The following Fedora EPEL 9 Security updates need testing:
Age URL
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-33fdfad055
python-cairosvg-2.7.0-1.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
aspell-sk-2.4.7-1.el9
borgbackup-1.2.4-1.el9
chromium-111.0.5563.110-1.el9
dl-fedora-0.9.4-1.el9
fedora-license-data-1.16-1.el9
ghc9.4-9.4.4-17.el9
jc-1.23.1-1.el9
lua-sec-1.3.1-1.el9
netconsd-0.2-1.el9
python-backoff-2.2.1-1.el9
python-google-auth-2.16.3-1.el9
Details about builds:
================================================================================
aspell-sk-2.4.7-1.el9 (FEDORA-EPEL-2023-c9ab4b3695)
Slovak dictionaries for Aspell
--------------------------------------------------------------------------------
Update Information:
Update to upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 16 2023 J��n ONDREJ (SAL) <ondrejj(at)salstar.sk> - 2.4.7-1
- Update to upstream.
* Wed Jan 18 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.02-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Wed Jul 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.02-9
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Wed Jan 19 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.02-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
borgbackup-1.2.4-1.el9 (FEDORA-EPEL-2023-17b2277f33)
A deduplicating backup program with compression and authenticated encryption
--------------------------------------------------------------------------------
Update Information:
new upstream version 1.2.4
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 24 2023 Felix Schwarz <fschwarz(a)fedoraproject.org> - 1.2.4-1
- update to 1.2.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2075715 - borgbackup-1.2.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2075715
--------------------------------------------------------------------------------
================================================================================
chromium-111.0.5563.110-1.el9 (FEDORA-EPEL-2023-7b4cf5b91e)
A WebKit (Blink) powered web browser that Google doesn't want you to use
--------------------------------------------------------------------------------
Update Information:
update to 111.0.5563.110. Fixes the following security issues: CVE-2023-1528
CVE-2023-1529 CVE-2023-1530 CVE-2023-1531 CVE-2023-1532 CVE-2023-1533
CVE-2023-1534
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 22 2023 Than Ngo <than(a)redhat.com> - 111.0.5563.110-1
- update to 111.0.5563.110
* Sun Mar 12 2023 Neal Gompa <ngompa(a)fedoraproject.org> - 111.0.5563.64-2
- Rebuild for ffmpeg 6.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2180693 - CVE-2023-1528 CVE-2023-1529 CVE-2023-1530 CVE-2023-1531
CVE-2023-1532 CVE-2023-1533 CVE-2023-1534 chromium: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2180693
[ 2 ] Bug #2180694 - CVE-2023-1528 CVE-2023-1529 CVE-2023-1530 CVE-2023-1531
CVE-2023-1532 CVE-2023-1533 CVE-2023-1534 chromium: various flaws [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2180694
--------------------------------------------------------------------------------
================================================================================
dl-fedora-0.9.4-1.el9 (FEDORA-EPEL-2023-fc80562f4e)
Fedora image download tool
--------------------------------------------------------------------------------
Update Information:
- add new F38 spins: Budgie and Sway - change koji target to --koji mirror
option - if mirror redirect fails then fallback to primary - run with qemu -cpu
host option
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 23 2023 Jens Petersen <petersen(a)redhat.com> - 0.9.4-1
- add new F38 spins: Budgie and Sway
- change koji target to --koji mirror option
- if mirror redirect fails then fallback to primary
- run with qemu -cpu host option
* Thu Feb 16 2023 Jens Petersen <petersen(a)redhat.com> - 0.9.3-4
- refresh to cabal-rpm-2.1.0 with SPDX migration
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.9.3-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Fri Jun 17 2022 Jens Petersen <petersen(a)redhat.com> - 0.9.3-2
- rebuild
--------------------------------------------------------------------------------
================================================================================
fedora-license-data-1.16-1.el9 (FEDORA-EPEL-2023-d26f363c0d)
Fedora Linux license data
--------------------------------------------------------------------------------
Update Information:
several new licenses added
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 24 2023 Miroslav Such�� <msuchy(a)redhat.com> 1.16-1
- Add public-domain text for python-multiprocess
- Add public domain text for versioneer in python-llvmlite
- Add Martin-Birgmeier
- Add public domain license in perl-libxml-perl
- Add public domain license in perl-Math-Int64
- Add public domain license in perl-Net-OpenID-Consumer
- Add public domain license in perl-Net-OpenID-Server
- Add public domain license in perl-perlfaq
- Update GPL-2.0-only_WITH_389-exception.toml
- Add new file: GPL-2.0-only WITH 389-exception
- Add public-domain text for jo
- Add public-domain license texts for abseil-cpp
- Update public-domain-text.txt for ecl
- Update public-domain-text.txt for gap-pkg-profiling
- Update public-domain-text.txt for icu4j
- Update public-domain-text.txt for mona
- Update public-domain-text.txt for pl
- Update public-domain-text.txt for pvs-sbcl
