-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-3c4824b0a8 2024-02-22 02:17:12.229402 -------------------------------------------------------------------------------- Name : rpki-client Product : Fedora 39 Version : 8.9 Release : 1.fc39 URL : https://www.rpki-client.org/ Summary : OpenBSD RPKI validator to support BGP Origin Validation Description : The OpenBSD rpki-client is a free, easy-to-use implementation of the Resource Public Key Infrastructure (RPKI) for Relying Parties (RP) to facilitate validation of the Route Origin of a BGP announcement. The program queries the RPKI repository system, downloads and validates Route Origin Authorisations (ROAs) and finally outputs Validated ROA Payloads (VRPs) in the configuration format of OpenBGPD, BIRD, and also as CSV or JSON objects for consumption by other routing stacks. -------------------------------------------------------------------------------- Update Information: rpki-client 8.9 The handling of manifests fetched via rsync or RRDP was reworked to fully conform to RFC 9286. The issuance date and manifest number of the purported new manifest file must have been increased, otherwise the cached version is used. As a consequence of the above changes, some warnings for .mft files were reworded. The notion of a stale manifest is no longer used. The following counters will be removed in rpki-client 9.0: The stalemanifest counter in JSON output. The "stale" state for manifest objects in Open Metrics output. A race condition between closing an idle connection and scheduling a new request on it could trigger an assert in rare circumstances. The evaluation time specified with -P now also applies to trust anchor certificates. Check that the entire CMS eContent was consumed. Previously, trailing data would be silently discarded on deserialization of products. In file mode do not consider overclaiming intermediate CA certificates as invalid. A warning is still issued. Print the revocation time of certificates in file mode. Be more careful when converting OpenSSL numeric identifiers (NIDs) to strings. -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 13 2024 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 8.9-1 - Upgrade to 8.9 (#2264085) * Fri Jan 26 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 8.8-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Mon Jan 22 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 8.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2264085 - rpki-client-8.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=2264085 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-3c4824b0a8' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- package-announce@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-announce-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue