The following Fedora EPEL 9 Security updates need testing: Age URL 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-e177aa0ddf pam-u2f-1.3.2-1.el9 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-cd95859e4b vaultwarden-1.32.7-4.el9 The following builds have been pushed to Fedora EPEL 9 updates-testing R-Rcpp-1.0.14-1.el9 apptainer-1.4.0~rc.1-1.el9 lemonldap-ng-2.20.2-1.el9 msktutil-1.2.2-1.el9 phpMyAdmin-5.2.2-1.el9 python-damo-2.6.5-1.el9 python-mrcfile-1.5.4-1.el9 python-xapian-haystack-3.1.0-5.el9 rpminspect-data-fedora-1.15-1.el9 snapd-2.67-0.el9 Details about builds: ================================================================================ R-Rcpp-1.0.14-1.el9 (FEDORA-EPEL-2025-4a3d07816d) Seamless R and C++ Integration -------------------------------------------------------------------------------- Update Information: Rcpp 1.0.14 -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 22 2025 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 1.0.14-1 - Update to 1.0.14 * Thu Jan 16 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.0.13-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ apptainer-1.4.0~rc.1-1.el9 (FEDORA-EPEL-2025-3f936f4d81) Application and environment virtualization formerly known as Singularity -------------------------------------------------------------------------------- Update Information: Update to upstream 1.4.0-rc.1 -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 22 2025 Dave Dykstra <dwd@xxxxxxx> - 1.4.0~rc.1 - Update to upstream 1.4.0-rc.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2339320 - apptainer-1.4.0-rc.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2339320 -------------------------------------------------------------------------------- ================================================================================ lemonldap-ng-2.20.2-1.el9 (FEDORA-EPEL-2025-dd34d33955) Web Single Sign On (SSO) and Access Management -------------------------------------------------------------------------------- Update Information: [Security][CVE-2024-52948] CSRF on 2FA registration [Security] Open redirect vulnerability in logout -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 21 2025 Clement Oudot <clem.oudot@xxxxxxxxx> - 2.20.2-1 - Update to 2.20.2 * Fri Jan 17 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.20.1-1.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2339165 - lemonldap-ng-2.20.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2339165 -------------------------------------------------------------------------------- ================================================================================ msktutil-1.2.2-1.el9 (FEDORA-EPEL-2025-714416d32b) Program for interoperability with Active Directory -------------------------------------------------------------------------------- Update Information: Improve CI configure.ac: more robust krb5 autodetection configure.ac: Replace obsoleted AC_CONFIG_HEADER with AC_CONFIG_HEADERS configure.ac: fix linking with minimal LIBS Use getnameinfo(3) instead of inet_ntop(3) dns_lookup_kdc setting in create_fake_krb5_conf causes issue when using a trusted domain user to creat Fix several messages Style fixes Revert installation to $PREFIX/bin -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 22 2025 Michael Cronenworth <mike@xxxxxxxxxx> - 1.2.2-1 - Update to 1.2.2 * Fri Jan 17 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.2-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild * Fri Jul 26 2024 Miroslav Suchý <msuchy@xxxxxxxxxx> - 1.2-8 - convert license to SPDX * Thu Jul 18 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.2-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Thu Jan 25 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sun Jan 21 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.2-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Thu Jul 20 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ phpMyAdmin-5.2.2-1.el9 (FEDORA-EPEL-2025-70d131bc6c) A web interface for MySQL and MariaDB -------------------------------------------------------------------------------- Update Information: phpMyAdmin 5.2.2 is released Welcome to the release of phpMyAdmin version 5.2.2, the "I should have released this sooner" release. This is primarily a bugfix release but also contains a few security fixes as noted below. fix possible security issue in sql-parser which could cause long execution times that could create a DOS attack (thanks to Maximilian Krög) fix an XSS vulnerability in the check tables feature (PMASA-2025-1, thanks to bluebird) fix an XSS vulnerability in the Insert tab (PMASA-2025-2, thanks to frequent contributor Kamil Tekiela) fix possible security issue with library code slim/psr7 (CVE-2023-30536) fix possible security issue relating to iconv (CVE-2024-2961, PMASA-2025-3) fix a full path disclosure in the Monitoring tab issue #18268 Fix UI issue the theme manager is disabled issue Allow opening server breadcrumb links in new tab with Ctrl/Meta key issue #19141 Add cookie prefix '-__Secure-' to cookies to help prevent cookie smuggling issue #18106 Fix renaming database with a view issue #18120 Fix bug with numerical tables during renaming database issue #16851 Fix ($cfg['Order']) default column order doesn't have have any effect since phpMyAdmin 4.2.0 issue #18258 Speed improvements when exporting a database issue #18769 Improved collations support for MariaDB 10.10 There are many, many more fixes that you can see in the ChangeLog file included with this release or online -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 22 2025 Remi Collet <remi@xxxxxxxxxxxx> - 5.2.2-1 - update to 5.2.2 (2025-01-21, security and bugfix release) -------------------------------------------------------------------------------- ================================================================================ python-damo-2.6.5-1.el9 (FEDORA-EPEL-2025-de8dc044a2) Data Access Monitoring Operator -------------------------------------------------------------------------------- Update Information: v2.6.5 damo report access: add '' snapshot format keyword damo report access: add '' snapshot format keyword damo report access: Show on snapshot tail by default Code cleanup v2.6.4 Allow more human-friendly DAMOS filter format, v2 [none] [...] e.g., 'damo report access --snapshot_damos_filter allow none anon reject memcg a/b/c' Code cleanup -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 21 2025 Packit <hello@xxxxxxxxxx> - 2.6.5-1 - Update to 2.6.5 - Resolves rhbz#2337566 * Sat Jan 18 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.6.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2337566 - python-damo-2.6.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2337566 -------------------------------------------------------------------------------- ================================================================================ python-mrcfile-1.5.4-1.el9 (FEDORA-EPEL-2025-035cbc4cd7) MRC2014 file format used in structural biology to store image and volume data -------------------------------------------------------------------------------- Update Information: Update to 1.5.4 (fixes rhbz#2339429) -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 22 2025 Tim Semeijn <tim@xxxxxxxxxxx> - 1.5.4-1 - Update to 1.5.4 (fixes rhbz#2339429) * Sat Jan 18 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.5.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ python-xapian-haystack-3.1.0-5.el9 (FEDORA-EPEL-2025-b34c2f115b) A Xapian backend for Haystack -------------------------------------------------------------------------------- Update Information: Fix the missing auto generated dependencies -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 1 2025 Michal Konecny <mkonecny@xxxxxxxxxx> - 3.1.0-5 - Fix the missing auto generated dependencies -------------------------------------------------------------------------------- ================================================================================ rpminspect-data-fedora-1.15-1.el9 (FEDORA-EPEL-2025-ee4c69f247) Build deviation compliance tool data files -------------------------------------------------------------------------------- Update Information: Upgrade to rpminspect-data-fedora-1.15 -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 21 2025 David Cantrell <dcantrell@xxxxxxxxxx> - 1:1.15-1 - Upgrade to rpminspect-data-fedora-1.15 * Tue Jan 21 2025 David Cantrell <dcantrell@xxxxxxxxxx> - 1:1.14-1 - Upgrade to rpminspect-data-fedora-1.14 * Sat Jan 18 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1:1.13-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ snapd-2.67-0.el9 (FEDORA-EPEL-2025-470882563a) A transactional software package manager -------------------------------------------------------------------------------- Update Information: The changelog date and author have been modified to maintain linearity. Drop 0001-data-selinux-remove-timedatex.patch - applied upstream. New upstream release 2.67 AppArmor prompting (experimental): allow overlapping rules Registry view (experimental): Changes to registry data (from both users and snaps) can be validated and saved by custodian snaps Registry view (experimental): Support 'snapctl get --pristine' to read the registry data excluding staged transaction changes Registry view (experimental): Put registry commands behind experimental feature flag Components: Make modules shipped/created by kernel-modules components available right after reboot Components: Add tab completion for local component files Components: Allow installing snaps and components from local files jointly on the CLI Components: Allow 'snapctl model' command for gadget and kernel snaps Components: Add 'snap components' command Components: Bug fixes eMMC gadget updates (WIP): add syntax support in gadget.yaml for eMMC schema Support for ephemeral recovery mode on hybrid systems Support for dm-verity options in snap-bootstrap Support for overlayfs options and allow empty what argument for tmpfs Enable ubuntu-image to determine the size of the disk image to create Expose 'snap debug' commands 'validate-seed' and 'seeding' Add debug API option to use dedicated snap socket /run/snapd- snap.socket Hide experimental features that are no longer required (accepted/rejected) Mount ubuntu-save partition with no{exec,dev,suid} at install, run and factory-reset Improve memory controller support with cgroup v2 Support ssh socket activation configurations (used by ubuntu 22.10+) Fix generation of AppArmor profile with incorrect revision during multi snap refresh Fix refresh app awareness related deadlock edge case Fix not caching delta updated snap download Fix passing non root uid, guid to initial tmpfs mount Fix ignoring snaps in try mode when amending Fix reloading of service activation units to avoid systemd errors Fix snapd snap FIPS build on Launchpad to use Advantage Pro FIPS updates PPA Make killing of snap apps best effort to avoid possibility of malicious failure loop Alleviate impact of auto-refresh failure loop with progressive