The following Fedora EPEL 10.0 Security updates need testing:
Age URL
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-cf97cda6e4
python-python-multipart-0.0.19-1.el10_0
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-5de3513c56
rust-rustls-0.23.19-1.el10_0
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-6392f1c6e3
retsnoop-0.10.1-3.el10_0
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-acbed9a263
radare2-5.9.8-4.el10_0
The following builds have been pushed to Fedora EPEL 10.0 updates-testing
apptainer-1.3.6-1.el10_0
chromium-131.0.6778.108-1.el10_0
libsfdo-0.1.3-1.el10_0
python-itsdangerous-2.2.0-1.el10_0
python-sphinxcontrib-autoprogram-0.1.9-5.el10_0
rust-bstr-1.11.0-1.el10_0
rust-cargo-credential-0.4.7-1.el10_0
rust-cargo-credential-libsecret-0.4.9-1.el10_0
rust-cargo-platform-0.1.9-1.el10_0
rust-cargo-util-0.2.16-1.el10_0
rust-crates-io-0.40.6-1.el10_0
rust-rustfix-0.8.7-1.el10_0
rust-tokio-1.42.0-1.el10_0
rust-tokio-util-0.7.13-1.el10_0
rust-unicode-ident-1.0.14-1.el10_0
tpm-tools-1.3.9-19.el10_0
Details about builds:
================================================================================
apptainer-1.3.6-1.el10_0 (FEDORA-EPEL-2024-b7b8d40818)
Application and environment virtualization formerly known as Singularity
--------------------------------------------------------------------------------
Update Information:
Update to upstream 13.6
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 4 2024 Dave Dykstra <[email protected]> - 1.3.6
- Update to upstream 1.3.6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2330437 - apptainer-1.3.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2330437
--------------------------------------------------------------------------------
================================================================================
chromium-131.0.6778.108-1.el10_0 (FEDORA-EPEL-2024-60aa72a3e6)
A WebKit (Blink) powered web browser that Google doesn't want you to use
--------------------------------------------------------------------------------
Update Information:
Update to 131.0.6778.108
High CVE-2024-12053: Type Confusion in V8
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 4 2024 Than Ngo <[email protected]> - 131.0.6778.108-1
- Update to 131.0.6778.108
* High CVE-2024-12053: Type Confusion in V8
* Sat Nov 23 2024 Than Ngo <[email protected]> - 131.0.6778.85-2
- Enable qt-ui
- Workaround for random crash
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2329204 - CVE-2024-9369 chromium: Insufficient data validation in
Mojo [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2329204
[ 2 ] Bug #2329205 - CVE-2024-9369 chromium: Insufficient data validation in
Mojo [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2329205
[ 3 ] Bug #2329208 - CVE-2024-7025 chromium: Integer overflow in Layout
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2329208
[ 4 ] Bug #2329209 - CVE-2024-7025 chromium: Integer overflow in Layout
[epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2329209
[ 5 ] Bug #2330232 - CVE-2024-12053 chromium: Type Confusion in V8
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2330232
[ 6 ] Bug #2330233 - CVE-2024-12053 chromium: Type Confusion in V8 [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2330233
--------------------------------------------------------------------------------
================================================================================
libsfdo-0.1.3-1.el10_0 (FEDORA-EPEL-2024-42565b2c77)
A collection of libraries implementing freedesktop.org specifications
--------------------------------------------------------------------------------
Update Information:
Initial build on epel10
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 26 2024 Steve Cossette <[email protected]> - 0.1.3-1
- 0.1.3
--------------------------------------------------------------------------------
================================================================================
python-itsdangerous-2.2.0-1.el10_0 (FEDORA-EPEL-2024-8c1f57e11b)
Library for passing trusted data to untrusted environments
--------------------------------------------------------------------------------
Update Information:
Initial build on epel10
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 19 2024 Frantisek Zatloukal <[email protected]> - 2.2.0-1
- Update to 2.2.0 (RHBZ#)
* Fri Jul 19 2024 Fedora Release Engineering <[email protected]> -
2.1.2-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Fri Jun 7 2024 Python Maint <[email protected]> - 2.1.2-8
- Rebuilt for Python 3.13
* Fri Jan 26 2024 Fedora Release Engineering <[email protected]> -
2.1.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Mon Jan 22 2024 Fedora Release Engineering <[email protected]> -
2.1.2-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jul 21 2023 Fedora Release Engineering <[email protected]> -
2.1.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Jun 14 2023 Python Maint <[email protected]> - 2.1.2-4
- Rebuilt for Python 3.12
* Fri Jan 20 2023 Fedora Release Engineering <[email protected]> -
2.1.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2330584 - Please branch and build python3-itsdangerous in epel10
https://bugzilla.redhat.com/show_bug.cgi?id=2330584
--------------------------------------------------------------------------------
================================================================================
python-sphinxcontrib-autoprogram-0.1.9-5.el10_0 (FEDORA-EPEL-2024-a208fe567b)
Sphinx extension for documenting CLI programs
--------------------------------------------------------------------------------
Update Information:
Fix working with newer setuptools (bz#2319720)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 4 2024 mh <[email protected]> <[email protected]> - 0.1.9-5
- Fix working with newer setuptools (bz#2319720)
- Adapt to correct licens
* Wed Sep 4 2024 Miroslav Suchý <[email protected]> - 0.1.9-4
- convert license to SPDX
* Fri Jul 19 2024 Fedora Release Engineering <[email protected]> -
0.1.9-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Fri Jun 7 2024 Python Maint <[email protected]> - 0.1.9-2
- Rebuilt for Python 3.13
* Fri Mar 15 2024 mh <[email protected]> - 0.1.9-1
- Update to 0.1.9 (#2169100)
* Fri Jan 26 2024 Fedora Release Engineering <[email protected]> -
0.1.8-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Mon Jan 22 2024 Fedora Release Engineering <[email protected]> -
0.1.8-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jul 21 2023 Fedora Release Engineering <[email protected]> -
0.1.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Fri Jul 7 2023 mh <[email protected]> - 0.1.8-1
- Update to 0.1.8 (#2169100)
- remove the upstreamed patch for argparse
- Require python3-zombie-imp as a stopgap to workaround #2220964
* Wed Jun 14 2023 Python Maint <[email protected]> - 0.1.7-8
- Rebuilt for Python 3.12
* Fri Jan 20 2023 Fedora Release Engineering <[email protected]> -
0.1.7-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2324994 - Please branch and build
python3-sphinxcontrib-autoprogram in epel10
https://bugzilla.redhat.com/show_bug.cgi?id=2324994
--------------------------------------------------------------------------------
================================================================================
rust-bstr-1.11.0-1.el10_0 (FEDORA-EPEL-2024-0009f738c2)
String type that is not required to be valid UTF-8
--------------------------------------------------------------------------------
Update Information:
Update to version 1.11.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 4 2024 Fabio Valentini <[email protected]> - 1.11.0-1
- Update to version 1.11.0; Fixes RHBZ#2326142
--------------------------------------------------------------------------------
================================================================================
rust-cargo-credential-0.4.7-1.el10_0 (FEDORA-EPEL-2024-a0545e0c86)
Library to assist writing Cargo credential helpers
--------------------------------------------------------------------------------
Update Information:
Update to version 0.4.7.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 4 2024 Fabio Valentini <[email protected]> - 0.4.7-1
- Update to version 0.4.7; Fixes RHBZ#2329360
--------------------------------------------------------------------------------
================================================================================
rust-cargo-credential-libsecret-0.4.9-1.el10_0 (FEDORA-EPEL-2024-105424577a)
Cargo credential process that stores tokens with GNOME libsecret
--------------------------------------------------------------------------------
Update Information:
Update to version 0.4.9.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 4 2024 Fabio Valentini <[email protected]> - 0.4.9-1
- Update to version 0.4.9; Fixes RHBZ#2329361
--------------------------------------------------------------------------------
================================================================================
rust-cargo-platform-0.1.9-1.el10_0 (FEDORA-EPEL-2024-4112d0a634)
Cargo's representation of a target platform
