The following Fedora EPEL 9 Security updates need testing: Age URL 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-d573bf038f plantuml-1.2023.11-2.el9 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-09cc239fe3 chromium-117.0.5938.92-2.el9 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-93ac846983 xrdp-0.9.23.1-1.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
clustershell-1.9.2-1.el9 composer-2.6.4-1.el9 fedora-license-data-1.31-1.el9 packit-0.82.0-1.el9 python-url-normalize-1.4.3-1.el9 pythoncapi-compat-0^20230929git671fb69-1.el9
Details about builds:
================================================================================ clustershell-1.9.2-1.el9 (FEDORA-EPEL-2023-f098c37044) Python framework for efficient cluster administration -------------------------------------------------------------------------------- Update Information:
Update to upstream release 1.9.2 -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 29 2023 Stephane Thiell sthiell@stanford.edu 1.9.2-1 - update to 1.9.2 --------------------------------------------------------------------------------
================================================================================ composer-2.6.4-1.el9 (FEDORA-EPEL-2023-9791f0b66c) Dependency Manager for PHP -------------------------------------------------------------------------------- Update Information:
**Version 2.6.4** - 2023-09-29 * Security: Fixed possible remote code execution vulnerability if composer.phar is publicly accessible, executable as PHP, and register_argc_argv is enabled in php.ini (GHSA-jm6m-4632-36hf / **CVE-2023-43655**) * Fixed json output of abandoned packages in audit command (#11647) * Performance improvement in pool optimization step (#11638) * Performance improvement in `show -a <packagename>` (#11659) -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 29 2023 Remi Collet remi@remirepo.net - 2.6.4-1 - update to 2.6.4 --------------------------------------------------------------------------------
================================================================================ fedora-license-data-1.31-1.el9 (FEDORA-EPEL-2023-cde92b8269) Fedora Linux license data -------------------------------------------------------------------------------- Update Information:
Automatic update for fedora-license-data-1.31-1.el9. ##### **Changelog for fedora-license-data** ``` * Fri Sep 29 2023 Miroslav Such�� msuchy@redhat.com 1.31-1 - new license: GPL-2.0-or-later WITH Autoconf-exception-macro - new license: LGPL-3.0-or-later WITH Autoconf-exception-macro - new license: HPND- export-US-modify - Add a public domain dedication from the SWORD Project - Add LPPL-1.2 as not-allowed, add LPPL-1.3a+ as allowed - new license: LGPL-2.1-only WITH Qt-LGPL-exception-1.1 - new license: SGI-OpenGL - Add jhash public domain dedication for QEMU - Add QEMU to the rijndael (AES) public domain license reference - new license: SSH-short - new license: GPL-2.0-or-later WITH UBDL- exception - new license: McPhee-slideshow - new license: HPND-DEC - new license: magaz - new license: ulem - new license: fwlw - new license: Kastrup - Fix names of Linux-syscall-note TOML files - Add reference to EDK2 package public domain code - new license: HPND-sell-regexpr - new license: Cronyx - new license: Lucida-Bitmap-Fonts - new license: LPPL-1.3c - new license: swrule - new license: BSD-Inferno-Nettverk - Some code in OpenSSH has a Public Domain license - new license: ssh-keyscan - new license: HPND-Pbmplus - Add public domain text from mingw-headers/mingw-winpthreads packages - Add public domain test from Augeas project - new license: BSD-Attribution-HPND-disclaimer - new not allowed license: LicenseRef-Tyrian - Add public domain entry for squid ``` -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 29 2023 Miroslav Such�� msuchy@redhat.com 1.31-1 - new license: GPL-2.0-or-later WITH Autoconf-exception-macro - new license: LGPL-3.0-or-later WITH Autoconf-exception-macro - new license: HPND-export-US-modify - Add a public domain dedication from the SWORD Project - Add LPPL-1.2 as not-allowed, add LPPL-1.3a+ as allowed - new license: LGPL-2.1-only WITH Qt-LGPL-exception-1.1 - new license: SGI-OpenGL - Add jhash public domain dedication for QEMU - Add QEMU to the rijndael (AES) public domain license reference - new license: SSH-short - new license: GPL-2.0-or-later WITH UBDL-exception - new license: McPhee-slideshow - new license: HPND-DEC - new license: magaz - new license: ulem - new license: fwlw - new license: Kastrup - Fix names of Linux-syscall-note TOML files - Add reference to EDK2 package public domain code - new license: HPND-sell-regexpr - new license: Cronyx - new license: Lucida-Bitmap-Fonts - new license: LPPL-1.3c - new license: swrule - new license: BSD-Inferno-Nettverk - Some code in OpenSSH has a Public Domain license - new license: ssh-keyscan - new license: HPND-Pbmplus - Add public domain text from mingw-headers/mingw-winpthreads packages - Add public domain test from Augeas project - new license: BSD-Attribution-HPND-disclaimer - new not allowed license: LicenseRef-Tyrian - Add public domain entry for squid --------------------------------------------------------------------------------
================================================================================ packit-0.82.0-1.el9 (FEDORA-EPEL-2023-f2e1fb408e) A tool for integrating upstream projects with Fedora operating system -------------------------------------------------------------------------------- Update Information:
