The following Fedora EPEL 9 Security updates need testing: Age URL 4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-56a6ede4ef salt3006-3006.12-1.el9 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-b08324ec24 optipng-7.9.1-1.el9 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-3a9b0a638b atuin-18.3.0-4.el9 The following builds have been pushed to Fedora EPEL 9 updates-testing clamav-1.0.9-1.el9 coturn-4.7.0-1.el9 distribution-gpg-keys-1.113-1.el9 fluidsynth-2.4.6-1.el9 gnuchess-6.2.11-1.el9 google-benchmark-1.8.5-9.el9 mock-6.3-1.el9 mock-core-configs-42.4-1.el9 mongo-c-driver-1.30.5-1.el9 perl-CryptX-0.087-2.el9 php-nikic-php-parser5-5.5.0-1.el9 python-jsonpath-rw-1.4.0-22.el9 qm-0.7.5-1.el9 rr-5.9.0-1.el9 rust-hyper-util-0.1.14-1.el9 rust-libz-rs-sys-0.5.1-1.el9 rust-reqwest-0.12.20-1.el9 rust-tower-http-0.6.6-2.el9 rust-zlib-rs-0.5.1-1.el9 trafficserver-9.2.11-1.el9 yubico-piv-tool-2.7.1-3.el9 Details about builds: ================================================================================ clamav-1.0.9-1.el9 (FEDORA-EPEL-2025-bb27e120f9) End-user tools for the Clam Antivirus scanner -------------------------------------------------------------------------------- Update Information: 1.0.9 -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 18 2025 Gwyn Ciesla <gwync@xxxxxxxxxxxxxx> - 1.0.9-1 - Update to 1.0.9 -------------------------------------------------------------------------------- ================================================================================ coturn-4.7.0-1.el9 (FEDORA-EPEL-2025-88df0f0a71) TURN/STUN & ICE Server -------------------------------------------------------------------------------- Update Information: Coturn 4.7.0 Changes in order to get to sane defaults for improved security by default Cleanup deprecated options - if your scripts have them turnserver will fail to start Reverse SOFTWARE_ATTRIBUTE_OPT to avoid inverse logic - now need to explicitly enable it Deprecate response-origin-only-with-rfc5780 Invert no-stun-backward-compatibility to be default on TLSv1 and TLSv1_1 are now optional (no need to turn them off) Minor bug fixes and regressions -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 17 2025 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> - 4.7.0-1 - Upgrade to 4.7.0 (#2369521) - Use 'systemctl try-reload-or-restart' in logrotate postrotate script (#2371578, thanks to Marcos Mello) * Thu Jan 16 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.6.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2369521 - coturn-4.7.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2369521 [ 2 ] Bug #2371578 - Use `systemctl try-reload-or-restart` in logrotate postrotate script https://bugzilla.redhat.com/show_bug.cgi?id=2371578 -------------------------------------------------------------------------------- ================================================================================ distribution-gpg-keys-1.113-1.el9 (FEDORA-EPEL-2025-c1f17cc8d8) GPG keys of various Linux distributions -------------------------------------------------------------------------------- Update Information: Fixing Mock on Rawhide https://rpm-software-management.github.io/mock/Release- Notes-6.3 -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 17 2025 Pavel Raiskup <praiskup@xxxxxxxxxx> 1.113-1 - Add Rocky Linux 10 keys -------------------------------------------------------------------------------- References: [ 1 ] Bug #2372865 - After updating mock to version 6.2-2.fc43, mock operations fail with â??operation not permittedâ??, even though the user is still in the mock group. https://bugzilla.redhat.com/show_bug.cgi?id=2372865 -------------------------------------------------------------------------------- ================================================================================ fluidsynth-2.4.6-1.el9 (FEDORA-EPEL-2025-0da6911d79) Real-time software synthesizer -------------------------------------------------------------------------------- Update Information: Update to 2.4.6 -------------------------------------------------------------------------------- ChangeLog: * Sat Jun 14 2025 Christoph Karl <pampelmuse [AT] gmx [DOT] at> - 2.4.6-1 - Update to 2.4.6 -------------------------------------------------------------------------------- ================================================================================ gnuchess-6.2.11-1.el9 (FEDORA-EPEL-2025-5901798310) The GNU chess program -------------------------------------------------------------------------------- Update Information: Initial EL-9 and EL-8 builds -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 21 2025 Gwyn Ciesla <gwync@xxxxxxxxxxxxxx> - 6.2.11-1 - 6.2.11 * Thu Jan 16 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 6.2.9-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild * Thu Jul 18 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 6.2.9-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Wed Jan 24 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 6.2.9-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jan 19 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 6.2.9-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Wed Jul 19 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 6.2.9-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ google-benchmark-1.8.5-9.el9 (FEDORA-EPEL-2025-ad811fd925) A microbenchmark support library -------------------------------------------------------------------------------- Update Information: Improve packaging of Doxygen-generated HTML -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 17 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 1.8.5-9 - Explicitly disable assembly tests * Tue Jun 17 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 1.8.5-7 - Attempt to handle license/bundling in Doxygen-generated HTML * Tue Jun 17 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 1.8.5-4 - Do not package CONTRIBUTING.md, which is about working with upstream -------------------------------------------------------------------------------- ================================================================================ mock-6.3-1.el9 (FEDORA-EPEL-2025-c1f17cc8d8) Builds packages inside chroots -------------------------------------------------------------------------------- Update Information: Fixing Mock on Rawhide https://rpm-software-management.github.io/mock/Release- Notes-6.3 -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 18 2025 Pavel Raiskup <praiskup@xxxxxxxxxx> 6.3-1 - lockfile: don't hard-code DNF _bindir location, use config_opts - fix sysusers packaging once more - ProcessPoolExecutor changed behaviour with Python 3.14 (msuchy@xxxxxxxxxx) - feat: plugin: hw_info: added human-readable flag for memory info (k0ste@xxxxxxxx) - Remove the traceLog decorator from pretty_getcwd (ferdnyc@xxxxxxxxx) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2372865 - After updating mock to version 6.2-2.fc43, mock operations fail with â??operation not permittedâ??, even though the user is still in the mock group. https://bugzilla.redhat.com/show_bug.cgi?id=2372865 -------------------------------------------------------------------------------- ================================================================================ mock-core-configs-42.4-1.el9 (FEDORA-EPEL-2025-c1f17cc8d8) Mock core config files basic chroots -------------------------------------------------------------------------------- Update Information: Fixing Mock on Rawhide https://rpm-software-management.github.io/mock/Release- Notes-6.3 -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 18 2025 Pavel Raiskup <praiskup@xxxxxxxxxx> 42.4-1 - fix sysusers packaging practice once more - configuration file owned by `root:root` - Rocky Linux 10 configs added (label@xxxxxxxxxxxxxx) - missing config for AlmaLinux Kitten x86_64_v2 added (jhernandez@xxxxxxxxxxxxxx) - config for AlmaLinux Kitten 10 x86_64_v2 added (jonathan@xxxxxxxxxxxxx) - AlmaLinux 10 configs added (jonathan@xxxxxxxxxxxxx) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2372865 - After updating mock to version 6.2-2.fc43, mock operations fail with â??operation not permittedâ??, even though the user is still in the mock group. https://bugzilla.redhat.com/show_bug.cgi?id=2372865 -------------------------------------------------------------------------------- ================================================================================ mongo-c-driver-1.30.5-1.el9 (FEDORA-EPEL-2025-17d69f9265) Client library written in C for MongoDB -------------------------------------------------------------------------------- Update Information: libbson 1.30.5 Fixes: Various fixes have been applied to the bson_validate family of functions, with some minor behavioral changes. Previously accepted invalid UTF-8 will be rejected when BSON_VALIDATE_UTF8 is specified. The scope document in a deprecated "code with scope" element is now validated with a fixed set of rules and is treated as an opaque JavaScript object. A document nesting limit is now enforced during validation. libmongoc 1.30.5 Fixes: Fix message of bson_strerror_r on Windows. Fix memory leaks with Windows Secure Channel. Fix loading PKCS#8 RSA keys with Windows Secure Channel. -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 18 2025 Remi Collet <remi@xxxxxxxxxxxx> - 1.30.5-1 - update to 1.30.5 -------------------------------------------------------------------------------- ================================================================================ perl-CryptX-0.087-2.el9 (FEDORA-EPEL-2025-6c475f1e10) Cryptographic toolkit -------------------------------------------------------------------------------- Update Information: Update to 0.087, fixes CVE-2025-40914 -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 12 2025 Xavier Bachelot <xavier@xxxxxxxxxxxx> - 0.087-2 - Use any version of Math::BigInt and Math::BigFloat - Fix bundled Provides: * Wed Jun 11 2025 Xavier Bachelot <xavier@xxxxxxxxxxxx> - 0.087-1 - Update to 0.087 (RHBZ#2372355,RHBZ#2372356,RHBZ#2372357,RHBZ#2372358) - Fix CVE-2025-40914 * Sat May 3 2025 Xavier Bachelot <xavier@xxxxxxxxxxxx> - 0.086-1 - Update to 0.086 (RHBZ#2363852, RHBZ#2354493) * Tue Feb 11 2025 Xavier Bachelot <xavier@xxxxxxxxxxxx> - 0.085-1 - Update to 0.085 (RHBZ#2344451) * Sat Jan 18 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.084-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild * Wed Oct 16 2024 Xavier Bachelot <xavier@xxxxxxxxxxxx> - 0.084-1 - Update to 0.084 (RHBZ#2319152) * Tue Oct 15 2024 Xavier Bachelot <xavier@xxxxxxxxxxxx> - 0.083-1 - Update to 0.083 (RHBZ#2310725) - Drop EL7 support - Fix Math::BigInt/BigFloat versions and conditionals * Thu Jul 18 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.080-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Mon Jun 10 2024 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 0.080-4 - Perl 5.40 rebuild * Thu Jan 25 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.080-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sun Jan 21 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.080-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Wed Oct 4 2023 Xavier Bachelot <xavier@xxxxxxxxxxxx> - 0.080-1 - Update to 0.080 (RHBZ#2242102) * Mon Oct 2 2023 Xavier Bachelot <xavier@xxxxxxxxxxxx> - 0.079-1 - Update to 0.079 (RHBZ#2241629) - Fix CVE-2019-17362 in bundled libtomcrypt - Add upstream patch to fix tests with Math::BigInt 1.999840+ (RHBZ#2240587) * Fri Aug 25 2023 Xavier Bachelot <xavier@xxxxxxxxxxxx> - 0.078-4 - Don't Requires: perl(Math::BigFloat) for tests subpackage on EL7 (RHBZ#2234802) * Thu Jul 20 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.078-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Tue Jul 11 2023 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 0.078-2 - Perl 5.38 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2372355 - CVE-2025-40914 perl-CryptX: Perl CryptX code execution via integer overflow [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2372355 [ 2 ] Bug #2372356 - CVE-2025-40914 perl-CryptX: Perl CryptX code execution via integer overflow [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2372356 [ 3 ] Bug #2372357 - CVE-2025-40914 perl-CryptX: Perl CryptX code execution via integer overflow [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2372357 [ 4 ] Bug #2372358 - CVE-2025-40914 perl-CryptX: Perl CryptX code execution via integer overflow [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2372358 -------------------------------------------------------------------------------- ================================================================================ php-nikic-php-parser5-5.5.0-1.el9 (FEDORA-EPEL-2025-cce733afd7) A PHP parser written in PHP - version 5 -------------------------------------------------------------------------------- Update Information: Version 5.5.0 (2025-05-31) Added [8.5] Added support for attributes on constants. Stmt\Const_ now has an attrGroups subnode. Added weakReferences option to NodeConnectingVisitor and ParentConnectingVisitor. This will create the parent/next/prev references as WeakReferences, to avoid making the AST cyclic and thus increasing GC pressure. Changed Attributes on parameters are now printed on separate lines if the pretty printer target version is PHP 7.4 or older (which is the default). This allows them to be interpreted as comments, instead of causing a parse error. Specify a target version of PHP 8.0 or newer to restore the previous behavior. -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 18 2025 Remi Collet <remi@xxxxxxxxxxxx> - 5.5.0-1 - update to 5.5.0 -------------------------------------------------------------------------------- ================================================================================ python-jsonpath-rw-1.4.0-22.el9 (FEDORA-EPEL-2025-c9eefe1d3a) Extended implementation of JSONPath for Python -------------------------------------------------------------------------------- Update Information: Use %autorelease and %autochangelog -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 16 2025 Dave Love <loveshack@xxxxxxxxxxxxxxxxx> - 1.4.0-21 - Fix typo * Mon Jun 2 2025 Python Maint <python-maint@xxxxxxxxxx> - 1.4.0-20 - Rebuilt for Python 3.14 * Sat Jan 18 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.4.0-19 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild * Tue Oct 29 2024 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 1.4.0-18 - Switch to pytest (closes rhbz#2319672) -------------------------------------------------------------------------------- ================================================================================ qm-0.7.5-1.el9 (FEDORA-EPEL-2025-70ea64288b) Containerized environment for running Quality Management software -------------------------------------------------------------------------------- Update Information: Automatic update for qm-0.7.5-1.el9. Changelog for qm * Mon Jun 16 2025 Packit <hello@xxxxxxxxxx> - 0.7.5-1 - Update to version 0.7.5 -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 16 2025 Packit <hello@xxxxxxxxxx> - 0.7.5-1 - Update to version 0.7.5 -------------------------------------------------------------------------------- ================================================================================ rr-5.9.0-1.el9 (FEDORA-EPEL-2025-a33f84b515) Tool to record and replay execution of applications -------------------------------------------------------------------------------- Update Information: Rebase to rr-5.9.0. -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 16 2025 Aaron Merey <amerey@xxxxxxxxxx> - 5.9.0-1 - Rebase to rr-5.9.0. -* Fri Dec 02 2022 Fabio Valentini <decathorpe@xxxxxxxxx> - 5.6.0-2 - Rebuild for capnproto 0.7.1 / CVE-2022-46149 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2370447 - Please branch and build rr-5.7 in epel9 https://bugzilla.redhat.com/show_bug.cgi?id=2370447 -------------------------------------------------------------------------------- ================================================================================ rust-hyper-util-0.1.14-1.el9 (FEDORA-EPEL-2025-ce014dc559) Hyper utilities -------------------------------------------------------------------------------- Update Information: rust-hyper-util 0.1.14 (2025-06-04) Fix HttpConnector to defer address family order to resolver sort order. Fix proxy::Matcher to find HTTPS system proxies on Windows. 0.1.13 (2025-05-27) Fix HttpConnector to always prefer IPv6 addresses first, if happy eyeballs is enabled. Fix legacy::Client to return better errors if available on the connection. rust-tower-http 0.6.6 Fixed compression: fix panic when looking in vary header 0.6.5 Added normalize_path: add append_trailing_slash() mode Fixed redirect: remove payload headers if redirect changes method to GET compression: avoid setting vary: accept-encoding if already set 0.6.4 Added decompression: Support HTTP responses containing multiple ZSTD frames The ServiceExt trait for chaining layers onto an arbitrary http service just like ServiceBuilderExt allows for ServiceBuilder Fixed Remove unnecessary trait bounds on S::Error for Service impls of RequestBodyTimeout<S> and ResponseBodyTimeout<S> compression: Respect is_end_stream Fix a rare panic in fs::ServeDir Fix invalid content-lenght of 1 in response to range requests to empty files In AsyncRequireAuthorization, use the original inner service after it is ready, instead of using a clone 0.6.3 This release was yanked because its definition of ServiceExt was quite unhelpful, in a way that's very unlikely that anybody would start depending on within the small timeframe before this was yanked, but that was technically breaking to change. rust-reqwest v0.12.19 Fix redirect that changes the method to GET should remove payload headers. Fix redirect to only check the next scheme if the policy action is to follow. (wasm) Fix compilation error if cookies feature is enabled (by the way, it's a noop feature in wasm). v0.12.18 Fix compilation when socks enabled without TLS. v0.12.17 Fix compilation on macOS. v0.12.16 Add ClientBuilder::http3_congestion_bbr() to enable BBR congestion control. Add ClientBuilder::http3_send_grease() to configure whether to send use QUIC grease. Add ClientBuilder::http3_max_field_section_size() to configure the maximum response headers. Add ClientBuilder::tcp_keepalive_interval() to configure TCP probe interval. Add ClientBuilder::tcp_keepalive_retries() to configure TCP probe count. Add Proxy::headers() to add extra headers that should be sent to a proxy. Fix redirect::Policy::limit() which had an off-by-1 error, allowing 1 more redirect than specified. Fix HTTP/3 to support streaming request bodies. (wasm) Fix null bodies when calling Response::bytes_stream(). -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 9 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.1.14-1 - Update to version 0.1.14; Fixes RHBZ#2368791 * Mon Jun 9 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.1.12-3 - No longer patch for pnet_datalink 0.34 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2364896 - rust-tower-http-0.6.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=2364896 [ 2 ] Bug #2368791 - rust-hyper-util-0.1.14 is available https://bugzilla.redhat.com/show_bug.cgi?id=2368791 [ 3 ] Bug #2368855 - rust-reqwest-0.12.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=2368855 -------------------------------------------------------------------------------- ================================================================================ rust-libz-rs-sys-0.5.1-1.el9 (FEDORA-EPEL-2025-2f0978e6de) Memory-safe zlib implementation written in rust -------------------------------------------------------------------------------- Update Information: Update rust-zlib-rs and rust-libz-rs-sys to 0.5.1: https://github.com/trifectatechfoundation/zlib-rs/releases/tag/v0.5.1 -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 9 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.5.1-1 - Update to version 0.5.1; Fixes RHBZ#2370620 * Mon May 12 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.5.0-2 - Remove no-longer-necessary .rpmlintrc file -------------------------------------------------------------------------------- References: [ 1 ] Bug #2370620 - rust-libz-rs-sys-0.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2370620 [ 2 ] Bug #2370704 - rust-zlib-rs-0.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2370704 -------------------------------------------------------------------------------- ================================================================================ rust-reqwest-0.12.20-1.el9 (FEDORA-EPEL-2025-ce014dc559) Higher level HTTP client library -------------------------------------------------------------------------------- Update Information: rust-hyper-util 0.1.14 (2025-06-04) Fix HttpConnector to defer address family order to resolver sort order. Fix proxy::Matcher to find HTTPS system proxies on Windows. 0.1.13 (2025-05-27) Fix HttpConnector to always prefer IPv6 addresses first, if happy eyeballs is enabled. Fix legacy::Client to return better errors if available on the connection. rust-tower-http 0.6.6 Fixed compression: fix panic when looking in vary header 0.6.5 Added normalize_path: add append_trailing_slash() mode Fixed redirect: remove payload headers if redirect changes method to GET compression: avoid setting vary: accept-encoding if already set 0.6.4 Added decompression: Support HTTP responses containing multiple ZSTD frames The ServiceExt trait for chaining layers onto an arbitrary http service just like ServiceBuilderExt allows for ServiceBuilder Fixed Remove unnecessary trait bounds on S::Error for Service impls of RequestBodyTimeout<S> and ResponseBodyTimeout<S> compression: Respect is_end_stream Fix a rare panic in fs::ServeDir Fix invalid content-lenght of 1 in response to range requests to empty files In AsyncRequireAuthorization, use the original inner service after it is ready, instead of using a clone 0.6.3 This release was yanked because its definition of ServiceExt was quite unhelpful, in a way that's very unlikely that anybody would start depending on within the small timeframe before this was yanked, but that was technically breaking to change. rust-reqwest v0.12.19 Fix redirect that changes the method to GET should remove payload headers. Fix redirect to only check the next scheme if the policy action is to follow. (wasm) Fix compilation error if cookies feature is enabled (by the way, it's a noop feature in wasm). v0.12.18 Fix compilation when socks enabled without TLS. v0.12.17 Fix compilation on macOS. v0.12.16 Add ClientBuilder::http3_congestion_bbr() to enable BBR congestion control. Add ClientBuilder::http3_send_grease() to configure whether to send use QUIC grease. Add ClientBuilder::http3_max_field_section_size() to configure the maximum response headers. Add ClientBuilder::tcp_keepalive_interval() to configure TCP probe interval. Add ClientBuilder::tcp_keepalive_retries() to configure TCP probe count. Add Proxy::headers() to add extra headers that should be sent to a proxy. Fix redirect::Policy::limit() which had an off-by-1 error, allowing 1 more redirect than specified. Fix HTTP/3 to support streaming request bodies. (wasm) Fix null bodies when calling Response::bytes_stream(). -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 11 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.12.20-1 - Update to version 0.12.20; Fixes RHBZ#2368855 * Tue Jun 10 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.12.15-2 - Restore brotli support -------------------------------------------------------------------------------- References: [ 1 ] Bug #2364896 - rust-tower-http-0.6.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=2364896 [ 2 ] Bug #2368791 - rust-hyper-util-0.1.14 is available https://bugzilla.redhat.com/show_bug.cgi?id=2368791 [ 3 ] Bug #2368855 - rust-reqwest-0.12.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=2368855 -------------------------------------------------------------------------------- ================================================================================ rust-tower-http-0.6.6-2.el9 (FEDORA-EPEL-2025-ce014dc559) Tower middleware and utilities for HTTP clients and servers -------------------------------------------------------------------------------- Update Information: rust-hyper-util 0.1.14 (2025-06-04) Fix HttpConnector to defer address family order to resolver sort order. Fix proxy::Matcher to find HTTPS system proxies on Windows. 0.1.13 (2025-05-27) Fix HttpConnector to always prefer IPv6 addresses first, if happy eyeballs is enabled. Fix legacy::Client to return better errors if available on the connection. rust-tower-http 0.6.6 Fixed compression: fix panic when looking in vary header 0.6.5 Added normalize_path: add append_trailing_slash() mode Fixed redirect: remove payload headers if redirect changes method to GET compression: avoid setting vary: accept-encoding if already set 0.6.4 Added decompression: Support HTTP responses containing multiple ZSTD frames The ServiceExt trait for chaining layers onto an arbitrary http service just like ServiceBuilderExt allows for ServiceBuilder Fixed Remove unnecessary trait bounds on S::Error for Service impls of RequestBodyTimeout<S> and ResponseBodyTimeout<S> compression: Respect is_end_stream Fix a rare panic in fs::ServeDir Fix invalid content-lenght of 1 in response to range requests to empty files In AsyncRequireAuthorization, use the original inner service after it is ready, instead of using a clone 0.6.3 This release was yanked because its definition of ServiceExt was quite unhelpful, in a way that's very unlikely that anybody would start depending on within the small timeframe before this was yanked, but that was technically breaking to change. rust-reqwest v0.12.19 Fix redirect that changes the method to GET should remove payload headers. Fix redirect to only check the next scheme if the policy action is to follow. (wasm) Fix compilation error if cookies feature is enabled (by the way, it's a noop feature in wasm). v0.12.18 Fix compilation when socks enabled without TLS. v0.12.17 Fix compilation on macOS. v0.12.16 Add ClientBuilder::http3_congestion_bbr() to enable BBR congestion control. Add ClientBuilder::http3_send_grease() to configure whether to send use QUIC grease. Add ClientBuilder::http3_max_field_section_size() to configure the maximum response headers. Add ClientBuilder::tcp_keepalive_interval() to configure TCP probe interval. Add ClientBuilder::tcp_keepalive_retries() to configure TCP probe count. Add Proxy::headers() to add extra headers that should be sent to a proxy. Fix redirect::Policy::limit() which had an off-by-1 error, allowing 1 more redirect than specified. Fix HTTP/3 to support streaming request bodies. (wasm) Fix null bodies when calling Response::bytes_stream(). -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 10 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.6.6-2 - Run most of the tests * Tue Jun 10 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.6.6-1 - Update to version 0.6.6; Fixes RHBZ#2364896 * Sun Jan 19 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.6.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2364896 - rust-tower-http-0.6.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=2364896 [ 2 ] Bug #2368791 - rust-hyper-util-0.1.14 is available https://bugzilla.redhat.com/show_bug.cgi?id=2368791 [ 3 ] Bug #2368855 - rust-reqwest-0.12.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=2368855 -------------------------------------------------------------------------------- ================================================================================ rust-zlib-rs-0.5.1-1.el9 (FEDORA-EPEL-2025-2f0978e6de) Memory-safe zlib implementation written in rust -------------------------------------------------------------------------------- Update Information: Update rust-zlib-rs and rust-libz-rs-sys to 0.5.1: https://github.com/trifectatechfoundation/zlib-rs/releases/tag/v0.5.1 -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 9 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.5.1-1 - Update to version 0.5.1; Fixes RHBZ#2370704 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2370620 - rust-libz-rs-sys-0.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2370620 [ 2 ] Bug #2370704 - rust-zlib-rs-0.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2370704 -------------------------------------------------------------------------------- ================================================================================ trafficserver-9.2.11-1.el9 (FEDORA-EPEL-2025-4894f0196b) Fast, scalable and extensible HTTP/1.1 and HTTP/2 caching proxy server -------------------------------------------------------------------------------- Update Information: Changes with Apache Traffic Server 9.2.11 #12169 - 9.2.x: fix libyaml for gcc 15, and cherry-pick fedora:42 updates #12294 - Add a setting to choose the data source of IP address for ACL #12296 - Add max inclusion support to esi plugin for 9.2.x -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 17 2025 Jered Floyd <jered@xxxxxxxxxx> 9.2.11-1 - Update to upstream 9.2.11 -------------------------------------------------------------------------------- ================================================================================ yubico-piv-tool-2.7.1-3.el9 (FEDORA-EPEL-2025-a5413a5883) Tool for interacting with the PIV applet on a YubiKey -------------------------------------------------------------------------------- Update Information: Rebase EPEL9 version to current Fedora Rawhide -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 23 2025 Cristian Le <git@xxxxxxxxxx> - 2.7.1-3 - Allow CMake build with ninja generator * Sun Jan 19 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.7.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild * Fri Dec 20 2024 Jakub Jelen <jjelen@xxxxxxxxxx> - 2.7.1-1 - New upstream release fixing x390x build (#2333288) * Thu Dec 19 2024 Jakub Jelen <jjelen@xxxxxxxxxx> - 2.7.0-1 - New upstream release (#2333288) * Thu Sep 12 2024 Jakub Jelen <jjelen@xxxxxxxxxx> - 2.6.1-1 - New upstream release (#2311937) * Thu Aug 22 2024 Jakub Jelen <jjelen@xxxxxxxxxx> - 2.6.0-1 - New upstream release (#2306797) * Thu Jul 25 2024 Miroslav Suchý <msuchy@xxxxxxxxxx> - 2.5.2-3 - convert license to SPDX * Sat Jul 20 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.5.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Tue May 7 2024 Jakub Jelen <jjelen@xxxxxxxxxx> - 2.5.2-1 - New upstream release (#2279499) * Wed Feb 14 2024 Jakub Jelen <jjelen@xxxxxxxxxx> - 2.5.1-1 - New upstream release (#2264044) * Thu Feb 1 2024 Jakub Jelen <jjelen@xxxxxxxxxx> - 2.5.0-1 - New upstream release supporting larger RSA keys and ED25519 and X25519 (#2262179) * Sat Jan 27 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.4.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Mon Dec 11 2023 Jakub Jelen <jjelen@xxxxxxxxxx> - 2.4.2-1 - New upstream release related to the previous issue (#2253499) * Wed Dec 6 2023 Jakub Jelen <jjelen@xxxxxxxxxx> - 2.4.1-1 - Fix the build for i686 architecture (#2252823) * Tue Dec 5 2023 Jakub Jelen <jjelen@xxxxxxxxxx> - 2.4.0-1 - New upstream release (#2252823) * Sat Jul 22 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.3.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild --------------------------------------------------------------------------------
-- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
