The following Fedora EPEL 9 Security updates need testing:
Age URL
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-998ab9c7fa
python-django4.2-4.2.14-1.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
botan2-2.19.5-1.el9
fluent-bit-3.0.4-1.el9
gsi-openssh-8.7p1-10.el9
perl-XML-Bare-0.53-39.el9
python-anyjson-0.3.3-49.el9
python-damo-2.4.2-1.el9
rust-pore-0.1.17-1.el9
rust-routinator-0.14.0-3.el9
rust-zune-inflate-0.2.54-1.el9
suricata-6.0.20-1.el9
xwayland-run-0.0.4-6.el9
Details about builds:
================================================================================
botan2-2.19.5-1.el9 (FEDORA-EPEL-2024-c1264f2cbc)
Crypto and TLS for C++11
--------------------------------------------------------------------------------
Update Information:
Rebase to v2.19.5
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 11 2024 Frantisek Sumsal <[email protected]> - 2.19.5-1
- Rebase to v2.19.5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2294869 - CVE-2024-34703 botan2: botan: Denial of Service Due to
Overly Large Elliptic Curve Parameters [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2294869
[ 2 ] Bug #2295889 - CVE-2024-34703 botan2: Denial of Service Due to Overly
Large Elliptic Curve Parameters [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2295889
[ 3 ] Bug #2296357 - CVE-2024-39312 botan2: Improper certificate validation
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2296357
[ 4 ] Bug #2296362 - CVE-2024-34702 botan2: Assymetirc resource consumption
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2296362
--------------------------------------------------------------------------------
================================================================================
fluent-bit-3.0.4-1.el9 (FEDORA-EPEL-2024-62eb1bcb21)
Fluent Bit is a super fast, lightweight, and highly scalable logging and
metrics processor and forwarder.
--------------------------------------------------------------------------------
Update Information:
Update to 3.0.4
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 20 2024 Leoswaldo Macias Mancilla <[email protected]> - 3.0.4-1
- Update to 3.0.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2276552 - fluent-bit package doesn't have 'podman_metrics' input
plugin
https://bugzilla.redhat.com/show_bug.cgi?id=2276552
[ 2 ] Bug #2292247 - Upgrade to Fix Critical cve-2024-4323 to upgrade to
2.2.3 or 3.0.4+
https://bugzilla.redhat.com/show_bug.cgi?id=2292247
--------------------------------------------------------------------------------
================================================================================
gsi-openssh-8.7p1-10.el9 (FEDORA-EPEL-2024-80a377b73c)
An implementation of the SSH protocol with GSI authentication
--------------------------------------------------------------------------------
Update Information:
gsi-openssh with updated HPN support.
EPEL 8: openssh 8.0p1 with hpn 14v19
EPEL 9: openssh 8.7p1 with hpn 15v4
Fedora 39: openssh 9.3p1 with hpn 17v13
Fedora 40: openssh 9.6p1 with hpn 18.3.1
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 9 2024 Mattias Ellert <[email protected]> 1- 8.7p1-10
- Based on openssh-8.7p1-38.el9_4.1
--------------------------------------------------------------------------------
================================================================================
perl-XML-Bare-0.53-39.el9 (FEDORA-EPEL-2024-a4fde90ab4)
Minimal XML parser implemented via a C state engine
--------------------------------------------------------------------------------
Update Information:
This package contains the Perl module XML::Bare, a 'Bare' XML parser implemented
in C. The parser itself is a simple state engine that is less than 500 lines of
C.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 11 2024 Emmanuel Seyman <[email protected]> - 0.53-39
- Migrate to SPDX license
- Use %{make_build} and %{make_install} where appropriate
- Replace %{__perl} with /usr/bin/perl
- Pass NO_PERLLOCAL=1 to Makefile.PL
* Mon Jun 10 2024 Jitka Plesnikova <[email protected]> - 0.53-38
- Perl 5.40 rebuild
* Thu Jan 25 2024 Fedora Release Engineering <[email protected]> -
0.53-37
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <[email protected]> -
0.53-36
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jan 5 2024 Florian Weimer <[email protected]> - 0.53-35
- Additional C compatibility fixes
* Fri Jul 21 2023 Fedora Release Engineering <[email protected]> -
0.53-34
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Tue Jul 11 2023 Jitka Plesnikova <[email protected]> - 0.53-33
- Perl 5.38 rebuild