--------------------------------------------------------------------------------
Update Information:
Update to version 0.1.9.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 4 2024 Fabio Valentini <[email protected]> - 0.1.9-1
- Update to version 0.1.9; Fixes RHBZ#2329362
--------------------------------------------------------------------------------
================================================================================
rust-cargo-util-0.2.16-1.el10_0 (FEDORA-EPEL-2024-0bee970bc0)
Miscellaneous support code used by Cargo
--------------------------------------------------------------------------------
Update Information:
Update to version 0.2.16.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 4 2024 Fabio Valentini <[email protected]> - 0.2.16-1
- Update to version 0.2.16; Fixes RHBZ#2329363
--------------------------------------------------------------------------------
================================================================================
rust-crates-io-0.40.6-1.el10_0 (FEDORA-EPEL-2024-f6106f744d)
Helpers for interacting with crates.io
--------------------------------------------------------------------------------
Update Information:
Update to version 0.40.6.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 4 2024 Fabio Valentini <[email protected]> - 0.40.6-1
- Update to version 0.40.6; Fixes RHBZ#2329364
--------------------------------------------------------------------------------
================================================================================
rust-rustfix-0.8.7-1.el10_0 (FEDORA-EPEL-2024-111b897db6)
Automatically apply the suggestions made by rustc
--------------------------------------------------------------------------------
Update Information:
Update to version 0.8.7.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 4 2024 Fabio Valentini <[email protected]> - 0.8.7-1
- Update to version 0.8.7; Fixes RHBZ#2329357
--------------------------------------------------------------------------------
================================================================================
rust-tokio-1.42.0-1.el10_0 (FEDORA-EPEL-2024-569a3cccea)
Event-driven, non-blocking I/O platform
--------------------------------------------------------------------------------
Update Information:
Update to version 1.42.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 4 2024 Fabio Valentini <[email protected]> - 1.42.0-1
- Update to version 1.42.0; Fixes RHBZ#2330158
--------------------------------------------------------------------------------
================================================================================
rust-tokio-util-0.7.13-1.el10_0 (FEDORA-EPEL-2024-5c8d6f417b)
Additional utilities for working with Tokio
--------------------------------------------------------------------------------
Update Information:
Update to version 0.7.13.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 4 2024 Fabio Valentini <[email protected]> - 0.7.13-1
- Update to version 0.7.13; Fixes RHBZ#2330329
--------------------------------------------------------------------------------
================================================================================
rust-unicode-ident-1.0.14-1.el10_0 (FEDORA-EPEL-2024-b8e4a6fbbc)
Determine whether characters have the XID_Start or XID_Continue properties
--------------------------------------------------------------------------------
Update Information:
Update to version 1.0.14.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 4 2024 Fabio Valentini <[email protected]> - 1.0.14-1
- Update to version 1.0.14; Fixes RHBZ#2327590
--------------------------------------------------------------------------------
================================================================================
tpm-tools-1.3.9-19.el10_0 (FEDORA-EPEL-2024-2014e16b86)
Management tools for the TPM hardware
--------------------------------------------------------------------------------
Update Information:
epel10 build
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 7 2024 Miroslav Suchý <[email protected]> - 1.3.9-19
- convert license to SPDX
* Sat Jul 20 2024 Fedora Release Engineering <[email protected]> -
1.3.9-18
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Sat Jan 27 2024 Fedora Release Engineering <[email protected]> -
1.3.9-17
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sat Jul 22 2023 Fedora Release Engineering <[email protected]> -
1.3.9-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Sat Jan 21 2023 Fedora Release Engineering <[email protected]> -
1.3.9-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
