The following Fedora EPEL 9 Security updates need testing:
Age URL
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-56a6ede4ef
salt3006-3006.12-1.el9
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-b08324ec24
optipng-7.9.1-1.el9
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-3a9b0a638b
atuin-18.3.0-4.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
clamav-1.0.9-1.el9
coturn-4.7.0-1.el9
distribution-gpg-keys-1.113-1.el9
fluidsynth-2.4.6-1.el9
gnuchess-6.2.11-1.el9
google-benchmark-1.8.5-9.el9
mock-6.3-1.el9
mock-core-configs-42.4-1.el9
mongo-c-driver-1.30.5-1.el9
perl-CryptX-0.087-2.el9
php-nikic-php-parser5-5.5.0-1.el9
python-jsonpath-rw-1.4.0-22.el9
qm-0.7.5-1.el9
rr-5.9.0-1.el9
rust-hyper-util-0.1.14-1.el9
rust-libz-rs-sys-0.5.1-1.el9
rust-reqwest-0.12.20-1.el9
rust-tower-http-0.6.6-2.el9
rust-zlib-rs-0.5.1-1.el9
trafficserver-9.2.11-1.el9
yubico-piv-tool-2.7.1-3.el9
Details about builds:
================================================================================
clamav-1.0.9-1.el9 (FEDORA-EPEL-2025-bb27e120f9)
End-user tools for the Clam Antivirus scanner
--------------------------------------------------------------------------------
Update Information:
1.0.9
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 18 2025 Gwyn Ciesla <[email protected]> - 1.0.9-1
- Update to 1.0.9
--------------------------------------------------------------------------------
================================================================================
coturn-4.7.0-1.el9 (FEDORA-EPEL-2025-88df0f0a71)
TURN/STUN & ICE Server
--------------------------------------------------------------------------------
Update Information:
Coturn 4.7.0
Changes in order to get to sane defaults for improved security by default
Cleanup deprecated options - if your scripts have them turnserver will fail to
start
Reverse SOFTWARE_ATTRIBUTE_OPT to avoid inverse logic - now need to explicitly
enable it
Deprecate response-origin-only-with-rfc5780
Invert no-stun-backward-compatibility to be default on
TLSv1 and TLSv1_1 are now optional (no need to turn them off)
Minor bug fixes and regressions
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 17 2025 Robert Scheck <[email protected]> - 4.7.0-1
- Upgrade to 4.7.0 (#2369521)
- Use 'systemctl try-reload-or-restart' in logrotate postrotate
script (#2371578, thanks to Marcos Mello)
* Thu Jan 16 2025 Fedora Release Engineering <[email protected]> -
4.6.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2369521 - coturn-4.7.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2369521
[ 2 ] Bug #2371578 - Use `systemctl try-reload-or-restart` in logrotate
postrotate script
https://bugzilla.redhat.com/show_bug.cgi?id=2371578
--------------------------------------------------------------------------------
================================================================================
distribution-gpg-keys-1.113-1.el9 (FEDORA-EPEL-2025-c1f17cc8d8)
GPG keys of various Linux distributions
--------------------------------------------------------------------------------
Update Information:
Fixing Mock on Rawhide https://rpm-software-management.github.io/mock/Release-
Notes-6.3
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 17 2025 Pavel Raiskup <[email protected]> 1.113-1
- Add Rocky Linux 10 keys
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2372865 - After updating mock to version 6.2-2.fc43, mock
operations fail with âoperation not permittedâ, even though the user is
still in the mock group.
https://bugzilla.redhat.com/show_bug.cgi?id=2372865
--------------------------------------------------------------------------------
================================================================================
fluidsynth-2.4.6-1.el9 (FEDORA-EPEL-2025-0da6911d79)
Real-time software synthesizer
--------------------------------------------------------------------------------
Update Information:
Update to 2.4.6
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jun 14 2025 Christoph Karl <pampelmuse [AT] gmx [DOT] at> - 2.4.6-1
- Update to 2.4.6
--------------------------------------------------------------------------------
================================================================================
gnuchess-6.2.11-1.el9 (FEDORA-EPEL-2025-5901798310)
The GNU chess program
--------------------------------------------------------------------------------
Update Information:
Initial EL-9 and EL-8 builds
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 21 2025 Gwyn Ciesla <[email protected]> - 6.2.11-1
- 6.2.11
* Thu Jan 16 2025 Fedora Release Engineering <[email protected]> -
6.2.9-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Thu Jul 18 2024 Fedora Release Engineering <[email protected]> -
6.2.9-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Wed Jan 24 2024 Fedora Release Engineering <[email protected]> -
6.2.9-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jan 19 2024 Fedora Release Engineering <[email protected]> -
6.2.9-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Jul 19 2023 Fedora Release Engineering <[email protected]> -
6.2.9-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
google-benchmark-1.8.5-9.el9 (FEDORA-EPEL-2025-ad811fd925)
A microbenchmark support library
--------------------------------------------------------------------------------
Update Information:
Improve packaging of Doxygen-generated HTML
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 17 2025 Benjamin A. Beasley <[email protected]> - 1.8.5-9
- Explicitly disable assembly tests
* Tue Jun 17 2025 Benjamin A. Beasley <[email protected]> - 1.8.5-7
- Attempt to handle license/bundling in Doxygen-generated HTML
* Tue Jun 17 2025 Benjamin A. Beasley <[email protected]> - 1.8.5-4
- Do not package CONTRIBUTING.md, which is about working with upstream
--------------------------------------------------------------------------------
================================================================================
mock-6.3-1.el9 (FEDORA-EPEL-2025-c1f17cc8d8)
Builds packages inside chroots
--------------------------------------------------------------------------------
Update Information:
Fixing Mock on Rawhide https://rpm-software-management.github.io/mock/Release-
Notes-6.3
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 18 2025 Pavel Raiskup <[email protected]> 6.3-1
- lockfile: don't hard-code DNF _bindir location, use config_opts
- fix sysusers packaging once more
- ProcessPoolExecutor changed behaviour with Python 3.14 ([email protected])
- feat: plugin: hw_info: added human-readable flag for memory info
([email protected])
- Remove the traceLog decorator from pretty_getcwd ([email protected])
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2372865 - After updating mock to version 6.2-2.fc43, mock
operations fail with âoperation not permittedâ, even though the user is
still in the mock group.
https://bugzilla.redhat.com/show_bug.cgi?id=2372865
--------------------------------------------------------------------------------
================================================================================
mock-core-configs-42.4-1.el9 (FEDORA-EPEL-2025-c1f17cc8d8)
Mock core config files basic chroots
--------------------------------------------------------------------------------
Update Information:
Fixing Mock on Rawhide https://rpm-software-management.github.io/mock/Release-
Notes-6.3
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 18 2025 Pavel Raiskup <[email protected]> 42.4-1
- fix sysusers packaging practice once more
- configuration file owned by `root:root`
- Rocky Linux 10 configs added ([email protected])
- missing config for AlmaLinux Kitten x86_64_v2 added
([email protected])
- config for AlmaLinux Kitten 10 x86_64_v2 added ([email protected])
- AlmaLinux 10 configs added ([email protected])
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2372865 - After updating mock to version 6.2-2.fc43, mock
operations fail with âoperation not permittedâ, even though the user is
still in the mock group.
https://bugzilla.redhat.com/show_bug.cgi?id=2372865
--------------------------------------------------------------------------------
================================================================================
mongo-c-driver-1.30.5-1.el9 (FEDORA-EPEL-2025-17d69f9265)
Client library written in C for MongoDB
--------------------------------------------------------------------------------
Update Information:
libbson 1.30.5
Fixes:
Various fixes have been applied to the bson_validate family of functions,
with some minor behavioral changes.
Previously accepted invalid UTF-8 will be rejected when BSON_VALIDATE_UTF8
is specified.
The scope document in a deprecated "code with scope" element is now
validated with a fixed set of rules and is treated as an opaque JavaScript
object.
A document nesting limit is now enforced during validation.
libmongoc 1.30.5
Fixes:
Fix message of bson_strerror_r on Windows.
Fix memory leaks with Windows Secure Channel.
Fix loading PKCS#8 RSA keys with Windows Secure Channel.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 18 2025 Remi Collet <[email protected]> - 1.30.5-1
- update to 1.30.5
--------------------------------------------------------------------------------
================================================================================
perl-CryptX-0.087-2.el9 (FEDORA-EPEL-2025-6c475f1e10)
Cryptographic toolkit
--------------------------------------------------------------------------------
Update Information:
Update to 0.087, fixes CVE-2025-40914
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 12 2025 Xavier Bachelot <[email protected]> - 0.087-2
- Use any version of Math::BigInt and Math::BigFloat
- Fix bundled Provides:
* Wed Jun 11 2025 Xavier Bachelot <[email protected]> - 0.087-1
- Update to 0.087 (RHBZ#2372355,RHBZ#2372356,RHBZ#2372357,RHBZ#2372358)
- Fix CVE-2025-40914
* Sat May 3 2025 Xavier Bachelot <[email protected]> - 0.086-1
- Update to 0.086 (RHBZ#2363852, RHBZ#2354493)
* Tue Feb 11 2025 Xavier Bachelot <[email protected]> - 0.085-1
- Update to 0.085 (RHBZ#2344451)
* Sat Jan 18 2025 Fedora Release Engineering <[email protected]> -
0.084-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Wed Oct 16 2024 Xavier Bachelot <[email protected]> - 0.084-1
- Update to 0.084 (RHBZ#2319152)
* Tue Oct 15 2024 Xavier Bachelot <[email protected]> - 0.083-1
- Update to 0.083 (RHBZ#2310725)
- Drop EL7 support
- Fix Math::BigInt/BigFloat versions and conditionals
* Thu Jul 18 2024 Fedora Release Engineering <[email protected]> -
0.080-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Mon Jun 10 2024 Jitka Plesnikova <[email protected]> - 0.080-4
- Perl 5.40 rebuild
* Thu Jan 25 2024 Fedora Release Engineering <[email protected]> -
0.080-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <[email protected]> -
0.080-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Oct 4 2023 Xavier Bachelot <[email protected]> - 0.080-1
- Update to 0.080 (RHBZ#2242102)
* Mon Oct 2 2023 Xavier Bachelot <[email protected]> - 0.079-1
- Update to 0.079 (RHBZ#2241629)
- Fix CVE-2019-17362 in bundled libtomcrypt
- Add upstream patch to fix tests with Math::BigInt 1.999840+ (RHBZ#2240587)
* Fri Aug 25 2023 Xavier Bachelot <[email protected]> - 0.078-4
- Don't Requires: perl(Math::BigFloat) for tests subpackage on EL7
(RHBZ#2234802)
* Thu Jul 20 2023 Fedora Release Engineering <[email protected]> -
0.078-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Tue Jul 11 2023 Jitka Plesnikova <[email protected]> - 0.078-2
- Perl 5.38 rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2372355 - CVE-2025-40914 perl-CryptX: Perl CryptX code execution
via integer overflow [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=2372355
[ 2 ] Bug #2372356 - CVE-2025-40914 perl-CryptX: Perl CryptX code execution
via integer overflow [epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2372356
[ 3 ] Bug #2372357 - CVE-2025-40914 perl-CryptX: Perl CryptX code execution
via integer overflow [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2372357
[ 4 ] Bug #2372358 - CVE-2025-40914 perl-CryptX: Perl CryptX code execution
via integer overflow [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2372358
--------------------------------------------------------------------------------
================================================================================
php-nikic-php-parser5-5.5.0-1.el9 (FEDORA-EPEL-2025-cce733afd7)
A PHP parser written in PHP - version 5
--------------------------------------------------------------------------------
Update Information:
Version 5.5.0 (2025-05-31)
Added
[8.5] Added support for attributes on constants. Stmt\Const_ now has an
attrGroups subnode.
Added weakReferences option to NodeConnectingVisitor and
ParentConnectingVisitor. This
will create the parent/next/prev references as WeakReferences, to avoid making
the AST cyclic
and thus increasing GC pressure.
