The following Fedora EPEL 9 Security updates need testing:
Age URL
6
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-f6c990ebdd
qpress-20220819-1.el9
1
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-8f2df2e1e2
botan2-2.19.3-1.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
borgmatic-1.7.5-1.el9
csdiff-2.8.0-1.el9
csmock-3.3.5-1.el9
dispenso-1.1.0-1.el9
libass-0.17.0-1.el9
libavif-0.11.1-4.el9
libavif0.10-0.10.1-1.el9
libbluray-1.3.4-1.el9
mock-3.5-1.el9
snapd-2.57.6-1.el9
sympa-6.2.70-1.el9
Details about builds:
================================================================================
borgmatic-1.7.5-1.el9 (FEDORA-EPEL-2022-27f1488f60)
Simple Python wrapper script for borgbackup
--------------------------------------------------------------------------------
Update Information:
Update to 1.7.5 - [#311](https://projects.torsion.org/borgmatic-
collective/borgmatic/issues/311): Override PostgreSQL dump/restore commands via
configuration options. - [#604](https://projects.torsion.org/borgmatic-
collective/borgmatic/issues/604): Fix traceback when a configuration section is
present but lacking any options. -
[#607](https://projects.torsion.org/borgmatic-collective/borgmatic/issues/607):
Clarify documentation examples for include merging and deep merging. -
[#611](https://projects.torsion.org/borgmatic-collective/borgmatic/issues/611):
Fix "data" consistency check to support "check_last" and consistency
"prefix"
options. - [#613](https://projects.torsion.org/borgmatic-
collective/borgmatic/issues/613): Clarify documentation about multiple
repositories and separate configuration files.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 1 2022 Felix Kaechele <felix(a)kaechele.ca> - 1.7.5-1
- update to 1.7.5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2148744 - borgmatic-1.7.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2148744
--------------------------------------------------------------------------------
================================================================================
csdiff-2.8.0-1.el9 (FEDORA-EPEL-2022-b52e5cf0ce)
Non-interactive tools for processing code scan results in plain-text
--------------------------------------------------------------------------------
Update Information:
- update to latest upstream
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 1 2022 Kamil Dudka <kdudka(a)redhat.com> 2.8.0-1
- update to latest upstream release
--------------------------------------------------------------------------------
================================================================================
csmock-3.3.5-1.el9 (FEDORA-EPEL-2022-b52e5cf0ce)
A mock wrapper for Static Analysis tools
--------------------------------------------------------------------------------
Update Information:
- update to latest upstream
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 1 2022 Kamil Dudka <kdudka(a)redhat.com> 3.3.5-1
- update to latest upstream release
--------------------------------------------------------------------------------
================================================================================
dispenso-1.1.0-1.el9 (FEDORA-EPEL-2022-a8abf2eabd)
A library for working with sets of tasks in parallel
--------------------------------------------------------------------------------
Update Information:
### performance and functionality enhancements * CMake changes to allow install
of targets and CMake dispenso target exports (thanks jeffamstutz!) * Addition of
typical container type definitions for ConcurrentVector (thanks Michael Jung!) *
Large performance improvements for Futures and CompletionEvents on MacOs.
