp for H.264 and RFX (neutrinolabs/xorgxrdp#347 #3317) The statvfs system call is now supported on the FUSE filesystem (#3304) A path can now be specified for the chansrv log file (#3344) Add Czech keyboard (#3348 #3358) Bug fixes Redirector improvements. Removed some unnecessary limitations on filename lengths, and improved compatibility with FreeRDP (#3165 #3194). Special thanks to @tsz8899 for raising this and working with the team. Fix misreported cache size (#3212) Clarified Policy setting in sesman.ini (#3235) Fixed a regression in support for non-resizeable VNC sessions (#3242) A regression in chansrv functionality when used in standalone mode for VNC sessions has been fixed (#3283). This was introduced by the move to the v0.10.x sockets dir layout Fix AltGr on Spanish keyboard (#3313) The KDE Dolphin file manager can now save files to a mapped drive (#3300) pam_limits.so is now included explicitly for Debian and derivatives (#3347) Internal changes CI version updates : cppcheck to v2.15.0 and astyle to 3.4.14 (#3232 #3309 #3314) Remove xrdp_sec_in_mcs_data() function (#3273) Changes for users xrdp.ini has some new configuration parameters for H.264 (#3317). When updating from v0.10.1 to v0.10.2, make sure to merge the new xrdp.ini with the old one. If moving from v0.9.x, read the v0.10.0 release note. Changes for packagers or developers xrdp.ini and sesman.ini are now dynamically substituted during the build process (it was not working as intended before) (#3187 #3188) Running xrdp daemon as an unprivileged user is now officially supported. It is optional but consider creating a user/group for xrdp daemon in the post-install script or an appropriate location. The libfuse version required is now > 3.1.0 (#3284) If moving from v0.9.x, read the v0.10.0 release note. Release notes for xorgxrdp v0.10.3 (2024/12/15) General announcements Power Up Privacy and @CyberTrust sponsored H.264 encoding. We greatly appreciate the sponsorship. Please consider sponsoring or making a donation to the project if you like xrdp. We accept financial contributions via Open Collective. Direct donations to each developer via GitHub Sponsors are also welcomed. Security fixes None New features H.264 capture is now supported, see xrdp v0.10.2 release note for details (#355) Frame capture interval (frame rate) can now be configured separately via xrdp for H.264 and RFX (#347 #353) Bug fixes Fix dependency when building without glamor (#330) RandR is now aware of physical monitor sizes if these have been passed to the client (#337) Glamor whitelist now supports amdgpu (#329) and msm (#346) drivers. Some users of this hardware had reported a regression following the introduction of #322 in v0.10.2 Internal changes None Known issues None Changes for packagers or developers This version is intended to be used together with xrdp v0.10.2 or later. Please build against xrdp v0.10.2 and provide both xrdp v0.10.2 and xorgxrdp v0.10.3 at the same time. -------------------------------------------------------------------------------- ChangeLog: * Sun Jan 5 2025 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 1:0.10.2~7 - Comment out generic RDP proxy in xrdp.ini * Sun Jan 5 2025 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 1:0.10.2~6 - Set permissions of cert, key and rsakeys.ini to 0640 - Revert optional dependency on noopenh264, library dependency exists * Fri Dec 27 2024 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 1:0.10.2~5 - Move README.Fedora to README.md - Adjust ownership/permissions of certs/keys for unprivileged user * Thu Dec 26 2024 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 1:0.10.2~4 - If openh264 is not present, require noopenh264 instead * Wed Dec 25 2024 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 1:0.10.2~3 - Run as unprivileged user * Wed Dec 25 2024 Koichiro Iwao <meta@xxxxxxxxxxxxx> - 1:0.10.2-2 - Enable OpenH264 * Wed Dec 25 2024 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 1:0.10.2~1 - Update to 0.10.2 * Tue Dec 24 2024 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 1:0.10.2~0.rc1.1 - Update to 0.10.2-rc.1 * Wed Sep 4 2024 Miroslav Suchý <msuchy@xxxxxxxxxx> - 1:0.10.1-2 - convert license to SPDX -------------------------------------------------------------------------------- References: [ 1 ] Bug #2332456 - xorgxrdp-0.10.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2332456 --------------------------------------------------------------------------------
-- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
