The following Fedora 37 Security updates need testing:
Age URL
4
https://bodhi.fedoraproject.org/updates/FEDORA-2023-bde7913e5a
python-django3-3.2.18-1.fc37
4
https://bodhi.fedoraproject.org/updates/FEDORA-2023-dcf1c398fb
stb-0^20230129git5736b15-0.2.fc37
3
https://bodhi.fedoraproject.org/updates/FEDORA-2023-8b700042ac
golang-github-projectdiscovery-chaos-client-0.4.0-3.fc37
3
https://bodhi.fedoraproject.org/updates/FEDORA-2023-80fbbe0f3c usd-22.05b-13.fc37
3
https://bodhi.fedoraproject.org/updates/FEDORA-2023-c17427d18a
rust-sequoia-octopus-librnp-1.4.1-5.fc37 rust-sequoia-sop-0.26.1-5.fc37
rust-sequoia-sq-0.26.0-5.fc37
2
https://bodhi.fedoraproject.org/updates/FEDORA-2023-424636c7cb
perl-HTTP-Daemon-6.16-1.fc37
1
https://bodhi.fedoraproject.org/updates/FEDORA-2023-c487bde4b4
libtpms-0.9.6-1.fc37
The following Fedora 37 Critical Path updates have yet to be approved:
Age URL
79
https://bodhi.fedoraproject.org/updates/FEDORA-2022-bf8feea173 lorax-37.10-1.fc37
9
https://bodhi.fedoraproject.org/updates/FEDORA-2023-bfb3c52703
fedora-appstream-metadata-20230220-1.fc37
7
https://bodhi.fedoraproject.org/updates/FEDORA-2023-a8971b1f50
freerdp-2.10.0-1.fc37
4
https://bodhi.fedoraproject.org/updates/FEDORA-2023-4e7ac081d0
xorg-x11-drv-amdgpu-23.0.0-1.fc37
2
https://bodhi.fedoraproject.org/updates/FEDORA-2023-568a3be5b8
checkpolicy-3.5-1.fc37 libselinux-3.5-1.fc37 libsemanage-3.5-1.fc37 libsepol-3.5-1.fc37
mcstrans-3.5-1.fc37 policycoreutils-3.5-1.fc37 secilc-3.5-1.fc37
2
https://bodhi.fedoraproject.org/updates/FEDORA-2023-07c239ac0d
qt5-qtbase-5.15.8-6.fc37
1
https://bodhi.fedoraproject.org/updates/FEDORA-2023-c487bde4b4
libtpms-0.9.6-1.fc37
1
https://bodhi.fedoraproject.org/updates/FEDORA-2023-7a64f7bb90
rpcbind-1.2.6-3.rc2.fc37
1
https://bodhi.fedoraproject.org/updates/FEDORA-2023-33f6d232ca
annobin-11.11-1.fc37
1
https://bodhi.fedoraproject.org/updates/FEDORA-2023-54b16a1e08
zchunk-1.3.0-1.fc37
1
https://bodhi.fedoraproject.org/updates/FEDORA-2023-54e066eb05
samba-4.17.5-2.fc37
1
https://bodhi.fedoraproject.org/updates/FEDORA-2023-953c5181b8
vte291-0.70.3-1.fc37
The following builds have been pushed to Fedora 37 updates-testing
CGAL-5.5.2-2.fc37
ansible-7.3.0-1.fc37
ansible-collection-community-docker-3.4.2-1.fc37
ansible-collection-community-general-6.4.0-1.fc37
ansible-core-2.14.3-1.fc37
aqbanking-6.5.4-1.fc37
centpkg-0.7.1-1.fc37
cmake-3.26.0~rc5-1.fc37
container-selinux-2.201.0-1.fc37
crash-gcore-command-1.6.4-1.fc37
cryptobone-1.5-1.fc37
fedpkg-1.44-2.fc37
fotoxx-23.2-1.fc37
golang-github-rivo-uniseg-0.4.4-2.fc37
google-api-python-client-2.80.0-1.fc37
ibm-plex-fonts-6.2.0-1.fc37
mrack-1.13.3-1.fc37
nodejs18-18.14.2-5.fc37
obs-build-20230228-415.1.1.fc37
osbuild-composer-76-1.fc37
podman-4.4.2-2.fc37
python-jenkins-job-builder-4.3.0-1.fc37
python-productmd-1.35-1.fc37
qatlib-23.02.0-1.fc37
redis-7.0.9-1.fc37
rpkg-1.66-3.fc37
rust-bytemuck-1.13.1-1.fc37
rust-memsec-0.6.3-1.fc37
rust-tokio-1.26.0-1.fc37
selint-1.4.0-1.fc37
stargz-snapshotter-0.14.1-1.fc37
tigervnc-1.13.1-1.fc37
tkrzw-1.0.26-1.fc37
Details about builds:
================================================================================
CGAL-5.5.2-2.fc37 (FEDORA-2023-1e6b550a9b)
Computational Geometry Algorithms Library
--------------------------------------------------------------------------------
Update Information:
Upstream release: [
CGAL-5.5.2](https://www.cgal.org/2023/02/28/cgal552/)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 28 2023 Laurent Rineau <laurent.rineau(a)cgal.org> - 5.5.2-2
- Update to 5.5.2 (#2174148)
- CGAL-demos-source is now noarch
* Wed Jan 18 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 5.5.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
ansible-7.3.0-1.fc37 (FEDORA-2023-1e596f4ad5)
Curated set of Ansible collections included in addition to ansible-core
--------------------------------------------------------------------------------
Update Information:
Update to ansible-core 2.14.3 and ansible 7.3.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Maxwell G <maxwell(a)gtmx.me> - 7.3.0-1
- Update to 7.3.0.
--------------------------------------------------------------------------------
================================================================================
ansible-collection-community-docker-3.4.2-1.fc37 (FEDORA-2023-30d358ddb7)
Ansible modules and plugins for working with Docker
--------------------------------------------------------------------------------
Update Information:
Update to 3.4.2. Fixes rhbz#2172008.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Maxwell G <maxwell(a)gtmx.me> - 3.4.2-1
- Update to 3.4.2. Fixes rhbz#2172008.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2172008 - ansible-collection-community-docker-3.4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2172008
--------------------------------------------------------------------------------
================================================================================
ansible-collection-community-general-6.4.0-1.fc37 (FEDORA-2023-edbc703379)
Modules and plugins supported by Ansible community
--------------------------------------------------------------------------------
Update Information:
Update to 6.4.0. Fixes rhbz#2173790.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Maxwell G <maxwell(a)gtmx.me> - 6.4.0-1
- Update to 6.4.0. Fixes rhbz#2173790.
* Thu Feb 9 2023 Maxwell G <gotmax(a)e.email> - 6.3.0-1
- Update to 6.3.0. Fixes rhbz#2166202.
* Wed Jan 18 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 6.2.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2173790 - ansible-collection-community-general-6.4.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2173790
--------------------------------------------------------------------------------
================================================================================
ansible-core-2.14.3-1.fc37 (FEDORA-2023-1e596f4ad5)
A radically simple IT automation system
--------------------------------------------------------------------------------
Update Information:
Update to ansible-core 2.14.3 and ansible 7.3.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Maxwell G <maxwell(a)gtmx.me> - 2.14.3-1
- Update to 2.14.3.
--------------------------------------------------------------------------------
================================================================================
aqbanking-6.5.4-1.fc37 (FEDORA-2023-58324e6aa8)
A library for online banking functions and financial data import/export
--------------------------------------------------------------------------------
Update Information:
6.5.4
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Gwyn Ciesla <gwync(a)protonmail.com> - 6.5.4-1
- 6.5.4
* Wed Jan 18 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 6.5.3-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2174507 - aqbanking-6.5.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2174507
--------------------------------------------------------------------------------
================================================================================
centpkg-0.7.1-1.fc37 (FEDORA-2023-75ca0a63d9)
CentOS utility for working with dist-git
--------------------------------------------------------------------------------
Update Information:
Latest upstream
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Troy Dawson <tdawson(a)redhat.com> - 0.7.1-1
- Latest upstream
* Tue Feb 28 2023 Troy Dawson <tdawson(a)redhat.com> - 0.7.0-1
- Latest upstream - adds --rhel-target feature
* Wed Jan 18 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.6.9-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
cmake-3.26.0~rc5-1.fc37 (FEDORA-2023-50eaaa264a)
Cross-platform make system
--------------------------------------------------------------------------------
Update Information:
Update to cmake-3.26.0-rc5.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Bj��rn Esser <besser82(a)fedoraproject.org> - 3.26.0~rc5-1
- cmake-3.26.0-rc5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2174456 - cmake-3.26.0-rc5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2174456
--------------------------------------------------------------------------------
================================================================================
container-selinux-2.201.0-1.fc37 (FEDORA-2023-e4b30443ab)
SELinux policies for container runtimes
--------------------------------------------------------------------------------
Update Information:
auto bump to v2.201.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 22 2023 RH Container Bot <rhcontainerbot(a)fedoraproject.org> - 2:2.201.0-1
- auto bump to v2.201.0
* Wed Feb 8 2023 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 2:2.200.0-1
- bump to v2.200.0
--------------------------------------------------------------------------------
================================================================================
crash-gcore-command-1.6.4-1.fc37 (FEDORA-2023-ed2742c0c5)
Gcore extension module for the crash utility
--------------------------------------------------------------------------------
Update Information:
coredump: fix building failure due to undefined macros MAPLE_TREE_{COUNT,GATHER}
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 HATAYAMA Daisuke <d.hatayama(a)fujitsu.com> - 1.6.4-1
- coredump: fix building failure due to undefined macros MAPLE_TREE_{COUNT,GATHER}
* Wed Mar 1 2023 HATAYAMA Daisuke <d.hatayama(a)fujitsu.com> - 1.6.4-0
- Update to latest upstream release
--------------------------------------------------------------------------------
================================================================================
cryptobone-1.5-1.fc37 (FEDORA-2023-df26a11c45)
Secure Communication Under Your Control
--------------------------------------------------------------------------------
Update Information:
This is a major update that improves the mail exchange and GUI.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 28 2023 Ralf Senderek <innovation(a)senderek.ie> - 1.5-1
- Update email transport and GUI
--------------------------------------------------------------------------------
================================================================================
fedpkg-1.44-2.fc37 (FEDORA-2023-e7db0e991f)
Fedora utility for working with dist-git
--------------------------------------------------------------------------------
Update Information:
A new release presents these changes: *
https://docs.pagure.org/fedpkg/releases/1.44.html *
https://docs.pagure.org/rpkg/releases/1.66.html +Patch
https://bodhi.fedoraproject.org/updates/FEDORA-2023-e7db0e991f
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Ond��ej Nosek <onosek(a)redhat.com> - 1.44-2
- Require a bumped rpkg version
* Mon Feb 20 2023 Ond��ej Nosek <onosek(a)redhat.com> - 1.44-1
- Do not execute unittests for old bodhi-client (onosek)
- New command `disable-monitoring` (onosek)
- Set default_branch_merge to 'rawhide' (otto.liljalaakso)
- `fedpkg update`: can handle $EDITOR with arguments - #492 (onosek)
- Add Jenkinsfile for CI (onosek)
* Mon Jan 30 2023 Miro Hron��ok <mhroncok(a)redhat.com> - 1.43-3
- Rebuilt to change Python shebangs to /usr/bin/python3.6 on EPEL 8
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.43-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
fotoxx-23.2-1.fc37 (FEDORA-2023-97b84a8771)
Photo editor
--------------------------------------------------------------------------------
Update Information:
23.2
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Gwyn Ciesla <gwync(a)protonmail.com> - 23.2-1
- 23.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2174357 - fotoxx-23.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2174357
--------------------------------------------------------------------------------
================================================================================
golang-github-rivo-uniseg-0.4.4-2.fc37 (FEDORA-2023-2eb0cee7a5)
Unicode Text Segmentation, Word Wrapping, and String Width Calculation in Go
--------------------------------------------------------------------------------
Update Information:
Update to 0.4.4
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Mikel Olasagasti Uranga <mikel(a)olasagasti.info> - 0.4.4-2
- Update to 0.4.4 - Closes rhbz#2172526
* Wed Mar 1 2023 Mikel Olasagasti Uranga <mikel(a)olasagasti.info> - 0.4.4-1
- Update to 0.4.4 - Closes rhbz#2172526
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.4.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
google-api-python-client-2.80.0-1.fc37 (FEDORA-2023-6eb109948a)
Google APIs Client Library for Python
--------------------------------------------------------------------------------
Update Information:
Update to 2.80.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Mikel Olasagasti Uranga <mikel(a)olasagasti.info> - 2:2.80.0-1
- Update to 2.80.0 - Closes rhbz#2172245
--------------------------------------------------------------------------------
================================================================================
ibm-plex-fonts-6.2.0-1.fc37 (FEDORA-2023-cf564770ce)
IBM Plex, the new IBM set of coordinated grotesque corporate fonts
--------------------------------------------------------------------------------
Update Information:
Update to 6.2.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Michael Kuhn <suraia(a)fedoraproject.org> - 6.2.0-1
- Update to 6.2.0
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 6.1.1-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2173902 - ibm-plex-fonts-6.2.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2173902
--------------------------------------------------------------------------------
================================================================================
mrack-1.13.3-1.fc37 (FEDORA-2023-ef88906075)
Multicloud use-case based multihost async provisioner
--------------------------------------------------------------------------------
Update Information:
Automatic update for mrack-1.13.3-1.fc37. ##### **Changelog for mrack** ``` *
Wed Mar 01 2023 Tibor Dudl��k <tdudlak(a)redhat.com> - 1.13.3-1 - 0f62237
fix(OpenStack): await loading limits to not break provisioning (Tibor Dudl��k) *
Wed Mar 01 2023 Tibor Dudl��k <tdudlak(a)redhat.com> - 1.13.2-1 - 06f18d1 fix: Use
get method when host error object is a dictionary (Tibor Dudl��k) - fd33d68
fix(Beaker): rerurn common dictionary when validation fails (Tibor Dudl��k) -
b6c5ef4 fix(OpenStack): Add exception parameter when validation fails (Tibor
Dudl��k) - fa2c779 fix(OpenStack): load limits properly by one method (Tibor
Dudl��k) - 61e515f chore: change back mrack dist release to 1 (Tibor Dudl��k) ```
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Tibor Dudl��k <tdudlak(a)redhat.com> - 1.13.3-1
- 0f62237 fix(OpenStack): await loading limits to not break provisioning (Tibor Dudl��k)
* Wed Mar 1 2023 Tibor Dudl��k <tdudlak(a)redhat.com> - 1.13.2-1
- 06f18d1 fix: Use get method when host error object is a dictionary (Tibor Dudl��k)
- fd33d68 fix(Beaker): rerurn common dictionary when validation fails (Tibor Dudl��k)
- b6c5ef4 fix(OpenStack): Add exception parameter when validation fails (Tibor Dudl��k)
- fa2c779 fix(OpenStack): load limits properly by one method (Tibor Dudl��k)
- 61e515f chore: change back mrack dist release to 1 (Tibor Dudl��k)
--------------------------------------------------------------------------------
================================================================================
nodejs18-18.14.2-5.fc37 (FEDORA-2023-8eb9c9fdf1)
JavaScript runtime
--------------------------------------------------------------------------------
Update Information:
## 2023-02-21, Version 18.14.2 'Hydrogen' (LTS), @MylesBorins ### Notable
Changes * \[[`f864bef32a`](https://github.com/nodejs/node/commit/f864bef32a)] -
**deps**: upgrade npm to 9.5.0 (npm team)
[#46673](https://github.com/nodejs/node/pull/46673) ### Commits *
\[[`880a65d7ff`](https://github.com/nodejs/node/commit/880a65d7ff)] - **build**:
delete `snapshot.blob` file from the project (Juan Jos�� Arboleda)
[#46626](https://github.com/nodejs/node/pull/46626) *
\[[`cbea56efda`](https://github.com/nodejs/node/commit/cbea56efda)] - **deps**:
update undici to 5.20.0 (Node.js GitHub Bot)
[#46711](https://github.com/nodejs/node/pull/46711) *
\[[`f864bef32a`](https://github.com/nodejs/node/commit/f864bef32a)] - **deps**:
upgrade npm to 9.5.0 (npm team)
[#46673](https://github.com/nodejs/node/pull/46673) *
\[[`648041d568`](https://github.com/nodejs/node/commit/648041d568)] - **deps**:
upgrade npm to 9.4.0 (npm team)
[#46353](https://github.com/nodejs/node/pull/46353) *
\[[`5e1f213f3c`](https://github.com/nodejs/node/commit/5e1f213f3c)] - **deps**:
patch V8 to 10.2.154.26 (Micha��l Zasso)
[#46446](https://github.com/nodejs/node/pull/46446) <a
id="18.14.1"></a> ##
2023-02-16, Version 18.14.1 'Hydrogen' (LTS), @RafaelGSS prepared by @juanarbol
This is a security release. ### Notable Changes The following CVEs are fixed
in this release: * **[CVE-2023-23918](https://cve.mitre.org/cgi-
bin/cvename.cgi?name=CVE-2023-23918)**: Node.js Permissions policies can be
bypassed via process.mainModule (High) *
**[CVE-2023-23919](https://cve.mitre.org/cgi-
bin/cvename.cgi?name=CVE-2023-23919)**: Node.js OpenSSL error handling issues in
nodejs crypto library (Medium) * **[CVE-2023-23936](https://cve.mitre.org/cgi-
bin/cvename.cgi?name=CVE-2023-23936)**: Fetch API in Node.js did not protect
against CRLF injection in host headers (Medium) *
**[CVE-2023-24807](https://cve.mitre.org/cgi-
bin/cvename.cgi?name=CVE-2023-24807)**: Regular Expression Denial of Service in
Headers in Node.js fetch API (Low) *
**[CVE-2023-23920](https://cve.mitre.org/cgi-
bin/cvename.cgi?name=CVE-2023-23920)**: Node.js insecure loading of ICU data
through ICU\_DATA environment variable (Low) More detailed information on each
of the vulnerabilities can be found in [February 2023 Security
Releases](https://nodejs.org/en/blog/vulnerability/february-2023-security-
releases/) blog post. This security release includes OpenSSL security updates
as outlined in the recent [OpenSSL security
advisory](https://www.openssl.org/news/secadv/20230207.txt). ### Commits *
\[[`8393ebc72d`](https://github.com/nodejs/node/commit/8393ebc72d)] - **build**:
build ICU with ICU\_NO\_USER\_DATA\_OVERRIDE (RafaelGSS) [nodejs-private/node-
private#379](https://github.com/nodejs-private/node-private/pull/379) *
\[[`004e34d046`](https://github.com/nodejs/node/commit/004e34d046)] -
**crypto**: clear OpenSSL error on invalid ca cert (RafaelGSS)
[#46572](https://github.com/nodejs/node/pull/46572) *
\[[`5e0142a852`](https://github.com/nodejs/node/commit/5e0142a852)] - **deps**:
cherry-pick Windows ARM64 fix for openssl (Richard Lau)
[#46572](https://github.com/nodejs/node/pull/46572) *
\[[`f71fe278a6`](https://github.com/nodejs/node/commit/f71fe278a6)] - **deps**:
update archs files for quictls/openssl-3.0.8+quic (RafaelGSS)
[#46572](https://github.com/nodejs/node/pull/46572) *
\[[`2c6817e42b`](https://github.com/nodejs/node/commit/2c6817e42b)] - **deps**:
upgrade openssl sources to quictls/openssl-3.0.8+quic (RafaelGSS)
[#46572](https://github.com/nodejs/node/pull/46572) *
\[[`f0afa0bfe5`](https://github.com/nodejs/node/commit/f0afa0bfe5)] - **deps**:
update undici to 5.19.1 (Node.js GitHub Bot)
[#46634](https://github.com/nodejs/node/pull/46634) *
\[[`c26a34c13e`](https://github.com/nodejs/node/commit/c26a34c13e)] - **deps**:
update undici to 5.18.0 (Node.js GitHub Bot)
[#46634](https://github.com/nodejs/node/pull/46634) *
\[[`db93ee4a15`](https://github.com/nodejs/node/commit/db93ee4a15)] - **deps**:
update undici to 5.17.1 (Node.js GitHub Bot)
[#46634](https://github.com/nodejs/node/pull/46634) *
\[[`b4e49fb02c`](https://github.com/nodejs/node/commit/b4e49fb02c)] - **deps**:
update undici to 5.16.0 (Node.js GitHub Bot)
[#46634](https://github.com/nodejs/node/pull/46634) *
\[[`90994e6a2c`](https://github.com/nodejs/node/commit/90994e6a2c)] - **deps**:
update undici to 5.15.1 (Node.js GitHub Bot)
[#46634](https://github.com/nodejs/node/pull/46634) *
\[[`00302fc7ac`](https://github.com/nodejs/node/commit/00302fc7ac)] - **deps**:
update undici to 5.15.0 (Node.js GitHub Bot)
[#46634](https://github.com/nodejs/node/pull/46634) *
\[[`0e3b796cc5`](https://github.com/nodejs/node/commit/0e3b796cc5)] - **lib**:
makeRequireFunction patch when experimental policy (RafaelGSS) [nodejs-
private/node-private#371](https://github.com/nodejs-private/node-
private/pull/371) *
\[[`7cccd5565f`](https://github.com/nodejs/node/commit/7cccd5565f)] -
**policy**: makeRequireFunction on mainModule.require (RafaelGSS) [nodejs-
private/node-private#371](https://github.com/nodejs-private/node-
private/pull/371)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.14.2-5
- template: Re-sync from nodejs20
* Thu Feb 23 2023 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.14.2-4
- Also drop patch from specfile
* Thu Feb 23 2023 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.14.2-3
- Drop unneeded patch
* Tue Feb 21 2023 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.14.2-2
- Update to latest version of nodejs-sources.sh
* Tue Feb 21 2023 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.14.2-1
- Update to 18.14.2
* Fri Feb 17 2023 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.14.1-1
- Update to v18.14.1
-
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md#
18.14.1
- packaging: Drop vestigial package.cfg file.
- packaging: Fix spec template
- packaging: Make nodejs-sources.sh clean up after itself
* Fri Jan 27 2023 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.13.0-8
- Set Node.js 18.x as the default for RHEL 10
* Mon Jan 23 2023 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.13.0-7
- sources: Fix typo preventing upload
* Mon Jan 23 2023 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.13.0-6
- sources: Use spec template for ICU URL
* Mon Jan 23 2023 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.13.0-5
- Fix important typo
* Mon Jan 23 2023 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.13.0-4
- Fix v8 symlinks
* Mon Jan 23 2023 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.13.0-3
- Rework nodejs-sources.sh
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> -
1:18.13.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Mon Jan 16 2023 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.13.0-1
- Update to 18.13.0
* Tue Dec 13 2022 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.12.1-6
- Disable gating for now
* Mon Dec 12 2022 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.12.1-5
- Use requires instead of conflicts for -docs
* Mon Dec 12 2022 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.12.1-4
- Add pretrans scriptlet for node_modules
* Mon Dec 12 2022 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.12.1-3
- Add proper npm obsoletes
* Mon Dec 12 2022 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.12.1-2
- Drop redundant default definition
* Mon Dec 12 2022 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.12.1-1
- Enable parallel-installation
* Fri Jun 17 2022 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.4.0-1
- Update to Node.js 18.4.0
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V18.m...
* Thu Jun 9 2022 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.3.0-2
- Fix conflict between x86_64 and i686 installs of nodejs-devel
* Tue Jun 7 2022 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.3.0-1
- Update to Node.js 18.3.0
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V18.m...
* Tue May 17 2022 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.2.0-1
- Update to Node.js 18.2.0
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V18.m...
* Fri May 6 2022 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.1.0-2
- Fix incorrect epoch in v8-devel dependency
* Thu May 5 2022 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.1.0-1
- Update to Node.js 18.1.0
-
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V18.m...
* Thu Apr 28 2022 Stephen Gallagher <sgallagh(a)redhat.com> - 1:18.0.0-1
- First release of Node.js 18.x
--------------------------------------------------------------------------------
================================================================================
obs-build-20230228-415.1.1.fc37 (FEDORA-2023-ea0809b26e)
A generic package build script
--------------------------------------------------------------------------------
Update Information:
New upstream release 20230228 ---- New upstream release 20230215
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Dan ��erm��k <dan.cermak(a)cgc-instruments.com> - 20230228-1
- New upstream release 20230228, fixes rhbz#2174169
* Tue Feb 21 2023 Dan ��erm��k <dan.cermak(a)cgc-instruments.com> - 20230215-1
- New upstream release 20230215, fixes rhbz#2169991
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2169991 - obs-build-20230215 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2169991
[ 2 ] Bug #2174169 - obs-build-20230228 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2174169
--------------------------------------------------------------------------------
================================================================================
osbuild-composer-76-1.fc37 (FEDORA-2023-57ce12a446)
An image building service based on osbuild
--------------------------------------------------------------------------------
Update Information:
Automatic update for osbuild-composer-76-1.fc37. ---- Automatic update for
osbuild-composer-75-1.fc37. ##### **Changelog for osbuild-composer** ``` * Wed
Feb 22 2023 Packit <hello(a)packit.dev> - 75-1 Changes with 75 ----------------
* Blueprint: add support for custom files and directories in `/etc` (#3281) *
Image info: Update from manifest-db (#3278) * `edge-simplified-installer`
allows User & Group customizations (#3285) * cloudapi: Add subscription option
for rhc (#3240) * internal/prometheus: add more buckets for job durations
(#3273) * osbuild-worker/koji: Add logging for koji requests/responses (#3252)
* rhel: fix conditionals for sysroot.readonly enablement (#3276) * test/cases:
move CIV options into a variable (#3279) Contributions from: Antonio Murdaca,
Brian C. Lane, Diaa Sami, Irene Diez, Jakub Rusz, Juan Abia, Mario Cattamo,
Sanne Raymaekers, Thomas Lavocat, Tom���� Hozza, Xiaofeng Wang ��� Somewhere on the
Internet, 2023-02-22 ```
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Packit <hello(a)packit.dev> - 76-1
Changes with 76
----------------
* Fix CIV_OPTIONS bug (#3297)
* Update test suite after rebase to weldr-client-35.9 (#3296)
* distro: assign pipeline-specific repos to package sets (#3291)
* ignition: enable systemd firstboot condition through kargs (#3308)
Contributions from: Achilleas Koutsou, Alexander Todorov, Antonio Murdaca, Juan Abia
��� Somewhere on the Internet, 2023-03-01
* Wed Feb 22 2023 Packit <hello(a)packit.dev> - 75-1
Changes with 75
----------------
* Blueprint: add support for custom files and directories in `/etc` (#3281)
* Image info: Update from manifest-db (#3278)
* `edge-simplified-installer` allows User & Group customizations (#3285)
* cloudapi: Add subscription option for rhc (#3240)
* internal/prometheus: add more buckets for job durations (#3273)
* osbuild-worker/koji: Add logging for koji requests/responses (#3252)
* rhel: fix conditionals for sysroot.readonly enablement (#3276)
* test/cases: move CIV options into a variable (#3279)
Contributions from: Antonio Murdaca, Brian C. Lane, Diaa Sami, Irene Diez, Jakub Rusz,
Juan Abia, Mario Cattamo, Sanne Raymaekers, Thomas Lavocat, Tom���� Hozza, Xiaofeng Wang
��� Somewhere on the Internet, 2023-02-22
--------------------------------------------------------------------------------
================================================================================
podman-4.4.2-2.fc37 (FEDORA-2023-04692c455e)
Manage Pods, Containers and Container Images
--------------------------------------------------------------------------------
Update Information:
remove CVE-2023-0778.patch merged upstream
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 5:4.4.2-2
- remove CVE-2023-0778.patch merged upstream
* Tue Feb 28 2023 RH Container Bot <rhcontainerbot(a)fedoraproject.org> - 5:4.4.2-1
- auto bump to v4.4.2
* Wed Feb 22 2023 Yaakov Selkowitz <yselkowi(a)redhat.com> - 5:4.4.1-4
- Sync modules-load conditionals
--------------------------------------------------------------------------------
================================================================================
python-jenkins-job-builder-4.3.0-1.fc37 (FEDORA-2023-725e693539)
Manage Jenkins jobs with YAML
--------------------------------------------------------------------------------
Update Information:
Update to 4.3.0 (rhbz#2173887)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Christoph Erhardt <fedora(a)sicherha.de> - 1:4.3.0-1
- Update to 4.3.0 (rhbz#2173887)
* Fri Jan 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1:4.1.0-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2173887 - python-jenkins-job-builder-4.3.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2173887
--------------------------------------------------------------------------------
================================================================================
python-productmd-1.35-1.fc37 (FEDORA-2023-3a88a86dfe)
Library providing parsers for metadata related to OS installation
--------------------------------------------------------------------------------
Update Information:
Rebased to latest upstream release. * Fix support for obtaining metadata via
FTP * Add `vhd-compressed` image type * Add support for EulerOS
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Lubom��r Sedl���� <lsedlar(a)redhat.com> - 1.35-1
- New upstream release 1.35
* Fri Jan 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.33-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2173937 - python-productmd-1.34 is now available
https://bugzilla.redhat.com/show_bug.cgi?id=2173937
--------------------------------------------------------------------------------
================================================================================
qatlib-23.02.0-1.fc37 (FEDORA-2023-b206908d68)
Intel QuickAssist user space library
--------------------------------------------------------------------------------
Update Information:
Update to qatlib 23.02.0.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 24 2023 Giovanni Cabiddu <giovanni.cabiddu(a)intel.com> - 23.02.0-1
- Update to qatlib 23.02.0
* Fri Jan 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 22.07.2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
redis-7.0.9-1.fc37 (FEDORA-2023-c685251667)
A persistent key-value database
--------------------------------------------------------------------------------
Update Information:
**Redis 7.0.9** - Released Tue Feb 28 12:00:00 IST 2023 Upgrade urgency:
SECURITY, contains fixes to security issues. Security Fixes: *
(**CVE-2023-25155**) Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD
commands can trigger an integer overflow, resulting in a runtime assertion and
termination of the Redis server process. * (**CVE-2022-36021**) String matching
commands (like SCAN or KEYS) with a specially crafted pattern to trigger a
denial-of-service attack on Redis, causing it to hang and consume 100% CPU
time. Bug Fixes * Fix a crash when reaching the maximum invalidations limit of
client-side tracking (#11814) * Fix a crash when SPUBLISH is used after passing
the cluster-link-sendbuf-limit (#11752) * Fix possible memory corruption in
FLUSHALL when a client watches more than one key (#11854) * Fix cluster inbound
link keepalive time (#11785) * Flush propagation list in active-expire of
writable replicas to fix an assertion (#11615) * Avoid propagating DEL of lazy
expire from SCAN and RANDOMKEY as MULTI-EXEC (#11788)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 1 2023 Remi Collet <remi(a)remirepo.net> - 7.0.9-1
- Upstream 7.0.9 release.
--------------------------------------------------------------------------------
================================================================================
rpkg-1.66-3.fc37 (FEDORA-2023-e7db0e991f)
Python library for interacting with rpm+git
--------------------------------------------------------------------------------
Update Information:
A new release presents these changes: *
https://docs.pagure.org/fedpkg/releases/1.44.html *
https://docs.pagure.org/rpkg/releases/1.66.html +Patch
https://bodhi.fedoraproject.org/updates/FEDORA-2023-e7db0e991f
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Ond��ej Nosek <onosek(a)redhat.com> - 1.66-3
- Patch: Process source URLs with fragment in pre-push hook
- Patch: container-build: update --signing-intent help for OSBS 2
* Tue Feb 21 2023 Ond��ej Nosek <onosek(a)redhat.com> - 1.66-2
- rebuild for unification of all branches
* Mon Feb 20 2023 Ond��ej Nosek <onosek(a)redhat.com> - 1.66-1
- container-build: document --compose-ids overrides any new composes (kdreyer)
- Use srpm when scratch-building from dirty repo - #652 (otto.liljalaakso)
- Code cleanup in tests/test_cli.py (otto.liljalaakso)
- Reduce indentation in assert_build helper (otto.liljalaakso)
- Allow empty commits - 494 (msuchy)
- Allow forcing download of all sources - #650 (otto.liljalaakso)
- Add test case for not downloading unused sources (otto.liljalaakso)
- Support 'results_dir=subdir' when building from srpm - #648
(otto.liljalaakso)
- Use local branch name as release when there is no remote (otto.liljalaakso)
- Allow downstreams to define a default release (otto.liljalaakso)
- Switch load_branch_merge to use multiple return (otto.liljalaakso)
- Unittests for 'git push' hook script (onosek)
- Checking a repo configuration before 'git push' with a git hook script - 491
(onosek)
- Fix skipping NVR check with autorelease (nils)
- pyrpkg.spec.SpecFile: More lenient parser for Source/Patch lines (fweimer)
- Fix URL in CHANGELOG.rst (tmz)
- Add Jenkinsfile for CI (onosek)
- mockbuild: escape rpm command under mock - rhbz#2130349 (onosek)
- Fixes for exploded SRPM layouts - #633 (tdawson)
- `fedpkg local` does not show rpmbuild output - rhbz#2124809 (onosek)
--------------------------------------------------------------------------------
================================================================================
rust-bytemuck-1.13.1-1.fc37 (FEDORA-2023-bb91edfa10)
Crate for mucking around with piles of bytes
--------------------------------------------------------------------------------
Update Information:
Update to version 1.13.1.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Fabio Valentini <decathorpe(a)gmail.com> - 1.13.1-1
- Update to version 1.13.1; Fixes RHBZ#2174225
--------------------------------------------------------------------------------
================================================================================
rust-memsec-0.6.3-1.fc37 (FEDORA-2023-4c7c78ff89)
Rust implementation of libsodium/utils
--------------------------------------------------------------------------------
Update Information:
Update to version 0.6.3.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Fabio Valentini <decathorpe(a)gmail.com> - 0.6.3-1
- Update to version 0.6.3; Fixes RHBZ#2174347
* Fri Jan 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.6.2-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-tokio-1.26.0-1.fc37 (FEDORA-2023-3b6f0a5ca5)
Event-driven, non-blocking I/O platform
--------------------------------------------------------------------------------
Update Information:
Update to version 1.26.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Fabio Valentini <decathorpe(a)gmail.com> - 1.26.0-1
- Update to version 1.26.0; Fixes RHBZ#2174594
--------------------------------------------------------------------------------
================================================================================
selint-1.4.0-1.fc37 (FEDORA-2023-5ee18f8d3f)
Static code analysis tool for SELinux policy source files
--------------------------------------------------------------------------------
Update Information:
New package in Fedora
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 8 2023 Juraj Marcin <juraj(a)jurajmarcin.com> - 1.4.0-1
- v 1.4.0
* Mon Dec 19 2022 Vit Mojzis <vmojzis(a)redhat.com> - 1.3.0-1
- v 1.3.0
- Silence warning in bison generated code
- Drop dead stores
- Declare file local variable static
- Drop duplicate semicolons
- Add missing fall through comment
- Drop duplicate include
- Update URLs after repository move
- Add check example for W-012
- Add new check to warn about incorrect usage of audit_access permission
- Warn on duplicate policy configuration files
- Reduce recursion in free_policy_node
- Support disable commands for tunable conditions
- Support ifn?def in .if files
* Fri Sep 2 2022 Vit Mojzis <vmojzis(a)redhat.com> - 1.2.1-3
- v 1.2.1
--------------------------------------------------------------------------------
================================================================================
stargz-snapshotter-0.14.1-1.fc37 (FEDORA-2023-9ca8d3f9c6)
Fast container image distribution plugin with lazy pulling
--------------------------------------------------------------------------------
Update Information:
auto bump to v0.14.1
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 17 2023 RH Container Bot <rhcontainerbot(a)fedoraproject.org> - 0.14.1-1
- auto bump to v0.14.1
--------------------------------------------------------------------------------
================================================================================
tigervnc-1.13.1-1.fc37 (FEDORA-2023-ae4e1d5bbe)
A TigerVNC remote display system
--------------------------------------------------------------------------------
Update Information:
Tigervnc 1.13.1 bugfix update.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Jan Grulich <jgrulich(a)redhat.com> - 1.13.1-1
- 1.13.1
--------------------------------------------------------------------------------
================================================================================
tkrzw-1.0.26-1.fc37 (FEDORA-2023-ad83413743)
A straightforward implementation of DBM
--------------------------------------------------------------------------------
Update Information:
Version bump ---- Version bump
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 TI_Eugene <ti.eugene(a)gmail.com> - 1.0.26-1
- Version bump
* Tue Feb 28 2023 TI_Eugene <ti.eugene(a)gmail.com> - 1.0.25-1
- Version bump
* Sat Jan 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.24-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------