* Fri Jan 20 2023 Fedora Release Engineering <[email protected]> -
0.53-32
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Tue Dec 20 2022 Florian Weimer <[email protected]> - 0.53-31
- C99 compatibility fix
* Fri Jul 22 2022 Fedora Release Engineering <[email protected]> -
0.53-30
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2297182 - [RFE:EPEL9] EPEL9 branch of perl-XML-Bare
https://bugzilla.redhat.com/show_bug.cgi?id=2297182
--------------------------------------------------------------------------------
================================================================================
python-anyjson-0.3.3-49.el9 (FEDORA-EPEL-2024-a176807abf)
Wraps the best available JSON implementation
--------------------------------------------------------------------------------
Update Information:
1st release for epel9
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 11 2024 Ali Erdinc Koroglu <[email protected]> - 0.3.3-49
- drop nose dependency
* Fri Jun 7 2024 Python Maint <[email protected]> - 0.3.3-48
- Rebuilt for Python 3.13
* Fri Jan 26 2024 Fedora Release Engineering <[email protected]> -
0.3.3-47
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <[email protected]> -
0.3.3-46
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jul 21 2023 Fedora Release Engineering <[email protected]> -
0.3.3-45
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Tue Jun 13 2023 Python Maint <[email protected]> - 0.3.3-44
- Rebuilt for Python 3.12
* Fri Jan 20 2023 Fedora Release Engineering <[email protected]> -
0.3.3-43
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Jul 22 2022 Fedora Release Engineering <[email protected]> -
0.3.3-42
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2292910 - Please branch and build python-anyjson in epel9.
https://bugzilla.redhat.com/show_bug.cgi?id=2292910
--------------------------------------------------------------------------------
================================================================================
python-damo-2.4.2-1.el9 (FEDORA-EPEL-2024-77eb12e569)
Data Access Monitoring Operator
--------------------------------------------------------------------------------
Update Information:
v2.4.2
Support 'diagnose' subcommand
Add hotspot functions on 'damo report holistic' output
'damo reclaim': Support online and auto tuning
v2.4.1
Implement the first version of 'holistic' report type
Document source files hierarchy on CONTRIBUTING file
Simplify target regions part of 'damo fmt_json' output
Cleanup code
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 8 2024 Packit <[email protected]> - 2.4.2-1
- Update to 2.4.2
- Resolves rhbz#2295454
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2295454 - python-damo-2.4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2295454
--------------------------------------------------------------------------------
================================================================================
rust-pore-0.1.17-1.el9 (FEDORA-EPEL-2024-363f0483a2)
Performance oriented reimplementation of repo
--------------------------------------------------------------------------------
Update Information:
Latest version of pore
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 11 2024 Michel Lind <[email protected]> - 0.1.17-1
- Update to 0.1.17 (rhbz#2297249)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2297249 - rust-pore-0.1.17 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2297249
--------------------------------------------------------------------------------
================================================================================
rust-routinator-0.14.0-3.el9 (FEDORA-EPEL-2024-554f5e9dc6)
RPKI relying party software
--------------------------------------------------------------------------------
Update Information:
Breaking changes
(per upstream this should not affect most deployments)
Keep the content of an RRDP repository in a single file rather than as
individual files under a directory. (#886)
Switched to the all-new version 0.4 of the Routinator UI. This also changes the
way we import the UI into Routinator by simply including the built assets which
means downloads are not necessary during the build process any more. (#952)
Changed the summary output format to have all lines end in a semicolon. (#907)
Changed the options used for rsync. The options -rtO --delete are now always
used. The options set in the rsync-args are added or, if that is not used, -z
and --no-motd, as well as --contimeout=10 if it is supported by the rsync
command, and --max-size if the max-object-size option has not been set to 0.
(#962)
New
The chain_validity value in the jsonext format now considers the validity of the
manifestâs EE certificates. A new stale value shows the time when any of the
publication points along the way will become stale. (#945)
If a collected manifest has a lower manifest number or an older thisUpdate field
than a stored manifest for the same CA, the collected manifest is ignored and
the stored publication point is used instead. This implements a requirement
added in RFC 9286. (#946, #954)
The number of delta entries in a RRDP notification file is now limited to 500 by
default. If there are more entries, the deltas are ignored and the snapshot is
used. The limit can be changed through the new rrdp-max-delta-list-len
configuration value. (#961)
The RRDP collector now falls back to a snapshot update if the hash of a delta
listed in the notification file has changed from the previous update. This
implements draft-ietf-sidrops-rrdp-desynchronization-00. (#951)
The RRDP collector now enforces that all URIs referred to or redirected to by an
RRDP server have the same origin as the rpkiNotify URI in the CA certificate.
(#953)
The config file used is now printed for some commands. This should help with
avoiding confusion when running Routinator as different users. (#959)
Bug fixes
Fixed an issue where the refresh time was calculated as zero under certain
conditions until the dataset was updated. (#940)
Add the current RRDP serial number to the RRDP server metrics when a Not
Modified response is received so that Prometheus shows a constant value.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 3 2024 Fabio Valentini <[email protected]> - 0.14.0-3
- Bump tokio-rustls dependency from 0.25 to 0.26 to match reqwest
* Mon Jul 1 2024 Michel Lind <[email protected]> - 0.14.0-2
- Restore licenses
* Mon Jul 1 2024 Michel Lind <[email protected]> - 0.14.0-1
- Update to 0.14.0 (rhbz#2293567)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2293567 - rust-routinator-0.14.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2293567
--------------------------------------------------------------------------------
================================================================================
rust-zune-inflate-0.2.54-1.el9 (FEDORA-EPEL-2024-e458943eba)
Heavily optimized deflate decompressor in Pure Rust
--------------------------------------------------------------------------------
Update Information:
Initial packaging of the zune-inflate crate.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 11 2024 Fabio Valentini <[email protected]> - 0.2.54-1
- Initial import (#2296199)
--------------------------------------------------------------------------------
================================================================================
suricata-6.0.20-1.el9 (FEDORA-EPEL-2024-0437363756)
Intrusion Detection System
--------------------------------------------------------------------------------
Update Information:
New bugfix and security update
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 27 2024 Steve Grubb <[email protected]> 6.0.20-1
- New security and bugfix release
--------------------------------------------------------------------------------
================================================================================
xwayland-run-0.0.4-6.el9 (FEDORA-EPEL-2024-548e4fdb7d)
Set of utilities to run headless X/Wayland clients
--------------------------------------------------------------------------------
Update Information:
Update to 0.0.4 and add xauth and dbus-run-session as dependencies for
mutter/kwin support
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 11 2024 Neal Gompa <[email protected]> - 0.0.4-6
- Add Suggests for default compositor
* Fri Jul 5 2024 Olivier Fourdan <[email protected]> - 0.0.4-5
- Backport fix for waitpid errors
* Tue Jul 2 2024 Neal Gompa <[email protected]> - 0.0.4-4
- Rework RHEL variant of compositor dependencies
* Mon Jul 1 2024 Olivier Fourdan <[email protected]> - 0.0.4-2
- Require and use mutter as default compositor in RHEL
- Make other compositors very weak dependencies in RHEL
* Fri Jun 28 2024 Olivier Fourdan <[email protected]> - 0.0.4-1
- Update to 0.0.4
- Add required dependency on xorg-x11-xauth
* Fri Jun 28 2024 Niels De Graef <[email protected]> - 0.0.3-3
- Add a dependency on dbus-daemon
* Fri Jun 7 2024 Python Maint <[email protected]> - 0.0.3-2
- Rebuilt for Python 3.13
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2293271 - Incomprehensive failures likely due to missing
dependencies
https://bugzilla.redhat.com/show_bug.cgi?id=2293271
[ 2 ] Bug #2295752 - `cage` is installed as default compositor, while
`weston` is expected
https://bugzilla.redhat.com/show_bug.cgi?id=2295752
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