- Add Blessing
- Add new file: HPND-sell-variant-MIT-disclaimer
- Add new file: OFFIS
- Add new file: UCAR
- Add new file: TPL-1.0
- Add new file: Brian-Gladman-3-Clause
- Add new file: OpenPBS.toml
- Update public-domain-text.txt for python-pdfminer
- Add MagniComp-EULA as not-allowed
--------------------------------------------------------------------------------
================================================================================
ghc9.4-9.4.4-17.el9 (FEDORA-EPEL-2023-f896edff4e)
Glasgow Haskell Compiler
--------------------------------------------------------------------------------
Update Information:
- suffix hadrian with ghc_major - only add ld.so.conf.d and remove RPATH if
_ghcdynlibdir - do not duplicate libHSrts-*.so in filelist - add debian haddock-
remove-googleapis-fonts.patch - update buildpath-abi-stability.patch - mv
ld.so.conf.d out of rts block - use ghcliblib everywhere and add its subdirs -
update abicheck with ghc_major - sync packaging changes: subpackage ghc-bignum,
llvm13, -W, _ghcdynlibdir - build with ghc9.2
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 20 2023 Jens Petersen <petersen(a)redhat.com> - 9.4.4-17
- suffix hadrian with ghc_major
- only add ld.so.conf.d and remove RPATH if _ghcdynlibdir
- do not duplicate libHSrts-*.so in filelist
- add debian haddock-remove-googleapis-fonts.patch
- update buildpath-abi-stability.patch
- mv ld.so.conf.d out of rts block
- use ghcliblib everywhere and add its subdirs
- update abicheck with ghc_major
- sync packaging changes: subpackage ghc-bignum, llvm13, -W, _ghcdynlibdir
- build with ghc9.2
--------------------------------------------------------------------------------
================================================================================
jc-1.23.1-1.el9 (FEDORA-EPEL-2023-2657c011ce)
Serialize the output of CLI tools and file-types to structured JSON
--------------------------------------------------------------------------------
Update Information:
Update to v1.23.1
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 24 2023 Artur Frenszek-Iwicki <fedora(a)svgames.pl> - 1.23.1-1
- Update to v1.23.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2181400 - jc-1.23.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2181400
--------------------------------------------------------------------------------
================================================================================
lua-sec-1.3.1-1.el9 (FEDORA-EPEL-2023-2bade120af)
Lua binding for OpenSSL library
--------------------------------------------------------------------------------
Update Information:
# LuaSec 1.3.1 - Fix: check if PSK is available
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 20 2023 Robert Scheck <robert(a)fedoraproject.org> 1.3.1-1
- Upgrade to 1.3.1 (#2179984)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2179984 - lua-sec-1.3.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2179984
--------------------------------------------------------------------------------
================================================================================
netconsd-0.2-1.el9 (FEDORA-EPEL-2023-55df79c1ba)
The Netconsole Daemon
--------------------------------------------------------------------------------
Update Information:
Update to 0.2 to address CVE-2023-28753; Fixes: RHBZ#2181655
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 24 2023 Davide Cavalca <dcavalca(a)fedoraproject.org> - 0.2-1
- Update to 0.2 to address CVE-2023-28753; Fixes: RHBZ#2181655
* Fri Jan 27 2023 Davide Cavalca <dcavalca(a)fedoraproject.org> - 0.1-5
- Backport upstream PR to fix FTBFS
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.1-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.1-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2181655 - netconsd-0.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2181655
--------------------------------------------------------------------------------
================================================================================
python-backoff-2.2.1-1.el9 (FEDORA-EPEL-2023-995ddb45a1)
Python library providing function decorators for configurable backoff and retry
--------------------------------------------------------------------------------
Update Information:
Update package to 2.2.1
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 24 2023 Jiri Kyjovsky <jkyjovsk(a)redhat.com> - 2.2.1-1
- Update package to 2.2.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2089057 - Please branch and build python-backoff in epel9
https://bugzilla.redhat.com/show_bug.cgi?id=2089057
--------------------------------------------------------------------------------
================================================================================
python-google-auth-2.16.3-1.el9 (FEDORA-EPEL-2023-d4d9f710ec)
Google Auth Python Library
--------------------------------------------------------------------------------
Update Information:
Update python-google-auth to 2.16.3
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 24 2023 Jason Montleon <jmontleo(a)redhat.com> - 1:2.16.3-1
- Update to 2.16.3
* Fri Jan 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> -
1:2.16.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2171196 - python-google-auth-2.16.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2171196
--------------------------------------------------------------------------------