[EPEL-devel] Fedora EPEL 7 updates-testing report

updates Wed, 13 Mar 2024 18:22:32 -0700

The following Fedora EPEL 7 Security updates need testing:
 Age  URL
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-9b53b79398   
golang-1.20.12-1.el7
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-a461023d55   
chromium-122.0.6261.111-1.el7



The following builds have been pushed to Fedora EPEL 7 updates-testing

    apptainer-1.3.0-1.el7
    baresip-3.10.1-1.el7
    hardinfo2-2.0.15-4.el7
    xorgxrdp-0.9.20-1.el7
    xrdp-0.9.25-2.el7

Details about builds:


================================================================================
 apptainer-1.3.0-1.el7 (FEDORA-EPEL-2024-88b6d1940a)
 Application and environment virtualization formerly known as Singularity
--------------------------------------------------------------------------------
Update Information:

Update to upstream 1.3.0, and security fixes for CVE-2024-28176 and
CVE-2024-28180
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 13 2024 Dave Dykstra <d...@fnal.gov> - 1.3.0
- Update to upstream 1.3.0
* Thu Feb 15 2024 Dave Dykstra <d...@fnal.gov> - 1.3.0~rc.2
- Update to upstream 1.3.0-rc.2
* Wed Jan 10 2024 Dave Dykstra <d...@fnal.gov> - 1.3.0~rc.1
- Update to upstream 1.3.0-rc.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2268820 - CVE-2024-28176 go-jose: resource exhaustion
        https://bugzilla.redhat.com/show_bug.cgi?id=2268820
  [ 2 ] Bug #2268854 - CVE-2024-28180 jose-go: improper handling of highly 
compressed data
        https://bugzilla.redhat.com/show_bug.cgi?id=2268854
--------------------------------------------------------------------------------


================================================================================
 baresip-3.10.1-1.el7 (FEDORA-EPEL-2024-f51b53c59b)
 Modular SIP user-agent with audio and video support
--------------------------------------------------------------------------------
Update Information:

Baresip v3.10.1 (2024-03-12)
Security Release (possible Denial of Service): A wrong or manipulated incoming
RTP Timestamp can cause the baresip process to hang forever, for details see:
#2954
aureceiver: fix mtx_unlock on discard
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 12 2024 Robert Scheck <rob...@fedoraproject.org> 3.10.1-1
- Upgrade to 3.10.1 (#2269261)
* Mon Mar 11 2024 Robert Scheck <rob...@fedoraproject.org> 3.10.0-2
- Added upstream patch to fix mtx_unlock on discard in aureceiver
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2269261 - baresip-3.10.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2269261
--------------------------------------------------------------------------------


================================================================================
 hardinfo2-2.0.15-4.el7 (FEDORA-EPEL-2024-393603a1a5)
 System Information and Benchmark for Linux Systems
--------------------------------------------------------------------------------
Update Information:

update
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 12 2024 Felix Wang <topa...@outlook.com> - 2.0.15-4
- fix build on epel 7; correct license
* Tue Mar 12 2024 Felix Wang <topa...@outlook.com> - 2.0.15-3
- fix build on epel 7; do not use ninja-nuild on epel
* Tue Mar 12 2024 Felix Wang <topa...@outlook.com> - 2.0.15-2
- Fix build issues on epel 7 and 8
* Sun Mar 10 2024 topazus <topa...@outlook.com> - 2.0.15-1
- initial import
--------------------------------------------------------------------------------


================================================================================
 xorgxrdp-0.9.20-1.el7 (FEDORA-EPEL-2024-f59a6b70a7)
 Implementation of xrdp backend as Xorg modules
--------------------------------------------------------------------------------
Update Information:

Release notes for xrdp v0.9.25 (2024/03/11)
Running xrdp and xrdp-sesman on separate hosts is still supported by this
release, but is now deprecated. This is not secure. A future v1.0 release will
replace the TCP socket used between these processes with a Unix Domain Socket,
and then cross-host running will not be possible.
General announcements
This is the last v0.9.x version which is released regularly. v0.9.x will be
maintained for a while but less actively. New releases will happen only when
severe security vulnerabilities or critical bugs are found.
We have created a fund on Open Collective. Support us if you like xrdp! Direct
donations to each developer via GitHub Sponsors are also welcomed.
Security fixes
No new security fixes in this release.
Bug fixes
Backport touchpad inertial scrolling (#2364 #2424 #2948).
New features
If the client announces support for the Image RemoteFX codec it is logged (back-
port of #2946)
Internal changes
FreeBSD CI version bumped to 13.2 from 12.4 (#2897)
Some test timeouts have been increased for slow CI machines (#2903)
Known issues
On-the-fly resolution change requires the Microsoft Store version of Remote
Desktop client but sometimes crashes on connect (#1869)
xrdp's login dialog is not relocated at the center of the new resolution after
on-the-fly resolution change happens (#1867)
General annoucements xorgxrdp 0.9.20
This is the last v0.9.x release. v0.9.x will be maintained for a while but less
actively. New releases will happen only when severe security vulnerabilities or
critical bugs are found.
We have created a fund on Open Collective. Support us if you like xrdp! Direct
donations to each developer via GitHub Sponsors are also welcomed.
New features
Too fast scroll mitigation
A fundamental solution for too fast scrolling issue by @seflerZ has been
backported from devel version to v0.9 (#265 #286). This fix requires xrdp
v0.9.25 so use xrdp v0.9.25 and xorgxrdp v0.9.20 together.
The following former workaround added at v0.9.19 has been removed. It takes no
effect anymore.
[SessionVariables]
(some existing lines)
XRDP_XORG_TOUCHPAD_SCROLL_HACK=yes
What's Changed
[v0.9] Backport touchpad inertial scrolling by @metalefty @seflerZ in #286
Bump version to v0.9.20 by @metalefty in #292
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 12 2024 Bojan Smojver <bo...@rexursive.com> - 0.9.20-1
- Bump up to 0.9.20
* Sat Jan 27 2024 Fedora Release Engineering <rel...@fedoraproject.org> - 
0.9.19-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Jul 26 2023 Bojan Smojver <bo...@rexursive.com> - 0.9.19-7
- run autoreconf before build, to avoid problems on F39
* Sat Jul 22 2023 Fedora Release Engineering <rel...@fedoraproject.org> - 
0.9.19-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Sat Jan 21 2023 Fedora Release Engineering <rel...@fedoraproject.org> - 
0.9.19-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Mon Nov 14 2022 Bojan Smojver <bo...@rexursive.com> - 0.9.19-5
- Insert glamoregl module into xorg.conf for glamor package
- Add missed Xorg server dependencies into glamor package
* Fri Nov  4 2022 Bojan Smojver <bo...@rexursive.com> - 0.9.19-4
- Build alternative binary with glamor enabled
--------------------------------------------------------------------------------


================================================================================
 xrdp-0.9.25-2.el7 (FEDORA-EPEL-2024-f59a6b70a7)
 Open source remote desktop protocol (RDP) server
--------------------------------------------------------------------------------
Update Information:

Release notes for xrdp v0.9.25 (2024/03/11)
Running xrdp and xrdp-sesman on separate hosts is still supported by this
release, but is now deprecated. This is not secure. A future v1.0 release will
replace the TCP socket used between these processes with a Unix Domain Socket,
and then cross-host running will not be possible.
General announcements
This is the last v0.9.x version which is released regularly. v0.9.x will be
maintained for a while but less actively. New releases will happen only when
severe security vulnerabilities or critical bugs are found.
We have created a fund on Open Collective. Support us if you like xrdp! Direct
donations to each developer via GitHub Sponsors are also welcomed.
Security fixes
No new security fixes in this release.
Bug fixes
Backport touchpad inertial scrolling (#2364 #2424 #2948).
New features
If the client announces support for the Image RemoteFX codec it is logged (back-
port of #2946)
Internal changes
FreeBSD CI version bumped to 13.2 from 12.4 (#2897)
Some test timeouts have been increased for slow CI machines (#2903)
Known issues
On-the-fly resolution change requires the Microsoft Store version of Remote
Desktop client but sometimes crashes on connect (#1869)
xrdp's login dialog is not relocated at the center of the new resolution after
on-the-fly resolution change happens (#1867)
General annoucements xorgxrdp 0.9.20
This is the last v0.9.x release. v0.9.x will be maintained for a while but less
actively. New releases will happen only when severe security vulnerabilities or
critical bugs are found.
We have created a fund on Open Collective. Support us if you like xrdp! Direct
donations to each developer via GitHub Sponsors are also welcomed.
New features
Too fast scroll mitigation
A fundamental solution for too fast scrolling issue by @seflerZ has been
backported from devel version to v0.9 (#265 #286). This fix requires xrdp
v0.9.25 so use xrdp v0.9.25 and xorgxrdp v0.9.20 together.
The following former workaround added at v0.9.19 has been removed. It takes no
effect anymore.
[SessionVariables]
(some existing lines)
XRDP_XORG_TOUCHPAD_SCROLL_HACK=yes
What's Changed
[v0.9] Backport touchpad inertial scrolling by @metalefty @seflerZ in #286
Bump version to v0.9.20 by @metalefty in #292
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 13 2024 Bojan Smojver <bo...@rexursive.com> - 1:0.9.25-2
- Add upstream PR 2994
* Tue Mar 12 2024 Bojan Smojver <bo...@rexursive.com> - 1:0.9.25-1
- Update to 0.9.25
* Sat Jan 27 2024 Fedora Release Engineering <rel...@fedoraproject.org> - 
1:0.9.24-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
--------------------------------------------------------------------------------

--
_______________________________________________
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[EPEL-devel] Fedora EPEL 7 updates-testing report

Reply via email to