The following Fedora 38 Security updates need testing: Age URL 5 https://bodhi.fedoraproject.org/updates/FEDORA-2023-911c060ded chromium-112.0.5615.165-1.fc38 3 https://bodhi.fedoraproject.org/updates/FEDORA-2023-ec60871da5 apptainer-1.1.8-1.fc38

The following Fedora 38 Critical Path updates have yet to be approved: Age URL 22 https://bodhi.fedoraproject.org/updates/FEDORA-2023-308ef1c754 dnf-4.15.0-1.fc38 17 https://bodhi.fedoraproject.org/updates/FEDORA-2023-3c75dd4ee9 binutils-2.39-11.fc38 9 https://bodhi.fedoraproject.org/updates/FEDORA-2023-c2bf8d1b50 fedora-appstream-metadata-20230419-1.fc38 7 https://bodhi.fedoraproject.org/updates/FEDORA-2023-8cd08d20a0 Thunar-4.18.4-3.fc38 thunar-archive-plugin-0.5.1-1.fc38 tumbler-4.18.1-1.fc38 xfconf-4.18.1-1.fc38 4 https://bodhi.fedoraproject.org/updates/FEDORA-2023-bfdcc30eac libmediainfo-23.03-2.fc38 libzen-0.4.41-1.fc38 mediainfo-23.03-2.fc38 3 https://bodhi.fedoraproject.org/updates/FEDORA-2023-7ea8538033 akonadi-calendar-tools-23.04.0-1.fc38 akonadi-import-wizard-23.04.0-1.fc38 akonadiconsole-23.04.0-1.fc38 akregator-23.04.0-1.fc38 alligator-23.04.0-1.fc38 analitza-23.04.0-1.fc38 angelfish-23.04.0-1.fc38 ark-23.04.0-1.fc38 artikulate-23.04.0-1.fc38 audiotube-23.04.0-1.fc38 baloo-widgets-23.04.0-1.fc38 blinken-23.04.0-1.fc38 bomber-23.04.0-1.fc38 bovo-23.04.0-1.fc38 calindori-23.04.0-1.fc38 cantor-23.04.0-3.fc38 cervisia-23.04.0-1.fc38 colord-kde-23.04.0-1.fc38 dolphin-23.04.0-1.fc38 dolphin-plugins-23.04.0-1.fc38 dragon-23.04.0-1.fc38 falkon-23.04.0-1.fc38 ffmpegthumbs-23.04.0-1.fc38 filelight-23.04.0-1.fc38 ghostwriter-23.04.0-1.fc38 granatier-23.04.0-1.fc38 grantlee-editor-23.04.0-1.fc38 gwenview-23.04.0-1.fc38 juk-23.04.0-1.fc38 k3b-23.04.0-1.fc38 kaccounts-integration-23.04.0-1.fc38 kaccounts-providers-23.04.0-1.fc38 kaddressbook-23.04.0-1.fc38 kajongg-23.04.0-1.fc38 kalarm-23.04.0-1.fc38 kalendar-23.04.0-1.fc 38 kalgebra-23.04.0-1.fc38 kalk-23.04.0-1.fc38 kalzium-23.04.0-1.fc38 kamera-23.04.0-1.fc38 kamoso-23.04.0-1.fc38 kanagram-23.04.0-1.fc38 kapman-23.04.0-1.fc38 kapptemplate-23.04.0-1.fc38 kasts-23.04.0-1.fc38 kate-23.04.0-1.fc38 katomic-23.04.0-1.fc38 kblackbox-23.04.0-1.fc38 kblocks-23.04.0-1.fc38 kbounce-23.04.0-1.fc38 kbruch-23.04.0-1.fc38 kcachegrind-23.04.0-1.fc38 kcalc-23.04.0-1.fc38 kcharselect-23.04.0-1.fc38 kclock-23.04.0-1.fc38 kcolorchooser-23.04.0-1.fc38 kcron-23.04.0-1.fc38 kde-connect-23.04.0-1.fc38 kde-dev-scripts-23.04.0-1.fc38 kde-dev-utils-23.04.0-1.fc38 kde-partitionmanager-23.04.0-1.fc38 kde-print-manager-23.04.0-1.fc38 kdebugsettings-23.04.0-1.fc38 kdeedu-data-23.04.0-1.fc38 kdegraphics-mobipocket-23.04.0-1.fc38 kdegraphics-thumbnailers-23.04.0-1.fc38 kdenetwork-filesharing-23.04.0-1.fc38 kdenlive-23.04.0-1.fc38 kdepim-addons-23.04.0-1.fc38 kdepim-runtime-23.04.0-1.fc38 kdesdk-kioslaves-23.04.0-1.fc38 kdesdk-thumbnailers-23.04.0-1.fc38 kdevelop-23.04.0-1.fc38 kd evelop-php-23.04.0-1.fc38 kdf-23.04.0-1.fc38 kdialog-23.04.0-1.fc38 kdiamond-23.04.0-1.fc38 kdnssd-23.04.0-1.fc38 keditbookmarks-23.04.0-1.fc38 keysmith-23.04.0-1.fc38 kf5-akonadi-calendar-23.04.0-1.fc38 kf5-akonadi-contacts-23.04.0-1.fc38 kf5-akonadi-mime-23.04.0-1.fc38 kf5-akonadi-notes-23.04.0-1.fc38 kf5-akonadi-search-23.04.0-1.fc38 kf5-akonadi-server-23.04.0-1.fc38 kf5-audiocd-kio-23.04.0-1.fc38 kf5-calendarsupport-23.04.0-1.fc38 kf5-eventviews-23.04.0-1.fc38 kf5-grantleetheme-23.04.0-1.fc38 kf5-incidenceeditor-23.04.0-1.fc38 kf5-kcalendarutils-23.04.0-1.fc38 kf5-kidentitymanagement-23.04.0-1.fc38 kf5-kimap-23.04.0-1.fc38 kf5-kipi-plugins-23.04.0-1.fc38 kf5-kitinerary-23.04.0-1.fc38 kf5-kldap-23.04.0-1.fc38 kf5-kmailtransport-23.04.0-1.fc38 kf5-kmbox-23.04.0-1.fc38 kf5-kmime-23.04.0-1.fc38 kf5-kontactinterface-23.04.0-1.fc38 kf5-kpimtextedit-23.04.0-1.fc38 kf5-kpkpass-23.04.0-1.fc38 kf5-ksmtp-23.04.0-1.fc38 kf5-ktnef-23.04.0-1.fc38 kf5-libgravatar-23.04.0-1.fc38 kf5-libkcddb-23 .04.0-1.fc38 kf5-libkcompactdisc-23.04.0-1.fc38 kf5-libkdcraw-23.04.0-1.fc38 kf5-libkdepim-23.04.0-1.fc38 kf5-libkexiv2-23.04.0-1.fc38 kf5-libkipi-23.04.0-1.fc38 kf5-libkleo-23.04.0-1.fc38 kf5-libksane-23.04.0-1.fc38 kf5-libksieve-23.04.0-1.fc38 kf5-libktorrent-23.04.0-1.fc38 kf5-mailcommon-23.04.0-1.fc38 kf5-mailimporter-23.04.0-1.fc38 kf5-messagelib-23.04.0-1.fc38 kf5-pimcommon-23.04.0-1.fc38 kfind-23.04.0-1.fc38 kfloppy-23.04.0-1.fc38 kfourinline-23.04.0-1.fc38 kgeography-23.04.0-1.fc38 kget-23.04.0-1.fc38 kgoldrunner-23.04.0-1.fc38 kgpg-23.04.0-1.fc38 khangman-23.04.0-1.fc38 khelpcenter-23.04.0-1.fc38 kig-23.04.0-1.fc38 kigo-23.04.0-1.fc38 killbots-23.04.0-1.fc38 kio-admin-23.04.0-1.fc38 kio-extras-23.04.0-1.fc38 kio-gdrive-23.04.0-3.fc38 kirigami-gallery-23.04.0-1.fc38 kiriki-23.04.0-1.fc38 kiten-23.04.0-1.fc38 kjumpingcube-23.04.0-1.fc38 kleopatra-23.04.0-1.fc38 klettres-23.04.0-1.fc38 klickety-23.04.0-1.fc38 klines-23.04.0-1.fc38 kmag-23.04.0-1.fc38 kmahjongg-23.04.0-1.fc38 k mail-23.04.0-1.fc38 kmail-account-wizard-23.04.0-1.fc38 kmines-23.04.0-1.fc38 kmix-23.04.0-1.fc38 kmousetool-23.04.0-1.fc38 kmouth-23.04.0-1.fc38 kmplot-23.04.0-1.fc38 knavalbattle-23.04.0-1.fc38 knetwalk-23.04.0-1.fc38 knights-23.04.0-1.fc38 knotes-23.04.0-1.fc38 koko-23.04.0-1.fc38 kolf-23.04.0-1.fc38 kollision-23.04.0-1.fc38 kolourpaint-23.04.0-1.fc38 kompare-23.04.0-1.fc38 kongress-23.04.0-1.fc38 konqueror-23.04.0-1.fc38 konquest-23.04.0-1.fc38 konsole5-23.04.0-1.fc38 kontact-23.04.0-1.fc38 konversation-23.04.0-1.fc38 kopete-23.04.0-1.fc38 korganizer-23.04.0-1.fc38 kpat-23.04.0-1.fc38 kpmcore-23.04.0-1.fc38 kpublictransport-23.04.0-1.fc38 kqtquickcharts-23.04.0-1.fc38 krdc-23.04.0-1.fc38 krecorder-23.04.0-1.fc38 kreversi-23.04.0-1.fc38 krfb-23.04.0-1.fc38 kruler-23.04.0-1.fc38 ksanecore-23.04.0-1.fc38 kshisen-23.04.0-1.fc38 ksirk-23.04.0-1.fc38 ksnakeduel-23.04.0-1.fc38 kspaceduel-23.04.0-1.fc38 ksquares-23.04.0-1.fc38 ksudoku-23.04.0-1.fc38 ksystemlog-23.04.0-1.fc38 kteatime-23 .04.0-1.fc38 ktimer-23.04.0-1.fc38 ktorrent-23.04.0-1.fc38 ktouch-23.04.0-1.fc38 ktp-accounts-kcm-23.04.0-1.fc38 ktp-approver-23.04.0-1.fc38 ktp-auth-handler-23.04.0-1.fc38 ktp-common-internals-23.04.0-1.fc38 ktp-contact-list-23.04.0-1.fc38 ktp-contact-runner-23.04.0-1.fc38 ktp-desktop-applets-23.04.0-1.fc38 ktp-kded-integration-module-23.04.0-1.fc38 ktp-send-file-23.04.0-1.fc38 ktrip-23.04.0-1.fc38 ktuberling-23.04.0-1.fc38 kturtle-23.04.0-1.fc38 kubrick-23.04.0-1.fc38 kwalletmanager5-23.04.0-1.fc38 kwave-23.04.0-1.fc38 kweather-23.04.0-1.fc38 kwordquiz-23.04.0-1.fc38 libkdegames-23.04.0-1.fc38 libkeduvocdocument-23.04.0-1.fc38 libkgapi-23.04.0-1.fc38 libkmahjongg-23.04.0-1.fc38 libkomparediff2-23.04.0-1.fc38 lokalize-23.04.0-1.fc38 lskat-23.04.0-1.fc38 marble-23.04.0-1.fc38 mbox-importer-23.04.0-1.fc38 neochat-23.04.0-1.fc38 okular-23.04.0-1.fc38 palapeli-23.04.0-1.fc38 parley-23.04.0-1.fc38 picmi-23.04.0-1.fc38 pim-data-exporter-23.04.0-1.fc38 pim-sieve-editor-23.04.0-1.fc38 plas matube-23.04.0-1.fc38 poxml-23.04.0-1.fc38 qmlkonsole-23.04.0-1.fc38 rocs-23.04.0-1.fc38 signon-kwallet-extension-23.04.0-1.fc38 skanlite-23.04.0-1.fc38 skanpage-23.04.0-1.fc38 spectacle-23.04.0-1.fc38 step-23.04.0-1.fc38 svgpart-23.04.0-1.fc38 sweeper-23.04.0-1.fc38 tokodon-23.04.0-1.fc38 umbrello-23.04.0-1.fc38 yakuake-23.04.0-1.fc38 zanshin-23.04.0-1.fc38 3 https://bodhi.fedoraproject.org/updates/FEDORA-2023-834b89af31 389-ds-base-2.3.3-1.fc38 3 https://bodhi.fedoraproject.org/updates/FEDORA-2023-042fd5c9e6 glibmm2.4-2.66.6-1.fc38 2 https://bodhi.fedoraproject.org/updates/FEDORA-2023-357562102c power-profiles-daemon-0.13-1.fc38 2 https://bodhi.fedoraproject.org/updates/FEDORA-2023-d146243be8 rpm-4.18.1-3.fc38 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-a245ffc9da audit-3.1.1-1.fc38 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-149f2a4804 gstreamer1-plugins-bad-free-1.22.2-3.fc38 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-6bf51a3399 openbox-3.6.1-22.fc38

The following builds have been pushed to Fedora 38 updates-testing

R-cellranger-1.1.0-16.fc38 R-gitcreds-0.1.2-4.fc38 R-rmarkdown-2.16-6.fc38 cloud-init-23.1.2-1.fc38 elfutils-0.189-2.fc38 fedora-release-38-35 fedpkg-1.44-4.fc38 ghex-44.1-1.fc38 glibc-2.37-4.fc38 gnome-builder-44.2-2.fc38 java-17-openjdk-17.0.7.0.7-1.fc38 java-17-openjdk-portable-17.0.7.0.7-1.fc38 java-latest-openjdk-20.0.1.0.9-4.rolling.fc38 java-latest-openjdk-portable-20.0.1.0.9-1.rolling.fc38 linux-system-roles-1.37.0-1.fc38 mame-0.254-1.fc38 mariadb-connector-odbc-3.1.18-1.fc38 nodejs16-16.20.0-11.fc38 nodejs18-18.16.0-8.fc38 nodejs20-20.0.0-8.fc38 nwg-panel-0.8.5-1.fc38 packit-0.75.0-1.fc38 perl-Hash-Ordered-0.014-1.fc38 premake-5.0.0^20230420git3f1e4f8-1.20230420git3f1e4f8.fc38 python-glymur-0.12.4-1.fc38 python-yara-4.3.1-1.fc38 rpkg-1.66-7.fc38 runc-1.1.7-1.fc38 rust-enumber-0.3.0-1.fc38 rust-grep-0.2.11-1.fc38 rust-linux-raw-sys-0.3.6-1.fc38 rust-openpgp-cert-d-0.1.0-1.fc38 rust-openssl-0.10.52-1.fc38 rust-openssl-sys-0.9.87-1.fc38 rust-reqwest-0.11.17-1.fc38 rust-rustix-0.37.15-1.fc38 rust-tester-0.9.1-1.fc38 rust-tokio-1.28.0-1.fc38 rust-tokio-macros-2.1.0-1.fc38 rust-tokio-tungstenite-0.18.0-1.fc38 rust-tokio-util-0.7.8-1.fc38 rust-tungstenite-0.18.0-1.fc38 rust-warp-0.3.5-1.fc38 rust-xdg-2.5.0-1.fc38 xpdf-4.04-8.fc38 yara-4.3.1-1.fc38

Details about builds:

================================================================================ R-cellranger-1.1.0-16.fc38 (FEDORA-2023-68e20d7f2a) Translate Spreadsheet Cell Ranges to Rows and Columns -------------------------------------------------------------------------------- Update Information:

Minor updates to fix random build issues. -------------------------------------------------------------------------------- ChangeLog:

* Thu Apr 27 2023 I��aki ��car iucar@fedoraproject.org - 1.1.0-16 - Ignore vignettes --------------------------------------------------------------------------------

================================================================================ R-gitcreds-0.1.2-4.fc38 (FEDORA-2023-68e20d7f2a) Query 'git' Credentials from 'R' -------------------------------------------------------------------------------- Update Information:

Minor updates to fix random build issues. -------------------------------------------------------------------------------- ChangeLog:

* Thu Apr 27 2023 I��aki ��car iucar@fedoraproject.org - 0.1.2-4 - Ignore vignettes --------------------------------------------------------------------------------

================================================================================ R-rmarkdown-2.16-6.fc38 (FEDORA-2023-68e20d7f2a) Dynamic Documents for R -------------------------------------------------------------------------------- Update Information:

Minor updates to fix random build issues. -------------------------------------------------------------------------------- ChangeLog:

* Thu Apr 27 2023 I��aki ��car iucar@fedoraproject.org - 2.16-6 - Ignore vignettes --------------------------------------------------------------------------------

================================================================================ cloud-init-23.1.2-1.fc38 (FEDORA-2023-c17dde4052) Cloud instance init scripts -------------------------------------------------------------------------------- Update Information:

Update to 23.1.2 and fix CVE-2023-1786 -------------------------------------------------------------------------------- ChangeLog:

* Thu Apr 27 2023 Major Hayden major@redhat.com - 23.1.2-1 - Update to 23.1.2 - Includes fix for CVE-2023-1786 -------------------------------------------------------------------------------- References:

[ 1 ] Bug #2190082 - CVE-2023-1786 cloud-init: sensitive data could be exposed in logs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2190082 --------------------------------------------------------------------------------

================================================================================ elfutils-0.189-2.fc38 (FEDORA-2023-dd9790e2de) A collection of utilities and DSOs to handle ELF files and DWARF data -------------------------------------------------------------------------------- Update Information:

eu-elfcompress would rewrite an ELF file if no section needed (de)compressing -------------------------------------------------------------------------------- ChangeLog:

* Sat Apr 22 2023 Mark Wielaard mjw@fedoraproject.org - 0.189-2 - Add elfutils-0.189-c99-compat.patch - Add elfutils-0.189-elfcompress.patch --------------------------------------------------------------------------------

================================================================================ fedora-release-38-35 (FEDORA-2023-7032ebc43d) Fedora release files -------------------------------------------------------------------------------- Update Information:

Add correct documentation and home urls for Sericea -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Fabio Alessandro Locati me@fale.io - 38-35 - Add correct documentation and home urls for Sericea --------------------------------------------------------------------------------

================================================================================ fedpkg-1.44-4.fc38 (FEDORA-2023-bde956dc4d) Fedora utility for working with dist-git -------------------------------------------------------------------------------- Update Information:

Some patches: - rpkg: * Do not require 'sources' file for all namespaces (https://pagure.io/rpkg/pull-request/691) * Use release's rpmdefines in unused sources check (https://pagure.io/rpkg/pull-request/678) - fedpkg: * Improve invalid branch name error message (https://pagure.io/fedpkg/pull-request/518) -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Ond��ej Nosek onosek@redhat.com - 1.44-4 - Patch: Improve invalid branch name error message --------------------------------------------------------------------------------

================================================================================ ghex-44.1-1.fc38 (FEDORA-2023-9a32025713) Binary editor for GNOME -------------------------------------------------------------------------------- Update Information:

Update to 44.1 -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 David King amigadave@amigadave.com - 44.1-1 - Update to 44.1 * Mon Mar 27 2023 David King amigadave@amigadave.com - 44.0-1 - Update to 44.0 --------------------------------------------------------------------------------

================================================================================ glibc-2.37-4.fc38 (FEDORA-2023-1e4a05f40b) The GNU libc libraries -------------------------------------------------------------------------------- Update Information:

This update provides `/sbin/ldconfig` and `/usr/sbin/ldconfig` in addition to `ldconfig` as RPM dependencies, for DNF5 compatibility (RHBZ#2188550). It also includes updates from the upstream 2.37 branch: * gmon: fix memory corruption issues [BZ# 30101] * gmon: improve mcount overflow handling [BZ# 27576] * gmon: Fix allocated buffer overflow (bug 29444) * posix: Fix system blocks SIGCHLD erroneously [BZ #30163] * x86_64: Fix asm constraints in feraiseexcept (bug 30305) * gshadow: Matching sgetsgent, sgetsgent_r ERANGE handling (bug 30151) * stdio-common: tests: don't double-define _FORTIFY_SOURCE * elf: Restore ldconfig libc6 implicit soname logic [BZ #30125] * stdlib: Undo post review change to 16adc58e73f3 [BZ #27749] * Use 64-bit time_t interfaces in strftime and strptime (bug 30053) * cdefs: Limit definition of fortification macros -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Florian Weimer fweimer@redhat.com - 2.37-4 - Auto-sync with upstream branch release/2.37/master, commit 7c32cb7dd88cf100b0b412163896e30aa2ee671a: - gmon: Revert addition of tunables to the manual - gmon: Revert addition of tunables to preserve GLIBC_PRIVATE ABI * Fri Apr 28 2023 Florian Weimer fweimer@redhat.com - 2.37-3 - Drop glibc-printf-grouping-swbz30068.patch, applied upstream. - Auto-sync with upstream branch release/2.37/master, commit ff3a71ec1fc02757b38c9c3209118d14dd10c7b6: - gmon: fix memory corruption issues [BZ# 30101] - gmon: improve mcount overflow handling [BZ# 27576] - gmon: Fix allocated buffer overflow (bug 29444) - posix: Fix system blocks SIGCHLD erroneously [BZ #30163] - x86_64: Fix asm constraints in feraiseexcept (bug 30305) - gshadow: Matching sgetsgent, sgetsgent_r ERANGE handling (bug 30151) - stdio-common: tests: don't double-define _FORTIFY_SOURCE - elf: Restore ldconfig libc6 implicit soname logic [BZ #30125] - stdlib: Undo post review change to 16adc58e73f3 [BZ #27749] - elf: Smoke-test ldconfig -p against system /etc/ld.so.cache - NEWS: Document CVE-2023-25139. - Account for grouping in printf width (bug 30068) - Use 64-bit time_t interfaces in strftime and strptime (bug 30053) - LoongArch: Add new relocation types. - cdefs: Limit definition of fortification macros * Fri Apr 28 2023 Florian Weimer fweimer@redhat.com - 2.37-2 - Explicitly provide ldconfig paths (#2188550) -------------------------------------------------------------------------------- References:

[ 1 ] Bug #2188550 - Explicitly provide /sbin/ldconfig, /usr/sbin/ldconfig https://bugzilla.redhat.com/show_bug.cgi?id=2188550 --------------------------------------------------------------------------------

================================================================================ gnome-builder-44.2-2.fc38 (FEDORA-2023-658fa4a191) IDE for writing GNOME-based software -------------------------------------------------------------------------------- Update Information:

Update to 44.2 -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Tomi L��hteenm��ki lihis@lihis.net - 44.2-2 - Add clang-tools-extra to recommends * Fri Apr 28 2023 David King amigadave@amigadave.com - 44.2-1 - Update to 44.2 (#2190306) --------------------------------------------------------------------------------

================================================================================ java-17-openjdk-17.0.7.0.7-1.fc38 (FEDORA-2023-33b7431194) OpenJDK 17 Runtime Environment -------------------------------------------------------------------------------- Update Information:

Updated to April Security update -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2028 Jiri Vanek jvanek@redhat.com - 1:17.0.7.0.7-1 - updated to 17.0.7.0.7 underlying portables - now untarring enforced version --------------------------------------------------------------------------------

================================================================================ java-17-openjdk-portable-17.0.7.0.7-1.fc38 (FEDORA-2023-8a97b85d21) OpenJDK 17 Runtime Environment portable edition -------------------------------------------------------------------------------- Update Information:

April security update for java17 and java20 -------------------------------------------------------------------------------- ChangeLog:

* Wed Apr 26 2023 Andrew Hughes gnu.andrew@redhat.com - 1:17.0.7.0.7 - Update to jdk-17.0.7.0+7 - Update release notes to 17.0.7.0+7 - Require tzdata 2023c due to local inclusion of JDK-8274864 & JDK-8305113 - Sync whitespace in generate_source_tarball.sh with RHEL version - Update FIPS support against 17.0.7+6 and bring in latest changes: - * RH2134669: Add missing attributes when registering services in FIPS mode. - * test/jdk/sun/security/pkcs11/fips/VerifyMissingAttributes.java: fixed jtreg main class - * RH1940064: Enable XML Signature provider in FIPS mode - * RH2173781: Avoid calling C_GetInfo() too early, before cryptoki is initialized --------------------------------------------------------------------------------

================================================================================ java-latest-openjdk-20.0.1.0.9-4.rolling.fc38 (FEDORA-2023-33b7431194) OpenJDK 20 Runtime Environment -------------------------------------------------------------------------------- Update Information:

Updated to April Security update -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Jiri Vanek jvanek@redhat.com - 1:20.0.1.0.9-4.rolling - now expecting the exact version in portbale filename * Fri Apr 28 2023 Jiri Vanek jvanek@redhat.com - 1:20.0.1.0.9-3.rolling - updated to 20.0.1.0.9 underlying portables * Wed Apr 19 2023 Jiri Vanek jvanek@redhat.com - 1:20.0.0.0.36-3.rolling - using icons from source package - providing full sources via src package - requiring exact version.reelase of portables - returned libsystemconf.so --------------------------------------------------------------------------------

================================================================================ java-latest-openjdk-portable-20.0.1.0.9-1.rolling.fc38 (FEDORA-2023-8a97b85d21) OpenJDK 20 Runtime Environment portable edition -------------------------------------------------------------------------------- Update Information:

April security update for java17 and java20 -------------------------------------------------------------------------------- ChangeLog:

* Wed Apr 26 2023 Andrew Hughes gnu.andrew@redhat.com - 1:20.0.1.0.9-1.rolling - Update to jdk-20.0.1+9 - Update release notes to 20.0.1+9 --------------------------------------------------------------------------------

================================================================================ linux-system-roles-1.37.0-1.fc38 (FEDORA-2023-0913740c53) Set of interfaces for unified system management -------------------------------------------------------------------------------- Update Information:

Automatic update for linux-system-roles-1.37.0-1.fc38. ##### **Changelog for linux-system-roles** ``` * Fri Apr 28 2023 Packit hello@packit.dev - 1.37.0-1 - Update to upstream version 1.37.0 * Mon Apr 17 2023 Rich Megginson rmeggins@redhat.com - 1.36.3-2 - strip github action badge links from headers of README.md files before conversion to HTML - some of the converters do not like them - use %{python3} instead of python3 to force use of system python3 in order to use ruamel ``` -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Packit hello@packit.dev - 1.37.0-1 - Update to upstream version 1.37.0 * Mon Apr 17 2023 Rich Megginson rmeggins@redhat.com - 1.36.3-2 - strip github action badge links from headers of README.md files before conversion to HTML - some of the converters do not like them - use %{python3} instead of python3 to force use of system python3 in order to use ruamel --------------------------------------------------------------------------------

================================================================================ mame-0.254-1.fc38 (FEDORA-2023-ce103b5953) Multiple Arcade Machine Emulator -------------------------------------------------------------------------------- Update Information:

Update to the latest upstream release: * https://www.mamedev.org/?p=524 -------------------------------------------------------------------------------- ChangeLog:

* Thu Apr 27 2023 Julian Sikorski belegdol@fedoraproject.org - 0.254-1 - Update to 0.254 - update to 0.254 - drop included patches - drop obsolete disstag conditional --------------------------------------------------------------------------------

================================================================================ mariadb-connector-odbc-3.1.18-1.fc38 (FEDORA-2023-ca51ca63c3) The MariaDB Native Client library (ODBC driver) -------------------------------------------------------------------------------- Update Information:

**MariaDB ODBC connector 3.1.18** -------------------------------------------------------------------------------- ChangeLog:

* Wed Apr 19 2023 Michal Schorm mschorm@redhat.com - 3.1.18-1 - Rebase to 3.1.18 --------------------------------------------------------------------------------

================================================================================ nodejs16-16.20.0-11.fc38 (FEDORA-2023-89f53fdff5) JavaScript runtime -------------------------------------------------------------------------------- Update Information:

Fix issue with `npm` and `npx` running under the default interpreter instead of its intended one. ---- Fix symlink issue with manpages ---- ## 2023-04-12, Version 18.16.0 'Hydrogen' (LTS), @danielleadams ### Notable changes #### Add initial support for single executable applications Compile a JavaScript file into a single executable application: ```console $ echo 'console.log(`Hello, ${process.argv[2]}!`);' > hello.js $ cp $(command -v node) hello # On systems other than macOS: $ npx postject hello NODE_JS_CODE hello.js \ --sentinel- fuse NODE_JS_FUSE_fce680ab2cc467b6e072b8b5df1996b2 # On macOS: $ npx postject hello NODE_JS_CODE hello.js \ --sentinel-fuse NODE_JS_FUSE_fce680ab2cc467b6e072b8b5df1996b2 \ --macho-segment-name NODE_JS $ ./hello world Hello, world! ``` Contributed by Darshan Sen in https://github.com/nodejs/node/pull/45038 #### Replace url parser with Ada Node.js gets a new URL parser called Ada that is compliant with the WHATWG URL Specification and provides more than 100% performance improvement to the existing implementation. Contributed by Yagiz Nizipli in https://github.com/nodejs/node/pull/46410 #### Other notable changes * **buffer**: * **(SEMVER-MINOR)** add Buffer.copyBytesFrom(...) (James M Snell) [#46500](https://github.com/nodejs/node/pull/46500) * **doc**: * add marco- ippolito to collaborators (Marco Ippolito) [#46816](https://github.com/nodejs/node/pull/46816) * add debadree25 to collaborators (Debadree Chatterjee) [#46716](https://github.com/nodejs/node/pull/46716) * add deokjinkim to collaborators (Deokjin Kim) [#46444](https://github.com/nodejs/node/pull/46444) * **events**: * **(SEMVER-MINOR)** add listener argument to listenerCount (Paolo Insogna) [#46523](https://github.com/nodejs/node/pull/46523) * **lib**: * **(SEMVER-MINOR)** add AsyncLocalStorage.bind() and .snapshot() (flakey5) [#46387](https://github.com/nodejs/node/pull/46387) * **(SEMVER-MINOR)** add aborted() utility function (Debadree Chatterjee) [#46494](https://github.com/nodejs/node/pull/46494) * **src**: * **(SEMVER- MINOR)** allow optional Isolate termination in node::Stop() (Shelley Vohr) [#46583](https://github.com/nodejs/node/pull/46583) * **(SEMVER-MINOR)** allow embedder control of code generation policy (Shelley Vohr) [#46368](https://github.com/nodejs/node/pull/46368) * **stream**: * **(SEMVER- MINOR)** add abort signal for ReadableStream and WritableStream (Debadree Chatterjee) [#46273](https://github.com/nodejs/node/pull/46273) * **tls**: * **(SEMVER-MINOR)** support automatic DHE (Tobias Nie��en) [#46978](https://github.com/nodejs/node/pull/46978) * **url**: * **(SEMVER- MINOR)** implement URLSearchParams size getter (James M Snell) [#46308](https://github.com/nodejs/node/pull/46308) * **worker**: * **(SEMVER- MINOR)** add support for worker name in inspector and trace_events (Debadree Chatterjee) [#46832](https://github.com/nodejs/node/pull/46832) ---- ## 2023-04-18, Version 20.0.0 (Current), @RafaelGSS We're excited to announce the release of Node.js 20! Highlights include the new Node.js Permission Model, a synchronous `import.meta.resolve`, a stable test_runner, updates of the V8 JavaScript engine to 11.3, Ada to 2.0, and more! As a reminder, Node.js 20 will enter long-term support (LTS) in October, but until then, it will be the "Current" release for the next six months. We encourage you to explore the new features and benefits offered by this latest release and evaluate their potential impact on your applications. ### Notable Changes #### Permission Model Node.js now has an experimental feature called the Permission Model. It allows developers to restrict access to specific resources during program execution, such as file system operations, child process spawning, and worker thread creation. The API exists behind a flag `--experimental-permission` which when enabled will restrict access to all available permissions. By using this feature, developers can prevent their applications from accessing or modifying sensitive data or running potentially harmful code. More information about the Permission Model can be found in the [Node.js documentation](https://nodejs.org/api/permissions.html#process-based- permissions). The Permission Model was a contribution by Rafael Gonzaga in [#44004](https://github.com/nodejs/node/pull/44004). #### Custom ESM loader hooks run on dedicated thread ESM hooks supplied via loaders (`--experimental- loader=foo.mjs`) now run in a dedicated thread, isolated from the main thread. This provides a separate scope for loaders and ensures no cross-contamination between loaders and application code. **Synchronous `import.meta.resolve()`** In alignment with browser behavior, this function now returns synchronously. Despite this, user loader `resolve` hooks can still be defined as async functions (or as sync functions, if the author prefers). Even when there are async `resolve` hooks loaded, `import.meta.resolve` will still return synchronously for application code. Contributed by Anna Henningsen, Antoine du Hamel, Geoffrey Booth, Guy Bedford, Jacob Smith, and Micha��l Zasso in [#44710](https://github.com/nodejs/node/pull/44710) #### V8 11.3 The V8 engine is updated to version 11.3, which is part of Chromium 113. This version includes three new features to the JavaScript API: * [String.prototype.isWellFormed and toWellFormed](https://chromestatus.com/feature/5200195346759680) * [Methods that change Array and TypedArray by copy](https://chromestatus.com/feature/5068609911521280) * [Resizable ArrayBuffer and growable SharedArrayBuffer](https://chromestatus.com/feature/4668361878274048) * [RegExp v flag with set notation + properties of strings](https://chromestatus.com/feature/5144156542861312) * [WebAssembly Tail Call](https://chromestatus.com/feature/5423405012615168) The V8 update was a contribution by Micha��l Zasso in [#47251](https://github.com/nodejs/node/pull/47251). #### Stable Test Runner The recent update to Node.js, version 20, includes an important change to the test_runner module. The module has been marked as stable after a recent update. Previously, the test_runner module was experimental, but this change marks it as a stable module that is ready for production use. Contributed by Colin Ihrig in [#46983](https://github.com/nodejs/node/pull/46983) #### Ada 2.0 Node.js v20 comes with the latest version of the URL parser, Ada. This update brings significant performance improvements to URL parsing, including enhancements to the `url.domainToASCII` and `url.domainToUnicode` functions in `node:url`. Ada 2.0 has been integrated into the Node.js codebase, ensuring that all parts of the application can benefit from the improved performance. Additionally, Ada 2.0 features a significant performance boost over its predecessor, Ada 1.0.4, while also eliminating the need for the ICU requirement for URL hostname parsing. Contributed by Yagiz Nizipli and Daniel Lemire in [#47339](https://github.com/nodejs/node/pull/47339) #### Preparing single executable apps now requires injecting a Blob Building a single executable app now requires injecting a blob prepared by Node.js from a JSON config instead of injecting the raw JS file. This opens up the possibility of embedding multiple co-existing resources into the SEA (Single Executable Apps). Contributed by Joyee Cheung in [#47125](https://github.com/nodejs/node/pull/47125) #### Web Crypto API Web Crypto API functions' arguments are now coerced and validated as per their WebIDL definitions like in other Web Crypto API implementations. This further improves interoperability with other implementations of Web Crypto API. This change was made by Filip Skokan in [#46067](https://github.com/nodejs/node/pull/46067). #### Official support for ARM64 Windows Node.js now includes binaries for ARM64 Windows, allowing for native execution on the platform. The MSI, zip/7z packages, and executable are available from the Node.js download site along with all other platforms. The CI system was updated and all changes are now fully tested on ARM64 Windows, to prevent regressions and ensure compatibility. ARM64 Windows was upgraded to tier 2 support by Stefan Stojanovic in [#47233](https://github.com/nodejs/node/pull/47233). #### WASI version must now be specified When `new WASI()` is called, the version option is now required and has no default value. Any code that relied on the default for the version will need to be updated to request a specific version. This change was made by Michael Dawson in [#47391](https://github.com/nodejs/node/pull/47391). #### Deprecations and Removals * [[`3bed5f11e0`](https://github.com/nodejs/node/commit/3bed5f11e0)] - **(SEMVER- MAJOR)** **url**: runtime-deprecate url.parse() with invalid ports (Rich Trott) [#45526](https://github.com/nodejs/node/pull/45526) `url.parse()` accepts URLs with ports that are not numbers. This behavior might result in host name spoofing with unexpected input. These URLs will throw an error in future versions of Node.js, as the WHATWG URL API does already. Starting with Node.js 20, these URLS cause `url.parse()` to emit a warning. -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Stephen Gallagher sgallagh@redhat.com - 1:16.20.0-11 - Fix up shebangs for npm and npx * Thu Apr 27 2023 Stephen Gallagher sgallagh@redhat.com - 1:16.20.0-10 - Add README for packagers * Thu Apr 27 2023 Stephen Gallagher sgallagh@redhat.com - 1:16.20.0-9 - nodejs-sources.sh: Add --debug flag * Thu Apr 27 2023 Stephen Gallagher sgallagh@redhat.com - 1:16.20.0-8 - Replace /usr/etc/npmrc symlink with builtin configuration * Wed Apr 26 2023 Stephen Gallagher sgallagh@redhat.com - 1:16.20.0-7 - Fix manpage symlinks * Tue Apr 11 2023 Stephen Gallagher sgallagh@redhat.com - 1:16.20.0-6 - Don't 'Provides: npm' on non-default * Tue Apr 11 2023 Stephen Gallagher sgallagh@redhat.com - 1:16.20.0-5 - Don't 'Provides: npm' on non-default * Tue Apr 11 2023 Stephen Gallagher sgallagh@redhat.com - 1:16.20.0-4 - Drop unused .in file --------------------------------------------------------------------------------

================================================================================ nodejs18-18.16.0-8.fc38 (FEDORA-2023-89f53fdff5) JavaScript runtime -------------------------------------------------------------------------------- Update Information:

Fix issue with `npm` and `npx` running under the default interpreter instead of its intended one. ---- Fix symlink issue with manpages ---- ## 2023-04-12, Version 18.16.0 'Hydrogen' (LTS), @danielleadams ### Notable changes #### Add initial support for single executable applications Compile a JavaScript file into a single executable application: ```console $ echo 'console.log(`Hello, ${process.argv[2]}!`);' > hello.js $ cp $(command -v node) hello # On systems other than macOS: $ npx postject hello NODE_JS_CODE hello.js \ --sentinel- fuse NODE_JS_FUSE_fce680ab2cc467b6e072b8b5df1996b2 # On macOS: $ npx postject hello NODE_JS_CODE hello.js \ --sentinel-fuse NODE_JS_FUSE_fce680ab2cc467b6e072b8b5df1996b2 \ --macho-segment-name NODE_JS $ ./hello world Hello, world! ``` Contributed by Darshan Sen in https://github.com/nodejs/node/pull/45038 #### Replace url parser with Ada Node.js gets a new URL parser called Ada that is compliant with the WHATWG URL Specification and provides more than 100% performance improvement to the existing implementation. Contributed by Yagiz Nizipli in https://github.com/nodejs/node/pull/46410 #### Other notable changes * **buffer**: * **(SEMVER-MINOR)** add Buffer.copyBytesFrom(...) (James M Snell) [#46500](https://github.com/nodejs/node/pull/46500) * **doc**: * add marco- ippolito to collaborators (Marco Ippolito) [#46816](https://github.com/nodejs/node/pull/46816) * add debadree25 to collaborators (Debadree Chatterjee) [#46716](https://github.com/nodejs/node/pull/46716) * add deokjinkim to collaborators (Deokjin Kim) [#46444](https://github.com/nodejs/node/pull/46444) * **events**: * **(SEMVER-MINOR)** add listener argument to listenerCount (Paolo Insogna) [#46523](https://github.com/nodejs/node/pull/46523) * **lib**: * **(SEMVER-MINOR)** add AsyncLocalStorage.bind() and .snapshot() (flakey5) [#46387](https://github.com/nodejs/node/pull/46387) * **(SEMVER-MINOR)** add aborted() utility function (Debadree Chatterjee) [#46494](https://github.com/nodejs/node/pull/46494) * **src**: * **(SEMVER- MINOR)** allow optional Isolate termination in node::Stop() (Shelley Vohr) [#46583](https://github.com/nodejs/node/pull/46583) * **(SEMVER-MINOR)** allow embedder control of code generation policy (Shelley Vohr) [#46368](https://github.com/nodejs/node/pull/46368) * **stream**: * **(SEMVER- MINOR)** add abort signal for ReadableStream and WritableStream (Debadree Chatterjee) [#46273](https://github.com/nodejs/node/pull/46273) * **tls**: * **(SEMVER-MINOR)** support automatic DHE (Tobias Nie��en) [#46978](https://github.com/nodejs/node/pull/46978) * **url**: * **(SEMVER- MINOR)** implement URLSearchParams size getter (James M Snell) [#46308](https://github.com/nodejs/node/pull/46308) * **worker**: * **(SEMVER- MINOR)** add support for worker name in inspector and trace_events (Debadree Chatterjee) [#46832](https://github.com/nodejs/node/pull/46832) ---- ## 2023-04-18, Version 20.0.0 (Current), @RafaelGSS We're excited to announce the release of Node.js 20! Highlights include the new Node.js Permission Model, a synchronous `import.meta.resolve`, a stable test_runner, updates of the V8 JavaScript engine to 11.3, Ada to 2.0, and more! As a reminder, Node.js 20 will enter long-term support (LTS) in October, but until then, it will be the "Current" release for the next six months. We encourage you to explore the new features and benefits offered by this latest release and evaluate their potential impact on your applications. ### Notable Changes #### Permission Model Node.js now has an experimental feature called the Permission Model. It allows developers to restrict access to specific resources during program execution, such as file system operations, child process spawning, and worker thread creation. The API exists behind a flag `--experimental-permission` which when enabled will restrict access to all available permissions. By using this feature, developers can prevent their applications from accessing or modifying sensitive data or running potentially harmful code. More information about the Permission Model can be found in the [Node.js documentation](https://nodejs.org/api/permissions.html#process-based- permissions). The Permission Model was a contribution by Rafael Gonzaga in [#44004](https://github.com/nodejs/node/pull/44004). #### Custom ESM loader hooks run on dedicated thread ESM hooks supplied via loaders (`--experimental- loader=foo.mjs`) now run in a dedicated thread, isolated from the main thread. This provides a separate scope for loaders and ensures no cross-contamination between loaders and application code. **Synchronous `import.meta.resolve()`** In alignment with browser behavior, this function now returns synchronously. Despite this, user loader `resolve` hooks can still be defined as async functions (or as sync functions, if the author prefers). Even when there are async `resolve` hooks loaded, `import.meta.resolve` will still return synchronously for application code. Contributed by Anna Henningsen, Antoine du Hamel, Geoffrey Booth, Guy Bedford, Jacob Smith, and Micha��l Zasso in [#44710](https://github.com/nodejs/node/pull/44710) #### V8 11.3 The V8 engine is updated to version 11.3, which is part of Chromium 113. This version includes three new features to the JavaScript API: * [String.prototype.isWellFormed and toWellFormed](https://chromestatus.com/feature/5200195346759680) * [Methods that change Array and TypedArray by copy](https://chromestatus.com/feature/5068609911521280) * [Resizable ArrayBuffer and growable SharedArrayBuffer](https://chromestatus.com/feature/4668361878274048) * [RegExp v flag with set notation + properties of strings](https://chromestatus.com/feature/5144156542861312) * [WebAssembly Tail Call](https://chromestatus.com/feature/5423405012615168) The V8 update was a contribution by Micha��l Zasso in [#47251](https://github.com/nodejs/node/pull/47251). #### Stable Test Runner The recent update to Node.js, version 20, includes an important change to the test_runner module. The module has been marked as stable after a recent update. Previously, the test_runner module was experimental, but this change marks it as a stable module that is ready for production use. Contributed by Colin Ihrig in [#46983](https://github.com/nodejs/node/pull/46983) #### Ada 2.0 Node.js v20 comes with the latest version of the URL parser, Ada. This update brings significant performance improvements to URL parsing, including enhancements to the `url.domainToASCII` and `url.domainToUnicode` functions in `node:url`. Ada 2.0 has been integrated into the Node.js codebase, ensuring that all parts of the application can benefit from the improved performance. Additionally, Ada 2.0 features a significant performance boost over its predecessor, Ada 1.0.4, while also eliminating the need for the ICU requirement for URL hostname parsing. Contributed by Yagiz Nizipli and Daniel Lemire in [#47339](https://github.com/nodejs/node/pull/47339) #### Preparing single executable apps now requires injecting a Blob Building a single executable app now requires injecting a blob prepared by Node.js from a JSON config instead of injecting the raw JS file. This opens up the possibility of embedding multiple co-existing resources into the SEA (Single Executable Apps). Contributed by Joyee Cheung in [#47125](https://github.com/nodejs/node/pull/47125) #### Web Crypto API Web Crypto API functions' arguments are now coerced and validated as per their WebIDL definitions like in other Web Crypto API implementations. This further improves interoperability with other implementations of Web Crypto API. This change was made by Filip Skokan in [#46067](https://github.com/nodejs/node/pull/46067). #### Official support for ARM64 Windows Node.js now includes binaries for ARM64 Windows, allowing for native execution on the platform. The MSI, zip/7z packages, and executable are available from the Node.js download site along with all other platforms. The CI system was updated and all changes are now fully tested on ARM64 Windows, to prevent regressions and ensure compatibility. ARM64 Windows was upgraded to tier 2 support by Stefan Stojanovic in [#47233](https://github.com/nodejs/node/pull/47233). #### WASI version must now be specified When `new WASI()` is called, the version option is now required and has no default value. Any code that relied on the default for the version will need to be updated to request a specific version. This change was made by Michael Dawson in [#47391](https://github.com/nodejs/node/pull/47391). #### Deprecations and Removals * [[`3bed5f11e0`](https://github.com/nodejs/node/commit/3bed5f11e0)] - **(SEMVER- MAJOR)** **url**: runtime-deprecate url.parse() with invalid ports (Rich Trott) [#45526](https://github.com/nodejs/node/pull/45526) `url.parse()` accepts URLs with ports that are not numbers. This behavior might result in host name spoofing with unexpected input. These URLs will throw an error in future versions of Node.js, as the WHATWG URL API does already. Starting with Node.js 20, these URLS cause `url.parse()` to emit a warning. -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Stephen Gallagher sgallagh@redhat.com - 1:18.16.0-8 - Fix up shebangs for npm and npx * Thu Apr 27 2023 Stephen Gallagher sgallagh@redhat.com - 1:18.16.0-7 - Add README for packagers * Thu Apr 27 2023 Stephen Gallagher sgallagh@redhat.com - 1:18.16.0-6 - nodejs-sources.sh: Add --debug flag * Thu Apr 27 2023 Stephen Gallagher sgallagh@redhat.com - 1:18.16.0-5 - Replace /usr/etc/npmrc symlink with builtin configuration * Wed Apr 26 2023 Stephen Gallagher sgallagh@redhat.com - 1:18.16.0-4 - Apply to spec also * Wed Apr 26 2023 Stephen Gallagher sgallagh@redhat.com - 1:18.16.0-3 - Fix manpage symlinks * Wed Apr 26 2023 Stephen Gallagher sgallagh@redhat.com - 1:18.16.0-2 - Rebase Fedora patches * Wed Apr 26 2023 Stephen Gallagher sgallagh@redhat.com - 1:18.16.0-1 - Update to 18.16.0 * Tue Apr 11 2023 Stephen Gallagher sgallagh@redhat.com - 1:18.15.0-7 - Don't 'Provides: npm' on non-default --------------------------------------------------------------------------------

