The following Fedora EPEL 9 Security updates need testing:
Age URL
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-8f0f0d103a
chromium-114.0.5735.133-1.el9
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-534fc4dfaa
suricata-6.0.13-1.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
barman-3.6.0-1.el9
bgpq4-1.11-1.el9
bird-2.13.1-1.el9
darktable-4.4.0-1.el9
dav1d-1.2.1-1.el9
fedora-license-data-1.24-1.el9
libfullock-1.0.51-1.el9
ocserv-1.1.7-2.el9
onedrive-2.4.25-1.el9
php-pecl-mongodb-1.16.0-1.el9
polkit-qt-1-0.114.0-6.el9
prename-1.14-1.el9
python-specfile-0.19.0-1.el9
qca-2.3.4-5.el9
rust-serial_test-2.0.0-1.el9
rust-serial_test1-1.0.0-1.el9
rust-serial_test_derive-2.0.0-1.el9
rust-serial_test_derive1-1.0.0-1.el9
singularity-ce-3.11.4-1.el9
Details about builds:
================================================================================
barman-3.6.0-1.el9 (FEDORA-EPEL-2023-699251632e)
Backup and Recovery Manager for PostgreSQL
--------------------------------------------------------------------------------
Update Information:
Update to 3.6.0.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 22 2023 Simone Caronni <negativo17(a)gmail.com> - 3.6.0-1
- Update to 3.6.0.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2215309 - barman-3.6.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2215309
--------------------------------------------------------------------------------
================================================================================
bgpq4-1.11-1.el9 (FEDORA-EPEL-2023-6d92113e0d)
Automate BGP filter generation based on routing database information
--------------------------------------------------------------------------------
Update Information:
# bgpq4 1.11 - disallow AS 23456 as origin (can be bypassed via `-p`)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 22 2023 Robert Scheck <robert(a)fedoraproject.org> 1.11-1
- Upgrade to 1.11 (#2216590)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2216590 - bgpq4-1.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2216590
--------------------------------------------------------------------------------
================================================================================
bird-2.13.1-1.el9 (FEDORA-EPEL-2023-bdddac7f99)
BIRD Internet Routing Daemon
--------------------------------------------------------------------------------
Update Information:
# BIRD 2.13.1 (2023-06-23) * BGP: Fix role check when no capability option is
present * Filter: Fixed segfault when a case option had an empty block
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 22 2023 Robert Scheck <robert(a)fedoraproject.org> - 2.13.1-1
- Upgrade to 2.13.1 (#2190169)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2190169 - bird-2.13.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2190169
--------------------------------------------------------------------------------
================================================================================
darktable-4.4.0-1.el9 (FEDORA-EPEL-2023-a372aeea02)
Utility to organize and develop raw images
--------------------------------------------------------------------------------
Update Information:
4.4.0 release
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 21 2023 Germano Massullo <germano.massullo(a)gmail.com> - 4.4.0-1
- 4.4.0 release
* Sun Jun 18 2023 S��rgio Basto <sergio(a)serjux.com> - 4.2.1-4
- Mass rebuild for jpegxl-0.8.1
--------------------------------------------------------------------------------
================================================================================
dav1d-1.2.1-1.el9 (FEDORA-EPEL-2023-b19b890d2f)
AV1 cross-platform Decoder
--------------------------------------------------------------------------------
Update Information:
Update to version 1.2.1. This version includes a fix for CVE-2023-32570 (race
condition that can lead to an application crash).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 22 2023 Fabio Valentini <decathorpe(a)gmail.com> - 1.2.1-1
- Update to version 1.2.1; Fixes RHBZ#2192725
* Thu Feb 16 2023 Pete Walter <pwalter(a)fedoraproject.org> - 1.1.0-1
- Update to 1.1.0 Close: rhbz#2169844
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2208125 - CVE-2023-32570 dav1d: a thread_task.c race condition that can lead
to an application crash [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2208125
[ 2 ] Bug #2208126 - CVE-2023-32570 dav1d: a thread_task.c race condition that can lead
to an application crash [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2208126
--------------------------------------------------------------------------------
================================================================================
fedora-license-data-1.24-1.el9 (FEDORA-EPEL-2023-a5ec655059)
Fedora Linux license data
--------------------------------------------------------------------------------
Update Information:
+- Add new file: Inner-Net-2.0 +- Add Linux-man-pages-copyleft-2-para - Add
Linux-man-pages-1-para - Add Linux-man-pages-copyleft-var - Remove AFL-2.0 since
it is probably not in Fedora - Make REUSE conformant - Add GPL-2.0-or-later WITH
Bison-exception-2.2 - Add new file: AFL-2.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 22 2023 Miroslav Such�� <msuchy(a)redhat.com> 1.24-1
- Add new file: Inner-Net-2.0
- Add Linux-man-pages-copyleft-2-para
- Add Linux-man-pages-1-para
- Add Linux-man-pages-copyleft-var
- Remove AFL-2.0 since it is probably not in Fedora
- Make REUSE conformant
- Add GPL-2.0-or-later WITH Bison-exception-2.2
- Add new file: AFL-2.1
--------------------------------------------------------------------------------
================================================================================
libfullock-1.0.51-1.el9 (FEDORA-EPEL-2023-242ec8fd5e)
Fast User Level LOCK (FULLOCK) library for C/C++
--------------------------------------------------------------------------------
Update Information:
Updates to libfullock-1.0.51
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 21 2023 Hirotaka Wakabayashi <hiwkby(a)yahoo.com> - 1.0.51-1
- Updates to libfullock-1.0.51
* Mon Mar 6 2023 Hirotaka Wakabayashi <hiwkby(a)yahoo.com> - 1.0.50-1
- Updates to libfullock-1.0.50
* Fri Feb 24 2023 Hirotaka Wakabayashi <hiwkby(a)yahoo.com> - 1.0.48-1
- Updates to libfullock-1.0.48
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> -
1.0.44-1.2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
1.0.44-1.1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Fri Feb 11 2022 Hirotaka Wakabayashi <hiwkby(a)yahoo.com> - 1.0.44-1
- Updates to libfullock-1.0.44
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
1.0.39-1.3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
1.0.39-1.2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
ocserv-1.1.7-2.el9 (FEDORA-EPEL-2023-de78e019ca)
OpenConnect SSL VPN server
--------------------------------------------------------------------------------
Update Information:
Backported fixes for expired certificates
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 22 2023 Nikos Mavrogiannopoulos <n.mavrogiannopoulos(a)gmail.com> - 1.1.7-2
- Backported fixes for expired certificates
--------------------------------------------------------------------------------
================================================================================
onedrive-2.4.25-1.el9 (FEDORA-EPEL-2023-bdeb902be6)
OneDrive Free Client written in D
--------------------------------------------------------------------------------
Update Information:
Update to 2.4.25 (#2216391)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 21 2023 Fedora Release Monitoring <release-monitoring(a)fedoraproject.org> -
2.4.25-1
- Update to 2.4.25 (#2216391)
--------------------------------------------------------------------------------
================================================================================
php-pecl-mongodb-1.16.0-1.el9 (FEDORA-EPEL-2023-c71d5cd23e)
MongoDB driver for PHP
--------------------------------------------------------------------------------
Update Information:
**Version 1.16.0** ** Bug** * [PHPC-2070] - Kerberos on Windows should not
pass username to SSPI when password is not set * [PHPC-2133] - Cannot build
driver with SRV support on FreeBSD * [PHPC-2195] - Implicit declaration warnings
caused by libmongocrypt-compat header * [PHPC-2210] - Fix direct copying of BSON
data from Document and PackedArray objects * [PHPC-2211] -
php_phongo_bson_to_json() does not free intermediary result string * [PHPC-2216]
- BulkWrite::insert() does not generate _id for Document or PackedArray *
[PHPC-2220] - ConnectionId returned in heartbeats may be int64 * [PHPC-2222] -
PackedArray::fromPHP returns Document for root=bson type map ** Epic** *
[PHPC-2214] - Int64 Improvements ** New Feature** * [PHPC-324] - Create a BSON
document iterator class * [PHPC-326] - Document and PackedArray classes to
represent raw BSON data * [PHPC-1949] - Allow explicit construction of Int64
objects * [PHPC-2197] - Support queryable encryption range indexes * [PHPC-2203]
- Support Queryable Encryption v2 protocol for MongoDB 7.0 * [PHPC-2212] -
Support overloaded operators for Int64 objects * [PHPC-2213] - Support casting
of Int64 objects to scalar integers ** Task** * [PHPC-2035] - Require hello
command + OP_MSG when 'loadBalanced=True' * [PHPC-2069] - Require hello command
for connection handshake to use OP_MSG, disallowing OP_QUERY * [PHPC-2163] -
Update php-edge-versions latest-stable in Evergreen to PHP 8.2 * [PHPC-2164] -
Refactor run-ocsp-responder.sh to use activate-ocspvenv.sh * [PHPC-2200] - Add
MongoDB rapid releases to Evergreen matrix * [PHPC-2226] - Test against MongoDB
7.0 * [PHPC-2228] - Upgrade libmongocrypt to 1.8.1 * [PHPC-2250] - Upgrade
libmongoc to 1.24.1 * [PHPC-2252] - Fix method signature for
Serializable::unserialize() implementations ** Improvement** * [PHPC-1941] -
Use OP_MSG to authenticate if server supports OP_MSG * [PHPC-2158] - Cache AWS
Credentials Where Possible * [PHPC-2165] - Expose server error replies in
BulkWriteResult * [PHPC-2188] - Permit tlsDisableOCSPEndpointCheck in KMS TLS
options * [PHPC-2236] - Allow compression libraries to be configured at build
time * [PHPC-2244] - Return Int64 instances when converting raw BSON objects to
PHP values
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 22 2023 Remi Collet <remi(a)remirepo.net> - 1.16.0-1
- update to 1.16.0
--------------------------------------------------------------------------------
================================================================================
polkit-qt-1-0.114.0-6.el9 (FEDORA-EPEL-2023-eb2ce509c2)
Qt bindings for PolicyKit
--------------------------------------------------------------------------------
Update Information:
Add Qt6 support
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 2 2023 Jan Grulich <jgrulich(a)redhat.com> - 0.114.0-6
- Add Qt6 support
* Fri Jan 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.114.0-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.114.0-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
prename-1.14-1.el9 (FEDORA-EPEL-2023-47a935940f)
Perl script to rename multiple files
--------------------------------------------------------------------------------
Update Information:
Update to 1.14 (from 1.11) ``` 1.14 Sun Feb 26 22:07:31 CET 2023 - Add
--shell-completion=zsh and docs 1.13 Mon Feb 13 14:24:37 CET 2023 -
Add --shell-completion=bash 1.12 Sun Nov 13 16:13:00 CET 2022 - Add
-c|--copy option ```
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 22 2023 Arthur Bols <arthur(a)bols.dev> - 1.14-1
- Update to 1.14
* Fri Jan 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.11-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-specfile-0.19.0-1.el9 (FEDORA-EPEL-2023-aa348a72b2)
A library for parsing and manipulating RPM spec files
--------------------------------------------------------------------------------
Update Information:
Automatic update for python-specfile-0.19.0-1.el9. ##### **Changelog for
python-specfile** ``` * Thu Jun 22 2023 Packit <hello(a)packit.dev> - 0.19.0-1 -
Parsing has been optimized so that even spec files with hundreds of thousands of
lines can be processed in reasonable time. (#240) ```
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 22 2023 Packit <hello(a)packit.dev> - 0.19.0-1
- Parsing has been optimized so that even spec files with hundreds of thousands of lines
can be processed in reasonable time. (#240)
--------------------------------------------------------------------------------
================================================================================
qca-2.3.4-5.el9 (FEDORA-EPEL-2023-064e57c6ca)
Qt Cryptographic Architecture
--------------------------------------------------------------------------------
Update Information:
Rebuild to utilize qt6
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.3.4-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Tue Nov 29 2022 Sandro Mani <manisandro(a)gmail.com> - 2.3.4-4
- Add qt6 build
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.3.4-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-serial_test-2.0.0-1.el9 (FEDORA-EPEL-2023-496c9a206b)
Allows for the creation of serialised Rust tests
--------------------------------------------------------------------------------
Update Information:
- Update the serial_test and serial_test_derive crates to version 2.0.0. - Add
compat packages for version 1 of the serial_test and serial_test_derive crates.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 22 2023 Fabio Valentini <decathorpe(a)gmail.com> - 2.0.0-1
- Update to version 2.0.0; Fixes RHBZ#2183043
--------------------------------------------------------------------------------
================================================================================
rust-serial_test1-1.0.0-1.el9 (FEDORA-EPEL-2023-496c9a206b)
Allows for the creation of serialised Rust tests
--------------------------------------------------------------------------------
Update Information:
- Update the serial_test and serial_test_derive crates to version 2.0.0. - Add
compat packages for version 1 of the serial_test and serial_test_derive crates.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 22 2023 Fabio Valentini <decathorpe(a)gmail.com> - 1.0.0-1
- Initial import (serial_test 1 compat package)
--------------------------------------------------------------------------------
================================================================================
rust-serial_test_derive-2.0.0-1.el9 (FEDORA-EPEL-2023-496c9a206b)
Helper crate for serial_test
--------------------------------------------------------------------------------
Update Information:
- Update the serial_test and serial_test_derive crates to version 2.0.0. - Add
compat packages for version 1 of the serial_test and serial_test_derive crates.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 22 2023 Fabio Valentini <decathorpe(a)gmail.com> - 2.0.0-1
- Update to version 2.0.0; Fixes RHBZ#2183044
--------------------------------------------------------------------------------
================================================================================
rust-serial_test_derive1-1.0.0-1.el9 (FEDORA-EPEL-2023-496c9a206b)
Helper crate for serial_test
--------------------------------------------------------------------------------
Update Information:
- Update the serial_test and serial_test_derive crates to version 2.0.0. - Add
compat packages for version 1 of the serial_test and serial_test_derive crates.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 22 2023 Fabio Valentini <decathorpe(a)gmail.com> - 1.0.0-1
- Initial import (serial_test_derive 1 compat package)
--------------------------------------------------------------------------------
================================================================================
singularity-ce-3.11.4-1.el9 (FEDORA-EPEL-2023-57c2a66404)
Application and environment virtualization
--------------------------------------------------------------------------------
Update Information:
Upgrade to 3.11.4 upstream version.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 22 2023 David Trudgian <dtrudg(a)sylabs.io> - 3.11.4-1
- Upgrade to 3.11.4 upstream version.
- This is a compatible upgrade to a new upstream patch version.
--------------------------------------------------------------------------------