Dear all,
as pointed out in bz2236797 it would be useful for our users to upgrade
the eccodes package.
I am not aware of any significant compatibility issues, so if there are
no objections I plan to upgrade this package next week.
best regards,
Jos
On 9/1/23 16:20, bugzilla(a)redhat.com wrote:
> https://bugzilla.redhat.com/show_bug.cgi?id=2236797
>
> Bug ID: 2236797
> Summary: request to upgrade to upstream version 2.31.0
> Product: Fedora EPEL
> Version: epel8
> Status: NEW
> Component: eccodes
> Assignee: josdekloe(a)gmail.com
> Reporter: dbranchini(a)arpae.it
> QA Contact: extras-qa(a)fedoraproject.org
> CC: josdekloe(a)gmail.com
> Target Milestone: ---
> Classification: Fedora
>
>
>
> Hi,
> would it be possible to upgrade eccodes to the last upstream version (2.31.0)
> for epel8 and epel9?
> The current version (2.30.0) has some bugs that have been fixed (see
> https://confluence.ecmwf.int/display/ECC/ecCodes+version+2.31.0+released) and I
> see that it has already been packaged for F39.
>
> Thanks a lot for your work.
>
>
The following Fedora EPEL 7 Security updates need testing:
Age URL
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-f73923f479 python3-werkzeug-1.0.1-2.el7
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-2b99803700 python3-flask-1.1.4-1.el7
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-2a8f8b189e clamav-0.103.10-1.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
lastpass-cli-1.3.5-1.el7
lua-sec-1.3.2-1.el7
perl-CryptX-0.078-4.el7
xrdp-0.9.23-1.el7
Details about builds:
================================================================================
lastpass-cli-1.3.5-1.el7 (FEDORA-EPEL-2023-aaed6e3fc8)
Command line interface to LastPass.com
--------------------------------------------------------------------------------
Update Information:
Update to version 1.3.5
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 1 2023 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 1.3.5-1
- Update to version 1.3.5
--------------------------------------------------------------------------------
================================================================================
lua-sec-1.3.2-1.el7 (FEDORA-EPEL-2023-6fe30ef120)
Lua binding for OpenSSL library
--------------------------------------------------------------------------------
Update Information:
# LuaSec 1.3.2 * Fix: place `EAI_OVERFLOW` inside macro, unbreak build on
macOS < 10.7 * Fix: Expand workaround for zero `errno` to OpenSSL 3.0.x *
Fix: reset block timeout at send or receive
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 1 2023 Robert Scheck <robert(a)fedoraproject.org> 1.3.2-1
- Upgrade to 1.3.2 (#2236628)
* Thu Jul 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2236628 - lua-sec-1.3.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2236628
--------------------------------------------------------------------------------
================================================================================
perl-CryptX-0.078-4.el7 (FEDORA-EPEL-2023-298855312f)
Cryptographic toolkit
--------------------------------------------------------------------------------
Update Information:
Fix dependency issue on EL7
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 25 2023 Xavier Bachelot <xavier(a)bachelot.org> - 0.078-4
- Don't Requires: perl(Math::BigFloat) for tests subpackage on EL7 (RHBZ#2234802)
* Thu Jul 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.078-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Tue Jul 11 2023 Jitka Plesnikova <jplesnik(a)redhat.com> - 0.078-2
- Perl 5.38 rebuild
* Thu May 11 2023 Xavier Bachelot <xavier(a)bachelot.org> - 0.078-1
- Update to 0.078 (RHBZ#2120043)
- Convert license to SPDX
* Fri Jan 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.076-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.076-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue May 31 2022 Jitka Plesnikova <jplesnik(a)redhat.com> - 0.076-3
- Perl 5.36 rebuild
* Fri May 27 2022 Michal Josef ��pa��ek <mspacek(a)redhat.com> - 0.076-2
- Fix test issues with new version of Math::BigInt.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2234802 - Missing dependencies for perl-CryptX-tests
https://bugzilla.redhat.com/show_bug.cgi?id=2234802
--------------------------------------------------------------------------------
================================================================================
xrdp-0.9.23-1.el7 (FEDORA-EPEL-2023-0640e2bbd1)
Open source remote desktop protocol (RDP) server
--------------------------------------------------------------------------------
Update Information:
Release notes for xrdp v0.9.23 (2023/08/31) General announcements - Running
xrdp and xrdp-sesman on separate hosts is still supported by this release, but
is now deprecated. This is not secure. A future v1.0 release will replace the
TCP socket used between these processes with a Unix Domain Socket, and then
cross-host running will not be possible. Security fixes - CVE-2023-40184:
Improper handling of session establishment errors allows bypassing OS-level
session restrictions (Reported by @gafusss) Bug fixes - Environment variables
set by PAM modules are no longer restricted to around 250 characters (#2712) -
X11 clipboard clients now no longer hang when requesting a clipboard format
which isn't available (#2767) New features No new features in this release.
Internal changes - Introduce release tarball generation script (#2703) -
cppcheck version used for CI bumped to 2.11 (#2738) Known issues - On-the-fly
resolution change requires the Microsoft Store version of Remote Desktop client
but sometimes crashes on connect (#1869) - xrdp's login dialog is not relocated
at the center of the new resolution after on-the-fly resolution change happens
(#1867)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 1 2023 Bojan Smojver <bojan(a)rexursive.com> - 1:0.9.23-1
- Update to 0.9.23
- CVE-2023-40184
* Sat Jul 22 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1:0.9.22.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Tue Jun 13 2023 Leigh Scott <leigh123linux(a)gmail.com> - 1:0.9.22.1-3
- Rebuild fo new imlib2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2236307 - CVE-2023-40184 xrdp: xdp: restriction bypass via improper session handling [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2236307
[ 2 ] Bug #2236308 - CVE-2023-40184 xrdp: xdp: restriction bypass via improper session handling [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2236308
--------------------------------------------------------------------------------
The following Fedora EPEL 8 Security updates need testing:
Age URL
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-3067977cb5 indent-2.2.13-4.el8
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-50480e7e18 clamav-0.103.10-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
fakeroot-1.32.1-1.el8
lastpass-cli-1.3.5-1.el8
lua-sec-1.3.2-1.el8
resalloc-aws-1.5-1.el8
syncthing-1.23.7-1.el8
tmt-1.26.1-1.el8
xrdp-0.9.23-1.el8
Details about builds:
================================================================================
fakeroot-1.32.1-1.el8 (FEDORA-EPEL-2023-b67b405907)
Gives a fake root environment
--------------------------------------------------------------------------------
Update Information:
Update fakeroot to 1.32.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 31 2023 S��rgio Basto <sergio(a)serjux.com> - 1.32.1-1
- Update fakeroot to 1.32.1
* Wed Jul 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.31-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2221810 - fakeroot-1.32.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2221810
--------------------------------------------------------------------------------
================================================================================
lastpass-cli-1.3.5-1.el8 (FEDORA-EPEL-2023-0e070f5184)
Command line interface to LastPass.com
--------------------------------------------------------------------------------
Update Information:
Update to version 1.3.5
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 1 2023 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 1.3.5-1
- Update to version 1.3.5
--------------------------------------------------------------------------------
================================================================================
lua-sec-1.3.2-1.el8 (FEDORA-EPEL-2023-d4994573d8)
Lua binding for OpenSSL library
--------------------------------------------------------------------------------
Update Information:
# LuaSec 1.3.2 * Fix: place `EAI_OVERFLOW` inside macro, unbreak build on
macOS < 10.7 * Fix: Expand workaround for zero `errno` to OpenSSL 3.0.x *
Fix: reset block timeout at send or receive
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 1 2023 Robert Scheck <robert(a)fedoraproject.org> 1.3.2-1
- Upgrade to 1.3.2 (#2236628)
* Thu Jul 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2236628 - lua-sec-1.3.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2236628
--------------------------------------------------------------------------------
================================================================================
resalloc-aws-1.5-1.el8 (FEDORA-EPEL-2023-d5554e967d)
Resource allocator scripts for AWS
--------------------------------------------------------------------------------
Update Information:
New resalloc-aws-new --root-volume-size option
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 1 2023 Pavel Raiskup <praiskup(a)redhat.com> 1.5-1
- resalloc-aws-new: add `--root-volume-size` option (svashisht(a)redhat.com)
--------------------------------------------------------------------------------
================================================================================
syncthing-1.23.7-1.el8 (FEDORA-EPEL-2023-ab1344ae37)
Continuous File Synchronization
--------------------------------------------------------------------------------
Update Information:
Update to version 1.23.7. Release notes:
https://github.com/syncthing/syncthing/releases/tag/v1.23.7
