The following Fedora EPEL 9 Security updates need testing:
Age URL
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-306ebea6f6
chromium-131.0.6778.139-1.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
baresip-3.18.0-1.el9
libIDL-0.8.14-74.el9
libaiff-6.0-4.el9
libcsv-3.0.3^20210820gitb1d5212-7.el9
libdxflib-3.26.4-11.el9
libinstpatch-1.1.6-21.el9
libpri-1.6.1-6.el9
libre-3.18.0-1.el9
libss7-2.0.1-6.el9
pcg-cpp-0.98.1^20220408git428802d-8.el9
proftpd-1.3.8c-1.el9
python-asyncmy-0.2.10-1.el9
python-should_dsl-2.1.2-12.el9
pythoncapi-compat-0^20241213git61709bf-1.el9
swift-lang-6.0.3-1.el9
tmt-1.40.0-1.el9
trafficserver-9.2.7-1.el9
unrealircd-6.1.9.1-1.el9
Details about builds:
================================================================================
baresip-3.18.0-1.el9 (FEDORA-EPEL-2024-9be5b51756)
Modular SIP user-agent with audio and video support
--------------------------------------------------------------------------------
Update Information:
Baresip v3.18.0 (2024-12-11)
cmake: fix clang 19 c23 extension warnings
cmake: install logo.png and *.wav files again
menu dnd event
ci/build: use GCC 14 on Ubuntu 24.04
ci/fedora: adapt workflow for RPM 4.20 in Fedora 41
test: disable test_call_webrtc in thread mode
debian: release v3.17.1
ci/mingw: use ubuntu-24.04 and bump openssl
menu: fix 302 Moved Temporarily redirect call
core: remove obsolete dnd flag
wasapi: Add WASAPI Audio module
menu: a config flag for SIP MESSAGE tone
mixausrc: fixing some type conversion warnings (MSVC)
winwave: remove (replaced by WASAPI module)
pulse: use default string as default device
mixausrc: reset mixstatus ptime if ptime changes
bevent: Add local URI information to events
ua: update doxygen comment
AAudio module
wasapi/src: increase record buffer size
ua,call: add API for rejecting incoming call
video: add picture update bool to vidpacket
video: allow RTCP FIR packets as payload-specific feedback
cmake: fix APPLE RPATH workaround
readme: sync with wiki
bump version to 3.18.0
libre v3.18.0 (2024-12-11)
odict: add odict_pl_add()
ci/build: remove Ubuntu 20.04, add 24.04, use GCC 14 on 24.04
test: vertical alignment of integration test names
sip: update doxygen comment
test/http: decrease test runs from 20 to 3 to decrease test time
sip/transp: allow requests w/o Max-Forwards header
test: remove unused fuzz mock
rtp: use rtp_pt_is_rtcp() for RTCP demultiplexing
aes: remove 192-bits CTR-mode (looks unused)
rtp: send all RTCP packets as compound packets
rtp/sess.c: lock rtcp_sess in rtcp_set_srate_tx to fix data race
Update Doxyfile
test: remove unused packet-filter
bump version to 3.18.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2024 Robert Scheck <[email protected]> 3.18.0-1
- Upgrade to 3.18.0 (#2331640)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2331640 - baresip-3.18.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2331640
[ 2 ] Bug #2331646 - libre-3.18.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2331646
--------------------------------------------------------------------------------
================================================================================
libIDL-0.8.14-74.el9 (FEDORA-EPEL-2024-e2aacfab0b)
Library for parsing IDL (Interface Definition Language)
--------------------------------------------------------------------------------
Update Information:
Add a SourceLicense field
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> - 0.8.14-74
- Add a SourceLicense field
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> - 0.8.14-73
- Run autoreconf (re-generate configure) by default
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> - 0.8.14-71
- Indicate dirs. in files list with trailing slashes
--------------------------------------------------------------------------------
================================================================================
libaiff-6.0-4.el9 (FEDORA-EPEL-2024-ae0edfc64c)
Open-source implementation of the AIFF format
--------------------------------------------------------------------------------
Update Information:
Add a SourceLicense field
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> - 6.0-4
- Add a SourceLicense field
--------------------------------------------------------------------------------
================================================================================
libcsv-3.0.3^20210820gitb1d5212-7.el9 (FEDORA-EPEL-2024-acdbe4aad4)
Fast and flexible CSV library written in pure ANSI C
--------------------------------------------------------------------------------
Update Information:
Update License to SPDX and add a SourceLicense field
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> -
3.0.3^20210820gitb1d5212-7
- Update spec-file license comment with UltraPermissive determination
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> -
3.0.3^20210820gitb1d5212-6
- Add a SourceLicense field
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> -
3.0.3^20210820gitb1d5212-4
- Use new (rpm 4.17.1+) bcond style
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> -
3.0.3^20210820gitb1d5212-2
- Update License to SPDX
--------------------------------------------------------------------------------
================================================================================
libdxflib-3.26.4-11.el9 (FEDORA-EPEL-2024-6b32344357)
A C++ library for reading and writing DXF files
--------------------------------------------------------------------------------
Update Information:
Add a SourceLicense field
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> - 3.26.4-11
- Add a SourceLicense field
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> - 3.26.4-9
- Use new (rpm 4.17.1+) bcond style
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> - 3.26.4-7
- Trivially simplify some files lists
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> - 3.26.4-6
- Indicate dirs. in files lists with trailing slashes
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> - 3.26.4-5
- Update License to SPDX
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> - 3.26.4-4
- Fix extra newline in description
--------------------------------------------------------------------------------
================================================================================
libinstpatch-1.1.6-21.el9 (FEDORA-EPEL-2024-9cc1d4260b)
Instrument file software library
--------------------------------------------------------------------------------
Update Information:
Add a SourceLicense field
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> - 1.1.6-21
- Add a SourceLicense field
--------------------------------------------------------------------------------
================================================================================
libpri-1.6.1-6.el9 (FEDORA-EPEL-2024-8791ec8672)
An implementation of Primary Rate ISDN
--------------------------------------------------------------------------------
Update Information:
Add a SourceLicense field
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> - 1.6.1-6
- Add a SourceLicense field
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> - 1.6.1-3
- Clarify license âbreakdownâ in the spec file
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> - 1.6.1-2
- Break a long line in the spec file
--------------------------------------------------------------------------------
================================================================================
libre-3.18.0-1.el9 (FEDORA-EPEL-2024-9be5b51756)
Generic library for real-time communications
--------------------------------------------------------------------------------
Update Information:
Baresip v3.18.0 (2024-12-11)
cmake: fix clang 19 c23 extension warnings
cmake: install logo.png and *.wav files again
menu dnd event
ci/build: use GCC 14 on Ubuntu 24.04
ci/fedora: adapt workflow for RPM 4.20 in Fedora 41
test: disable test_call_webrtc in thread mode
debian: release v3.17.1
ci/mingw: use ubuntu-24.04 and bump openssl
menu: fix 302 Moved Temporarily redirect call
core: remove obsolete dnd flag
wasapi: Add WASAPI Audio module
menu: a config flag for SIP MESSAGE tone
mixausrc: fixing some type conversion warnings (MSVC)
winwave: remove (replaced by WASAPI module)
pulse: use default string as default device
mixausrc: reset mixstatus ptime if ptime changes
bevent: Add local URI information to events
ua: update doxygen comment
AAudio module
wasapi/src: increase record buffer size
ua,call: add API for rejecting incoming call
video: add picture update bool to vidpacket
video: allow RTCP FIR packets as payload-specific feedback
cmake: fix APPLE RPATH workaround
readme: sync with wiki
bump version to 3.18.0
libre v3.18.0 (2024-12-11)
odict: add odict_pl_add()
ci/build: remove Ubuntu 20.04, add 24.04, use GCC 14 on 24.04
test: vertical alignment of integration test names
sip: update doxygen comment
test/http: decrease test runs from 20 to 3 to decrease test time
sip/transp: allow requests w/o Max-Forwards header
test: remove unused fuzz mock
rtp: use rtp_pt_is_rtcp() for RTCP demultiplexing
aes: remove 192-bits CTR-mode (looks unused)
rtp: send all RTCP packets as compound packets
rtp/sess.c: lock rtcp_sess in rtcp_set_srate_tx to fix data race
Update Doxyfile
test: remove unused packet-filter
bump version to 3.18.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2024 Robert Scheck <[email protected]> 3.18.0-1
- Upgrade to 3.18.0 (#2331646)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2331640 - baresip-3.18.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2331640
[ 2 ] Bug #2331646 - libre-3.18.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2331646
--------------------------------------------------------------------------------
================================================================================
libss7-2.0.1-6.el9 (FEDORA-EPEL-2024-7c7a4906b4)
SS7 protocol services to applications
--------------------------------------------------------------------------------
Update Information:
Add a SourceLicense field
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> - 2.0.1-6
- Add a SourceLicense field
--------------------------------------------------------------------------------
================================================================================