================================================================================ nodejs20-20.0.0-8.fc38 (FEDORA-2023-89f53fdff5) JavaScript runtime -------------------------------------------------------------------------------- Update Information:

Fix issue with `npm` and `npx` running under the default interpreter instead of its intended one. ---- Fix symlink issue with manpages ---- ## 2023-04-12, Version 18.16.0 'Hydrogen' (LTS), @danielleadams ### Notable changes #### Add initial support for single executable applications Compile a JavaScript file into a single executable application: ```console $ echo 'console.log(`Hello, ${process.argv[2]}!`);' > hello.js $ cp $(command -v node) hello # On systems other than macOS: $ npx postject hello NODE_JS_CODE hello.js \ --sentinel- fuse NODE_JS_FUSE_fce680ab2cc467b6e072b8b5df1996b2 # On macOS: $ npx postject hello NODE_JS_CODE hello.js \ --sentinel-fuse NODE_JS_FUSE_fce680ab2cc467b6e072b8b5df1996b2 \ --macho-segment-name NODE_JS $ ./hello world Hello, world! ``` Contributed by Darshan Sen in https://github.com/nodejs/node/pull/45038 #### Replace url parser with Ada Node.js gets a new URL parser called Ada that is compliant with the WHATWG URL Specification and provides more than 100% performance improvement to the existing implementation. Contributed by Yagiz Nizipli in https://github.com/nodejs/node/pull/46410 #### Other notable changes * **buffer**: * **(SEMVER-MINOR)** add Buffer.copyBytesFrom(...) (James M Snell) [#46500](https://github.com/nodejs/node/pull/46500) * **doc**: * add marco- ippolito to collaborators (Marco Ippolito) [#46816](https://github.com/nodejs/node/pull/46816) * add debadree25 to collaborators (Debadree Chatterjee) [#46716](https://github.com/nodejs/node/pull/46716) * add deokjinkim to collaborators (Deokjin Kim) [#46444](https://github.com/nodejs/node/pull/46444) * **events**: * **(SEMVER-MINOR)** add listener argument to listenerCount (Paolo Insogna) [#46523](https://github.com/nodejs/node/pull/46523) * **lib**: * **(SEMVER-MINOR)** add AsyncLocalStorage.bind() and .snapshot() (flakey5) [#46387](https://github.com/nodejs/node/pull/46387) * **(SEMVER-MINOR)** add aborted() utility function (Debadree Chatterjee) [#46494](https://github.com/nodejs/node/pull/46494) * **src**: * **(SEMVER- MINOR)** allow optional Isolate termination in node::Stop() (Shelley Vohr) [#46583](https://github.com/nodejs/node/pull/46583) * **(SEMVER-MINOR)** allow embedder control of code generation policy (Shelley Vohr) [#46368](https://github.com/nodejs/node/pull/46368) * **stream**: * **(SEMVER- MINOR)** add abort signal for ReadableStream and WritableStream (Debadree Chatterjee) [#46273](https://github.com/nodejs/node/pull/46273) * **tls**: * **(SEMVER-MINOR)** support automatic DHE (Tobias Nie��en) [#46978](https://github.com/nodejs/node/pull/46978) * **url**: * **(SEMVER- MINOR)** implement URLSearchParams size getter (James M Snell) [#46308](https://github.com/nodejs/node/pull/46308) * **worker**: * **(SEMVER- MINOR)** add support for worker name in inspector and trace_events (Debadree Chatterjee) [#46832](https://github.com/nodejs/node/pull/46832) ---- ## 2023-04-18, Version 20.0.0 (Current), @RafaelGSS We're excited to announce the release of Node.js 20! Highlights include the new Node.js Permission Model, a synchronous `import.meta.resolve`, a stable test_runner, updates of the V8 JavaScript engine to 11.3, Ada to 2.0, and more! As a reminder, Node.js 20 will enter long-term support (LTS) in October, but until then, it will be the "Current" release for the next six months. We encourage you to explore the new features and benefits offered by this latest release and evaluate their potential impact on your applications. ### Notable Changes #### Permission Model Node.js now has an experimental feature called the Permission Model. It allows developers to restrict access to specific resources during program execution, such as file system operations, child process spawning, and worker thread creation. The API exists behind a flag `--experimental-permission` which when enabled will restrict access to all available permissions. By using this feature, developers can prevent their applications from accessing or modifying sensitive data or running potentially harmful code. More information about the Permission Model can be found in the [Node.js documentation](https://nodejs.org/api/permissions.html#process-based- permissions). The Permission Model was a contribution by Rafael Gonzaga in [#44004](https://github.com/nodejs/node/pull/44004). #### Custom ESM loader hooks run on dedicated thread ESM hooks supplied via loaders (`--experimental- loader=foo.mjs`) now run in a dedicated thread, isolated from the main thread. This provides a separate scope for loaders and ensures no cross-contamination between loaders and application code. **Synchronous `import.meta.resolve()`** In alignment with browser behavior, this function now returns synchronously. Despite this, user loader `resolve` hooks can still be defined as async functions (or as sync functions, if the author prefers). Even when there are async `resolve` hooks loaded, `import.meta.resolve` will still return synchronously for application code. Contributed by Anna Henningsen, Antoine du Hamel, Geoffrey Booth, Guy Bedford, Jacob Smith, and Micha��l Zasso in [#44710](https://github.com/nodejs/node/pull/44710) #### V8 11.3 The V8 engine is updated to version 11.3, which is part of Chromium 113. This version includes three new features to the JavaScript API: * [String.prototype.isWellFormed and toWellFormed](https://chromestatus.com/feature/5200195346759680) * [Methods that change Array and TypedArray by copy](https://chromestatus.com/feature/5068609911521280) * [Resizable ArrayBuffer and growable SharedArrayBuffer](https://chromestatus.com/feature/4668361878274048) * [RegExp v flag with set notation + properties of strings](https://chromestatus.com/feature/5144156542861312) * [WebAssembly Tail Call](https://chromestatus.com/feature/5423405012615168) The V8 update was a contribution by Micha��l Zasso in [#47251](https://github.com/nodejs/node/pull/47251). #### Stable Test Runner The recent update to Node.js, version 20, includes an important change to the test_runner module. The module has been marked as stable after a recent update. Previously, the test_runner module was experimental, but this change marks it as a stable module that is ready for production use. Contributed by Colin Ihrig in [#46983](https://github.com/nodejs/node/pull/46983) #### Ada 2.0 Node.js v20 comes with the latest version of the URL parser, Ada. This update brings significant performance improvements to URL parsing, including enhancements to the `url.domainToASCII` and `url.domainToUnicode` functions in `node:url`. Ada 2.0 has been integrated into the Node.js codebase, ensuring that all parts of the application can benefit from the improved performance. Additionally, Ada 2.0 features a significant performance boost over its predecessor, Ada 1.0.4, while also eliminating the need for the ICU requirement for URL hostname parsing. Contributed by Yagiz Nizipli and Daniel Lemire in [#47339](https://github.com/nodejs/node/pull/47339) #### Preparing single executable apps now requires injecting a Blob Building a single executable app now requires injecting a blob prepared by Node.js from a JSON config instead of injecting the raw JS file. This opens up the possibility of embedding multiple co-existing resources into the SEA (Single Executable Apps). Contributed by Joyee Cheung in [#47125](https://github.com/nodejs/node/pull/47125) #### Web Crypto API Web Crypto API functions' arguments are now coerced and validated as per their WebIDL definitions like in other Web Crypto API implementations. This further improves interoperability with other implementations of Web Crypto API. This change was made by Filip Skokan in [#46067](https://github.com/nodejs/node/pull/46067). #### Official support for ARM64 Windows Node.js now includes binaries for ARM64 Windows, allowing for native execution on the platform. The MSI, zip/7z packages, and executable are available from the Node.js download site along with all other platforms. The CI system was updated and all changes are now fully tested on ARM64 Windows, to prevent regressions and ensure compatibility. ARM64 Windows was upgraded to tier 2 support by Stefan Stojanovic in [#47233](https://github.com/nodejs/node/pull/47233). #### WASI version must now be specified When `new WASI()` is called, the version option is now required and has no default value. Any code that relied on the default for the version will need to be updated to request a specific version. This change was made by Michael Dawson in [#47391](https://github.com/nodejs/node/pull/47391). #### Deprecations and Removals * [[`3bed5f11e0`](https://github.com/nodejs/node/commit/3bed5f11e0)] - **(SEMVER- MAJOR)** **url**: runtime-deprecate url.parse() with invalid ports (Rich Trott) [#45526](https://github.com/nodejs/node/pull/45526) `url.parse()` accepts URLs with ports that are not numbers. This behavior might result in host name spoofing with unexpected input. These URLs will throw an error in future versions of Node.js, as the WHATWG URL API does already. Starting with Node.js 20, these URLS cause `url.parse()` to emit a warning. -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Stephen Gallagher sgallagh@redhat.com - 1:20.0.0-8 - Fix up shebangs for npm and npx * Thu Apr 27 2023 Stephen Gallagher sgallagh@redhat.com - 1:20.0.0-7 - Add README for packagers * Thu Apr 27 2023 Stephen Gallagher sgallagh@redhat.com - 1:20.0.0-6 - nodejs-sources.sh: Add --debug flag * Thu Apr 27 2023 Stephen Gallagher sgallagh@redhat.com - 1:20.0.0-5 - Apply changes to spec template * Thu Apr 27 2023 Jan Stan��k jstanek@redhat.com - 1:20.0.0-4 - Replace /usr/etc/npmrc symlink with builtin configuration * Wed Apr 26 2023 Stephen Gallagher sgallagh@redhat.com - 1:20.0.0-3 - Fix npm manpage symlinks * Wed Apr 26 2023 Stephen Gallagher sgallagh@redhat.com - 1:20.0.0-2 - Fix bug on gcc13 * Wed Apr 26 2023 Stephen Gallagher sgallagh@redhat.com - 1:20.0.0-1 - Update to 20.0.0 * Wed Apr 12 2023 Stephen Gallagher sgallagh@redhat.com - 1:19.9.0-3 - Apply changes to actual spec * Tue Apr 11 2023 Stephen Gallagher sgallagh@redhat.com - 1:19.9.0-2 - Don't 'Provides:npm' on non-default * Tue Apr 11 2023 Stephen Gallagher sgallagh@redhat.com - 1:19.9.0-1 - Update to 19.9.0 --------------------------------------------------------------------------------