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 1 2023 Fabio Valentini <decathorpe(a)gmail.com> - 1.23.7-1
- Update to version 1.23.7; Fixes RHBZ#2230629
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2230629 - syncthing-1.23.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2230629
--------------------------------------------------------------------------------
================================================================================
tmt-1.26.1-1.el8 (FEDORA-EPEL-2023-2172ea6ab0)
Test Management Tool
--------------------------------------------------------------------------------
Update Information:
Automatic update for tmt-1.26.1-1.el8. ##### **Changelog for tmt** ``` * Fri
Sep 01 2023 Luk���� Zachar <lzachar(a)redhat.com> - 1.26.1 - Rewrite git url for
discover fmf: modified-only ```
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 1 2023 Luk���� Zachar <lzachar(a)redhat.com> - 1.26.1
- Rewrite git url for discover fmf: modified-only
--------------------------------------------------------------------------------
================================================================================
xrdp-0.9.23-1.el8 (FEDORA-EPEL-2023-6770a3482d)
Open source remote desktop protocol (RDP) server
--------------------------------------------------------------------------------
Update Information:
Release notes for xrdp v0.9.23 (2023/08/31) General announcements - Running
xrdp and xrdp-sesman on separate hosts is still supported by this release, but
is now deprecated. This is not secure. A future v1.0 release will replace the
TCP socket used between these processes with a Unix Domain Socket, and then
cross-host running will not be possible. Security fixes - CVE-2023-40184:
Improper handling of session establishment errors allows bypassing OS-level
session restrictions (Reported by @gafusss) Bug fixes - Environment variables
set by PAM modules are no longer restricted to around 250 characters (#2712) -
X11 clipboard clients now no longer hang when requesting a clipboard format
which isn't available (#2767) New features No new features in this release.
Internal changes - Introduce release tarball generation script (#2703) -
cppcheck version used for CI bumped to 2.11 (#2738) Known issues - On-the-fly
resolution change requires the Microsoft Store version of Remote Desktop client
but sometimes crashes on connect (#1869) - xrdp's login dialog is not relocated
at the center of the new resolution after on-the-fly resolution change happens
(#1867)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 1 2023 Bojan Smojver <bojan(a)rexursive.com> - 1:0.9.23-1
- Update to 0.9.23
- CVE-2023-40184
* Sat Jul 22 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1:0.9.22.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Tue Jun 13 2023 Leigh Scott <leigh123linux(a)gmail.com> - 1:0.9.22.1-3
- Rebuild fo new imlib2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2236307 - CVE-2023-40184 xrdp: xdp: restriction bypass via improper session handling [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2236307
[ 2 ] Bug #2236308 - CVE-2023-40184 xrdp: xdp: restriction bypass via improper session handling [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2236308
--------------------------------------------------------------------------------
The following Fedora EPEL 9 Security updates need testing:
Age URL
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-b305ec138e indent-2.2.13-4.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
aom-3.7.0-1.el9
composer-2.6.1-1.el9
fakeroot-1.32.1-1.el9
highway-1.0.7-1.el9
lastpass-cli-1.3.5-1.el9
lua-sec-1.3.2-1.el9
procServ-2.7.0-16.el9
python-specfile-0.22.0-1.el9
qemu-sanity-check-1.1.6-11.el9
qm-0.5.6-1.el9
racket-7.9-2.el9
resalloc-aws-1.5-1.el9
rust-temp-env-0.3.4-2.el9
syncthing-1.23.7-1.el9
tmt-1.26.1-1.el9
xrdp-0.9.23-1.el9
Details about builds:
================================================================================
aom-3.7.0-1.el9 (FEDORA-EPEL-2023-50d30d4d62)
Royalty-free next-generation video format
--------------------------------------------------------------------------------
Update Information:
Update to version 3.7.0. Release notes:
https://aomedia.googlesource.com/aom/+/refs/tags/v3.7.0
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 1 2023 Fabio Valentini <decathorpe(a)gmail.com> - 3.7.0-1
- Update to version 3.7.0; Fixes RHBZ#2236624
* Wed Jul 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.6.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
composer-2.6.1-1.el9 (FEDORA-EPEL-2023-e0af5d2493)
Dependency Manager for PHP
--------------------------------------------------------------------------------
Update Information:
**Version 2.6.1** - 2023-09-01 * Reverted "Fixed executability of non-php
binaries which are not marked executable (#11557)" which caused a regression
(#11612) ---- **Version 2.6.0** - 2023-09-01 * Added audit.ignore config
setting to ignore security advisories by id or CVE id (#11556, #11605) * Added
`rm` alias to the `remove` command (#11367) * Added runtime platform check to
verify the php-64bit requirement is met (#11334) * Added platform package
detection for lib-pq-libpq and lib-rdkafka-librdkafka (#11418) * Added `--dry-
run` to `dump-autoload` command to allow running --strict-psr checks without
modifying the filesystem (#11608) * Added support for `bump`ing patch level in
`~1.2.3` constraints (#11590) * Added prompt in `require` if the package name
is not found but similar ones exist (#11284) * Added support for env vars and
`~` in repository paths for vcs and artifact repositories (#11453) * Added
support for local directory paths for repositories of type `composer` (#11526)
* Added links to package homepages in `why`/`why-not` command output (#11308)
* Added a `security` key to the `support` key of composer.json to set the URL to
the vulnerability disclosure policy (#11271) * Added support for gathering
security advisories from multiple repositories for a single package (#11436) *
Fixed `install` and `update` exit code to be non-zero if the post-install
security audit failed (#11362) * Fixed binary proxies causing scripts
inspecting `$_SERVER['SCRIPT_NAME']` to detect them, they are now more
transparent (#11562) * Fixed executability of non-php binaries which are not
marked executable (#11557) * Fixed `mtime` modification of the vendor dir to
only happen when packages are modified, and not require lock file modification
to happen (#11593) * Fixed `create-project` using the wrong composer.json file
if one was set via the `COMPOSER` env var (#11493) * Fixed json editing to
preserve indentation when updating json files (#11390) * Fixed handling of
broken junctions on windows (#11550) * Fixed parsing of lib-curl-openssl
version with OSX SecureTransport (#11534) * Fixed svn repo parsing in some
edge cases (#11350) * Fixed handling of archive URLs without file extension
(#11520) * Performance improvement in pool optimization step (#11449, #11450)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 1 2023 Remi Collet <remi(a)remirepo.net> - 2.6.1-1
- update to 2.6.1
* Fri Sep 1 2023 Remi Collet <remi(a)remirepo.net> - 2.6.0-1
- update to 2.6.0
--------------------------------------------------------------------------------
================================================================================
fakeroot-1.32.1-1.el9 (FEDORA-EPEL-2023-8f465f7c8c)
Gives a fake root environment
--------------------------------------------------------------------------------
Update Information:
Update fakeroot to 1.32.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 31 2023 S��rgio Basto <sergio(a)serjux.com> - 1.32.1-1
- Update fakeroot to 1.32.1
* Wed Jul 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.31-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2221810 - fakeroot-1.32.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2221810
--------------------------------------------------------------------------------
================================================================================
highway-1.0.7-1.el9 (FEDORA-EPEL-2023-9abfe1b53b)
Efficient and performance-portable SIMD
--------------------------------------------------------------------------------
Update Information:
Update to version 1.0.7. - Release notes for 1.0.6:
https://github.com/google/highway/releases/tag/1.0.6 - Release notes for 1.0.7:
https://github.com/google/highway/releases/tag/1.0.7
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 1 2023 Fabio Valentini <decathorpe(a)gmail.com> - 1.0.7-1
- Update to version 1.0.7; Fixes RHBZ#2231570
--------------------------------------------------------------------------------
================================================================================
lastpass-cli-1.3.5-1.el9 (FEDORA-EPEL-2023-3814f838d0)
Command line interface to LastPass.com
--------------------------------------------------------------------------------
Update Information:
Update to 1.3.5
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 1 2023 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 1.3.5-1
- Update to 1.3.5
* Thu Jul 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Tue Dec 27 2022 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 1.3.4-1
- Update to 1.3.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2236587 - lpass errors with "Error: SSL peer certificate or SSH remote key was not OK."
https://bugzilla.redhat.com/show_bug.cgi?id=2236587
[ 2 ] Bug #2236615 - lastpass-cli-1.3.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2236615
--------------------------------------------------------------------------------
================================================================================
lua-sec-1.3.2-1.el9 (FEDORA-EPEL-2023-e4a95323d5)
Lua binding for OpenSSL library
--------------------------------------------------------------------------------
Update Information:
# LuaSec 1.3.2 * Fix: place `EAI_OVERFLOW` inside macro, unbreak build on
macOS < 10.7 * Fix: Expand workaround for zero `errno` to OpenSSL 3.0.x *
Fix: reset block timeout at send or receive
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 1 2023 Robert Scheck <robert(a)fedoraproject.org> 1.3.2-1
- Upgrade to 1.3.2 (#2236628)
* Thu Jul 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2236628 - lua-sec-1.3.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2236628
--------------------------------------------------------------------------------
================================================================================
procServ-2.7.0-16.el9 (FEDORA-EPEL-2023-07703982b5)
Process server with telnet console and log access
--------------------------------------------------------------------------------
Update Information:
Add existing package to EPEL9 with no changes
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.7.0-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.7.0-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Fri Jan 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.7.0-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Fri Jul 23 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.7.0-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.7.0-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2231918 - Please branch and build procServ in epel9
https://bugzilla.redhat.com/show_bug.cgi?id=2231918
--------------------------------------------------------------------------------
================================================================================
python-specfile-0.22.0-1.el9 (FEDORA-EPEL-2023-4075ddcf37)
A library for parsing and manipulating RPM spec files
--------------------------------------------------------------------------------
Update Information:
Automatic update for python-specfile-0.22.0-1.el9. ##### **Changelog for
python-specfile** ``` * Fri Sep 01 2023 Packit <hello(a)packit.dev> - 0.22.0-1 -
Macro definitions and tags gained a new `valid` attribute. A macro
definition/tag is considered valid if it doesn't appear in a false branch of any
condition appearing in the spec file. (#276) ```
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 1 2023 Packit <hello(a)packit.dev> - 0.22.0-1
- Macro definitions and tags gained a new `valid` attribute. A macro definition/tag is considered valid if it doesn't appear in a false branch of any condition appearing in the spec file. (#276)
--------------------------------------------------------------------------------
================================================================================
qemu-sanity-check-1.1.6-11.el9 (FEDORA-EPEL-2023-6a72d131c2)
Simple qemu and Linux kernel sanity checker
--------------------------------------------------------------------------------
Update Information:
Rebase with all latest upstream patches
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 1 2023 Richard W.M. Jones <rjones(a)redhat.com> - 1.1.6-11
- Rebase with all latest upstream patches
* Fri Jul 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1.6-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
qm-0.5.6-1.el9 (FEDORA-EPEL-2023-f48dbbc66c)
Containerized environment for running Quality Management software
--------------------------------------------------------------------------------
Update Information:
Automatic update for qm-0.5.6-1.el9.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 1 2023 Packit <hello(a)packit.dev> - 0.5.6-1
- [packit] 0.5.6 upstream release
* Wed Aug 30 2023 Packit <hello(a)packit.dev> - 0.5.5-1
- [packit] 0.5.5 upstream release
* Tue Aug 29 2023 Packit <hello(a)packit.dev> - 0.5.4-1
- [packit] 0.5.4 upstream release
* Mon Aug 28 2023 Packit <hello(a)packit.dev> - 0.5.3-1
- [packit] 0.5.3 upstream release
* Wed Aug 16 2023 Packit <hello(a)packit.dev> - 0.5.1-1
- [packit] 0.5.1 upstream release
* Thu May 18 2023 Packit <hello(a)packit.dev> - 0.4.1-1
- [packit] 0.4.1 upstream release
* Thu May 18 2023 Packit <hello(a)packit.dev> - 0.4.0-1
- [packit] 0.4.0 upstream release
* Tue May 16 2023 Packit <hello(a)packit.dev> - 0.2.0-1
- [packit] 0.2.0 upstream release
* Tue May 9 2023 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.1.0-1
- Resolves: #2193400 - initial upload
--------------------------------------------------------------------------------
================================================================================
racket-7.9-2.el9 (FEDORA-EPEL-2023-d67f720f14)
General purpose programming language
--------------------------------------------------------------------------------
Update Information:
re-enable ppc64le for epel
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 31 2023 Jens Petersen <petersen(a)redhat.com> - 7.9-2
- re-enable ppc64le for epel
* Mon Aug 28 2023 Jens Petersen <petersen(a)redhat.com> - 7.9-1
- update to 7.9
- drop the nonfree doc patch
* Sat Aug 26 2023 Jens Petersen <petersen(a)redhat.com> - 7.4-12
- disable ppc64le (#2226390)
* Fri Jul 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 7.4-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Apr 26 2023 Florian Weimer <fweimer(a)redhat.com> - 7.4-10
- Port configure script to C99
* Fri Jan 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 7.4-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 7.4-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Fri Jan 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 7.4-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Sat Jan 8 2022 Miro Hron��ok <mhroncok(a)redhat.com> - 7.4-6
- Rebuilt for https://fedoraproject.org/wiki/Changes/LIBFFI34
--------------------------------------------------------------------------------
================================================================================
resalloc-aws-1.5-1.el9 (FEDORA-EPEL-2023-bf0317a31e)
Resource allocator scripts for AWS
--------------------------------------------------------------------------------
Update Information:
New resalloc-aws-new --root-volume-size option
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 1 2023 Pavel Raiskup <praiskup(a)redhat.com> 1.5-1
- resalloc-aws-new: add `--root-volume-size` option (svashisht(a)redhat.com)
--------------------------------------------------------------------------------
================================================================================
rust-temp-env-0.3.4-2.el9 (FEDORA-EPEL-2023-56f9501b48)
Set environment variables temporarily
--------------------------------------------------------------------------------
Update Information:
Built for EPEL9
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.3.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Apr 19 2023 Fabio Valentini <decathorpe(a)gmail.com> - 0.3.4-1
- Update to version 0.3.4; Fixes RHBZ#2180852
* Mon Feb 27 2023 Alessio <alciregi(a)fedoraproject.org> - 0.3.2-1
- Update to 0.3.2
* Mon Feb 27 2023 Alessio <alciregi(a)fedoraproject.org> - 0.3.0-4
- Update to 0.3.2
* Sat Jan 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.3.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Mon Nov 21 2022 Alessio <alciregi(a)fedoraproject.org> - 0.3.0-2
- Initial import (fedora#2121997).
* Mon Nov 21 2022 Alessio <alciregi(a)fedoraproject.org> - 0.3.0-1
- Initial import (fedora#2121997).
