The following Fedora EPEL 7 Security updates need testing: Age URL 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-dadb629ab0 xrdp-0.9.18-5.el7
The following builds have been pushed to Fedora EPEL 7 updates-testing
AMF-1.4.23-1.el7 knot-3.1.6-1.el7 mimedefang-2.86-1.el7 nodejs-16.14.0-2.el7 python-filelock-2.0.13-1.el7
Details about builds:
================================================================================ AMF-1.4.23-1.el7 (FEDORA-EPEL-2022-58928edaa9) Advanced Media Framework (AMF) SDK -------------------------------------------------------------------------------- Update Information:
New package for Advanced Media Framework SDK. -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 10 2022 Simone Caronni negativo17@gmail.com - 1.4.23-1 - First build. --------------------------------------------------------------------------------
================================================================================ knot-3.1.6-1.el7 (FEDORA-EPEL-2022-d93c13d3a4) High-performance authoritative DNS server -------------------------------------------------------------------------------- Update Information:
Update to upstream 3.1.6 -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 10 2022 Jakub Ru��i��ka jakub.ruzicka@nic.cz - 3.1.6-1 - Update to 3.1.6 - Use _sharedstatedir for home --------------------------------------------------------------------------------
================================================================================ mimedefang-2.86-1.el7 (FEDORA-EPEL-2022-3899e8b5f7) E-Mail filtering framework using Sendmail's Milter interface -------------------------------------------------------------------------------- Update Information:
# MIMEDefang 2.86 * Rspamd support by forking `rspamc(1)` binary is now deprecated, added Rspamd support by implementing its protocol * Fallback to plaintext when `md_check_against_smtp_server()` fails SSL connection for unknown reasons -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 11 2022 Robert Scheck robert@fedoraproject.org 2.86-1 - Upgrade to 2.86 (#2033718, #2053245) * Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 2.85-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2033718 - mimedefang-2.86 is available https://bugzilla.redhat.com/show_bug.cgi?id=2033718 [ 2 ] Bug #2053245 - Please upgrade to mimedefang 2.86 or pull fix to non-ASCII characters in dropped attachment file names https://bugzilla.redhat.com/show_bug.cgi?id=2053245 --------------------------------------------------------------------------------
================================================================================ nodejs-16.14.0-2.el7 (FEDORA-EPEL-2022-f762e66b0d) JavaScript runtime -------------------------------------------------------------------------------- Update Information:
## 2022-02-08, Version 16.14.0 'Gallium' (LTS), @danielleadams ### Notable changes #### Importing JSON modules now requires experimental import assertions syntax This release adds experimental support for the import assertions stage 3 proposal. To keep Node.js ESM implementation as compatible as possible with the HTML spec, import assertions are now required to import JSON modules (still behind the `--experimental-json-modules` CLI flag): ```mjs import info from './package.json' assert { type: 'json' }; ``` Or use dynamic import: ```mjs const info = await import('./package.json', { assert: { type: 'json' } }); ``` Contributed by Antoine du Hamel and Geoffrey Booth [#40250](https://github.com/nodejs/node/pull/40250) #### Other notable changes * **async_hooks**: * **(SEMVER-MINOR)** expose async_wrap providers (Rafael Gonzaga) [#40760](https://github.com/nodejs/node/pull/40760) * **child_process**: * **(SEMVER-MINOR)** add support for URL to `cp.fork` (Antoine du Hamel) [#41225](https://github.com/nodejs/node/pull/41225) * **doc**: * add @Mesteery to collaborators (Mestery) [#41543](https://github.com/nodejs/node/pull/41543) * add @bnb as a collaborator (Tierney Cyren) [#41100](https://github.com/nodejs/node/pull/41100) * **esm**: * **(SEMVER-MINOR)** graduate capturerejections to supported (James M Snell) [#41267](https://github.com/nodejs/node/pull/41267) * **(SEMVER- MINOR)** add EventEmitterAsyncResource to core (James M Snell) [#41246](https://github.com/nodejs/node/pull/41246) * **events**: * **(SEMVER- MINOR)** propagate weak option for kNewListener (James M Snell) [#40899](https://github.com/nodejs/node/pull/40899) * **fs**: * **(SEMVER- MINOR)** accept URL as argument for `fs.rm` and `fs.rmSync` (Antoine du Hamel) [#41132](https://github.com/nodejs/node/pull/41132) * **lib**: * **(SEMVER- MINOR)** make AbortSignal cloneable/transferable (James M Snell) [#41050](https://github.com/nodejs/node/pull/41050) * **(SEMVER-MINOR)** add AbortSignal.timeout (James M Snell) [#40899](https://github.com/nodejs/node/pull/40899) * **(SEMVER-MINOR)** add reason to AbortSignal (James M Snell) [#40807](https://github.com/nodejs/node/pull/40807) * **(SEMVER-MINOR)** add unsubscribe method to non-active DC channels (simon-id) [#40433](https://github.com/nodejs/node/pull/40433) * **(SEMVER-MINOR)** add return value for DC channel.unsubscribe (simon-id) [#40433](https://github.com/nodejs/node/pull/40433) * **loader**: * **(SEMVER- MINOR)** return package format from defaultResolve if known (Gabriel Bota) [#40980](https://github.com/nodejs/node/pull/40980) * **perf_hooks**: * **(SEMVER-MINOR)** multiple fixes for Histogram (James M Snell) [#41153](https://github.com/nodejs/node/pull/41153) * **process**: * **(SEMVER-MINOR)** add `getActiveResourcesInfo()` (Darshan Sen) [#40813](https://github.com/nodejs/node/pull/40813) * **src**: * **(SEMVER- MINOR)** add x509.fingerprint512 to crypto module (3nprob) [#39809](https://github.com/nodejs/node/pull/39809) * **(SEMVER-MINOR)** add flags for controlling process behavior (Cheng Zhao) [#40339](https://github.com/nodejs/node/pull/40339) * **stream**: * **(SEMVER- MINOR)** add filter method to readable (Benjamin Gruenbaum) [#41354](https://github.com/nodejs/node/pull/41354) * **(SEMVER-MINOR)** add isReadable helper (Robert Nagy) [#41199](https://github.com/nodejs/node/pull/41199) * **(SEMVER-MINOR)** add map method to Readable (Benjamin Gruenbaum) [#40815](https://github.com/nodejs/node/pull/40815) * deprecate thenable support (Antoine du Hamel) [#40860](https://github.com/nodejs/node/pull/40860) * **util**: * **(SEMVER-MINOR)** pass through the inspect function to custom inspect functions (Ruben Bridgewater) [#41019](https://github.com/nodejs/node/pull/41019) * **(SEMVER-MINOR)** add numericSeparator to util.inspect (Ruben Bridgewater) [#41003](https://github.com/nodejs/node/pull/41003) * **(SEMVER-MINOR)** always visualize cause property in errors during inspection (Ruben Bridgewater) [#41002](https://github.com/nodejs/node/pull/41002) * **timers**: * **(SEMVER- MINOR)** add experimental scheduler api (James M Snell) [#40909](https://github.com/nodejs/node/pull/40909) * **v8**: * **(SEMVER- MINOR)** multi-tenant promise hook api (Stephen Belanger) [#39283](https://github.com/nodejs/node/pull/39283) ---- Fix for CVE-2021-43616 -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 9 2022 Zuzana Svetlikova zsvetlik@redhat.com - 1:16.14.0-2 - Replace explicit version of npm in %check with variable and make build fail if it doesn't match * Tue Feb 8 2022 Stephen Gallagher sgallagh@redhat.com - 1:16.14.0-1 - Update to Node.js 16.14.0 * Thu Feb 3 2022 Stephen Gallagher sgallagh@redhat.com - 1:16.13.2-8 - Update npm to 8.3.1 (CVE-2021-43616) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2050282 - CVE-2021-43616 npm: npm ci succeeds when package-lock.json doesn't match package.json https://bugzilla.redhat.com/show_bug.cgi?id=2050282 --------------------------------------------------------------------------------
================================================================================ python-filelock-2.0.13-1.el7 (FEDORA-EPEL-2022-57b67d1330) A platform independent file lock -------------------------------------------------------------------------------- Update Information:
Update to 2.0.13 Also drop el6 support and add Python 3 subpackage -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 10 2022 Scott K Logan logans@cottsay.net - 2.0.13-1 - Update to 2.0.13 - Drop el6 support - Add Python 3 subpackage --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org