delay Dropped timedatex in selinux-policy to avoid runtime issue Fix missing syscalls in seccomp profile Modify AppArmor template to allow using SNAP_REEXEC on arch systems Modify AppArmor template to allow using vim.tiny (available in base snaps) Modify AppArmor template to add read-access to debian_version Modify AppArmor template to allow owner to read @{PROC}/@{pid}/sessionid {common,personal,system}-files interface: prohibit trailing @ in filepaths {desktop,shutdown,system-observe,upower-observe} interface: improve for Ubuntu Core Desktop custom-device interface: allow @ in custom-device filepaths desktop interface: improve launch entry and systray integration with session desktop-legacy interface: allow DBus access to com.canonical.dbusmenu fwupd interface: allow access to nvmem for thunderbolt plugin mpris interface: add plasmashell as label mount-control interface: add support for nfs mounts network-{control,manager} interface: add missing dbus link rules network-manager-observe interface: add getDevices methods opengl interface: add Kernel Fusion Driver access to opengl screen-inhibit-control interface: improve screen inhibit control for use on core udisks2 interface: allow ping of the UDisks2 service u2f-devices interface: add Nitrokey Passkey -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 22 2025 Zygmunt Krynicki <zygmunt.krynicki@xxxxxxxxxxxxx> - The changelog date and author have been modified to maintain linearity. - Drop 0001-data-selinux-remove-timedatex.patch - applied upstream. - New upstream release 2.67 - AppArmor prompting (experimental): allow overlapping rules - Registry view (experimental): Changes to registry data (from both users and snaps) can be validated and saved by custodian snaps - Registry view (experimental): Support 'snapctl get --pristine' to read the registry data excluding staged transaction changes - Registry view (experimental): Put registry commands behind experimental feature flag - Components: Make modules shipped/created by kernel-modules components available right after reboot - Components: Add tab completion for local component files - Components: Allow installing snaps and components from local files jointly on the CLI - Components: Allow 'snapctl model' command for gadget and kernel snaps - Components: Add 'snap components' command - Components: Bug fixes - eMMC gadget updates (WIP): add syntax support in gadget.yaml for eMMC schema - Support for ephemeral recovery mode on hybrid systems - Support for dm-verity options in snap-bootstrap - Support for overlayfs options and allow empty what argument for tmpfs - Enable ubuntu-image to determine the size of the disk image to create - Expose 'snap debug' commands 'validate-seed' and 'seeding' - Add debug API option to use dedicated snap socket /run/snapd- snap.socket - Hide experimental features that are no longer required (accepted/rejected) - Mount ubuntu-save partition with no{exec,dev,suid} at install, run and factory-reset - Improve memory controller support with cgroup v2 - Support ssh socket activation configurations (used by ubuntu 22.10+) - Fix generation of AppArmor profile with incorrect revision during multi snap refresh - Fix refresh app awareness related deadlock edge case - Fix not caching delta updated snap download - Fix passing non root uid, guid to initial tmpfs mount - Fix ignoring snaps in try mode when amending - Fix reloading of service activation units to avoid systemd errors - Fix snapd snap FIPS build on Launchpad to use Advantage Pro FIPS updates PPA - Make killing of snap apps best effort to avoid possibility of malicious failure loop - Alleviate impact of auto-refresh failure loop with progressive delay - Dropped timedatex in selinux-policy to avoid runtime issue - Fix missing syscalls in seccomp profile - Modify AppArmor template to allow using SNAP_REEXEC on arch systems - Modify AppArmor template to allow using vim.tiny (available in base snaps) - Modify AppArmor template to add read-access to debian_version - Modify AppArmor template to allow owner to read @{PROC}/@{pid}/sessionid - {common,personal,system}-files interface: prohibit trailing @ in filepaths - {desktop,shutdown,system-observe,upower-observe} interface: improve for Ubuntu Core Desktop - custom-device interface: allow @ in custom-device filepaths - desktop interface: improve launch entry and systray integration with session - desktop-legacy interface: allow DBus access to com.canonical.dbusmenu - fwupd interface: allow access to nvmem for thunderbolt plugin - mpris interface: add plasmashell as label - mount-control interface: add support for nfs mounts - network-{control,manager} interface: add missing dbus link rules - network-manager-observe interface: add getDevices methods - opengl interface: add Kernel Fusion Driver access to opengl - screen-inhibit-control interface: improve screen inhibit control for use on core - udisks2 interface: allow ping of the UDisks2 service - u2f-devices interface: add Nitrokey Passkey * Sun Jan 19 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.66.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild * Tue Dec 3 2024 Orion Poplawski <orion@xxxxxxxx> - Drop RestartMode from snapd.service on EL8 (rhbz#2315759) * Fri Nov 29 2024 Zygmunt Krynicki <me@xxxxxxxxx> - Re-cherry pick fix for SELinux timedatex problem from upstream as it was not released in 2.66.1, sorry. --------------------------------------------------------------------------------
-- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
