The following Fedora EPEL 9 Security updates need testing:
Age URL
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-bc6b1f3139
stb-0^20231011gitbeebb24-12.el9
4
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-f45cb7e6ad
suricata-6.0.15-1.el9
3
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-b475c743aa
chromium-118.0.5993.117-1.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
logcheck-1.3.18-15.el9
mlpack-4.2.1-5.el9
packit-0.85.0-1.el9
python-ogr-0.47.1-1.el9
python-specfile-0.23.0-1.el9
salt-3005.4-1.el9
Details about builds:
================================================================================
logcheck-1.3.18-15.el9 (FEDORA-EPEL-2023-7ca2e7ca5f)
Analyzes log files and sends noticeable events as email
--------------------------------------------------------------------------------
Update Information:
Logcheck is a simple utility which is designed to allow a system administrator
to view the log-files which are produced upon hosts under their control. It does
this by mailing summaries of the log-files to them, after first filtering out
"normal" entries.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.18-15
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.18-14
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.18-13
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.18-12
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.18-11
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2031683 - logcheck is missing in CentOS Stream 9
https://bugzilla.redhat.com/show_bug.cgi?id=2031683
--------------------------------------------------------------------------------
================================================================================
mlpack-4.2.1-5.el9 (FEDORA-EPEL-2023-44e123cf66)
Fast, header-only C++ machine learning library
--------------------------------------------------------------------------------
Update Information:
Use RPM macros for python and cmake build directory ---- Ensure stb_image
contains the latest CVE patches
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 30 2023 Benson Muite <benson_muite(a)emailplus.org> - 4.2.1-5
- Use RPM macros for python and cmake build directory
* Fri Oct 27 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 4.2.1-4
- Ensure stb_image contains the latest CVE patches
* Wed Oct 25 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> - 4.2.1-3
- Ensure stb_image contains the latest CVE patches
* Mon Oct 16 2023 Ryan Curtin <ryan(a)ratml.org> - 4.2.1-2
- Attempt to reduce RAM usage on ppc64le.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2246895 - Rebuild for static stb_image CVE vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=2246895
--------------------------------------------------------------------------------
================================================================================
packit-0.85.0-1.el9 (FEDORA-EPEL-2023-f8edaa06d8)
A tool for integrating upstream projects with Fedora operating system
--------------------------------------------------------------------------------
Update Information:
Automatic update for packit-0.85.0-1.el9. ##### **Changelog for packit** ``` *
Mon Oct 30 2023 Packit <hello(a)packit.dev> - 0.85.0-1 - Packit no longer
downloads sources excluded using spec file conditions. (#2132) ```
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 30 2023 Packit <hello(a)packit.dev> - 0.85.0-1
- Packit no longer downloads sources excluded using spec file conditions. (#2132)
--------------------------------------------------------------------------------
================================================================================
python-ogr-0.47.1-1.el9 (FEDORA-EPEL-2023-9c0f1113d8)
One API for multiple git forges
--------------------------------------------------------------------------------
Update Information:
Automatic update for python-ogr-0.47.1-1.el9. ##### **Changelog for python-
ogr** ``` * Mon Oct 30 2023 Packit <hello(a)packit.dev> - 0.47.1-1 - Fixed an
issue where getting a list of GitLab merge requests using `.list()` would return
only 20 items. (#819) - Resolves rhbz#2246994 ```
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 30 2023 Packit <hello(a)packit.dev> - 0.47.1-1
- Fixed an issue where getting a list of GitLab merge requests using `.list()` would
return only 20 items. (#819)
- Resolves rhbz#2246994
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2246994 - python-ogr-0.47.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2246994
--------------------------------------------------------------------------------
================================================================================
python-specfile-0.23.0-1.el9 (FEDORA-EPEL-2023-ab9b7d0c94)
A library for parsing and manipulating RPM spec files
--------------------------------------------------------------------------------
Update Information:
Automatic update for python-specfile-0.23.0-1.el9. ##### **Changelog for
python-specfile** ``` * Mon Oct 30 2023 Packit <hello(a)packit.dev> - 0.23.0-1 -
Sources now have a `valid` property that indicates whether a source is valid in
the current context, meaning it is not present in a false branch of any
condition. (#295) ```
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 30 2023 Packit <hello(a)packit.dev> - 0.23.0-1
- Sources now have a `valid` property that indicates whether a source is valid in the
current context, meaning it is not present in a false branch of any condition. (#295)
--------------------------------------------------------------------------------
================================================================================
salt-3005.4-1.el9 (FEDORA-EPEL-2023-747e8b0ab1)
A parallel remote execution system
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2023-34049
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 30 2023 Gwyn Ciesla <gwync(a)protonmail.com> - 3005.4-1
- 3005.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2246812 - salt-3006.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2246812
[ 2 ] Bug #2246982 - CVE-2023-34049 salt: allows an attacker to force Salt-SSH to run
their script [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2246982
--------------------------------------------------------------------------------