Resulted in order-of-magnitude speedups for those use cases on MacOs. * Addition
of new benchmark for performance with infrequent use of `parallel_for`,
`for_latency_benchmark` * Fixes to ensure `parallel_for` works with thread pools
with zero threads (thanks kevinbchen!). Further work has been done to ensure
that thread pools with zero threads simply always run code inline. * By default,
the global thread pool uses one fewer thread than the machine has hardware
threads. This behavior was introduced because dispenso very often runs on the
calling thread as well as pool threads, and so one fewer thread in the pool can
lead to better performance. * Update googletest version to 1.12.1 (thanks
porumbes!) * Add a utility in dispenso to get a thread ID, `threadId`. These
64-bit IDs are unique per thread, and will not be recyled. These values grow
from zero, ensuring the caller can assume they are small if number of threads
also is small (e.g. you won't have an ID of `0xdeadbeef` if you only run
hundreds or thousands of threads in the lifetime of the process). * Add a
utility, `getTime`, to get time quickly. This provides the double-precision
time in seconds since the first call to `getTime` after process start. * Use a
new scheduling mechanism in the thread pool when in Windows. This resulted in
up to a 13x improvement in latency between putting items in the pool and having
those items run. This scheduling is optional, but turned off for Linux and
MacOs since scheduling was already fast on those platforms. * Optimizations to
enable faster scheduling in thread pools. This resulted in a range of 5% to 45%
speedup across multiple benchmarks including `future_benchmark` and
`pipeline_benchmark`. * Fixed a performance bug in work stealing logic; now
dispenso outperforms TBB in the `pipeline_benchmark` * Added a task set
cancellation feature, with a relatively simple mechanism for submitted work to
check if it's owning task set has been cancelled. When creating a task set, you
can optionally opt into parent cancellation propagation as well. While this
propagation is fairly efficient, it did create a noticeable impact on
performance in some cases, and thus it was decided to allow this behavior, but
not penalize performance for those who don't need the behavior.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 1 2022 Michel Alexandre Salim <salimma(a)fedoraproject.org> 1.1.0-1
- Update to 1.1.0
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> 1.0.0-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu Jan 27 2022 Michel Alexandre Salim <salimma(a)fedoraproject.org> 1.0.0-3
- Fix linking against gmock on F34
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2139516 - dispenso-1.1.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2139516
--------------------------------------------------------------------------------
================================================================================
libass-0.17.0-1.el9 (FEDORA-EPEL-2022-ce6a278439)
Portable library for SSA/ASS subtitles rendering
--------------------------------------------------------------------------------
Update Information:
Update to 0.17.0 bugfix release: * Fix various parts relating to automatic
linebreaking * Fix rendering when hinting was enabled and fontsizes or scales
are zero * Switch build to a non-recursive setup for improved parallelism *
Improve quality of SSA Effects movement * Further documentation improvements *
Completely invalid Events are now discarded during parsing * Introduction of
LayoutRes{X,Y} script headers * New AlphaLevel style override to set all alpha
values while keeping the color * Add ASS_FEATURE_WRAP_UNICODE to allow
automatic linebreaks in accordance with the Unicode line breaking algorithm
instead of ASS' much stricter breaking rules. For the feature to be available
at runtime, libass must be linked against the new optional dependency
libunibreak. * Improve VSFilter compatibility: * Fix premature truncation
of animated alphas (was a 0.15.0 regression) * Fix handling of small delay
parameters for legacy SSA Effects * Fix x-scaling with PlayResX * Fix
x-scaling for anamorphic video (except for \be whose scaling remains buggy
in general) * Support SSA's AlphaLevel style field * Support the \kt
override tag from VSFilter's v4++ set * Parse ScriptType headers * Parse
integer header, style and event field values like VSFilter * Ignore trailing
whitespace in an event's text
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 1 2022 Nicolas Chauvet <kwizart(a)gmail.com> - 0.17.0-1
- Update to 0.17.0
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.16.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Sun May 15 2022 Nicolas Chauvet <kwizart(a)gmail.com> - 0.16.0-1
- Update to 0.16.0
--------------------------------------------------------------------------------
================================================================================
libavif-0.11.1-4.el9 (FEDORA-EPEL-2022-385df27ee1)
Library for encoding and decoding .avif files
--------------------------------------------------------------------------------
Update Information:
Update to 0.11.1 and build against dav1d 1.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 1 2022 Kalev Lember <klember(a)redhat.com> 0.11.1-4
- Enable rav1e support for EPEL 9
* Thu Dec 1 2022 Kalev Lember <klember(a)redhat.com> 0.11.1-3
- Fix rav1e conditional for non-RHEL
* Wed Nov 16 2022 Kalev Lember <klember(a)redhat.com> 0.11.1-2
- Fix typo in devel package summary
* Wed Nov 16 2022 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> 0.11.1-1
- Update to 0.11.1
--------------------------------------------------------------------------------
================================================================================
libavif0.10-0.10.1-1.el9 (FEDORA-EPEL-2022-385df27ee1)
Library for encoding and decoding .avif files
--------------------------------------------------------------------------------
Update Information:
Update to 0.11.1 and build against dav1d 1.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 1 2022 Kalev Lember <klember(a)redhat.com> 0.10.1-1
- Initial libavif 0.10 compat package
--------------------------------------------------------------------------------
================================================================================
libbluray-1.3.4-1.el9 (FEDORA-EPEL-2022-772789586e)
Library to access Blu-Ray disks for video playback
--------------------------------------------------------------------------------
Update Information:
- Improve JVM probing
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 30 2022 Xavier Bachelot <xavier(a)bachelot.org> - 1.3.4-1
- Update to 1.3.4 (RHBZ#2149455)
--------------------------------------------------------------------------------
================================================================================
mock-3.5-1.el9 (FEDORA-EPEL-2022-01203e19c5)
Builds packages inside chroots
--------------------------------------------------------------------------------
Update Information:
https://rpm-software-management.github.io/mock/Release-Notes-3.5
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 1 2022 Pavel Raiskup <praiskup(a)redhat.com> 3.5-1
- check for qemu-user-static raises InvalidArchitecture()
- forcearch: map armv7hl to the /usr/bin/qemu-arm-static binary
- more pedantic check for the qemu-*-static binaries
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2143069 - mock requires /usr/bin/qemu-x86_64-static when trying to build for
armv7hl on aarch64
https://bugzilla.redhat.com/show_bug.cgi?id=2143069
--------------------------------------------------------------------------------
================================================================================
snapd-2.57.6-1.el9 (FEDORA-EPEL-2022-48ffd03f66)
A transactional software package manager
--------------------------------------------------------------------------------
Update Information:
Update to the latest upstream release 2.57.6. Includes fixes for CVE 2022-3328.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 30 2022 Maciek Borzecki <maciek.borzecki(a)gmail.com>
- Release 2.57.6 to Fedora
* Tue Nov 15 2022 Michael Vogt <michael.vogt(a)ubuntu.com>
- New upstream release 2.57.6
- bugfixes
* Mon Oct 17 2022 Michael Vogt <michael.vogt(a)ubuntu.com>
- New upstream release 2.57.5
- image: clean snapd mount after preseeding
- wrappers,snap/quota: clear LogsDirectory= in the service unit
for journal namespaces
- cmd/snap,daemon: allow zero values from client to daemon for
journal rate-limit
- interfaces: steam-support allow pivot /run/media and /etc/nvidia
mount
- o/ifacestate: introduce DebugAutoConnectCheck hook
- release, snapd-apparmor, syscheck: distinguish WSL1 and WSL2
- autopkgtests: fix running autopkgtest on kinetic
- interfaces: add microceph interface
- interfaces: steam-support allow additional mounts
- many: add stub services
- interfaces: add kconfig paths to system-observe
- i/b/system_observe: honour root dir when checking for
/boot/config-*
- interfaces: grant access to speech-dispatcher socket
- interfaces: rework logic of unclashMountEntries
* Thu Sep 29 2022 Michael Vogt <michael.vogt(a)ubuntu.com>
- New upstream release 2.57.4
- release, snapd-apparmor: fixed outdated WSL detection
- overlord/ifacestate: fix conflict detection of auto-connection
- overlord: run install-device hook during factory reset
- image/preseed/preseed_linux: add missing new line
- boot: add factory-reset cases for boot-flags.
- interfaces: added read/write access to /proc/self/coredump_filter
for process-control
- interfaces: add read access to /proc/cgroups and
/proc/sys/vm/swappiness to system-observe
- fde: run fde-reveal-key with `DefaultDependencies=no`
- snapdenv: added wsl to userAgent
- tests: fix restore section for persistent-journal-namespace
- i/b/mount-control: add optional `/` to umount rules
- cmd/snap-bootstrap: changes to be able to boot classic rootfs
- cmd/snap-bootstrap: add CVM mode
* Thu Sep 15 2022 Michael Vogt <michael.vogt(a)ubuntu.com>
- New upstream release 2.57.3
- wrappers: journal namespaces did not honor journal.persistent
- snap/quota,wrappers: allow using 0 values for the journal rate to
override the system default values
- multiple: clear up naming convention for cpu-set quota
- i/b/mount-control: allow custom filesystem types
- i/b/system-observe: allow reading processes security label
- sandbox/cgroup: don't check V1 cgroup if V2 is active
- asserts,boot,secboot: switch to a secboot version measuring
classic
* Fri Sep 2 2022 Michael Vogt <michael.vogt(a)ubuntu.com>
- New upstream release 2.57.2
- store/tooling,tests: support UBUNTU_STORE_URL override env var
- packaging/*/tests/integrationtests: reload ssh.service, not
sshd.service
- tests: check snap download with snapcraft v7+ export-login auth
data
- store/tooling: support using snapcraft v7+ base64-encoded auth
data
- many: progress bars should use the overridable stdouts
- many: refactor store code to be able to use simpler form of auth
creds
- snap,store: drop support/consideration for anonymous download urls
- data: include snapd/mounts in preseeded blob
- many: Set SNAPD_APPARMOR_REEXEC=1
- overlord: track security profiles for non-active snaps
* Wed Aug 10 2022 Alberto Mardegan <alberto.mardegan(a)canonical.com>
- New upstream release 2.57.1
- cmd/snap-update-ns: handle mountpoint removal failures with EBUSY
- cmd/snap-update-ns: print current mount entries
- cmd/snap-update-ns: check the unused mounts with a cleaned path
- snap-confine: disable -Werror=array-bounds in __overflow tests to
fix build error on Ubuntu 22.10
- systemd: add `WantedBy=default.target` to snap mount units
(LP: #1983528)
* Thu Jul 28 2022 Michael Vogt <michael.vogt(a)ubuntu.com>
- New upstream release 2.57
- tests: Fix calls to systemctl is-system-running
- osutil/disks: handle GPT for 4k disk and too small tables
- packaging: import change from the 2.54.3-1.1 upload
- many: revert "features: disable refresh-app-awarness by default
again"
- tests: improve robustness of preparation for regression/lp-1803542
- tests: get the ubuntu-image binary built with test keys
- tests: remove commented code from lxd test
- interfaces/builtin: add more permissions for steam-support
- tests: skip interfaces-network-control on i386
- tests: tweak the "tests/nested/manual/connections" test
- interfaces: posix-mq: allow specifying message queue paths as an
array
- bootloader/assets: add ttyS0,115200n8 to grub.cfg
- i/b/desktop,unity7: remove name= specification on D-Bus signals
- tests: ensure that microk8s does not produce DENIED messages
- many: support non-default provenance snap-revisions in
DeriveSideInfo
- tests: fix `core20-new-snapd-does-not-break-old-initrd` test
- many: device and provenance revision authority cross checks
- tests: fix nested save-data test on 22.04
- sandbox/cgroup: ignore container slices when tracking snaps
- tests: improve 'ignore-running' spread test
- tests: add `debug:` section to `tests/nested/manual/connections`
- tests: remove leaking `pc-kernel.snap` in `repack_kernel_snap`
- many: preparations for revision authority cross checks including
device scope
- daemon,overlord/servicestate: followup changes from PR #11960 to
snap logs
- cmd/snap: fix visual representation of 'AxB%' cpu quota modifier.
- many: expose and support provenance from snap.yaml metadata
- overlord,snap: add support for per-snap storage on ubuntu-save
- nested: fix core-early-config nested test
- tests: revert lxd change to support nested lxd launch
- tests: add invariant check for leftover cgroup scopes
- daemon,systemd: introduce support for namespaces in 'snap logs'
- cmd/snap: do not track apps that wish to stay outside of the life-
cycle system
- asserts: allow classic + snaps models and add distribution to
model
- cmd/snap: add snap debug connections/connection commands
- data: start snapd after time-set.target
- tests: remove ubuntu 21.10 from spread tests due to end of life
- tests: Update the whitebox word to avoid inclusive naming issues
- many: mount gadget in run folder
- interfaces/hardware-observe: clean up reading access to sysfs
- tests: use overlayfs for interfaces-opengl-nvidia test
- tests: update fake-netplan-apply test for 22.04
- tests: add executions for ubuntu 22.04
- tests: enable centos-9
- tests: make more robust the files check in preseed-core20 test
- bootloader/assets: add fallback entry to grub.cfg
- interfaces/apparmor: add permissions for per-snap directory on
ubuntu-save partition
- devicestate: add more path to `fixupWritableDefaultDirs()`
- boot,secboot: reset DA lockout counter after successful boot
- many: Revert "overlord,snap: add support for per-snap storage on
ubuntu-save"
- overlord,snap: add support for per-snap storage on ubuntu-save
- tests: exclude centos-7 from kernel-module-load test
- dirs: remove unused SnapAppArmorAdditionalDir
- boot,device: extract SealedKey helpers from boot to device
- boot,gadget: add new `device.TpmLockoutAuthUnder()` and use it
- interfaces/display-control: allow changing brightness value
- asserts: add more context to key expiry error
- many: introduce IsUndo flag in LinkContext
- i/apparmor: allow calling which.debianutils
- tests: new profile id for apparmor in test preseed-core20
- tests: detect 403 in apt-hooks and skip test in this case
- overlord/servicestate: restart the relevant journald service when
a journal quota group is modified
- client,cmd/snap: add journal quota frontend (5/n)
- gadget/device: introduce package which provides helpers for
locations of things
- features: disable refresh-app-awarness by default again
- many: install bash completion files in writable directory
- image: fix handling of var/lib/extrausers when preseeding
uc20
- tests: force version 2.48.3 on xenial ESM
- tests: fix snap-network-erros on uc16
- cmd/snap-confine: be compatible with a snap rootfs built as a
tmpfs
- o/snapstate: allow install of unasserted gadget/kernel on
dangerous models
- interfaces: dynamic loading of kernel modules
- many: add optional primary key provenance to snap-revision, allow
delegating via snap-declaration revision-authority
- tests: fix boringcripto errors in centos7
- tests: fix snap-validate-enforce in opensuse-tumbleweed
- test: print User-Agent on failed checks
- interfaces: add memory stats to system_observe
- interfaces/pwm: Remove implicitOnCore/implicitOnClassic
- spread: add openSUSE Leap 15.4
- tests: disable core20-to-core22 nested test
- tests: fix nested/manual/connections test
- tests: add spread test for migrate-home command
- overlord/servicestate: refresh security profiles when services are
affected by quotas
- interfaces/apparmor: add missing apparmor rules for journal
namespaces
- tests: add nested test variant that adds 4k sector size
- cmd/snap: fix test failing due to timezone differences
- build-aux/snap: build against the snappy-dev/image PPA
- daemon: implement api handler for refresh with enforced validation
sets
- preseed: suggest to install "qemu-user-static"
- many: add migrate-home debug command
- o/snapstate: support passing validation sets to storehelpers via
RevisionOptions
- cmd/snapd-apparmor: fix unit tests on distros which do not support
reexec
- o/devicestate: post factory reset ensure, spread test update
- tests/core/basic20: Enable on uc22
- packaging/arch: install snapd-apparmor
- o/snapstate: support migrating snap home as change
- tests: enable snapd.apparmor service in all the opensuse systems
- snapd-apparmor: add more integration-ish tests
- asserts: store required revisions for missing snaps in
