[EPEL-devel] Fedora EPEL 7 updates-testing report
The following Fedora EPEL 7 Security updates need testing: Age URL 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-e0ec985df4 chromium-111.0.5563.146-1.el7 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-7be8f2df20 seamonkey-2.53.16-1.el7 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-237e339dd2 netatalk-3.1.14-3.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing inxi-3.3.26-1.el7 zchunk-1.3.1-1.el7 Details about builds: inxi-3.3.26-1.el7 (FEDORA-EPEL-2023-063e62b6da) A full featured system information script Update Information: Update to 3.3.26. ChangeLog: * Mon Apr 3 2023 Vasiliy N. Glazov - 3.3.26-1 - Update to 3.3.26 * Sat Mar 11 2023 Fabio Valentini - 3.3.25-2 - Rebuild for https://pagure.io/releng/issue/11327 zchunk-1.3.1-1.el7 (FEDORA-EPEL-2023-d9256ecd7c) Compressed file format that allows easy deltas Update Information: Fix several low severity security bugs. ChangeLog: * Tue Apr 4 2023 Jonathan Dieter - 1.3.1-1 - Fix a few low severity security bugs including - An off-by-one overflow when reading compressed integers from a malicious zchunk file - Error handling being skipped when the number of bytes read doesn't match what's expected - Not freeing memory when attempting to reallocate to size 0 ___ epel-devel mailing list -- epel-devel@lists.fedoraproject.org To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[EPEL-devel] Fedora EPEL 8 updates-testing report
The following Fedora EPEL 8 Security updates need testing: Age URL 19 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-1e00c3d01e cutter-re-2.2.0-1.el8 rizin-0.5.1-1.el8 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-95d6efd5d6 seamonkey-2.53.16-1.el8 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-711f25dbbf netatalk-3.1.14-3.el8 The following builds have been pushed to Fedora EPEL 8 updates-testing inxi-3.3.26-1.el8 pdns-4.7.3-1.el8 pdns-recursor-4.8.4-1.el8 zchunk-1.3.1-1.el8 Details about builds: inxi-3.3.26-1.el8 (FEDORA-EPEL-2023-26f3bbde8a) A full featured system information script Update Information: Update to 3.3.26. ChangeLog: * Mon Apr 3 2023 Vasiliy N. Glazov - 3.3.26-1 - Update to 3.3.26 * Sat Mar 11 2023 Fabio Valentini - 3.3.25-2 - Rebuild for https://pagure.io/releng/issue/11327 pdns-4.7.3-1.el8 (FEDORA-EPEL-2023-c28f233c6b) A modern, advanced and high performance authoritative-only nameserver Update Information: - Update to 4.7.3 Release notes: https://doc.powerdns.com/authoritative/changelog/4.7.html#change-4.7.3 ChangeLog: * Tue Apr 4 2023 Morten Stevens - 4.7.3-1 - Update to 4.7.3 * Mon Feb 20 2023 Jonathan Wakely - 4.7.2-5 - Rebuilt for Boost 1.81 * Mon Jan 23 2023 Morten Stevens - 4.7.2-4 - Fix missing include for gcc13 * Thu Jan 19 2023 Fedora Release Engineering - 4.7.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Tue Nov 8 2022 Richard Shaw - 4.7.2-2 - Rebuild for yaml-cpp 0.7.0. * Tue Nov 1 2022 Morten Stevens - 4.7.2-1 - Update to 4.7.2 * Mon Oct 31 2022 Morten Stevens - 4.7.1-1 - Update to 4.7.1 * Sat Oct 22 2022 Morten Stevens - 4.7.0-1 - Update to 4.7.0 * Fri Jul 22 2022 Fedora Release Engineering - 4.6.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Wed May 4 2022 Thomas Rodgers - 4.6.2-2 - Rebuilt for Boost 1.78 pdns-recursor-4.8.4-1.el8 (FEDORA-EPEL-2023-d4a7c0e04e) Modern, advanced and high performance recursing/non authoritative name server Update Information: - Update to 4.8.4 Release notes: https://doc.powerdns.com/recursor/changelog/4.8.html ChangeLog: * Tue Apr 4 2023 Morten Stevens - 4.8.4-1 - Update to 4.8.4 References: [ 1 ] Bug #2069403 - CVE-2022-27227 pdns-recursor: pdns,pdns-recursor: Incomplete zone transfers handled as successful [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2069403 [ 2 ] Bug #2120865 - CVE-2022-37428 pdns-recursor: DoS when protobuf logging is enabled [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2120865 [ 3 ] Bug #2182851 - CVE-2023-26437 pdns-recursor: Deterred spoofing attempts can lead to authoritative servers being marked unavailable [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2182851 zchunk-1.3.1-1.el8 (FEDORA-EPEL-2023-9215c40764) Compressed file format that allows easy deltas Update Information: Fix several low severity security bugs. ChangeLog: * Tue Apr 4 2023 Jonathan Dieter - 1.3.1-1 - Fix a few low severity security bugs including - An off-by-one overflow when reading compressed integers from a malicious zchunk file - Error handling being skipped when the number of bytes read doesn't match what's expected - Not freeing memory when attempting to reallocate to size 0 ___ epel-devel mailing list -- epel-devel@lists.fedoraproject.org To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
[EPEL-devel] Re: EPEL2RHEL - New Wording? - New Workflow?
The change has now been implemented. We'll have to wait for a package to be affected before we see it, but I *think* it should look like what we have there. Note: It is still doing everything as separate steps. So package maintainers will still get several emails. I got to see the code, and I think we can trim a couple of the steps off, which will trim a couple of the emails off. But I wanted to get this change through first, because it's a straightforward wording change and shouldn't break anything. Troy On Fri, Mar 31, 2023 at 8:00 AM Carl George wrote: > That sounds great, thanks. > > On Thu, Mar 30, 2023, 8:28 AM Troy Dawson wrote: > >> It doesn't look like they've done their merge yet, so I'll see if I can >> get your change in. >> How does this sound? >> >> Subject: >> Notice: will be automatically retired from EPEL when >> RHEL . is released >> >> Comment: >> >> This issue is purely informational, you do not need to take any action. >> Thank you for your work maintaining in EPEL . Red Hat >> considers this package important enough to promote it to official RHEL. It >> will be part of RHEL .. Please do not update in >> EPEL so the RHEL version can have a higher version and release. >> When RHEL . is released, EPEL automation will remove >> from EPEL and close this bug. >> >> >> On Tue, Mar 28, 2023 at 9:14 AM Carl George wrote: >> >>> I'm also late to the party with this feedback, but just in case it's >>> not too late to include, can we include something about not updating >>> the package further? Beyond just "you do not need to take any >>> action", we should advise against making any changes at that point, as >>> often the RHEL package will be exactly one release higher than the >>> current EPEL package, and updating the EPEL package further (either >>> release or version) will screw up the upgrade path. >>> >>> On Mon, Mar 27, 2023 at 7:22 PM Troy Dawson wrote: >>> > >>> > On Sat, Mar 25, 2023 at 12:51 PM Miro Hrončok >>> wrote: >>> >> >>> >> On 20. 03. 23 12:20, Neal Gompa wrote: >>> >> >> I could think of other reasons as well. E.g. it's not important >>> for customers >>> >> >> but it's important for Red Hat. Or maybe it is a not-so-important >>> dependency of >>> >> >> something else. >>> >> >> >>> >> > Does Red Hat have any other motivation with RHEL other than a >>> customer >>> >> > needing the functionality? Those other reasons are generally driven >>> by >>> >> > someone needing it. >>> >> >>> >> See e.g. https://bugzilla.redhat.com/2175213 >>> > >>> > >>> > I see your point. It sometimes also happens when the EPEL package is >>> a dependency of the important package, the customers aren't actually asking >>> for the EPEL package. >>> > It looks like this change still hasn't been merged in so I'll see if I >>> can get a change in. How about this? >>> > >>> > Subject: >>> > Notice: will be automatically retired from EPEL when >>> RHEL . is released >>> > >>> > Comment: >>> > >>> > This issue is purely informational, you do not need to take any >>> action. Thank you for your work maintaining in EPEL . >>> Red Hat considers this package important enough to promote it to official >>> RHEL. It will be part of RHEL .. When that is released, >>> EPEL automation will remove from EPEL and close this bug. >>> > >>> > ___ >>> > epel-devel mailing list -- epel-devel@lists.fedoraproject.org >>> > To unsubscribe send an email to >>> epel-devel-le...@lists.fedoraproject.org >>> > Fedora Code of Conduct: >>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>> > List Guidelines: >>> https://fedoraproject.org/wiki/Mailing_list_guidelines >>> > List Archives: >>> https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org >>> > Do not reply to spam, report it: >>> https://pagure.io/fedora-infrastructure/new_issue >>> >>> >>> >>> -- >>> Carl George >>> ___ >>> epel-devel mailing list -- epel-devel@lists.fedoraproject.org >>> To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org >>> Fedora Code of Conduct: >>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >>> List Archives: >>> https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org >>> Do not reply to spam, report it: >>> https://pagure.io/fedora-infrastructure/new_issue >>> >> ___ >> epel-devel mailing list -- epel-devel@lists.fedoraproject.org >> To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org >> Fedora Code of Conduct: >> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >> List Archives: >> https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org >> Do not reply to spam, report it: >>
[EPEL-devel] [Fedocal] Reminder meeting : EPEL Steering Committee
Dear all, You are kindly invited to the meeting: EPEL Steering Committee on 2023-04-05 from 16:00:00 to 17:00:00 US/Eastern At fedora-meet...@irc.libera.chat The meeting will be about: This is the weekly EPEL Steering Committee Meeting. A general agenda is the following: #topic aloha #topic EPEL Issues https://pagure.io/epel/issues * https://pagure.io/epel/issues?tags=meeting=Open #topic Old Business (if needed) #topic General Issues / Open Floor Source: https://calendar.fedoraproject.org//meeting/9854/ ___ epel-devel mailing list -- epel-devel@lists.fedoraproject.org To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue