The following Fedora EPEL 9 Security updates need testing:
Age URL
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-2bb96c1f9a
rust-pyo3-0.22.4-1.el9 rust-pyo3-build-config-0.22.4-1.el9
rust-pyo3-ffi-0.22.4-1.el9 rust-pyo3-macros-0.22.4-1.el9
rust-pyo3-macros-backend-0.22.4-1.el9
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-78df19aaf3
yarnpkg-1.22.22-5.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
algol68g-3.5.9-1.el9
podman-tui-1.2.3-1.el9
prometheus-podman-exporter-1.13.3-1.el9
radsecproxy-1.11.0-1.el9
rust-anyhow-1.0.90-1.el9
rust-libc-0.2.161-1.el9
rust-ripgrep-14.1.1-1.el9
rust-rustls-pemfile-2.2.0-1.el9
rust-rustls-pki-types-1.10.0-1.el9
rust-serde_json-1.0.131-1.el9
rust-unicase-2.8.0-1.el9
rust-winnow-0.6.20-1.el9
uwsgi-2.0.27-4.el9
virtme-ng-1.31-1.el9
Details about builds:
================================================================================
algol68g-3.5.9-1.el9 (FEDORA-EPEL-2024-3f77f3a295)
Algol 68 Genie compiler-interpreter
--------------------------------------------------------------------------------
Update Information:
Update to 3.5.9
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 18 2024 Oleg Girko <[email protected]> - 3.5.9-1
- Update to 3.5.9
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2317940 - algol68g-3.5.9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2317940
--------------------------------------------------------------------------------
================================================================================
podman-tui-1.2.3-1.el9 (FEDORA-EPEL-2024-8a0d469cac)
Podman Terminal User Interface
--------------------------------------------------------------------------------
Update Information:
release 1.2.3
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 19 2024 Navid Yaghoobi <[email protected]> - 1.2.3-1
- release v1.2.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2317460 - CVE-2024-9675 podman-tui: Buildah allows arbitrary
directory mount [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2317460
[ 2 ] Bug #2318167 - [Major Incident] CVE-2024-21626 podman-tui: file
descriptor leak [epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2318167
[ 3 ] Bug #2319016 - CVE-2024-9676 podman-tui: symlink traversal
vulnerability in the containers/storage library can cause Denial of Service
(DoS) [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2319016
--------------------------------------------------------------------------------
================================================================================
prometheus-podman-exporter-1.13.3-1.el9 (FEDORA-EPEL-2024-0282083260)
Prometheus exporter for podman environment
--------------------------------------------------------------------------------
Update Information:
release 1.13.3
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 19 2024 Navid Yaghoobi <[email protected]> - 1.13.3-1
- release v1.13.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2317461 - CVE-2024-9675 prometheus-podman-exporter: Buildah allows
arbitrary directory mount [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2317461
[ 2 ] Bug #2318168 - [Major Incident] CVE-2024-21626
prometheus-podman-exporter: file descriptor leak [epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2318168
--------------------------------------------------------------------------------
================================================================================
radsecproxy-1.11.0-1.el9 (FEDORA-EPEL-2024-f705a966fa)
Generic RADIUS proxy with RadSec support
--------------------------------------------------------------------------------
Update Information:
radsecproxy 1.11.0 (2024-07-05)
New features
TLS-PSK
Long hex-strings in config
Reload complete TLS context on SIGHUP, reload client/server cert and key
Implement SSLKEYLOGFILE mechanism
Options to require Message-Authenticator
Misc
Re-verify certificates on SIGHUP and terminate invalid connections
Implement recommendations for deprecating insecure transports
Verify EAP message content length
Close connection on radius attribute decode errors
Bug Fixes
Fix correct secret for DTLS (radius/dtls)
Fix infinite loop when listening on tcp socket fails
Fix crashes under high load
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 19 2024 Robert Scheck <[email protected]> 1.11.0-1
- Upgrade to 1.11.0 (#2290989)
* Fri Jul 19 2024 Fedora Release Engineering <[email protected]> -
1.10.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2290989 - radsecproxy-1.11.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2290989
--------------------------------------------------------------------------------
================================================================================
rust-anyhow-1.0.90-1.el9 (FEDORA-EPEL-2024-0d32db89cb)
Flexible concrete Error type built on std::error::Error
--------------------------------------------------------------------------------
Update Information:
Update to version 1.0.90.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 19 2024 Fabio Valentini <[email protected]> - 1.0.90-1
- Update to version 1.0.90; Fixes RHBZ#2319784
--------------------------------------------------------------------------------
================================================================================
rust-libc-0.2.161-1.el9 (FEDORA-EPEL-2024-9bf888f821)
Raw FFI bindings to platform libraries like libc
--------------------------------------------------------------------------------
Update Information:
Update to version 0.2.161.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 19 2024 Fabio Valentini <[email protected]> - 0.2.161-1
- Update to version 0.2.161; Fixes RHBZ#2319311
--------------------------------------------------------------------------------
================================================================================
rust-ripgrep-14.1.1-1.el9 (FEDORA-EPEL-2024-4738832dca)
Line-oriented search tool
--------------------------------------------------------------------------------
Update Information:
Update to version 14.1.1.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 19 2024 Fabio Valentini <[email protected]> - 14.1.1-1
- Update to version 14.1.1; Fixes RHBZ#2310787
* Sat Jul 20 2024 Fedora Release Engineering <[email protected]> -
14.1.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-rustls-pemfile-2.2.0-1.el9 (FEDORA-EPEL-2024-a64ddfe9c5)
Basic .pem file parser for keys and certificates
--------------------------------------------------------------------------------
Update Information:
Update to version 2.2.0.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 19 2024 Fabio Valentini <[email protected]> - 2.2.0-1
- Update to version 2.2.0; Fixes RHBZ#2315737
--------------------------------------------------------------------------------
================================================================================
rust-rustls-pki-types-1.10.0-1.el9 (FEDORA-EPEL-2024-8d92fd02be)
Shared types for the rustls PKI ecosystem
--------------------------------------------------------------------------------
Update Information:
Update to version 1.10.0.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 19 2024 Fabio Valentini <[email protected]> - 1.10.0-1
- Update to version 1.10.0; Fixes RHBZ#2318728
--------------------------------------------------------------------------------
================================================================================
rust-serde_json-1.0.131-1.el9 (FEDORA-EPEL-2024-6e97f090b3)
JSON serialization file format
--------------------------------------------------------------------------------
Update Information:
Update to version 1.0.131.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 19 2024 Fabio Valentini <[email protected]> - 1.0.131-1
- Update to version 1.0.131; Fixes RHBZ#2319475
--------------------------------------------------------------------------------
================================================================================
rust-unicase-2.8.0-1.el9 (FEDORA-EPEL-2024-0ca9d42799)
Case-insensitive wrapper around strings
--------------------------------------------------------------------------------
Update Information:
Update to version 2.8.0.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 19 2024 Fabio Valentini <[email protected]> - 2.8.0-1
- Update to version 2.8.0; Fixes RHBZ#2319850
* Sat Jul 20 2024 Fedora Release Engineering <[email protected]> -
2.7.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Sat Jan 27 2024 Fedora Release Engineering <[email protected]> -
2.7.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-winnow-0.6.20-1.el9 (FEDORA-EPEL-2024-67615ade8d)
Byte-oriented, zero-copy, parser combinators library
--------------------------------------------------------------------------------
Update Information:
Update to version 0.6.20.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 19 2024 Fabio Valentini <[email protected]> - 0.6.20-1
- Update to version 0.6.20; Fixes RHBZ#2314500
--------------------------------------------------------------------------------
================================================================================
uwsgi-2.0.27-4.el9 (FEDORA-EPEL-2024-83c3af515a)
Fast, self-healing, application container server
--------------------------------------------------------------------------------
Update Information:
Fix uWSGI auto-reloading on config change
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2024 Ralf Ertzinger <[email protected]> - 2.0.27-4
- Fix uWSGI auto-reloading on config change
* Mon Oct 14 2024 Remi Collet <[email protected]> - 2.0.27-3
- rebuild for https://fedoraproject.org/wiki/Changes/php84
* Fri Sep 27 2024 Ralf Ertzinger <[email protected]> - 2.0.27-2
- Only build fiber plugin when rack plugin is also built
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2317782 - reload bug in uwsgi 2.0.27 leads to hanging application
processes
https://bugzilla.redhat.com/show_bug.cgi?id=2317782
--------------------------------------------------------------------------------
================================================================================
virtme-ng-1.31-1.el9 (FEDORA-EPEL-2024-8631c81aea)
Quickly build and run kernels inside a virtualized snapshot of your live system
--------------------------------------------------------------------------------
Update Information:
Update to version 1.31
The most noticeable changes in this new version are the initial support for
NVIDIA GPUs passthrough (thanks to @ianm-nv), the possibility to use pre-
compiled -rc kernels from Ubuntu mainline builds, the possibility to use
virtiofs natively on arm64, some improvements to run virtme-ng cross-
architecture and cross-distro and the usual set of bug fixes.
https://github.com/arighi/virtme-ng/releases/tag/v1.30
https://github.com/arighi/virtme-ng/releases/tag/v1.31
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 19 2024 Ondrej MosnáÄek <[email protected]> - 1.31-1
- Update to version 1.31 (fedora#2319880)
* Mon Oct 14 2024 Ondrej MosnáÄek <[email protected]> - 1.30-1
- Update to version 1.30 (fedora#2318393)
* Sat Sep 28 2024 Ondrej MosnáÄek <[email protected]> - 1.29-2
- Use proper macro for bash completion dir
* Wed Sep 11 2024 Ondrej MosnáÄek <[email protected]> - 1.29-1
- Update to version 1.29 and remove packaging workaround
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