================================================================================ nwg-panel-0.8.5-1.fc38 (FEDORA-2023-798533ee15) GTK3-based panel for sway window manager -------------------------------------------------------------------------------- Update Information:

Update to latest version -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Artem Polishchuk ego.cordatus@gmail.com - 0.8.5-1 - chore: Update to 0.8.5 -------------------------------------------------------------------------------- References:

[ 1 ] Bug #2183682 - nwg-panel-0.8.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2183682 --------------------------------------------------------------------------------

================================================================================ packit-0.75.0-1.fc38 (FEDORA-2023-eb1f994016) A tool for integrating upstream projects with Fedora operating system -------------------------------------------------------------------------------- Update Information:

Automatic update for packit-0.75.0-1.fc38. ##### **Changelog for packit** ``` * Fri Apr 28 2023 Packit hello@packit.dev - 0.75.0-1 - Detection of `%autorelease` usage in dist-git spec file during `propose-downstream` and `pull-from-upstream` has been improved and Packit will always preserve it. (#1949) - Changed build tool to hatchling and moved metadata to `pyproject.toml`. (PEP621) (#1913) - Respect `upstream_ref` for tags that start with "a", "b", "c", "e", "n", "r", "s". This was caused by an issue with a `branches` prefix being treated as a set of letters to remove. (#1943) - Reset `Release` field in dist-git spec file to `1` when the version in upstream spec file is not up-to-date with the release that triggered `propose_downstream`. (#1940) - Correctly catch the logs, if any of the user actions fail during the propose-downstream. (#1939) - `packit source-git` related commands can skip dist-git repos, where the git trailer is not found, when looking for the right dist-git dir where to work. (#1938) - More monorepo related fixes. (#1946, #1947, #1948) ``` -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Packit hello@packit.dev - 0.75.0-1 - Detection of `%autorelease` usage in dist-git spec file during `propose-downstream` and `pull-from-upstream` has been improved and Packit will always preserve it. (#1949) - Changed build tool to hatchling and moved metadata to `pyproject.toml`. (PEP621) (#1913) - Respect `upstream_ref` for tags that start with "a", "b", "c", "e", "n", "r", "s". This was caused by an issue with a `branches` prefix being treated as a set of letters to remove. (#1943) - Reset `Release` field in dist-git spec file to `1` when the version in upstream spec file is not up-to-date with the release that triggered `propose_downstream`. (#1940) - Correctly catch the logs, if any of the user actions fail during the propose-downstream. (#1939) - `packit source-git` related commands can skip dist-git repos, where the git trailer is not found, when looking for the right dist-git dir where to work. (#1938) - More monorepo related fixes. (#1946, #1947, #1948) --------------------------------------------------------------------------------

================================================================================ perl-Hash-Ordered-0.014-1.fc38 (FEDORA-2023-af14ec2ca3) Perl class for ordered hashes -------------------------------------------------------------------------------- Update Information:

This update brings a new perl-Hash-Ordered package which enables you to create Perl hashes with a preserved key order. -------------------------------------------------------------------------------- ChangeLog:

* Tue Apr 18 2023 Petr Pisar ppisar@redhat.com 0.014-1 - Specfile autogenerated by cpanspec 1.78. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #2187643 - Review Request: perl-Hash-Ordered - Perl class for ordered hashes https://bugzilla.redhat.com/show_bug.cgi?id=2187643 --------------------------------------------------------------------------------

================================================================================ premake-5.0.0^20230420git3f1e4f8-1.20230420git3f1e4f8.fc38 (FEDORA-2023-0895369c27) Cross-platform build configuration tool -------------------------------------------------------------------------------- Update Information:

Update to latest commit id on 2023.04.20 -------------------------------------------------------------------------------- ChangeLog:

--------------------------------------------------------------------------------

================================================================================ python-glymur-0.12.4-1.fc38 (FEDORA-2023-9de55d992d) Interface to the OpenJPEG library for working with JPEG 2000 files -------------------------------------------------------------------------------- Update Information:

### Changes in 0.12.4 - Fix regression on default value of numres. ---- ### Changes in 0.12.3 - Add support for type hints. - Remove support for Python 3.8. ---- ### Changes in 0.12.2 - Fix error condition when MCT specified as false for grayscale image. - Make properties conform to numpydoc. - Fix YCbCr/JPEG TIFF conversion test failure on Fedora. - Stop using libtiff to create test files on the fly. -------------------------------------------------------------------------------- ChangeLog:

* Thu Apr 27 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.12.4-1 - Update to 0.12.4 (close RHBZ#2190054) * Sun Apr 23 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.12.3-1 - Update to 0.12.3 (close RHBZ#2188827) * Tue Apr 18 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.12.2-1 - Update to 0.12.2 (close RHBZ#2158610) --------------------------------------------------------------------------------

================================================================================ python-yara-4.3.1-1.fc38 (FEDORA-2023-61beaccd86) Python binding for the YARA pattern matching tool -------------------------------------------------------------------------------- Update Information:

bugfix -------------------------------------------------------------------------------- ChangeLog:

* Wed Apr 26 2023 Michal Ambroz <rebus at, seznam.cz> - 4.3.1-1 - bump to 4.3.1 * Thu Mar 30 2023 Michal Ambroz <rebus at, seznam.cz> - 4.3.0-1 - bump to 4.3.0 -------------------------------------------------------------------------------- References:

[ 1 ] Bug #2157245 - yara-4.3.0-rc1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2157245 [ 2 ] Bug #2181706 - python-yara-4.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2181706 [ 3 ] Bug #2188807 - yara-4.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2188807 --------------------------------------------------------------------------------

================================================================================ rpkg-1.66-7.fc38 (FEDORA-2023-bde956dc4d) Python library for interacting with rpm+git -------------------------------------------------------------------------------- Update Information:

Some patches: - rpkg: * Do not require 'sources' file for all namespaces (https://pagure.io/rpkg/pull-request/691) * Use release's rpmdefines in unused sources check (https://pagure.io/rpkg/pull-request/678) - fedpkg: * Improve invalid branch name error message (https://pagure.io/fedpkg/pull-request/518) -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Ond��ej Nosek onosek@redhat.com - 1.66-7 - Patch: Do not require 'sources' file for all namespaces - Use release's rpmdefines in unused sources check --------------------------------------------------------------------------------

================================================================================ runc-1.1.7-1.fc38 (FEDORA-2023-984629d2db) CLI for running Open Containers -------------------------------------------------------------------------------- Update Information:

auto bump to v1.1.7 -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 RH Container Bot rhcontainerbot@fedoraproject.org - 2:1.1.7-1 - auto bump to v1.1.7 -------------------------------------------------------------------------------- References:

[ 1 ] Bug #2190330 - runc-1.1.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=2190330 --------------------------------------------------------------------------------

================================================================================ rust-enumber-0.3.0-1.fc38 (FEDORA-2023-b2296ccb26) Provide useful impls on numerical enums -------------------------------------------------------------------------------- Update Information:

Initial packaging of the enumber crate. -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Fabio Valentini decathorpe@gmail.com - 0.3.0-1 - Initial import (#2186546) --------------------------------------------------------------------------------

================================================================================ rust-grep-0.2.11-1.fc38 (FEDORA-2023-b6bffc9958) Fast line oriented regex searching as a library -------------------------------------------------------------------------------- Update Information:

Update to version 0.2.11. -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Fabio Valentini decathorpe@gmail.com - 0.2.11-1 - Update to version 0.2.11; Fixes RHBZ#2158498 --------------------------------------------------------------------------------

================================================================================ rust-linux-raw-sys-0.3.6-1.fc38 (FEDORA-2023-0db4460fa7) Generated bindings for Linux's userspace API -------------------------------------------------------------------------------- Update Information:

- Update the rustix crate to version 0.37.15. - Update the linux-raw-sys crate to version 0.3.6. -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Fabio Valentini decathorpe@gmail.com - 0.3.6-1 - Update to version 0.3.6; Fixes RHBZ#2188142 --------------------------------------------------------------------------------

================================================================================ rust-openpgp-cert-d-0.1.0-1.fc38 (FEDORA-2023-e215d546ea) Shared OpenPGP Certificate Directory -------------------------------------------------------------------------------- Update Information:

Initial packaging of the openpgp-cert-d crate. -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Fabio Valentini decathorpe@gmail.com - 0.1.0-1 - Initial import (#2186547) --------------------------------------------------------------------------------

================================================================================ rust-openssl-0.10.52-1.fc38 (FEDORA-2023-8f2ff1fcc8) OpenSSL bindings -------------------------------------------------------------------------------- Update Information:

- Update the openssl crate to version 0.10.52. - Update the openssl-sys crate to version 0.9.87. -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Fabio Valentini decathorpe@gmail.com - 0.10.52-1 - Update to version 0.10.52; Fixes RHBZ#2188492 --------------------------------------------------------------------------------

================================================================================ rust-openssl-sys-0.9.87-1.fc38 (FEDORA-2023-8f2ff1fcc8) FFI bindings to OpenSSL -------------------------------------------------------------------------------- Update Information:

- Update the openssl crate to version 0.10.52. - Update the openssl-sys crate to version 0.9.87. -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Fabio Valentini decathorpe@gmail.com - 0.9.87-1 - Update to version 0.9.87; Fixes RHBZ#2188493 --------------------------------------------------------------------------------

================================================================================ rust-reqwest-0.11.17-1.fc38 (FEDORA-2023-60c64d604a) Higher level HTTP client library -------------------------------------------------------------------------------- Update Information:

Update to version 0.11.17. -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Fabio Valentini decathorpe@gmail.com - 0.11.17-1 - Update to version 0.11.17; Fixes RHBZ#2190521 --------------------------------------------------------------------------------

================================================================================ rust-rustix-0.37.15-1.fc38 (FEDORA-2023-0db4460fa7) Safe Rust bindings to POSIX/Unix/Linux/Winsock2-like syscalls -------------------------------------------------------------------------------- Update Information:

- Update the rustix crate to version 0.37.15. - Update the linux-raw-sys crate to version 0.3.6. -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Fabio Valentini decathorpe@gmail.com - 0.37.15-1 - Update to version 0.37.15; Fixes RHBZ#2188207 --------------------------------------------------------------------------------

================================================================================ rust-tester-0.9.1-1.fc38 (FEDORA-2023-4fbe2d623d) Fork of Rust���s test crate that doesn���t require unstable language features -------------------------------------------------------------------------------- Update Information:

Update to version 0.9.1. -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Fabio Valentini decathorpe@gmail.com - 0.9.1-1 - Update to version 0.9.1; Fixes RHBZ#2190391 --------------------------------------------------------------------------------

================================================================================ rust-tokio-1.28.0-1.fc38 (FEDORA-2023-42b7ca057b) Event-driven, non-blocking I/O platform -------------------------------------------------------------------------------- Update Information:

- Update the tokio crate to version 1.28.0. - Update the tokio-macros crate to version 2.1.0. -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Fabio Valentini decathorpe@gmail.com - 1.28.0-1 - Update to version 1.28.0; Fixes RHBZ#2189634 --------------------------------------------------------------------------------

================================================================================ rust-tokio-macros-2.1.0-1.fc38 (FEDORA-2023-42b7ca057b) Tokio's proc macros -------------------------------------------------------------------------------- Update Information:

- Update the tokio crate to version 1.28.0. - Update the tokio-macros crate to version 2.1.0. -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Fabio Valentini decathorpe@gmail.com - 2.1.0-1 - Update to version 2.1.0; Fixes RHBZ#2189610 --------------------------------------------------------------------------------

================================================================================ rust-tokio-tungstenite-0.18.0-1.fc38 (FEDORA-2023-24ffd732f3) Tokio binding for Tungstenite -------------------------------------------------------------------------------- Update Information:

- Update the warp crate to version 0.3.5. - Update the tungstenite and tokio- tungstenite crates to version 0.18.0. -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Fabio Valentini decathorpe@gmail.com - 0.18.0-1 - Update to version 0.18.0; Fixes RHBZ#2149160 --------------------------------------------------------------------------------

================================================================================ rust-tokio-util-0.7.8-1.fc38 (FEDORA-2023-c19e65c661) Additional utilities for working with Tokio -------------------------------------------------------------------------------- Update Information:

Update to version 0.7.8. -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Fabio Valentini decathorpe@gmail.com - 0.7.8-1 - Update to version 0.7.8; Fixes RHBZ#2189636 --------------------------------------------------------------------------------

================================================================================ rust-tungstenite-0.18.0-1.fc38 (FEDORA-2023-24ffd732f3) Lightweight stream-based WebSocket implementation -------------------------------------------------------------------------------- Update Information:

- Update the warp crate to version 0.3.5. - Update the tungstenite and tokio- tungstenite crates to version 0.18.0. -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Fabio Valentini decathorpe@gmail.com - 0.18.0-1 - Update to version 0.18.0 --------------------------------------------------------------------------------

================================================================================ rust-warp-0.3.5-1.fc38 (FEDORA-2023-24ffd732f3) Serve the web at warp speeds -------------------------------------------------------------------------------- Update Information:

- Update the warp crate to version 0.3.5. - Update the tungstenite and tokio- tungstenite crates to version 0.18.0. -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Fabio Valentini decathorpe@gmail.com - 0.3.5-1 - Update to version 0.3.5; Fixes RHBZ#2130320 --------------------------------------------------------------------------------

================================================================================ rust-xdg-2.5.0-1.fc38 (FEDORA-2023-cc8c355054) Store and retrieve files according to XDG Base Directory specification -------------------------------------------------------------------------------- Update Information:

Update to version 2.5.0. -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Fabio Valentini decathorpe@gmail.com - 2.5.0-1 - Update to version 2.5.0; Fixes RHBZ#2190012 --------------------------------------------------------------------------------

================================================================================ xpdf-4.04-8.fc38 (FEDORA-2023-7adbec748f) A PDF file viewer for the X Window System -------------------------------------------------------------------------------- Update Information:

Split the libraries out into xpdf-libs. -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 28 2023 Tom Callaway spot@fedoraproject.org 1:4.04-8 - move libs to -libs subpackage to minimize dep footprint of texlive-pdftex (bz2188328) * Tue Feb 21 2023 Than Ngo than@redhat.com - 4.04-7 - migrated to SPDX license -------------------------------------------------------------------------------- References:

[ 1 ] Bug #2188328 - texlive-pdftex requires xpdf (but shouldn't) https://bugzilla.redhat.com/show_bug.cgi?id=2188328 --------------------------------------------------------------------------------

================================================================================ yara-4.3.1-1.fc38 (FEDORA-2023-61beaccd86) Pattern matching Swiss knife for malware researchers -------------------------------------------------------------------------------- Update Information:

bugfix -------------------------------------------------------------------------------- ChangeLog:

* Wed Apr 26 2023 Michal Ambroz <rebus at, seznam.cz> - 4.3.1-1 - bump to 4.3.1 * Thu Mar 30 2023 Michal Ambroz <rebus at, seznam.cz> - 4.3.0-1 - bump to 4.3.0 -------------------------------------------------------------------------------- References:

[ 1 ] Bug #2157245 - yara-4.3.0-rc1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2157245 [ 2 ] Bug #2181706 - python-yara-4.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2181706 [ 3 ] Bug #2188807 - yara-4.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2188807 --------------------------------------------------------------------------------