pcg-cpp-0.98.1^20220408git428802d-8.el9 (FEDORA-EPEL-2024-8c471f20dd)
PCG Random Number Generation, C++ Edition
--------------------------------------------------------------------------------
Update Information:
Let the -devel package be noarch
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> -
0.98.1^20220408git428802d-8
- Let the -devel package be noarch
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> -
0.98.1^20220408git428802d-7
- Add a SourceLicense field
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> -
0.98.1^20220408git428802d-2
- Update License to SPDX
--------------------------------------------------------------------------------
================================================================================
proftpd-1.3.8c-1.el9 (FEDORA-EPEL-2024-6fc7a1b64f)
Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:
This is the latest maintenance release from upstream, with a variety of bug-
fixes for included modules, particularly mod_sftp.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2024 Paul Howarth <[email protected]> - 1.3.8c-1
- Update to 1.3.8c
- Using FTPS after upgrading from 1.3.8a to 1.3.8b lead to crash (GH#1770)
- Bad handling of lack of extended attributes lead to SFTP out of memory
error (GH#1785)
- mod_sftp_sql logged "header value too long" due to unexpected key header
text (GH#1529)
- SSH ECDSA host key algorithms were not used as expected despite configuring
appropriate key (GH#1839)
- RADIUS Message-Authenticator verification failed with ProFTPD mod_radius
(GH#1840)
- Supplemental group inheritance granted unintended access to GID 0 due to
lack of supplemental groups from mod_sql (GH#1830)
--------------------------------------------------------------------------------
================================================================================
python-asyncmy-0.2.10-1.el9 (FEDORA-EPEL-2024-f5f82ef1a9)
A fast asyncio MySQL/MariaDB driver
--------------------------------------------------------------------------------
Update Information:
0.2.10
Fix ssl context pass bool.
Fix SSL handshake error with MySQL server v8.0.34+.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> - 0.2.10-1
- Update to 0.2.10 (close RHBZ#2332085)
--------------------------------------------------------------------------------
================================================================================
python-should_dsl-2.1.2-12.el9 (FEDORA-EPEL-2024-991ea3f681)
Should assertions in Python in as clear and readable a way as possible
--------------------------------------------------------------------------------
Update Information:
This is the first EPEL-9 build of python-should_dsl.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 5 2023 Paul Howarth <[email protected]> - 2.1.2-12
- SPDX license migration
- Update to current Python packaging guidelines, as far as possible
* Fri Jan 20 2023 Fedora Release Engineering <[email protected]> -
2.1.2-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Jul 22 2022 Fedora Release Engineering <[email protected]> -
2.1.2-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Mon Jun 13 2022 Python Maint <[email protected]> - 2.1.2-9
- Rebuilt for Python 3.11
* Fri Jan 21 2022 Fedora Release Engineering <[email protected]> -
2.1.2-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Fri Jul 23 2021 Fedora Release Engineering <[email protected]> -
2.1.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
pythoncapi-compat-0^20241213git61709bf-1.el9 (FEDORA-EPEL-2024-96a3a9d418)
Python C API compatibility
--------------------------------------------------------------------------------
Update Information:
Update to 0^20241213git61709bf
Add PyLong Import/Export API
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 13 2024 Benjamin A. Beasley <[email protected]> -
0^20241213git61709bf-1
- Update to 0^20241213git61709bf
- Add PyLong Import/Export API
--------------------------------------------------------------------------------
================================================================================
swift-lang-6.0.3-1.el9 (FEDORA-EPEL-2024-bce0344fe5)
The Swift programming language
--------------------------------------------------------------------------------
Update Information:
Updated to Swift 6.0.3-RELEASE
fix libdir symlink installation
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2024 Ron Olson <[email protected]> - 6.0.3-1
- Updated to Swift 6.0.3-RELEASE
Resolves: rhbz#2332031
* Tue Dec 10 2024 Zephyr Lykos <[email protected]> - 6.0.2-2
- fix libdir symlink installation
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2332031 - swift-lang-6.0.3-RELEASE is available
https://bugzilla.redhat.com/show_bug.cgi?id=2332031
--------------------------------------------------------------------------------
================================================================================
tmt-1.40.0-1.el9 (FEDORA-EPEL-2024-72b62de827)
Test Management Tool
--------------------------------------------------------------------------------
Update Information:
Automatic update for tmt-1.40.0-1.el9.
Changelog for tmt
* Thu Dec 12 2024 Packit <[email protected]> - 1.40.0-1
- Update to version 1.40.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2024 Packit <[email protected]> - 1.40.0-1
- Update to version 1.40.0
--------------------------------------------------------------------------------
================================================================================
trafficserver-9.2.7-1.el9 (FEDORA-EPEL-2024-5b21e9b933)
Fast, scalable and extensible HTTP/1.1 and HTTP/2 caching proxy server
--------------------------------------------------------------------------------
Update Information:
Update to upstream 9.2.7
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 13 2024 Jered Floyd <[email protected]> 9.2.7-1
- Update to upstream 9.2.7
--------------------------------------------------------------------------------
================================================================================
unrealircd-6.1.9.1-1.el9 (FEDORA-EPEL-2024-b25464a3de)
Open Source IRC server
--------------------------------------------------------------------------------
Update Information:
UnrealIRCd 6.1.9.1
UnrealIRCd 6.1.9.1 fixes a bug in the TLS ciphers of 6.1.9.
UnrealIRCd 6.1.9
This 6.1.9 release fixes a number of bugs such as IPv6 hosts not resolving in
UnrealIRCd 6.1.8/6.1.8.1 and 100% CPU usage in some circumstances. It also
changes the SSL/TLS defaults to make things a little safer/better.
Enhancements
SSL/TLS:
Change default TLS ciphers to only allow AES in GCM mode and no longer in CBC
mode.
When using cURL for remote includes upstream now explicitly sets the minimum
required version to TLSv1.2 and sets upstream default ciphers and ciphersuites.
Note that by default in UnrealIRCd 6 the built-in (non-cURL) implementation is
used for remote includes, which already used these defaults. Also note that most
distros, like Ubuntu and Debian, already required TLSv1.2 or later effectively
in cURL.
Regarding default ecdh-curves: upstream now tries to set the curves list to
x25519:secp521r1:secp384r1:prime256v1 first, and if that fails then upstream
tries secp521r1:secp384r1:prime256v1. The former could fail due to SSL library
restrictions (old library or when in FIPS mode). Previously upstream was also
supposed to do it like that, but due to a bug always had X25519 turned off.
Fixes
IPv6 hosts not resolving in UnrealIRCd 6.1.8 and 6.1.8.1.
100% CPU usage in some (rare) circumstances. The IRCd is still fully responsive,
but of course high CPU usage is never good.
Crash in STATS S (IRCOp-only) if having vhosts with autologin (and no
vhost::login).
Changes
Added HELPOP EXTSERVERBANS to explain Extended server bans
Added new UnrealIRCd PGP release signing key
Developers and protocol
No changes, other than the SSL/TLS changes mentioned earlier.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 13 2024 Robert Scheck <[email protected]> 6.1.9.1-1
- Upgrade to 6.1.9.1 (#2327604)
* Tue Oct 22 2024 Richard W.M. Jones <[email protected]> - 6.1.8.1-2
- Rebuild for Jansson 2.14
(https://lists.fedoraproject.org/archives/list/[email protected]/thread/3PYINSQGKQ4BB25NQUI2A2UCGGLAG5ND/)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2327604 - unrealircd-6.1.9.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2327604
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
