[EPEL-devel] Fedora EPEL 9 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The following Fedora EPEL 9 Security updates need testing:
 Age  URL
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-80a466f7f5   zabbix7.0-7.0.11-1.el9
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-eb7e3d90f5   chromium-135.0.7049.52-2.el9


The following builds have been pushed to Fedora EPEL 9 updates-testing

    blake3-1.8.1-1.el9
    nvtop-3.2.0-3.el9
    osc-1.15.1-447.3.1.el9
    prosody-13.0.1-1.el9
    rust-coreutils-0.0.27-9.el9
    rust-routinator-0.14.2-1.el9
    rust-simba-0.9.0-3.el9
    stockfish-17.1-1.el9
    zsync-0.6.2-1.el9

Details about builds:


================================================================================
 blake3-1.8.1-1.el9 (FEDORA-EPEL-2025-f7b2c175df)
 Official C implementation of the BLAKE3 cryptographic hash function
--------------------------------------------------------------------------------
Update Information:

Update to 1.8.1 (fedora#2357121)
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr  6 2025 Christoph Erhardt <fedora@xxxxxxxxxxx> - 1.8.1-1
- Update to 1.8.1 (fedora#2357121)
* Sun Apr  6 2025 Christoph Erhardt <fedora@xxxxxxxxxxx> - 1.7.0-2
- Move `README.md` into `devel` subpackage
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2357121 - blake3-1.8.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2357121
--------------------------------------------------------------------------------


================================================================================
 nvtop-3.2.0-3.el9 (FEDORA-EPEL-2025-be2813f02c)
 GPU process monitoring for various devices
--------------------------------------------------------------------------------
Update Information:

New features
Intel XE driver support thanks to @Steve-Tech
Supports more metrics when CAP_PERFMON is given to nvtop. See the intel section
of the README
Broadcom V3D support (Raspberry Pi) thanks to @xiaohuirong
Google TPU support thanks to @rdyro
Interface hide process list with the -P option thanks to @ring-c
On recent GPUs, the encode and decode engines are most likely shared, nvtop will
now display "ENC/DEC" in the known cases.
Nvtop can be installed from conda forge thanks to @matthewfeickert
JSON snapshot option -s thanks to @jwilkins88
Bugfix and improvements
Improved Intel i915 support by @Steve-Tech
More portable AppImage thanks to @Samueru-sama
Various back-end bugfixes
FreeBSD compilation fixes by @ocochard
--------------------------------------------------------------------------------
ChangeLog:

* Sat Apr  5 2025 Michel Lind <salimma@xxxxxxxxxxxxxxxxx> - 3.2.0-3
- Drop one more upstreamed patch
* Sat Apr  5 2025 Michel Lind <salimma@xxxxxxxxxxxxxxxxx> - 3.2.0-2
- Rebase patches and drop those applied upstream
* Sat Mar 29 2025 Packit <hello@xxxxxxxxxx> - 3.2.0-1
- Update to 3.2.0
- Resolves rhbz#2355933
* Fri Jan 17 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.1.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Thu Jul 18 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.1.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2355933 - nvtop-3.2.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2355933
--------------------------------------------------------------------------------


================================================================================
 osc-1.15.1-447.3.1.el9 (FEDORA-EPEL-2025-6a8af2b0ec)
 Open Build Service Commander
--------------------------------------------------------------------------------
Update Information:

New upstream release 1.15.1, fixes rhbz#2357463
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr  6 2025 Dan Ä?ermák <dan.cermak@xxxxxxxxxxxxxxxxxxx> - 1.15.1-447.3.1
- New upstream release 1.15.1, fixes rhbz#2357463
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2357463 - osc-1.15.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2357463
--------------------------------------------------------------------------------


================================================================================
 prosody-13.0.1-1.el9 (FEDORA-EPEL-2025-fe26a008d0)
 Flexible communications server for Jabber/XMPP
--------------------------------------------------------------------------------
Update Information:

Prosody 13.0.1
Summary
As is the tradition with software, here is upstream's first patch release
following shortly behind their major 13.0.0 release. It fixes some important
bugs that were discovered after the release.
Changes
Summary of all changes in this release:
Fixes and improvements
mod_admin_shell: Add debug:cert_index() command to aid debugging of automatic
certificate selection
mod_tls: Enable Prosodyâ??s certificate checking for incoming s2s connections
portmanager: Multiple fixes to use correct certificates for direct TLS ports
net.server_epoll: Use correct connection timeout when initiating Direct TLS
mod_roster: Fix shell commands when a component is involved
mod_http_file_share: Explicitly reject all unsupported ranges
mod_http_file_share: Fix off by one in Range response
mod_admin_shell, prosodyctl shell: Report command failure when no password
entered
Minor changes
mod_storage_sql: Drop legacy index without confirmation to ease upgrades
util.adminstream: Fix traceback on double-close (fixes #1913: Prosody fails to
completely stop while shell watch:log is active)
certmanager: Improve logging for all cases where certs are skipped
mod_tls: Collect full certificate chain validation information
mod_s2s: Fix error detection with newer versions of OpenSSL
portmanager: Add debug log message to state which certificate we end up using
prosodyctl check certs: Use correct hostname in warning message about HTTPS
prosodyctl check: Be more robust against invalid disco_items, and show warning
spec/tls: Add TLS/certificate integration tests
mod_http_file_share: Improve error reporting by using util.error more
core.storagemanager: Fix tests by removing an assert that upset luarocks
core.usermanager: Fix COMPAT layer for legacy is_admin() function
certmanager: Remove obsolete and verbose index log (replaced by shell command)
doap: Add XEP-0333, XEP-0334, XEP-0156 and mod_http_altconnect
Prosody 13.0.0
Summary
See upstream's blog post for an overview of the main features and improvements
this release brings.
Upgrading
It is expected that Prosody 13.0 will function correctly on any config file that
is compatible with 0.12. No changes are required, however there may be some
recommendations - such as options that have been deprecated or replaced.
The best way to find these is to run prosodyctl check config, before and after
you upgrade, which will find most issues and suggest a solution.
SQL users: A schema upgrade may be required, see below.
Common issues
SQL schema changes
If you are upgrading from an earlier release and you use PostgreSQL or SQLite
for storage, Prosody may refuse to initialize storage until you complete a
schema upgrade. You may see log messages like this:
error    Old database format detected. Please run: prosodyctl mod_storage_sql
upgrade
To check for any necessary schema upgrades and apply them, run:
prosodyctl mod_storage_sql upgrade
Restart Prosody (systemctl restart prosody) after it completes.
Component permissions
With the introduction of the new roles and permissions framework, some default
permissions have changed slightly. In most cases there is nothing you need to
do, but some deployments may need tweaking.
The most common component module affected by the change is mod_http_file_share.
It will work without any changes if your Component domain is a direct subdomain
of your VirtualHost. This means if you have something like VirtualHost
"example.com" and Component "upload.example.com" "http_file_share" then youâ??re
all good!
Some more unusual configurations may need to explicitly set the permissions.
This includes configurations where:
The component is not a direct subdomain (e.g. VirtualHost "example.com" with
Component "upload.xmpp.example.com" "http_file_share")
The component is shared by multiple VirtualHosts
In both cases you are probably already using the disco_items option to link the
component with the VirtualHost.
If you have a single VirtualHost using the component, then under the Component
you can set the parent_host option:
Component "upload.example.com" "http_file_share"
  -- Grant permissions for users on the 'xmpp.example.com' VirtualHost
  parent_host = "xmpp.example.com"
If your component is used by multiple VirtualHosts, the easiest thing to do is
grant the permissions to every VirtualHost on the current Prosody instance. For
this, use the server_user_role option:
Component "upload.example.com" "http_file_share"
  -- Grant permission for all users on this Prosody instance
  server_user_role = "prosody:registered"
Changes
New in this release
Modules
A number of popular modules have transitioned from community modules into
Prosody with this release:
mod_cloud_notify
mod_http_altconnect
And the following modules are completely new:
mod_account_activity
mod_flags
mod_s2s_auth_dane_in
mod_server_info
Administration
New prosodyctl check features recommends configuration improvements
mod_announce: Add shell commands to send messages to all users, online users, or
limited by roles
New mod_account_activity plugin records last login/logout time of a user account
New watch log command to follow live debug logs at runtime
Similarly, watch stanzas can be used to capture XML logs in real-time
Networking
Honour weight parameter during SRV record selection
Support for RFC 8305 â??Happy Eyeballsâ?? to improve IPv4/IPv6 connectivity
Support for TCP Fast Open in server_epoll (pending LuaSocket support)
Support for deferred accept in server_epoll (pending LuaSocket support)
MUC
Component admins are no longer room owners by default. This can be reverted to
the old behaviour with component_admins_as_room_owners = true, but this has
known incompatibilities with some clients. Instead, use the shell or ad-hoc
commands to gain ownership of rooms when necessary.
Permissions updates:
Room creation restricted to local users (of the parent host) by default
restrict_room_creation = true restricts to admins, false disables all
restrictions
Persistent rooms can only be created by local users (parent host) by default
muc_room_allow_persistent = false restricts to admins
Public rooms can only be created by local users (parent host) by default
muc_room_allow_public = false restricts to admins
Commands to show occupants and affiliations in the Shell
Save â??reasonâ?? text supplied with affiliation change
Owners can set MUC avatars (functionality previously in community module
mod_vcard_muc)
Security and authentication
New role and permissions framework and API
Ability to disable and enable user accounts
A â??grace periodâ?? is now supported for deletion requests via in-band registration
Advertise supported SASL Channel-Binding types (XEP-0440)
Implement RFC 9266 â??tls-exporterâ?? channel binding with TLS 1.3
Implement â??tls-server-end-pointâ?? channel binding
Full DANE support for s2s
No longer check certificate Common Names per RFC 9525
Storage
Performance improvements in internal archive stores
Ability to use SQLite3 storage with LuaSQLite3 instead of LuaDBI
SQLCipher support
Module API for developers
New â??keyval+â?? combined keyval/map store type
Config interface API can require that string values be picked from a provided
set
Acceptable interval can be specified for number options
Method for parsing time periods / intervals from config
Method for retrieving integer settings from config
It is now easy for modules to expose a Prosody shell command, by adding a shell-
command item
Modules can now implement a module.ready method which will be called after
server initialization
module:depends() now accepts a second parameter â??softâ?? to enable soft
dependencies
Configuration file
Configuration file now supports referring and appending to options previously
set
Direct usage of the Lua API in the config file is deprecated, but can now be
accessed via Lua.* instead
Convenience functions for reading values from files, with variant meant for
credentials or secrets (e.g. from systemd-creds)
Changed in this release
Support sub-second precision timestamps
mod_blocklist: New option â??migrate_legacy_blockingâ?? to disable migration from
mod_privacy
Moved all modules into the Lua namespace prosody
Forwarded header from RFC 7239 supported, disabled by default
mod_http_file_share now uses roles framework, affecting access from e.g.
components
Intervals of mod_cron managed periodic jobs made configurable
When mod_smacks is enabled, s2s connections not responding to ack requests are
closed
Arguments to prosodyctl shell that start with : are now turned into method calls
Support for the roster group access_model in mod_pep
Support for systemd socket activation in server_epoll
mod_invites_adhoc gained a command for creating password resets
mod_cloud_notify imported from community modules for push notification support
mod_http_altconnect imported from community modules, simplifying web clients
Removed in this release
Lua 5.1 support
XEP-0090 support removed from mod_time
util.rfc6724
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr  6 2025 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 13.0.1-1
- Upgrade to 13.0.1 (#2352897 #c1)
* Tue Apr  1 2025 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 13.0.0-1
- Upgrade to 13.0.0 (#2352897)
- Build against OpenSSL 3 on RHEL 8 (for openssl/param_build.h)
* Sat Jan 18 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.12.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2352897 - prosody-13.0.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2352897
--------------------------------------------------------------------------------


================================================================================
 rust-coreutils-0.0.27-9.el9 (FEDORA-EPEL-2025-45865028b9)
 coreutils ~ GNU coreutils reimplementation in Rust
--------------------------------------------------------------------------------
Update Information:

Fix directory ownership of /usr/libexec/uutils-coreutils
--------------------------------------------------------------------------------
ChangeLog:

* Sat Apr  5 2025 Michel Lind <salimma@xxxxxxxxxxxxxxxxx> - 0.0.27-9
- Make sure the package owns %%{_libexecdir}/uutils-coreutils
* Sun Jan 19 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.0.27-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 rust-routinator-0.14.2-1.el9 (FEDORA-EPEL-2025-dd9571ea89)
 RPKI relying party software
--------------------------------------------------------------------------------
Update Information:

This release fixes an issue in the bundled UI that caused it to retrieve data
from our own test instance rather than the actual Routinator instance. Users of
the bundled UI should upgrade.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr  6 2025 Michel Lind <salimma@xxxxxxxxxxxxxxxxx> - 0.14.2-1
- Update to 0.14.2; Fixes: RHBZ#2349822
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2349822 - rust-routinator-0.14.2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2349822
--------------------------------------------------------------------------------


================================================================================
 rust-simba-0.9.0-3.el9 (FEDORA-EPEL-2025-0ccb45e62b)
 SIMD algebra for Rust
--------------------------------------------------------------------------------
Update Information:

Drop unused optional support for the decimal crate.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr  6 2025 Fabio Valentini <decathorpe@xxxxxxxxx> - 0.9.0-3
- Drop unused support for the decimal crate
--------------------------------------------------------------------------------


================================================================================
 stockfish-17.1-1.el9 (FEDORA-EPEL-2025-8cc8a51026)
 Powerful open source chess engine
--------------------------------------------------------------------------------
Update Information:

New speedtest command, improved hardware support, and bug fixes for tablebase
support.
https://github.com/official-stockfish/Stockfish/releases/tag/sf_17.1
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr  4 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 17.1-1
- Update to 17.1 (close RHBZ#2356072)
- The ppc64le version of Stockfish now uses VSX extensions (POWER8)
* Sat Feb 15 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 17-6
- Drop i686 support (leaf package)
* Wed Feb  5 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 17-5
- Support RPM architectures corresponding to x86_64 microarch. levels
* Sun Jan 19 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 17-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Sat Jan 18 2025 Ondrej MosnáÄ?ek <omosnacek@xxxxxxxxx> - 17-3
- Backport a fix for GCC 15
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2356072 - stockfish-17.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2356072
--------------------------------------------------------------------------------


================================================================================
 zsync-0.6.2-1.el9 (FEDORA-EPEL-2025-fe9e305d78)
 a file transfer program using the same algorithm as rsync over HTTP
--------------------------------------------------------------------------------
Update Information:

Initial import (fedora#2356982).
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr  6 2025 Tobias Girstmair <t-fedora@xxxxxxxx> - 0.6.2-1
- Initial import (fedora#2356982).
--------------------------------------------------------------------------------



-- 
_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux