The following Fedora EPEL 9 Security updates need testing:
Age URL
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-9af3ffe126
syslog-ng-3.35.1-7.el9
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-82d970b644
sfnt2woff-zopfli-1.3.1-9.el9
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-3ee62cff7e
woff-0.20091126-40.el9
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-f3a22dfde8
znc-1.8.2-16.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
apptainer-1.4.1-1.el9
bird-3.1.1-1.el9
glfw-3.4-4.el9
perl-Net-Amazon-S3-0.991-5.el9
pgbouncer-1.24.1-2.el9
python-cookiecutter-2.6.0-1.el9
zsync-0.6.2-3.el9
Details about builds:
================================================================================
apptainer-1.4.1-1.el9 (FEDORA-EPEL-2025-04dd4cc7e6)
Application and environment virtualization formerly known as Singularity
--------------------------------------------------------------------------------
Update Information:
Update to upstream 1.4.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 15 2025 Dave Dykstra <d...@cern.ch> - 1.4.1
- Update to upstream 1.4.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2366385 - apptainer-1.4.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2366385
--------------------------------------------------------------------------------
================================================================================
bird-3.1.1-1.el9 (FEDORA-EPEL-2025-b7df1bc7c3)
BIRD Internet Routing Daemon
--------------------------------------------------------------------------------
Update Information:
Migrating from BIRD 2 to BIRD 3
Pretty much any BIRD 2.x configuration should be reusable with BIRD 3.1.x
without changes
Configuration changes, similar as those required between minor releases in the
past, may still be required
See also: https://gitlab.nic.cz/labs/bird/-/blob/stable-v3.1/doc/migration-
bird3.md
Please pay attention to possible warnings or errors; it might look like this:
[0001] <WARN> /etc/bird.conf:179:1: Missing authentication option, assuming MD5
You also can run e.g. bird -c /etc/bird.conf -p manually. Here it's a warning,
and while a configuration change might not be mandatory, it's still recommented:
For the above example warning, the configuration file /etc/bird.conf looks like
this:
protocol bgp isp1 from bgp6 {
neighbor 2001:db8::179 port 179 as 64496;
authentication md5; # New configuration option introduced with BIRD 3
password "MD5_auth3nt!catiOn";
}
To avoid the warning, the newly introduced configuration option authentication
md5; needs to be added as demonstrated in the example configuration above.
BIRD 3.1.1 (2025-05-13)
Makefile: Fix accidentally added dry-run markers
BGP: Fix route refresh behavior
BGP: Fix reconfiguration of import behavior modifiers
BGP: Fix crash on too long export
Conf: Fix invalid check in text_or_ipa grammar
Netlink: Fix FreeBSD build error
Fix use-after-free in thread group reconfiguration
Fix CentOS 7 and NetBSD build
Fix several crashes in table export (already fixed in 3.0.2)
Fix crash on graceful restart of a channel with ROA subscription
Lots of internal tooling and CI updates
BIRD 3.1.0 (2025-04-01)
CLI v2 compatibility layer for show route
Thread configuration rework
Merged 2.17
BIRD 3.0.2 (2025-04-01)
Multiple route propagation crash fixes
BGP export table route source leak
Kernel export of source.specific routes fix
Filter gw setting fix
Merged 2.16.2
BIRD 3.0.1 (2025-01-10)
BGP: Fixed crash in dynamic spawn
BGP: Fixed crash in graceful recovery
BGP: Fixed crash with deterministic med
BGP: Renamed the otc attribute to bgp_otc
BFD: Fixed crash in session reconfiguration
Kernel: Fixed crash with merged paths
Kernel: Simplified initial scan
Tables: Fixed old best route propagation
Tables: Fixed debug configuration propagation
Tables: Fixed initial feeds
CLI: Fixed buffer allocation heap bloating
Reduced route attribute normalization heap bloating
Merged 2.16.1
BIRD 3.0.0 (2024-12-17)
from 2.16
Multithreaded execution
Decoupled exports from imports
Unified route attribute names
Slightly different log format
Separate reload command for filters and protocols
BGP: Export tables show the state as on wire
Lots of internal changes
from 3.0alpha3
Merged changes from 2.16
BMP and MRT converted to the new API and working
Internal protocol state journal
Optimized table journal cleanup
Fixed show route export
Fixed minor bugs
BIRD 3.0alpha3 (2024-07-01)
Merged 2.15.1
Fixed major issues with channel reloads
Fixed data inconsistencies in many corner cases
Fixed internal scheduler corner cases
MRT and BMP still switched off
Expected one more alpha before stable
BIRD 3.0alpha2 (2023-05-11)
Fixed memory leaks and use-after free bugs
Simple thread work balancing
MRT switched off
Slow kernel route synchronization to be fixed later
BIRD 3.0alpha1 (2023-04-18)
Worker threads for BGP, Pipe, RPKI and BFD
Configurable number of threads
Asynchronous route export
Flat attribute structure
Inline import tables
Export tables merged with BGP prefix / attribute buckets
Fixed ROA check locking inversion in route table dumps
MRT switched off
BIRD 3.0-alpha0 (2022-02-07)
Removal of fixed protocol-specific route attributes
Asynchronous route export
Explicit table import / export hooks
Partially lockless route attribute cache
Thread-safe resource management
Thread-safe interface notifications
Thread-safe protocol API
Adoption of BFD IO loop for general use
Parallel Pipe protocol
Parallel RPKI protocol
Parallel BGP protocol
Lots of refactoring
Bugfixes and improvements as they came along
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 13 2025 Robert Scheck <rob...@fedoraproject.org> - 3.1.1-1
- Upgrade to 3.1.1 (#2332837)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2332837 - bird-3.1.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2332837
--------------------------------------------------------------------------------
================================================================================
glfw-3.4-4.el9 (FEDORA-EPEL-2025-ea480a9d64)
A cross-platform multimedia library
--------------------------------------------------------------------------------
Update Information:
Switch build dependency from obsolete vulkan-devel (removed in Fedora 29) and
switch vulkan-loader-devel.
Update to 3.4 (no ABI change, just a few symbols added).
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 15 2025 Simone Caronni <negativ...@gmail.com> - 1:3.4-4
- Fix build on EL9.
* Thu May 15 2025 Simone Caronni <negativ...@gmail.com> - 1:3.4-3
- Require vulkan-loader-devel in place of vulkan-devel (EOL with Fedora
29).
* Thu Jan 16 2025 Fedora Release Engineering <rel...@fedoraproject.org> -
1:3.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2254702 - glfw-3.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2254702
[ 2 ] Bug #2310401 - use BR vulkan-loader-devel
https://bugzilla.redhat.com/show_bug.cgi?id=2310401
--------------------------------------------------------------------------------
================================================================================
perl-Net-Amazon-S3-0.991-5.el9 (FEDORA-EPEL-2025-0331f2c36a)
Use the Amazon Simple Storage Service (S3)
--------------------------------------------------------------------------------
Update Information:
This release fixes a Net::Amazon::S3::Request::Role::HTTP::Header role
constructor.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 15 2025 Petr Pisar <ppi...@redhat.com> - 0.991-5
- Fix a Net::Amazon::S3::Request::Role::HTTP::Header role constructor
(upstream GH#130)
--------------------------------------------------------------------------------
================================================================================
pgbouncer-1.24.1-2.el9 (FEDORA-EPEL-2025-03f6fa9f17)
Lightweight connection pooler for PostgreSQL
--------------------------------------------------------------------------------
Update Information:
Fix log rotation.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 15 2025 Simone Caronni <negativ...@gmail.com> - 1.24.1-2
- Fix logrotate (#2364112).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2364112 - pgbouncer log file not deleted on rotation
https://bugzilla.redhat.com/show_bug.cgi?id=2364112
--------------------------------------------------------------------------------
================================================================================
python-cookiecutter-2.6.0-1.el9 (FEDORA-EPEL-2025-17323c8fd8)
CLI utility to create projects from templates
--------------------------------------------------------------------------------
Update Information:
2.6.0 release for EPEL
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 15 2025 Federico Pellegrin <f...@evolware.org> - 2.6.0-1
- 2.6.0 release for EPEL
--------------------------------------------------------------------------------
================================================================================
zsync-0.6.2-3.el9 (FEDORA-EPEL-2025-f708ea631b)
a file transfer program using the same algorithm as rsync over HTTP
--------------------------------------------------------------------------------
Update Information:
fix zlib source path in patch file
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 15 2025 Tobias Girstmair <t-fed...@girst.at> - 0.6.2-3
- fix zlib source path in patch file
* Thu May 15 2025 Tobias Girstmair <t-fed...@girst.at> - 0.6.2-2
- include a patch for CVE-2016-9840 (RHBZ#2366435)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2366410 - CVE-2025-4638 zsync: Improper Pointer Arithmetic in pcl
[epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2366410
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
