The following Fedora EPEL 9 Security updates need testing: Age URL 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-9dfb7c8f88 suricata-7.0.8-1.el9 The following builds have been pushed to Fedora EPEL 9 updates-testing dislocker-0.7.3-17.el9 elinks-0.18.0-1.el9 netcat-1.229-1.el9 rust-jiff-0.1.20-1.el9 rust-quick-xml-0.37.2-1.el9 rust-quick-xml0.36-0.36.2-1.el9 xorgxrdp-0.10.3-5.el9 xrdp-0.10.2-7.el9 Details about builds: ================================================================================ dislocker-0.7.3-17.el9 (FEDORA-EPEL-2025-558c50d65c) Utility to access BitLocker encrypted volumes -------------------------------------------------------------------------------- Update Information: Add patch with upstream changes, fixes and mbedTLS 3.x support Add updated patch for multibyte character support in passwords -------------------------------------------------------------------------------- ChangeLog: * Sun Jan 5 2025 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 0.7.3-17 - Add patch with upstream changes, fixes and mbedTLS 3.x support - Add updated patch for multibyte character support in passwords * Tue Sep 3 2024 Morten Stevens <mstevens@xxxxxxxxxxxxxxxxx> - 0.7.3-16 - Rebuilt for mbedTLS 3.6.1 * Wed Jul 17 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.3-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Wed Jan 24 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.3-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jan 19 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.3-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Wed Jan 3 2024 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 0.7.3-12 - Rebuild for https://fedoraproject.org/wiki/Changes/Ruby_3.3 * Wed Jul 19 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.3-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Thu Jan 19 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.3-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ elinks-0.18.0-1.el9 (FEDORA-EPEL-2025-848396c702) A text-mode Web browser -------------------------------------------------------------------------------- Update Information: ELinks 0.18.0 Redirect also for 308 Ignore HUBBUB_UNKNOWN Drop combining compile time option Bump mozjs dependency to 128 console.assert (and extension console.exit) Test option for testing js code Added document.scripting_sleep_on_error option Skip hidden elements Fix linking -lexecinfo Serbian translation update Polish translation update Detect if gettext has _nl_msg_cat_cntr Added reopen-last-closed-tab action Added options for memory limits of Spidermonkey and QuickJS Gemini input Compilation fixes -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 2 2025 Lukáš Zaoral <lzaoral@xxxxxxxxxx> - 0.18.0-1 - rebase to latest upstream version (rhbz#2334226) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2334226 - elinks-0.18.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2334226 -------------------------------------------------------------------------------- ================================================================================ netcat-1.229-1.el9 (FEDORA-EPEL-2025-1de4560e49) OpenBSD netcat to read and write data across connections using TCP or UDP -------------------------------------------------------------------------------- Update Information: OpenBSD netcat 1.229 Drop caddr_t cast. It's not needed and not portable. -------------------------------------------------------------------------------- ChangeLog: * Sun Jan 5 2025 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.229-1 - Upgrade to 1.229 -------------------------------------------------------------------------------- ================================================================================ rust-jiff-0.1.20-1.el9 (FEDORA-EPEL-2025-99f2c66f87) Date-time library that encourages you to jump into the pit of success -------------------------------------------------------------------------------- Update Information: Update to 0.1.20 (close RHBZ#2335533) https://github.com/BurntSushi/jiff/blob/0.1.20/CHANGELOG.md#0120-2025-01-03 Update to 0.1.19 (close RHBZ#2335313) https://github.com/BurntSushi/jiff/blob/0.1.19/CHANGELOG.md#0119-2025-01-02 Update to 0.1.18 (close RHBZ#2335119) https://github.com/BurntSushi/jiff/blob/0.1.18/CHANGELOG.md#0118-2024-12-31 Update to 0.1.17 (close RHBZ#2335070) https://github.com/BurntSushi/jiff/blob/0.1.17/CHANGELOG.md#0117-2024-12-31 Update to 0.1.16 (close RHBZ#2334259) https://github.com/BurntSushi/jiff/blob/0.1.16/CHANGELOG.md#0116-2024-12-26 -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 4 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.1.20-1 - Update to 0.1.20 (close RHBZ#2335533) * Thu Jan 2 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.1.19-1 - Update to 0.1.19 (close RHBZ#2335313) * Wed Jan 1 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.1.18-1 - Update to 0.1.18 (close RHBZ#2335119) * Tue Dec 31 2024 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.1.17-1 - Update to 0.1.17 (close RHBZ#2335070) * Fri Dec 27 2024 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.1.16-1 - Update to 0.1.16 (close RHBZ#2334259) * Mon Dec 9 2024 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.1.15-3 - Add upstream link for chrono-tz patch -------------------------------------------------------------------------------- References: [ 1 ] Bug #2334259 - rust-jiff-0.1.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=2334259 [ 2 ] Bug #2335070 - rust-jiff-0.1.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=2335070 [ 3 ] Bug #2335119 - rust-jiff-0.1.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=2335119 [ 4 ] Bug #2335313 - rust-jiff-0.1.19 is available https://bugzilla.redhat.com/show_bug.cgi?id=2335313 [ 5 ] Bug #2335533 - rust-jiff-0.1.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=2335533 -------------------------------------------------------------------------------- ================================================================================ rust-quick-xml-0.37.2-1.el9 (FEDORA-EPEL-2025-4c39db6ffb) High performance xml reader and writer -------------------------------------------------------------------------------- Update Information: Update the quick-xml crate to version 0.37.2. Add a compat package for version 0.36 of quick-xml. -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 4 2025 Fabio Valentini <decathorpe@xxxxxxxxx> - 0.37.2-1 - Update to version 0.37.2; Fixes RHBZ#2322052 -------------------------------------------------------------------------------- ================================================================================ rust-quick-xml0.36-0.36.2-1.el9 (FEDORA-EPEL-2025-4c39db6ffb) High performance xml reader and writer -------------------------------------------------------------------------------- Update Information: Update the quick-xml crate to version 0.37.2. Add a compat package for version 0.36 of quick-xml. -------------------------------------------------------------------------------- ChangeLog: * Sun Jan 5 2025 Fabio Valentini <decathorpe@xxxxxxxxx> - 0.36.2-1 - Initial import (quick-xml 0.36 compat package) -------------------------------------------------------------------------------- ================================================================================ xorgxrdp-0.10.3-5.el9 (FEDORA-EPEL-2024-9394f9b781) Implementation of xrdp backend as Xorg modules -------------------------------------------------------------------------------- Update Information: IMPORTANT: xrdp now runs under an unprivileged user account. H264 support has been enabled, so be sure to enable relevant openh264 repository. Release notes for xrdp v0.10.2 (2024/12/24) General announcements Power Up Privacy and @CyberTrust sponsored H.264 encoding (mentioned later). We greatly appreciate the sponsorship. If you like xrdp, please consider sponsoring or donating to the project. We accept financial contributions through Open Collective, and direct donations to individual developers via GitHub Sponsors are also welcome. Highlights H.264 encoding Weâ??re very excited to announce that xrdp has supported H.264 encoding in graphics remoting since v0.10.2. xrdp with H.264 encoding reduces the amount of data transmitted over the network and provides a much smoother and more responsive experience compared to previous versions when using graphics- intensive applications. For details, see the H.264 encoding page on the wiki and also check the Known Issues section. Unprivileged xrdp daemon Since v0.10.2, xrdp officially supports running xrdp daemon as an unprivileged user. xrdp-sesman daemon still needs to be run as a privileged user because it handles user authentication and session management. Running xrdp daemon as an unprivileged user requires some adjustments, such as user/group and files/directory permissions. We have bundled a script named xrdp- chkpriv with xrdp to check if it is ready to run xrdp as an unprivileged user. The script is typically installed into /usr/share/xrdp/xrdp-chkpriv. See also the man page of xrdp.ini for more configuration information. Security fixes None New features FUSE operations can now use direct I/O to bypass the block cache (#3260) Supported clients can now skip channel join messages (#3282) Frame capture interval (frame rate) can now be configured separately via xrdp for H.264 and RFX (neutrinolabs/xorgxrdp#347 #3317) The statvfs system call is now supported on the FUSE filesystem (#3304) A path can now be specified for the chansrv log file (#3344) Add Czech keyboard (#3348 #3358) Bug fixes Redirector improvements. Removed some unnecessary limitations on filename lengths, and improved compatibility with FreeRDP (#3165 #3194). Special thanks to @tsz8899 for raising this and working with the team. Fix misreported cache size (#3212) Clarified Policy setting in sesman.ini (#3235) Fixed a regression in support for non-resizeable VNC sessions (#3242) A regression in chansrv functionality when used in standalone mode for VNC sessions has been fixed (#3283). This was introduced by the move to the v0.10.x sockets dir layout Fix AltGr on Spanish keyboard (#3313) The KDE Dolphin file manager can now save files to a mapped drive (#3300) pam_limits.so is now included explicitly for Debian and derivatives (#3347) Internal changes CI version updates : cppcheck to v2.15.0 and astyle to 3.4.14 (#3232 #3309 #3314) Remove xrdp_sec_in_mcs_data() function (#3273) Changes for users xrdp.ini has some new configuration parameters for H.264 (#3317). When updating from v0.10.1 to v0.10.2, make sure to merge the new xrdp.ini with the old one. If moving from v0.9.x, read the v0.10.0 release note. Changes for packagers or developers xrdp.ini and sesman.ini are now dynamically substituted during the build process (it was not working as intended before) (#3187 #3188) Running xrdp daemon as an unprivileged user is now officially supported. It is optional but consider creating a user/group for xrdp daemon in the post-install script or an appropriate location. The libfuse version required is now > 3.1.0 (#3284) If moving from v0.9.x, read the v0.10.0 release note. Release notes for xorgxrdp v0.10.3 (2024/12/15) General announcements Power Up Privacy and @CyberTrust sponsored H.264 encoding. We greatly appreciate the sponsorship. Please consider sponsoring or making a donation to the project if you like xrdp. We accept financial contributions via Open Collective. Direct donations to each developer via GitHub Sponsors are also welcomed. Security fixes None New features H.264 capture is now supported, see xrdp v0.10.2 release note for details (#355) Frame capture interval (frame rate) can now be configured separately via xrdp for H.264 and RFX (#347 #353) Bug fixes Fix dependency when building without glamor (#330) RandR is now aware of physical monitor sizes if these have been passed to the client (#337) Glamor whitelist now supports amdgpu (#329) and msm (#346) drivers. Some users of this hardware had reported a regression following the introduction of #322 in v0.10.2 Internal changes None Known issues None Changes for packagers or developers This version is intended to be used together with xrdp v0.10.2 or later. Please build against xrdp v0.10.2 and provide both xrdp v0.10.2 and xorgxrdp v0.10.3 at the same time. -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 29 2024 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 0.10.3-5 - Change /usr/libexec/Xorg dependency to xorg-x11-server-Xorg * Thu Dec 26 2024 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 0.10.3-2 - Add /usr/libexec/Xorg dependency * Mon Dec 16 2024 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 0.10.3-1 - Bump up to 0.10.3 * Fri Sep 27 2024 Sérgio Basto <sergio@xxxxxxxxxx> - 0.10.2-2 - Rebuild for rebase of xorg-server to versions 21.1.x -------------------------------------------------------------------------------- References: [ 1 ] Bug #2332456 - xorgxrdp-0.10.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2332456 -------------------------------------------------------------------------------- ================================================================================ xrdp-0.10.2-7.el9 (FEDORA-EPEL-2024-9394f9b781) Open source remote desktop protocol (RDP) server -------------------------------------------------------------------------------- Update Information: IMPORTANT: xrdp now runs under an unprivileged user account. H264 support has been enabled, so be sure to enable relevant openh264 repository. Release notes for xrdp v0.10.2 (2024/12/24) General announcements Power Up Privacy and @CyberTrust sponsored H.264 encoding (mentioned later). We greatly appreciate the sponsorship. If you like xrdp, please consider sponsoring or donating to the project. We accept financial contributions through Open Collective, and direct donations to individual developers via GitHub Sponsors are also welcome. Highlights H.264 encoding Weâ??re very excited to announce that xrdp has supported H.264 encoding in graphics remoting since v0.10.2. xrdp with H.264 encoding reduces the amount of data transmitted over the network and provides a much smoother and more responsive experience compared to previous versions when using graphics- intensive applications. For details, see the H.264 encoding page on the wiki and also check the Known Issues section. Unprivileged xrdp daemon Since v0.10.2, xrdp officially supports running xrdp daemon as an unprivileged user. xrdp-sesman daemon still needs to be run as a privileged user because it handles user authentication and session management. Running xrdp daemon as an unprivileged user requires some adjustments, such as user/group and files/directory permissions. We have bundled a script named xrdp- chkpriv with xrdp to check if it is ready to run xrdp as