--------------------------------------------------------------------------------
================================================================================
syncthing-1.23.7-1.el9 (FEDORA-EPEL-2023-b80fe8364c)
Continuous File Synchronization
--------------------------------------------------------------------------------
Update Information:
Update to version 1.23.7. Release notes:
https://github.com/syncthing/syncthing/releases/tag/v1.23.7
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 1 2023 Fabio Valentini <decathorpe(a)gmail.com> - 1.23.7-1
- Update to version 1.23.7; Fixes RHBZ#2230629
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2230629 - syncthing-1.23.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2230629
--------------------------------------------------------------------------------
================================================================================
tmt-1.26.1-1.el9 (FEDORA-EPEL-2023-a6e035c747)
Test Management Tool
--------------------------------------------------------------------------------
Update Information:
Automatic update for tmt-1.26.1-1.el9. ##### **Changelog for tmt** ``` * Fri
Sep 01 2023 Luk���� Zachar <lzachar(a)redhat.com> - 1.26.1 - Rewrite git url for
discover fmf: modified-only ```
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 1 2023 Luk���� Zachar <lzachar(a)redhat.com> - 1.26.1
- Rewrite git url for discover fmf: modified-only
--------------------------------------------------------------------------------
================================================================================
xrdp-0.9.23-1.el9 (FEDORA-EPEL-2023-c2aea8a27e)
Open source remote desktop protocol (RDP) server
--------------------------------------------------------------------------------
Update Information:
Release notes for xrdp v0.9.23 (2023/08/31) General announcements - Running
xrdp and xrdp-sesman on separate hosts is still supported by this release, but
is now deprecated. This is not secure. A future v1.0 release will replace the
TCP socket used between these processes with a Unix Domain Socket, and then
cross-host running will not be possible. Security fixes - CVE-2023-40184:
Improper handling of session establishment errors allows bypassing OS-level
session restrictions (Reported by @gafusss) Bug fixes - Environment variables
set by PAM modules are no longer restricted to around 250 characters (#2712) -
X11 clipboard clients now no longer hang when requesting a clipboard format
which isn't available (#2767) New features No new features in this release.
Internal changes - Introduce release tarball generation script (#2703) -
cppcheck version used for CI bumped to 2.11 (#2738) Known issues - On-the-fly
resolution change requires the Microsoft Store version of Remote Desktop client
but sometimes crashes on connect (#1869) - xrdp's login dialog is not relocated
at the center of the new resolution after on-the-fly resolution change happens
(#1867)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 1 2023 Bojan Smojver <bojan(a)rexursive.com> - 1:0.9.23-1
- Update to 0.9.23
- CVE-2023-40184
* Sat Jul 22 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1:0.9.22.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Tue Jun 13 2023 Leigh Scott <leigh123linux(a)gmail.com> - 1:0.9.22.1-3
- Rebuild fo new imlib2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2236307 - CVE-2023-40184 xrdp: xdp: restriction bypass via improper session handling [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2236307
[ 2 ] Bug #2236308 - CVE-2023-40184 xrdp: xdp: restriction bypass via improper session handling [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2236308
--------------------------------------------------------------------------------
I am performing an incompatible upgrade of the caddy package in EPEL
9. In accordance with the incompatible upgrade policy [0], I proposed
this upgrade just over a week ago on the epel-devel mailing list [1].
For reasons detailed in the previous email, it is no longer possible
to update the package at the current version, preventing me from
resolving known CVEs. Today the EPEL Steering Committee voted to
approve this upgrade [2].
This upgrade will take the package from version 2.4.6 to 2.6.4. This
includes a few backwards-incompatible changes. I believe these
changes are on the milder side, and most users shouldn't notice a
difference. Here are the most notable removals/changes:
- Reverse proxy: Incoming X-Forwarded-* headers will no longer be
automatically trusted, to prevent spoofing.
- Logging: Removed the deprecated common_log field from HTTP access
logs, and the single_field encoder.
- Logging: The remote_addr field has been replaced by remote_ip and
remote_port fields in HTTP access logs, which split up the two parts
of the remote address.
- Caddyfile: The reverse_proxy directive's handle_response
subdirective has had its status replacement functionality moved to a
new replace_status subdirective.
There are also a few additional changes to features labeled as
experimental, and some deprecations (not yet removed). For a full
list, see the upstream release notes [3][4].
If you are able, please test and provide karma for the update [5].
[0] https://docs.fedoraproject.org/en-US/epel/epel-policy-incompatible-upgrades/
[1] https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraprojec…
[2] https://meetbot.fedoraproject.org/fedora-meeting/2023-08-23/epel.2023-08-23…
[3] https://github.com/caddyserver/caddy/releases/tag/v2.5.0
[4] https://github.com/caddyserver/caddy/releases/tag/v2.6.0
[5] https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-8849a14e7f
--
Carl George