Automatic update for packit-0.82.0-1.el9. ##### **Changelog for packit** ``` * Fri Sep 29 2023 Packit hello@packit.dev - 0.82.0-1 - You can now specify bugs resolved by an update by `-b` or `--resolve-bug` option for `propose-downstream` and `pull-from-upstream` commands. The values will be added by default to the changelog and commit message and provided in `commit-message` and `changelog- entry` actions as `PACKIT_RESOLVED_BUGS` env variable. (#2094) - Resolves rhbz#2240355 * Sat Sep 23 2023 Packit hello@packit.dev - 0.81.0-1 - Packit now supports the `pkg_tool` option in the config (at the top-level or with specific packages when using the monorepo syntax). This option can be used for switching between `fedpkg` or `centpkg`. (#2085) - When updating the `Version` tag during `propose_downstream` or `pull_from_upstream`, Packit now tries to update referenced macros (if any) rather than overwriting the references. (#2087) - If you have concerns about Packit uploading new archives to lookaside cache before creating a pull request, you can newly set `upload_sources` to False to disable this. (#2086) - We have fixed a bug that could cause duplicit PRs to be created when using the `commit-message` action. (#2080) - Packit now supports `commit-message` action that can be used to override the default commit message produced by Packit during `propose-downstream` or `pull-from-upstream`. Please pay attention to our [documentation](https://packit.dev/docs/configuration/actions#commit-message) with regards to the usage of this action. (#2070) ``` ---- Automatic update for packit-0.81.0-1.el9. ##### **Changelog for packit** ``` * Sat Sep 23 2023 Packit hello@packit.dev - 0.81.0-1 - Packit now supports the `pkg_tool` option in the config (at the top-level or with specific packages when using the monorepo syntax). This option can be used for switching between `fedpkg` or `centpkg`. (#2085) - When updating the `Version` tag during `propose_downstream` or `pull_from_upstream`, Packit now tries to update referenced macros (if any) rather than overwriting the references. (#2087) - If you have concerns about Packit uploading new archives to lookaside cache before creating a pull request, you can newly set `upload_sources` to False to disable this. (#2086) - We have fixed a bug that could cause duplicit PRs to be created when using the `commit- message` action. (#2080) - Packit now supports `commit-message` action that can be used to override the default commit message produced by Packit during `propose-downstream` or `pull-from-upstream`. Please pay attention to our [documentation](https://packit.dev/docs/configuration/actions#commit-message) with regards to the usage of this action. (#2070) ``` -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 29 2023 Packit hello@packit.dev - 0.82.0-1 - You can now specify bugs resolved by an update by `-b` or `--resolve-bug` option for `propose-downstream` and `pull-from-upstream` commands. The values will be added by default to the changelog and commit message and provided in `commit-message` and `changelog-entry` actions as `PACKIT_RESOLVED_BUGS` env variable. (#2094) - Resolves rhbz#2240355 * Sat Sep 23 2023 Packit hello@packit.dev - 0.81.0-1 - Packit now supports the `pkg_tool` option in the config (at the top-level or with specific packages when using the monorepo syntax). This option can be used for switching between `fedpkg` or `centpkg`. (#2085) - When updating the `Version` tag during `propose_downstream` or `pull_from_upstream`, Packit now tries to update referenced macros (if any) rather than overwriting the references. (#2087) - If you have concerns about Packit uploading new archives to lookaside cache before creating a pull request, you can newly set `upload_sources` to False to disable this. (#2086) - We have fixed a bug that could cause duplicit PRs to be created when using the `commit-message` action. (#2080) - Packit now supports `commit-message` action that can be used to override the default commit message produced by Packit during `propose-downstream` or `pull-from-upstream`. Please pay attention to our [documentation](https://packit.dev/docs/configuration/actions#commit-message) with regards to the usage of this action. (#2070) --------------------------------------------------------------------------------
================================================================================ python-url-normalize-1.4.3-1.el9 (FEDORA-EPEL-2023-5d464fd883) Python URI normalizator -------------------------------------------------------------------------------- Update Information:
initial specfile -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 29 2023 Andrew Bauer zonexpertconsulting@outlook.com - 1.4.3-1 - initial specfile - 1.4.3 release -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2240783 - Review Request: python-url-normalize - Python URI normalizator https://bugzilla.redhat.com/show_bug.cgi?id=2240783 --------------------------------------------------------------------------------
================================================================================ pythoncapi-compat-0^20230929git671fb69-1.el9 (FEDORA-EPEL-2023-932a4f0b7e) Python C API compatibility -------------------------------------------------------------------------------- Update Information:
Update to `0^20230929git671fb69` - Adds `PyObject_HasAttrWithError()` and `PyObject_HasAttrStringWithError()` functions. - Fixes `PyObject_GetOptionalAttrString()`: set result to `NULL` on error. -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 29 2023 Benjamin A. Beasley code@musicinmybrain.net - 0^20230929git671fb69-1 - Update to 0^20230929git671fb69 - Adds PyObject_HasAttrWithError() and PyObject_HasAttrStringWithError() functions. - Fixes PyObject_GetOptionalAttrString(): set result to NULL on error. --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org