an unprivileged user. The script is typically installed into /usr/share/xrdp/xrdp-chkpriv. See also the man page of xrdp.ini for more configuration information. Security fixes None New features FUSE operations can now use direct I/O to bypass the block cache (#3260) Supported clients can now skip channel join messages (#3282) Frame capture interval (frame rate) can now be configured separately via xrdp for H.264 and RFX (neutrinolabs/xorgxrdp#347 #3317) The statvfs system call is now supported on the FUSE filesystem (#3304) A path can now be specified for the chansrv log file (#3344) Add Czech keyboard (#3348 #3358) Bug fixes Redirector improvements. Removed some unnecessary limitations on filename lengths, and improved compatibility with FreeRDP (#3165 #3194). Special thanks to @tsz8899 for raising this and working with the team. Fix misreported cache size (#3212) Clarified Policy setting in sesman.ini (#3235) Fixed a regression in support for non-resizeable VNC sessions (#3242) A regression in chansrv functionality when used in standalone mode for VNC sessions has been fixed (#3283). This was introduced by the move to the v0.10.x sockets dir layout Fix AltGr on Spanish keyboard (#3313) The KDE Dolphin file manager can now save files to a mapped drive (#3300) pam_limits.so is now included explicitly for Debian and derivatives (#3347) Internal changes CI version updates : cppcheck to v2.15.0 and astyle to 3.4.14 (#3232 #3309 #3314) Remove xrdp_sec_in_mcs_data() function (#3273) Changes for users xrdp.ini has some new configuration parameters for H.264 (#3317). When updating from v0.10.1 to v0.10.2, make sure to merge the new xrdp.ini with the old one. If moving from v0.9.x, read the v0.10.0 release note. Changes for packagers or developers xrdp.ini and sesman.ini are now dynamically substituted during the build process (it was not working as intended before) (#3187 #3188) Running xrdp daemon as an unprivileged user is now officially supported. It is optional but consider creating a user/group for xrdp daemon in the post-install script or an appropriate location. The libfuse version required is now > 3.1.0 (#3284) If moving from v0.9.x, read the v0.10.0 release note. Release notes for xorgxrdp v0.10.3 (2024/12/15) General announcements Power Up Privacy and @CyberTrust sponsored H.264 encoding. We greatly appreciate the sponsorship. Please consider sponsoring or making a donation to the project if you like xrdp. We accept financial contributions via Open Collective. Direct donations to each developer via GitHub Sponsors are also welcomed. Security fixes None New features H.264 capture is now supported, see xrdp v0.10.2 release note for details (#355) Frame capture interval (frame rate) can now be configured separately via xrdp for H.264 and RFX (#347 #353) Bug fixes Fix dependency when building without glamor (#330) RandR is now aware of physical monitor sizes if these have been passed to the client (#337) Glamor whitelist now supports amdgpu (#329) and msm (#346) drivers. Some users of this hardware had reported a regression following the introduction of #322 in v0.10.2 Internal changes None Known issues None Changes for packagers or developers This version is intended to be used together with xrdp v0.10.2 or later. Please build against xrdp v0.10.2 and provide both xrdp v0.10.2 and xorgxrdp v0.10.3 at the same time. -------------------------------------------------------------------------------- ChangeLog: * Sun Jan 5 2025 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 1:0.10.2~7 - Comment out generic RDP proxy in xrdp.ini * Sun Jan 5 2025 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 1:0.10.2~6 - Set permissions of cert, key and rsakeys.ini to 0640 - Revert optional dependency on noopenh264, library dependency exists * Fri Dec 27 2024 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 1:0.10.2~5 - Move README.Fedora to README.md - Adjust ownership/permissions of certs/keys for unprivileged user * Thu Dec 26 2024 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 1:0.10.2~4 - If openh264 is not present, require noopenh264 instead * Wed Dec 25 2024 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 1:0.10.2~3 - Run as unprivileged user * Wed Dec 25 2024 Koichiro Iwao <meta@xxxxxxxxxxxxx> - 1:0.10.2-2 - Enable OpenH264 * Wed Dec 25 2024 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 1:0.10.2~1 - Update to 0.10.2 * Tue Dec 24 2024 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 1:0.10.2~0.rc1.1 - Update to 0.10.2-rc.1 * Wed Sep 4 2024 Miroslav Suchý <msuchy@xxxxxxxxxx> - 1:0.10.1-2 - convert license to SPDX -------------------------------------------------------------------------------- References: [ 1 ] Bug #2332456 - xorgxrdp-0.10.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2332456 --------------------------------------------------------------------------------
-- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
