Fedora EPEL 9 updates-testing report - epel-devel - Fedora mailing-lists

24 Aug 2023


      The following Fedora EPEL 9 Security updates need testing:
 Age  URL
   7  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-e2fcc4af81   llhttp-8.1.1-1.el9 python-aiohttp-3.8.5-1.el9
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-f08c8f0812   chromium-116.0.5845.96-1.el9
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-e2f8cb1ee1   clamav-1.0.2-1.el9
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-02f7139d40   ntpsec-1.2.2a-1.el9
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-7a43301d55   ImageMagick-6.9.12.93-1.el9
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-f4d52e6818   mosquitto-2.0.17-1.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
boxes-2.2.1-1.el9
    caddy-2.6.4-1.el9
    nickle-2.93-1.el9
    packit-0.79.1-1.el9
    pepc-1.4.32-1.el9
    rust-reqwest-0.11.20-1.el9
Details about builds:
================================================================================
 boxes-2.2.1-1.el9 (FEDORA-EPEL-2023-76286022aa)
 Command line ASCII boxes unlimited!
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 24 2023 Artem Polishchuk ego.cordatus@gmail.com - 2.2.1-1
- chore(update): 2.2.1
* Wed Jul 19 2023 Fedora Release Engineering releng@fedoraproject.org - 2.2.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Jan 18 2023 Fedora Release Engineering releng@fedoraproject.org - 2.2.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
 caddy-2.6.4-1.el9 (FEDORA-EPEL-2023-8849a14e7f)
 Web server with automatic HTTPS
--------------------------------------------------------------------------------
Update Information:
This is an upgrade for caddy from version 2.4.6 to 2.6.4 in order to resolve two
outstanding CVEs.  There are a few relatively minor backwards-incompatible
changes, so this update went to the EPEL Steering Committee for approval.
Please see the mailing list post for more details.
https://lists.fedoraproject.org/archives/list/epel-
devel@lists.fedoraproject.org/thread/CDNDAKTIAQTFTNDHOIHKQJ4B2LAV5ZSS/
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 24 2023 Carl George carlwgeorge@fedoraproject.org - 2.6.4-1
- Update to version 2.6.4
- Add man pages
- Use generated shell completion files instead of static ones
- Add fish shell completions
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2226939 - CVE-2022-28923 caddy: an open redirection vulnerability which allows attackers to redirect users to phishing websites via crafted URLs [epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2226939
  [ 2 ] Bug #2232267 - CVE-2022-41721 caddy: x/net/http2/h2c: request smuggling [epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2232267
--------------------------------------------------------------------------------
================================================================================
 nickle-2.93-1.el9 (FEDORA-EPEL-2023-eb74fe3a27)
 A programming language-based prototyping environment
--------------------------------------------------------------------------------
Update Information:
* Add hex float support to scanf and printf * Fix bug in multiply when one
factor is a power of two
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 24 2023 Michel Alexandre Salim salimma@fedoraproject.org - 2.93-1
- Update to 2.93
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2232948 - nickle-2.93 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2232948
--------------------------------------------------------------------------------
================================================================================
 packit-0.79.1-1.el9 (FEDORA-EPEL-2023-e014d52363)
 A tool for integrating upstream projects with Fedora operating system
--------------------------------------------------------------------------------
Update Information:
Automatic update for packit-0.79.1-1.el9.  ##### **Changelog for packit**  ``` *
Tue Aug 22 2023 Packit hello@packit.dev - 0.79.1-1 - We have fixed a bug in
getting allowed GPG keys when syncing the release for projects with Packit
config   in monorepo format in dist-git. (#2037)  ```
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 22 2023 Packit hello@packit.dev - 0.79.1-1
- We have fixed a bug in getting allowed GPG keys when syncing the release for projects with Packit config
  in monorepo format in dist-git. (#2037)
--------------------------------------------------------------------------------
================================================================================
 pepc-1.4.32-1.el9 (FEDORA-EPEL-2023-b06ebd75ce)
 Power, Energy, and Performance Configurator
--------------------------------------------------------------------------------
Update Information:
Update to 1.4.32
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 23 2023 Ali Erdinc Koroglu aekoroglu@fedoraproject.org 1.4.32-1
- Update to 1.4.32
--------------------------------------------------------------------------------
================================================================================
 rust-reqwest-0.11.20-1.el9 (FEDORA-EPEL-2023-2c0780dad5)
 Higher level HTTP client library
--------------------------------------------------------------------------------
Update Information:
Update to version 0.11.20.  ----  Update to version 0.11.19.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 24 2023 Fabio Valentini decathorpe@gmail.com - 0.11.20-1
- Update to version 0.11.20; Fixes RHBZ#2234025
* Wed Aug 23 2023 Fabio Valentini decathorpe@gmail.com - 0.11.19-1
- Update to version 0.11.19; Fixes RHBZ#2233319
* Fri Jul 21 2023 Fedora Release Engineering releng@fedoraproject.org - 0.11.18-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------