The following Fedora EPEL 8 Security updates need testing:
Age URL
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-02e26b51d5
suricata-7.0.8-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
dislocker-0.7.3-17.el8
netcat-1.229-1.el8
xorgxrdp-0.10.3-5.el8
xrdp-0.10.2-7.el8
Details about builds:
================================================================================
dislocker-0.7.3-17.el8 (FEDORA-EPEL-2025-c4fc680a28)
Utility to access BitLocker encrypted volumes
--------------------------------------------------------------------------------
Update Information:
Add patch with upstream changes, fixes and mbedTLS 3.x support
Add updated patch for multibyte character support in passwords
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 5 2025 Robert Scheck <[email protected]> 0.7.3-17
- Add patch with upstream changes, fixes and mbedTLS 3.x support
- Add updated patch for multibyte character support in passwords
* Tue Sep 3 2024 Morten Stevens <[email protected]> - 0.7.3-16
- Rebuilt for mbedTLS 3.6.1
* Wed Jul 17 2024 Fedora Release Engineering <[email protected]> -
0.7.3-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Wed Jan 24 2024 Fedora Release Engineering <[email protected]> -
0.7.3-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jan 19 2024 Fedora Release Engineering <[email protected]> -
0.7.3-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Jan 3 2024 Mamoru TASAKA <[email protected]> - 0.7.3-12
- Rebuild for https://fedoraproject.org/wiki/Changes/Ruby_3.3
* Wed Jul 19 2023 Fedora Release Engineering <[email protected]> -
0.7.3-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu Jan 19 2023 Fedora Release Engineering <[email protected]> -
0.7.3-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Wed Jan 4 2023 Mamoru TASAKA <[email protected]> - 0.7.3-9
- Rebuild for https://fedoraproject.org/wiki/Changes/Ruby_3.2
* Thu Jul 21 2022 Fedora Release Engineering <[email protected]> -
0.7.3-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Wed Jan 26 2022 VÃt Ondruch <[email protected]> - 0.7.3-7
- Rebuilt for https://fedoraproject.org/wiki/Changes/Ruby_3.1
--------------------------------------------------------------------------------
================================================================================
netcat-1.229-1.el8 (FEDORA-EPEL-2025-74bcf45cac)
OpenBSD netcat to read and write data across connections using TCP or UDP
--------------------------------------------------------------------------------
Update Information:
OpenBSD netcat 1.229
Drop caddr_t cast. It's not needed and not portable.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 5 2025 Robert Scheck <[email protected]> 1.229-1
- Upgrade to 1.229
--------------------------------------------------------------------------------
================================================================================
xorgxrdp-0.10.3-5.el8 (FEDORA-EPEL-2024-02bc5d21b1)
Implementation of xrdp backend as Xorg modules
--------------------------------------------------------------------------------
Update Information:
IMPORTANT: xrdp now runs under an unprivileged user account.
Release notes for xrdp v0.10.2 (2024/12/24)
General announcements
Power Up Privacy and @CyberTrust sponsored H.264 encoding (mentioned later). We
greatly appreciate the sponsorship.
If you like xrdp, please consider sponsoring or donating to the project. We
accept financial contributions through Open Collective, and direct donations to
individual developers via GitHub Sponsors are also welcome.
Highlights
H.264 encoding
Weâre very excited to announce that xrdp has supported H.264 encoding in
graphics remoting since v0.10.2. xrdp with H.264 encoding reduces the amount of
data transmitted over the network and provides a much smoother and more
responsive experience compared to previous versions when using graphics-
intensive applications.
For details, see the H.264 encoding page on the wiki and also check the Known
Issues section.
Unprivileged xrdp daemon
Since v0.10.2, xrdp officially supports running xrdp daemon as an unprivileged
user. xrdp-sesman daemon still needs to be run as a privileged user because it
handles user authentication and session management.
Running xrdp daemon as an unprivileged user requires some adjustments, such as
user/group and files/directory permissions. We have bundled a script named xrdp-
chkpriv with xrdp to check if it is ready to run xrdp as an unprivileged user.
The script is typically installed into /usr/share/xrdp/xrdp-chkpriv. See also
the man page of xrdp.ini for more configuration information.
Security fixes
None
New features
FUSE operations can now use direct I/O to bypass the block cache (#3260)
Supported clients can now skip channel join messages (#3282)
Frame capture interval (frame rate) can now be configured separately via xrdp
for H.264 and RFX (neutrinolabs/xorgxrdp#347 #3317)
The statvfs system call is now supported on the FUSE filesystem (#3304)
A path can now be specified for the chansrv log file (#3344)
Add Czech keyboard (#3348 #3358)
Bug fixes
Redirector improvements. Removed some unnecessary limitations on filename
lengths, and improved compatibility with FreeRDP (#3165 #3194). Special thanks
to @tsz8899 for raising this and working with the team.
Fix misreported cache size (#3212)
Clarified Policy setting in sesman.ini (#3235)
Fixed a regression in support for non-resizeable VNC sessions (#3242)
A regression in chansrv functionality when used in standalone mode for VNC
sessions has been fixed (#3283). This was introduced by the move to the v0.10.x
sockets dir layout
Fix AltGr on Spanish keyboard (#3313)
The KDE Dolphin file manager can now save files to a mapped drive (#3300)
pam_limits.so is now included explicitly for Debian and derivatives (#3347)
Internal changes
CI version updates : cppcheck to v2.15.0 and astyle to 3.4.14 (#3232 #3309
#3314)
Remove xrdp_sec_in_mcs_data() function (#3273)
Changes for users
xrdp.ini has some new configuration parameters for H.264 (#3317). When updating
from v0.10.1 to v0.10.2, make sure to merge the new xrdp.ini with the old one.
If moving from v0.9.x, read the v0.10.0 release note.
Changes for packagers or developers
xrdp.ini and sesman.ini are now dynamically substituted during the build process
(it was not working as intended before) (#3187 #3188)
Running xrdp daemon as an unprivileged user is now officially supported. It is
optional but consider creating a user/group for xrdp daemon in the post-install
script or an appropriate location.
The libfuse version required is now > 3.1.0 (#3284)
If moving from v0.9.x, read the v0.10.0 release note.
Release notes for xorgxrdp v0.10.3 (2024/12/15)
General announcements
Power Up Privacy and @CyberTrust sponsored H.264 encoding. We greatly appreciate
the sponsorship.
Please consider sponsoring or making a donation to the project if you like xrdp.
We accept financial contributions via Open Collective. Direct donations to each
developer via GitHub Sponsors are also welcomed.
Security fixes
None
New features
H.264 capture is now supported, see xrdp v0.10.2 release note for details (#355)
Frame capture interval (frame rate) can now be configured separately via xrdp
for H.264 and RFX (#347 #353)
Bug fixes
Fix dependency when building without glamor (#330)
RandR is now aware of physical monitor sizes if these have been passed to the
client (#337)
Glamor whitelist now supports amdgpu (#329) and msm (#346) drivers. Some users
of this hardware had reported a regression following the introduction of #322 in
v0.10.2
Internal changes
None
Known issues
None
Changes for packagers or developers
This version is intended to be used together with xrdp v0.10.2 or later. Please
build against xrdp v0.10.2 and provide both xrdp v0.10.2 and xorgxrdp v0.10.3 at
the same time.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 29 2024 Bojan Smojver <[email protected]> - 0.10.3-5
- Change /usr/libexec/Xorg dependency to xorg-x11-server-Xorg
* Thu Dec 26 2024 Bojan Smojver <[email protected]> - 0.10.3-2
- Add /usr/libexec/Xorg dependency
* Mon Dec 16 2024 Bojan Smojver <[email protected]> - 0.10.3-1
- Bump up to 0.10.3
* Fri Sep 27 2024 Sérgio Basto <[email protected]> - 0.10.2-2
- Rebuild for rebase of xorg-server to versions 21.1.x
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2332456 - xorgxrdp-0.10.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2332456
--------------------------------------------------------------------------------
================================================================================
xrdp-0.10.2-7.el8 (FEDORA-EPEL-2024-02bc5d21b1)
Open source remote desktop protocol (RDP) server
--------------------------------------------------------------------------------
Update Information:
IMPORTANT: xrdp now runs under an unprivileged user account.
Release notes for xrdp v0.10.2 (2024/12/24)
General announcements
Power Up Privacy and @CyberTrust sponsored H.264 encoding (mentioned later). We
greatly appreciate the sponsorship.
If you like xrdp, please consider sponsoring or donating to the project. We
accept financial contributions through Open Collective, and direct donations to
individual developers via GitHub Sponsors are also welcome.
Highlights
H.264 encoding
Weâre very excited to announce that xrdp has supported H.264 encoding in
graphics remoting since v0.10.2. xrdp with H.264 encoding reduces the amount of
data transmitted over the network and provides a much smoother and more
responsive experience compared to previous versions when using graphics-
intensive applications.
For details, see the H.264 encoding page on the wiki and also check the Known
Issues section.
Unprivileged xrdp daemon
Since v0.10.2, xrdp officially supports running xrdp daemon as an unprivileged
user. xrdp-sesman daemon still needs to be run as a privileged user because it
handles user authentication and session management.
Running xrdp daemon as an unprivileged user requires some adjustments, such as
user/group and files/directory permissions. We have bundled a script named xrdp-
chkpriv with xrdp to check if it is ready to run xrdp as an unprivileged user.
The script is typically installed into /usr/share/xrdp/xrdp-chkpriv. See also
the man page of xrdp.ini for more configuration information.
Security fixes
None
New features
FUSE operations can now use direct I/O to bypass the block cache (#3260)
Supported clients can now skip channel join messages (#3282)
Frame capture interval (frame rate) can now be configured separately via xrdp
for H.264 and RFX (neutrinolabs/xorgxrdp#347 #3317)
The statvfs system call is now supported on the FUSE filesystem (#3304)
A path can now be specified for the chansrv log file (#3344)
Add Czech keyboard (#3348 #3358)
Bug fixes
Redirector improvements. Removed some unnecessary limitations on filename
lengths, and improved compatibility with FreeRDP (#3165 #3194). Special thanks
to @tsz8899 for raising this and working with the team.
Fix misreported cache size (#3212)
Clarified Policy setting in sesman.ini (#3235)
Fixed a regression in support for non-resizeable VNC sessions (#3242)
A regression in chansrv functionality when used in standalone mode for VNC
sessions has been fixed (#3283). This was introduced by the move to the v0.10.x
sockets dir layout
Fix AltGr on Spanish keyboard (#3313)
The KDE Dolphin file manager can now save files to a mapped drive (#3300)
pam_limits.so is now included explicitly for Debian and derivatives (#3347)
Internal changes
CI version updates : cppcheck to v2.15.0 and astyle to 3.4.14 (#3232 #3309
#3314)
Remove xrdp_sec_in_mcs_data() function (#3273)
Changes for users
xrdp.ini has some new configuration parameters for H.264 (#3317). When updating
from v0.10.1 to v0.10.2, make sure to merge the new xrdp.ini with the old one.
If moving from v0.9.x, read the v0.10.0 release note.
Changes for packagers or developers
xrdp.ini and sesman.ini are now dynamically substituted during the build process
(it was not working as intended before) (#3187 #3188)
Running xrdp daemon as an unprivileged user is now officially supported. It is
optional but consider creating a user/group for xrdp daemon in the post-install
script or an appropriate location.
The libfuse version required is now > 3.1.0 (#3284)
If moving from v0.9.x, read the v0.10.0 release note.
Release notes for xorgxrdp v0.10.3 (2024/12/15)
General announcements
Power Up Privacy and @CyberTrust sponsored H.264 encoding. We greatly appreciate
the sponsorship.
Please consider sponsoring or making a donation to the project if you like xrdp.
We accept financial contributions via Open Collective. Direct donations to each
developer via GitHub Sponsors are also welcomed.
Security fixes
None
New features
H.264 capture is now supported, see xrdp v0.10.2 release note for details (#355)
Frame capture interval (frame rate) can now be configured separately via xrdp
for H.264 and RFX (#347 #353)
Bug fixes
Fix dependency when building without glamor (#330)
RandR is now aware of physical monitor sizes if these have been passed to the
client (#337)
Glamor whitelist now supports amdgpu (#329) and msm (#346) drivers. Some users
of this hardware had reported a regression following the introduction of #322 in
v0.10.2
Internal changes
None
Known issues
None
Changes for packagers or developers
This version is intended to be used together with xrdp v0.10.2 or later. Please
build against xrdp v0.10.2 and provide both xrdp v0.10.2 and xorgxrdp v0.10.3 at
the same time.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 5 2025 Bojan Smojver <[email protected]> - 1:0.10.2~7
- Comment out generic RDP proxy in xrdp.ini
* Sun Jan 5 2025 Bojan Smojver <[email protected]> - 1:0.10.2~6
- Set permissions of cert, key and rsakeys.ini to 0640
- Revert optional dependency on noopenh264, library dependency exists
* Fri Dec 27 2024 Bojan Smojver <[email protected]> - 1:0.10.2~5
- Move README.Fedora to README.md
- Adjust ownership/permissions of certs/keys for unprivileged user
* Thu Dec 26 2024 Bojan Smojver <[email protected]> - 1:0.10.2~4
- If openh264 is not present, require noopenh264 instead
* Wed Dec 25 2024 Bojan Smojver <[email protected]> - 1:0.10.2~3
- Run as unprivileged user
* Wed Dec 25 2024 Koichiro Iwao <[email protected]> - 1:0.10.2-2
- Enable OpenH264
* Wed Dec 25 2024 Bojan Smojver <[email protected]> - 1:0.10.2~1
- Update to 0.10.2
* Tue Dec 24 2024 Bojan Smojver <[email protected]> - 1:0.10.2~0.rc1.1
- Update to 0.10.2-rc.1
* Wed Sep 4 2024 Miroslav Suchý <[email protected]> - 1:0.10.1-2
- convert license to SPDX
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2332456 - xorgxrdp-0.10.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2332456
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