CheckInstalledSnaps
- overlord/ifacestate: fix path for journal redirect
- o/devicestate: factory reset with encryption
- cmd/snapd-apparmor: reimplement snapd-apparmor in Go
- squashfs: improve error reporting when `unsquashfs` fails
- o/assertstate: support multiple extra validation sets in
EnforcedValidationSets
- tests: enable mount-order-regression test for arm devices
- tests: fix interfaces network control
- interfaces: update AppArmor template to allow read the memory ���
- cmd/snap-update-ns: add /run/systemd to unrestricted paths
- wrappers: fix LogNamespace being written to the wrong file
- boot: release the new PCR handles when sealing for factory reset
- tests: add support fof uc22 in test uboot-unpacked-assets
- boot: post factory reset cleanup
- tests: add support for uc22 in listing test
- spread.yaml: add ubuntu-22.04-06 to qemu-nested
- gadget: check also mbr type when testing for implicit data
partition
- interfaces/system-packages-doc: allow read-only access to
/usr/share/cups/doc-root/ and /usr/share/gimp/2.0/help/
- tests/nested/manual/core20-early-config: revert changes that
disable netplan checks
- o/ifacestate: warn if the snapd.apparmor service is disabled
- tests: add spread execution for fedora 36
- overlord/hookstate/ctlcmd: fix timestamp coming out of sync in
unit tests
- gadget/install: do not assume dm device has same block size as
disk
- interfaces: update network-control interface with permissions
required by resolvectl
- secboot: stage and transition encryption keys
- secboot, boot: support and use alternative PCR handles during
factory reset
- overlord/ifacestate: add journal bind-mount snap layout when snap
is in a journal quota group (4/n)
- secboot/keymgr, cmd/snap-fde-keymgr: two step encryption key
change
- cmd/snap: cleanup and make the code a bit easier to read/maintain
for quota options
- overlord/hookstate/ctlcmd: add 'snapctl model' command (3/3)
- cmd/snap-repair: fix snap-repair tests silently failing
- spread: drop openSUSE Leap 15.2
- interfaces/builtin: remove the name=org.freedesktop.DBus
restriction in cups-control AppArmor rules
- wrappers: write journald config files for quota groups with
journal quotas (3/n)
- o/assertstate: auto aliases for apps that exist
- o/state: use more detailed NoStateError in state
- tests/main/interfaces-browser-support: verify jupyter notebooks
access
- o/snapstate: exclude services from refresh app awareness hard
running check
- tests/main/nfs-support: be robust against umount failures
- tests: update centos images and add new centos 9 image
- many: print valid/invalid status on snap validate --monitor
- secboot, boot: TPM provisioning mode enum, introduce
reprovisioning
- tests: allow to re-execute aborted tests
- cmd/snapd-apparmor: add explicit WSL detection to
is_container_with_internal_policy
- tests: avoid launching lxd inside lxd on cloud images
- interfaces: extra htop apparmor rules
- gadget/install: encrypted system factory reset support
- secboot: helpers for dealing with PCR handles and TPM resources
- systemd: improve error handling for systemd-sysctl command
- boot, secboot: separate the TPM provisioning and key sealing
- o/snapstate: fix validation sets restoring and snap revert on
failed refresh
- interfaces/builtin/system-observe: extend access for htop
- cmd/snap: support custom apparmor features dir with snap prepare-
image
- interfaces/mount-observe: Allow read access to /run/mount/utab
- cmd/snap: add help strings for set-quota options
- interfaces/builtin: add README file
- cmd/snap-confine: mount support cleanups
- overlord: execute snapshot cleanup in task
- i/b/accounts_service: fix path of introspectable objects
- interfaces/opengl: update allowed PCI accesses for RPi
- configcore: add core.system.ctrl-alt-del-action config option
- many: structured startup timings
- spread: switch back to building ubuntu-image from source
- many: optional recovery keys
- tests/lib/nested: fix unbound variable
- run-checks: fail on equality checks w/ ErrNoState
- snap-bootstrap: Mount as private
- tests: Test for gadget connections
- tests: set `br54.dhcp4=false` in the netplan-cfg test
- tests: core20 preseed/nested spread test
- systemd: remove the systemctl stop timeout handling
- interfaces/shared-memory: Update AppArmor permissions for