Changed
Attributes on parameters are now printed on separate lines if the pretty printer
target version
is PHP 7.4 or older (which is the default). This allows them to be interpreted
as comments,
instead of causing a parse error. Specify a target version of PHP 8.0 or newer
to restore the
previous behavior.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 18 2025 Remi Collet <[email protected]> - 5.5.0-1
- update to 5.5.0
--------------------------------------------------------------------------------
================================================================================
python-jsonpath-rw-1.4.0-22.el9 (FEDORA-EPEL-2025-c9eefe1d3a)
Extended implementation of JSONPath for Python
--------------------------------------------------------------------------------
Update Information:
Use %autorelease and %autochangelog
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 16 2025 Dave Love <[email protected]> - 1.4.0-21
- Fix typo
* Mon Jun 2 2025 Python Maint <[email protected]> - 1.4.0-20
- Rebuilt for Python 3.14
* Sat Jan 18 2025 Fedora Release Engineering <[email protected]> -
1.4.0-19
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Tue Oct 29 2024 Fabian Affolter <[email protected]> - 1.4.0-18
- Switch to pytest (closes rhbz#2319672)
--------------------------------------------------------------------------------
================================================================================
qm-0.7.5-1.el9 (FEDORA-EPEL-2025-70ea64288b)
Containerized environment for running Quality Management software
--------------------------------------------------------------------------------
Update Information:
Automatic update for qm-0.7.5-1.el9.
Changelog for qm
* Mon Jun 16 2025 Packit <[email protected]> - 0.7.5-1
- Update to version 0.7.5
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 16 2025 Packit <[email protected]> - 0.7.5-1
- Update to version 0.7.5
--------------------------------------------------------------------------------
================================================================================
rr-5.9.0-1.el9 (FEDORA-EPEL-2025-a33f84b515)
Tool to record and replay execution of applications
--------------------------------------------------------------------------------
Update Information:
Rebase to rr-5.9.0.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 16 2025 Aaron Merey <[email protected]> - 5.9.0-1
- Rebase to rr-5.9.0.
-* Fri Dec 02 2022 Fabio Valentini <[email protected]> - 5.6.0-2
- Rebuild for capnproto 0.7.1 / CVE-2022-46149
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2370447 - Please branch and build rr-5.7 in epel9
https://bugzilla.redhat.com/show_bug.cgi?id=2370447
--------------------------------------------------------------------------------
================================================================================
rust-hyper-util-0.1.14-1.el9 (FEDORA-EPEL-2025-ce014dc559)
Hyper utilities
--------------------------------------------------------------------------------
Update Information:
rust-hyper-util
0.1.14 (2025-06-04)
Fix HttpConnector to defer address family order to resolver sort order.
Fix proxy::Matcher to find HTTPS system proxies on Windows.
0.1.13 (2025-05-27)
Fix HttpConnector to always prefer IPv6 addresses first, if happy eyeballs is
enabled.
Fix legacy::Client to return better errors if available on the connection.
rust-tower-http
0.6.6
Fixed
compression: fix panic when looking in vary header
0.6.5
Added
normalize_path: add append_trailing_slash() mode
Fixed
redirect: remove payload headers if redirect changes method to GET
compression: avoid setting vary: accept-encoding if already set
0.6.4
Added
decompression: Support HTTP responses containing multiple ZSTD frames
The ServiceExt trait for chaining layers onto an arbitrary http service just
like ServiceBuilderExt allows for ServiceBuilder
Fixed
Remove unnecessary trait bounds on S::Error for Service impls of
RequestBodyTimeout<S> and ResponseBodyTimeout<S>
compression: Respect is_end_stream
Fix a rare panic in fs::ServeDir
Fix invalid content-lenght of 1 in response to range requests to empty
files
In AsyncRequireAuthorization, use the original inner service after it is
ready, instead of using a clone
0.6.3
This release was yanked because its definition of ServiceExt was quite
unhelpful, in a way that's very unlikely that anybody would start depending on
within the small timeframe before this was yanked, but that was technically
breaking to change.
rust-reqwest
v0.12.19
Fix redirect that changes the method to GET should remove payload headers.
Fix redirect to only check the next scheme if the policy action is to follow.
(wasm) Fix compilation error if cookies feature is enabled (by the way, it's a
noop feature in wasm).
v0.12.18
Fix compilation when socks enabled without TLS.
v0.12.17
Fix compilation on macOS.
v0.12.16
Add ClientBuilder::http3_congestion_bbr() to enable BBR congestion control.
Add ClientBuilder::http3_send_grease() to configure whether to send use QUIC
grease.
Add ClientBuilder::http3_max_field_section_size() to configure the maximum
response headers.
Add ClientBuilder::tcp_keepalive_interval() to configure TCP probe interval.
Add ClientBuilder::tcp_keepalive_retries() to configure TCP probe count.
Add Proxy::headers() to add extra headers that should be sent to a proxy.
Fix redirect::Policy::limit() which had an off-by-1 error, allowing 1 more
redirect than specified.
Fix HTTP/3 to support streaming request bodies.
(wasm) Fix null bodies when calling Response::bytes_stream().
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 9 2025 Benjamin A. Beasley <[email protected]> - 0.1.14-1
- Update to version 0.1.14; Fixes RHBZ#2368791
* Mon Jun 9 2025 Benjamin A. Beasley <[email protected]> - 0.1.12-3
- No longer patch for pnet_datalink 0.34
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2364896 - rust-tower-http-0.6.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2364896
[ 2 ] Bug #2368791 - rust-hyper-util-0.1.14 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2368791
[ 3 ] Bug #2368855 - rust-reqwest-0.12.20 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2368855
--------------------------------------------------------------------------------
================================================================================
rust-libz-rs-sys-0.5.1-1.el9 (FEDORA-EPEL-2025-2f0978e6de)
Memory-safe zlib implementation written in rust
--------------------------------------------------------------------------------
Update Information:
Update rust-zlib-rs and rust-libz-rs-sys to 0.5.1:
https://github.com/trifectatechfoundation/zlib-rs/releases/tag/v0.5.1
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 9 2025 Benjamin A. Beasley <[email protected]> - 0.5.1-1
- Update to version 0.5.1; Fixes RHBZ#2370620
* Mon May 12 2025 Benjamin A. Beasley <[email protected]> - 0.5.0-2
- Remove no-longer-necessary .rpmlintrc file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2370620 - rust-libz-rs-sys-0.5.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2370620
[ 2 ] Bug #2370704 - rust-zlib-rs-0.5.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2370704
--------------------------------------------------------------------------------
================================================================================
rust-reqwest-0.12.20-1.el9 (FEDORA-EPEL-2025-ce014dc559)
Higher level HTTP client library
--------------------------------------------------------------------------------
Update Information:
rust-hyper-util
0.1.14 (2025-06-04)
Fix HttpConnector to defer address family order to resolver sort order.
Fix proxy::Matcher to find HTTPS system proxies on Windows.
0.1.13 (2025-05-27)
Fix HttpConnector to always prefer IPv6 addresses first, if happy eyeballs is
enabled.
Fix legacy::Client to return better errors if available on the connection.
rust-tower-http
0.6.6
Fixed
compression: fix panic when looking in vary header
0.6.5
Added
normalize_path: add append_trailing_slash() mode
Fixed
redirect: remove payload headers if redirect changes method to GET
compression: avoid setting vary: accept-encoding if already set
0.6.4
Added
decompression: Support HTTP responses containing multiple ZSTD frames
The ServiceExt trait for chaining layers onto an arbitrary http service just
like ServiceBuilderExt allows for ServiceBuilder
Fixed
Remove unnecessary trait bounds on S::Error for Service impls of
RequestBodyTimeout<S> and ResponseBodyTimeout<S>
compression: Respect is_end_stream
Fix a rare panic in fs::ServeDir
Fix invalid content-lenght of 1 in response to range requests to empty
files
In AsyncRequireAuthorization, use the original inner service after it is
ready, instead of using a clone
0.6.3
This release was yanked because its definition of ServiceExt was quite
unhelpful, in a way that's very unlikely that anybody would start depending on
within the small timeframe before this was yanked, but that was technically
breaking to change.
rust-reqwest
v0.12.19
Fix redirect that changes the method to GET should remove payload headers.
Fix redirect to only check the next scheme if the policy action is to follow.
(wasm) Fix compilation error if cookies feature is enabled (by the way, it's a
noop feature in wasm).
v0.12.18
Fix compilation when socks enabled without TLS.
v0.12.17
Fix compilation on macOS.
v0.12.16
Add ClientBuilder::http3_congestion_bbr() to enable BBR congestion control.
Add ClientBuilder::http3_send_grease() to configure whether to send use QUIC
grease.
Add ClientBuilder::http3_max_field_section_size() to configure the maximum
response headers.
Add ClientBuilder::tcp_keepalive_interval() to configure TCP probe interval.
Add ClientBuilder::tcp_keepalive_retries() to configure TCP probe count.
Add Proxy::headers() to add extra headers that should be sent to a proxy.
Fix redirect::Policy::limit() which had an off-by-1 error, allowing 1 more
redirect than specified.
Fix HTTP/3 to support streaming request bodies.
(wasm) Fix null bodies when calling Response::bytes_stream().
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 11 2025 Benjamin A. Beasley <[email protected]> - 0.12.20-1
- Update to version 0.12.20; Fixes RHBZ#2368855
* Tue Jun 10 2025 Benjamin A. Beasley <[email protected]> - 0.12.15-2
- Restore brotli support
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2364896 - rust-tower-http-0.6.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2364896
[ 2 ] Bug #2368791 - rust-hyper-util-0.1.14 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2368791
[ 3 ] Bug #2368855 - rust-reqwest-0.12.20 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2368855
--------------------------------------------------------------------------------
================================================================================
rust-tower-http-0.6.6-2.el9 (FEDORA-EPEL-2025-ce014dc559)
Tower middleware and utilities for HTTP clients and servers
--------------------------------------------------------------------------------
Update Information:
rust-hyper-util
0.1.14 (2025-06-04)
Fix HttpConnector to defer address family order to resolver sort order.
Fix proxy::Matcher to find HTTPS system proxies on Windows.
0.1.13 (2025-05-27)
Fix HttpConnector to always prefer IPv6 addresses first, if happy eyeballs is
enabled.
Fix legacy::Client to return better errors if available on the connection.
rust-tower-http
0.6.6
Fixed
compression: fix panic when looking in vary header
0.6.5
Added
normalize_path: add append_trailing_slash() mode
Fixed
redirect: remove payload headers if redirect changes method to GET
compression: avoid setting vary: accept-encoding if already set
0.6.4
Added
decompression: Support HTTP responses containing multiple ZSTD frames
The ServiceExt trait for chaining layers onto an arbitrary http service just
like ServiceBuilderExt allows for ServiceBuilder
Fixed
Remove unnecessary trait bounds on S::Error for Service impls of
RequestBodyTimeout<S> and ResponseBodyTimeout<S>
compression: Respect is_end_stream
Fix a rare panic in fs::ServeDir
Fix invalid content-lenght of 1 in response to range requests to empty
files
In AsyncRequireAuthorization, use the original inner service after it is
ready, instead of using a clone
0.6.3
This release was yanked because its definition of ServiceExt was quite
unhelpful, in a way that's very unlikely that anybody would start depending on
within the small timeframe before this was yanked, but that was technically
breaking to change.
rust-reqwest
v0.12.19
Fix redirect that changes the method to GET should remove payload headers.
Fix redirect to only check the next scheme if the policy action is to follow.
(wasm) Fix compilation error if cookies feature is enabled (by the way, it's a
noop feature in wasm).
v0.12.18
Fix compilation when socks enabled without TLS.
v0.12.17
Fix compilation on macOS.
v0.12.16
Add ClientBuilder::http3_congestion_bbr() to enable BBR congestion control.
Add ClientBuilder::http3_send_grease() to configure whether to send use QUIC
grease.
Add ClientBuilder::http3_max_field_section_size() to configure the maximum
response headers.
Add ClientBuilder::tcp_keepalive_interval() to configure TCP probe interval.
Add ClientBuilder::tcp_keepalive_retries() to configure TCP probe count.
Add Proxy::headers() to add extra headers that should be sent to a proxy.
Fix redirect::Policy::limit() which had an off-by-1 error, allowing 1 more
redirect than specified.
Fix HTTP/3 to support streaming request bodies.
(wasm) Fix null bodies when calling Response::bytes_stream().
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 10 2025 Benjamin A. Beasley <[email protected]> - 0.6.6-2
- Run most of the tests
* Tue Jun 10 2025 Benjamin A. Beasley <[email protected]> - 0.6.6-1
- Update to version 0.6.6; Fixes RHBZ#2364896
* Sun Jan 19 2025 Fedora Release Engineering <[email protected]> -
0.6.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2364896 - rust-tower-http-0.6.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2364896
[ 2 ] Bug #2368791 - rust-hyper-util-0.1.14 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2368791
[ 3 ] Bug #2368855 - rust-reqwest-0.12.20 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2368855
--------------------------------------------------------------------------------
================================================================================
rust-zlib-rs-0.5.1-1.el9 (FEDORA-EPEL-2025-2f0978e6de)
Memory-safe zlib implementation written in rust
--------------------------------------------------------------------------------
Update Information:
Update rust-zlib-rs and rust-libz-rs-sys to 0.5.1:
https://github.com/trifectatechfoundation/zlib-rs/releases/tag/v0.5.1
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 9 2025 Benjamin A. Beasley <[email protected]> - 0.5.1-1
- Update to version 0.5.1; Fixes RHBZ#2370704
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2370620 - rust-libz-rs-sys-0.5.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2370620
[ 2 ] Bug #2370704 - rust-zlib-rs-0.5.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2370704
--------------------------------------------------------------------------------
================================================================================
trafficserver-9.2.11-1.el9 (FEDORA-EPEL-2025-4894f0196b)
Fast, scalable and extensible HTTP/1.1 and HTTP/2 caching proxy server
--------------------------------------------------------------------------------
Update Information:
Changes with Apache Traffic Server 9.2.11
#12169 - 9.2.x: fix libyaml for gcc 15, and cherry-pick fedora:42 updates
#12294 - Add a setting to choose the data source of IP address for ACL
#12296 - Add max inclusion support to esi plugin for 9.2.x
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 17 2025 Jered Floyd <[email protected]> 9.2.11-1
- Update to upstream 9.2.11
--------------------------------------------------------------------------------
================================================================================
yubico-piv-tool-2.7.1-3.el9 (FEDORA-EPEL-2025-a5413a5883)
Tool for interacting with the PIV applet on a YubiKey
--------------------------------------------------------------------------------
Update Information:
Rebase EPEL9 version to current Fedora Rawhide
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 23 2025 Cristian Le <[email protected]> - 2.7.1-3
- Allow CMake build with ninja generator
* Sun Jan 19 2025 Fedora Release Engineering <[email protected]> -
2.7.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Fri Dec 20 2024 Jakub Jelen <[email protected]> - 2.7.1-1
- New upstream release fixing x390x build (#2333288)
* Thu Dec 19 2024 Jakub Jelen <[email protected]> - 2.7.0-1
- New upstream release (#2333288)
* Thu Sep 12 2024 Jakub Jelen <[email protected]> - 2.6.1-1
- New upstream release (#2311937)
* Thu Aug 22 2024 Jakub Jelen <[email protected]> - 2.6.0-1
- New upstream release (#2306797)
* Thu Jul 25 2024 Miroslav Suchý <[email protected]> - 2.5.2-3
- convert license to SPDX
* Sat Jul 20 2024 Fedora Release Engineering <[email protected]> -
2.5.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Tue May 7 2024 Jakub Jelen <[email protected]> - 2.5.2-1
- New upstream release (#2279499)
* Wed Feb 14 2024 Jakub Jelen <[email protected]> - 2.5.1-1
- New upstream release (#2264044)
* Thu Feb 1 2024 Jakub Jelen <[email protected]> - 2.5.0-1
- New upstream release supporting larger RSA keys and ED25519 and X25519
(#2262179)
* Sat Jan 27 2024 Fedora Release Engineering <[email protected]> -
2.4.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Mon Dec 11 2023 Jakub Jelen <[email protected]> - 2.4.2-1
- New upstream release related to the previous issue (#2253499)
* Wed Dec 6 2023 Jakub Jelen <[email protected]> - 2.4.1-1
- Fix the build for i686 architecture (#2252823)
* Tue Dec 5 2023 Jakub Jelen <[email protected]> - 2.4.0-1
- New upstream release (#2252823)
* Sat Jul 22 2023 Fedora Release Engineering <[email protected]> -
2.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