mmap+link
- many: replace ErrNoState equality checks w/ errors.Is()
- cmd/snap: exit w/ non-zero code on missing snap
- systemd: fix snapd systemd-unit stop progress notifications
- .github: Trigger daily riscv64 snapd edge builds
- interfaces/serial-port: add ttyGS to serial port allow list
- interfaces/modem-manager: Don't generate DBus plug policy
- tests: add spread test to test upgrade from release snapd to
current
- wrappers: refactor EnsureSnapServices
- testutil: add ErrorIs test checker
- tests: import spread shellcheck changes
- cmd/snap-fde-keymgr: best effort idempotency of add-recovery-key
- interfaces/udev: refactor handling of udevadm triggers for input
- secboot: support for changing encryption keys via keymgr
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.56.2-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jul 19 2022 Maxwell G <gotmax(a)e.email> - 2.56.2-4
- Rebuild for CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in
golang
* Wed Jul 13 2022 Michael Vogt <michael.vogt(a)ubuntu.com>
- New upstream release 2.56.3
- devicestate: add more path to `fixupWritableDefaultDirs()`
- many: introduce IsUndo flag in LinkContext
- i/apparmor: allow calling which.debianutils
- interfaces: update AppArmor template to allow reading snap's
memory statistics
- interfaces: add memory stats to system_observe
- i/b/{mount,system}-observe: extend access for htop
- features: disable refresh-app-awarness by default again
- image: fix handling of var/lib/extrausers when preseeding
uc20
- interfaces/modem-manager: Don't generate DBus policy for plugs
- interfaces/modem-manager: Only generate DBus plug policy on
Core
- interfaces/serial_port_test: fix static-checks errors
- interfaces/serial-port: add USB gadget serial devices (ttyGSX) to
allowed list
- interface/serial_port_test: adjust variable IDs
* Sun Jul 10 2022 Maxwell G <gotmax(a)e.email> - 2.56.2-2
- Only build on %golang_arches (i.e. where golang is available).
- Rebuild to fix update ordering issues.
* Sat Jul 9 2022 Maxwell G <gotmax(a)e.email> - 2.56.2-2
- Rebuild for CVE-2022-{24675,28327,29526 in golang}
--------------------------------------------------------------------------------
================================================================================
sympa-6.2.70-1.el9 (FEDORA-EPEL-2022-6a2e669538)
Powerful multilingual List Manager
--------------------------------------------------------------------------------
Update Information:
First EPEL 8 and EPEL 9 build
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 30 2022 Xavier Bachelot <xavier(a)bachelot.org> 6.2.70-1
- Update to 6.2.70
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
6.2.68-1.1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jan 25 2022 Xavier Bachelot <xavier(a)bachelot.org> 6.2.68-1
- Update to 6.2.68
- Dont unbundle jquery-ui on EL9
- Use Archive::Zip::SimpleZip instead of Archive::Zip where available
* Sat Jan 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
6.2.66-1.1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Tue Oct 5 2021 Xavier Bachelot <xavier(a)bachelot.org> 6.2.66-1
- Update to 6.2.66
* Thu Jul 15 2021 Xavier Bachelot <xavier(a)bachelot.org> 6.2.64-1
- Update to 6.2.64
- Fix jquery-ui unbundling
- Add 2 upstream patches
* Tue Apr 27 2021 Xavier Bachelot <xavier(a)bachelot.org> 6.2.62-1
- Update to 6.2.62
- Fixes CVE-2020-26880 (RHBZ#1886232 - RHBZ#1886233)
- Unbundle jquery-ui
- Unbundle jquery on EL8
* Tue Mar 2 2021 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 6.2.60-2.1
- Rebuilt for updated systemd-rpm-macros
See
https://pagure.io/fesco/issue/2583.
* Wed Feb 17 2021 Xavier Bachelot <xavier(a)bachelot.org> 6.2.60-2
- Prepare for jquery-ui retirement in F34
- Remove conditionals for F31
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
6.2.60-1.1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Mon Jan 4 2021 Xavier Bachelot <xavier(a)bachelot.org> 6.2.60-1
- Update to 6.2.60
- Fixes CVE-2020-29668 (RHBZ#1906576)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1749385 - Sympa for EL8
https://bugzilla.redhat.com/show_bug.cgi?id=1749385
[ 2 ] Bug #2028935 - sympa for EPEL 9
https://bugzilla.redhat.com/show_bug.cgi?id=2028935
--------------------------------------------------------------------------------