https://fedoraproject.org/wiki/Changes/RelocateRPMToUsr
== Summary ==
Currently, the RPM databases is located in `/var`. Let's move it to
`/usr`. The move is already under way in rpm-ostree-based
installations, and in (open)SUSE.
== Owner ==
* Name: [[User:chrismurphy| Chris Murphy]], [[User:Salimma|Michel
Alexandre Salim]], [[User:Ngompa|Neal Gompa]]
* Email: bugzilla@colorremedies.com, michel@michel-slm.name, ngompa13@gmail.com
== Detailed Description ==
=== Current location ===
<pre>/var/lib/rpm</pre>
=== New location ===
<pre>/usr/lib/sysimage/rpm</pre>
<code>/var/lib/rpm</code> will be a symlink pointing to
<code>/usr/lib/sysimage/rpm</code>
Changing the file system layout to accommodate a snapshot+rollback
regime is implied, but not required by this proposal. For example,
Fedora has long placed `/home` on a separate subvolume (or file
system) so it can be isolated from system root. Likewise, it makes
sense to isolate `/var/log` and possibly `/var/lib/libvirt/images` so
these locations continue to carry forward in time, even if the system
root does a rollback.
== Feedback ==
There will be no change to DNF as part of this change proposal. DNF's
history will remain in `/var` until DNF 5. Discussion continues about
the effect of a snapshot+rollback regime on DNF history.
[http://lists.rpm.org/pipermail/rpm-ecosystem/2021-December/000769.html
Relocate DNF history to /usr.]
Upstream RPM accept the change, but institutionally don't like the
loss or weakening of a
[http://lists.rpm.org/pipermail/rpm-ecosystem/2021-December/000781.html
very well known location] for the database, and
[http://lists.rpm.org/pipermail/rpm-ecosystem/2021-December/000781.html
anticipate complaints].
== Benefit to Fedora ==
* The RPM database primarily describes the state of `/usr`. Storing
the databases in `/usr` will more easily facilitate OS rollback,
without affecting `/var`.
* Helps align Fedora variants with each other
** rpm-ostree based systems (including CoreOS, IoT, Silverblue,
Kinoite) already use `/usr/lib/sysimage` for rpmdb.
* Consistency with another RPM-based distro, (open)SUSE has made this change
* Accounts for various snapshot+rollback regimes, i.e. it's a
beneficial change whether Btrfs or device-mapper based regimes.
== Scope ==
* Proposal owners:
** changes in rpm package
*** create the new path
*** create a symlink for the old path pointing to new path
* Other developers:
** changes in SElinux policy
* Release engineering: [https://pagure.io/releng/issue/10441 #Releng
issue 10441]
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with Objectives:
== Upgrade/compatibility impact ==
Change will be applied to offline upgrades, similar to the RPM sqlite
database change. A systemd service will move the rpmdb from /var to
/usr, then create a symlink pointing to /usr from /var.
# Create `/usr/lib/sysimage/rpm` (rpm package will do this at preinst)
# Create symlinks in `/usr/lib/sysimage/rpm/` pointing to files in
`/var/lib/rpm/` (rpm package will do this at preinst)
# Change the dbpath in `/usr/lib/rpm/macros` to
`/usr/lib/sysimage/rpm` (rpm package will be patched to do this on
F36+)
# Request rpm rebuild the database (done via systemd service)
# Remove `/var/lib/rpm` and create a symlink `/var/lib/rpm` ->
`/usr/lib/sysimage/rpm` (done via systemd service)
== How To Test ==
# Perform a new clean install, or upgrade a system
# Check that `/var/lib/rpm` is a symlink to `/usr/lib/sysimage/rpm`
# Check that `/usr/lib/sysimage/rpm` is populated with at least
`rpmdb.sqlite`, possibly also `rpmdb.sqlite-shm` and
`rpmdb.sqlite-wal`
# Confirm `rpm -q <package>` and/or `rpm -qa` still work
== User Experience ==
* symlink `/var/lib/rpm` -> `/usr/lib/sysimage/rpm`
Otherwise, the change should be invisible to users.
== Dependencies ==
* `rpm-ostree` probably should make `/usr/share/rpm` a symlink to
`/usr/lib/sysimage/rpm`, rather than the reverse as it is currently.
* `PackageKit` might use inotify on `/var/lib/rpm` need to check if it
does and whether it should be changed or add the additional path
== Contingency Plan ==
* Contingency mechanism: Revert the change, try again the next Fedora release.
* Contingency deadline: Beta freeze
* Blocks release? Yes
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Wednesday, December 29, 2021
F36 Change: Hunspell Dictionary dir change (System-Wide Change proposal)
https://fedoraproject.org/wiki/Changes/Hunspell_dictionary_dir_change
== Summary ==
Update Hunspell Dictionary system directory from /usr/share/myspell/
to /usr/share/hunspell/
== Owner ==
* Name: [[User:vishalvvr| Vishal Vijayraghavan]]
* Email: <vishalvvr@fedoraproject.org>
== Detailed Description ==
In most of Linux distributions the standard Hunspell dictionary path
is `/usr/share/hunspell/` but in Fedora still has
`/usr/share/myspell/`. This effort is to follow default standard to
install all Hunspell dictionary into `/usr/share/hunspell/` instead of
`/usr/share/myspell/`.
== Benefit to Fedora ==
This will future proof Fedora to use the correct current location for
hunspell spelling dictionaries.
== Scope ==
* Proposal owners:
In total there are `135` packages which is to be updated. libreoffice
& Firefox are the two main applications and rest are mostly language
dictionary packages.
* Other developers:
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with Objectives:
== Upgrade/compatibility impact ==
== How To Test ==
1. Check if default installed dictionary path is
`/usr/share/hunspell/` instead of `/usr/share/myspell/`
`$ hunspell -D` or `$ ls /usr/share/hunspell/`
2. Install any language dictionary and check if it getting installed
into '/usr/share/hunspell/'
`$ dnf install hunspell-hi`
`$ hunspell -D`
== User Experience ==
User should not notice any difference: their applications should
continue to work as expected after this directory migration.
== Dependencies ==
== Contingency Plan ==
* Contingency mechanism: revert release back to /usr/share/myspell
* Contingency deadline: Beta
* Blocks release? No
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
== Summary ==
Update Hunspell Dictionary system directory from /usr/share/myspell/
to /usr/share/hunspell/
== Owner ==
* Name: [[User:vishalvvr| Vishal Vijayraghavan]]
* Email: <vishalvvr@fedoraproject.org>
== Detailed Description ==
In most of Linux distributions the standard Hunspell dictionary path
is `/usr/share/hunspell/` but in Fedora still has
`/usr/share/myspell/`. This effort is to follow default standard to
install all Hunspell dictionary into `/usr/share/hunspell/` instead of
`/usr/share/myspell/`.
== Benefit to Fedora ==
This will future proof Fedora to use the correct current location for
hunspell spelling dictionaries.
== Scope ==
* Proposal owners:
In total there are `135` packages which is to be updated. libreoffice
& Firefox are the two main applications and rest are mostly language
dictionary packages.
* Other developers:
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with Objectives:
== Upgrade/compatibility impact ==
== How To Test ==
1. Check if default installed dictionary path is
`/usr/share/hunspell/` instead of `/usr/share/myspell/`
`$ hunspell -D` or `$ ls /usr/share/hunspell/`
2. Install any language dictionary and check if it getting installed
into '/usr/share/hunspell/'
`$ dnf install hunspell-hi`
`$ hunspell -D`
== User Experience ==
User should not notice any difference: their applications should
continue to work as expected after this directory migration.
== Dependencies ==
== Contingency Plan ==
* Contingency mechanism: revert release back to /usr/share/myspell
* Contingency deadline: Beta
* Blocks release? No
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
F36 Change: Default To Noto Fonts (System-Wide Change proposal)
https://fedoraproject.org/wiki/Changes/DefaultToNotoFonts
== Summary ==
Changing the default fonts for various languages to Noto Fonts as much
as possible, to make consistency on the text rendering.
== Owner ==
* Name: [[User:Tagoh|Akira TAGOH]]
* Email: <tagoh@redhat.com>
== Detailed Description ==
For a long time we have used DejaVu fonts as the default font for
European and other language scripts. On the other hand some language
scripts are not covered by DejaVu and hence have other default fonts.
(A few languages like Chinese, Japanese and Korean, as well as
Gurmukhi, Sinhala, and emoji are already using Noto fonts by default
for some time.) This situation leads to inconsistencies in text
rendering on applications and desktops, particularly when mixing
different character sets. Further Noto fonts bring some further
advantages: the fonts are generally higher quality and support
variable fonts for most scripts, making them more compact.
This change aims to provide better experience and consistent text
rendering across more languages by replacing DejaVu with Noto as the
general system default set of fonts.
The following packages will be installed by default to replace
DejaVu's coverage:
* google-noto-sans-vf-fonts
* google-noto-serif-vf-fonts
* google-noto-sans-mono-vf-fonts
* google-noto-sans-arabic-vf-fonts
* google-noto-sans-cherokee-vf-fonts
* google-noto-sans-thaana-vf-fonts
* google-noto-sans-hebrew-vf-fonts
* google-noto-rashi-hebrew-vf-fonts
* google-noto-sans-math-vf-fonts
* google-noto-sans-armenian-vf-fonts
* google-noto-serif-armenian-vf-fonts
* google-noto-sans-canadian-aboriginal-vf-fonts
* google-noto-sans-georgian-vf-fonts
* google-noto-serif-georgian-vf-fonts
* google-noto-sans-lao-vf-fonts
* google-noto-serif-lao-vf-fonts
* google-noto-serif-gurmukhi-vf-fonts
* google-noto-serif-sinhala-vf-fonts
And you can check
[https://tagoh.fedorapeople.org/fonts/noto/f36-noto.html the table] to
see what languages will be affected by this change.
== Benefit to Fedora ==
We would get better text rendering on applications and desktops. Also
this change should save about 6MB on the fresh install.
<pre>
$ rpm -qlv dejavu-sans-fonts dejavu-serif-fonts dejavu-sans-mono-fonts
| awk 'BEGIN{a=0}{a+=$5}END{print a}'
10789272</pre>
<pre>
$ rpm -qlv google-noto-sans-vf-fonts google-noto-serif-vf-fonts
google-noto-sans-mono-vf-fonts google-noto-sans-arabic-vf-fonts
google-noto-sans-cherokee-vf-fonts google-noto-sans-thaana-vf-fonts
google-noto
-sans-hebrew-vf-fonts google-noto-rashi-hebrew-vf-fonts
google-noto-sans-math-vf-fonts google-noto-sans-armenian-vf-f
onts google-noto-serif-armenian-vf-fonts
google-noto-sans-canadian-aboriginal-vf-fonts
google-noto-sans-georgian-vf-f
onts google-noto-serif-georgian-vf-fonts google-noto-sans-lao-vf-fonts
google-noto-serif-lao-vf-fonts google-noto-serif-gurmukhi-vf-fonts
google-noto-serif-sinhala-vf-fonts | awk 'BEGIN{a=0}{a+=$5}END{print
a}'
4753340
</pre>
== Scope ==
* Proposal owners:
** Update google-noto-fonts and dejavu-fonts to change the priority
for fontconfig config.
** Update langpacks to update the dependency.
** Update comps to make Noto fonts default.
** Update lorax templates related to DejaVu.
** Update fontconfig to change the order of fonts in the builtin config.
* Other developers:
** Packagers who owns packages implicitly expects DejaVu is installed
by default will needs to update the dependency for them.
* Release engineering: [https://pagure.io/releng/issue/10492 #10492]
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with Objectives:
== Upgrade/compatibility impact ==
The migration will be done by updating langpacks. after upgrading and
rebooting, the default font will be Noto instead of DejaVu.
Since this change aims to switch non-variable fonts to variable fonts,
it may not works with legacy applications as expected such as missing
some variants. in that case, you can install non-variable fonts
packages. the package name will be similar and simply drop `-vf` from
the variable fonts packages.
== How To Test ==
* This change can be simply tested by `fc-match` command like
`fc-match sans:lang=<your langauge>`, `fc-match serif:lang=<your
language>` and `fc-match monospace:lang=<your language>`. You can
check the expected result from
[https://tagoh.fedorapeople.org/fonts/noto/f36-noto.html the table].
* Test the text rendering in your favorite application, which use the
system default font.
== User Experience ==
Users will see the default font is changed to Noto by this change
except for some languages which has much better quality of fonts.
== Dependencies ==
Only dejavu-fonts, langpacks, and fontconfig are required to update.
Other packages which explicitly has a dependency to dejavu-fonts are
basicaly optional to update.
== Contingency Plan ==
* Contingency mechanism: Revert the relevant packages updated.
* Contingency deadline: Beta freeze
* Blocks release? No
== Documentation ==
None.
== Release Notes ==
The default fonts for most languages will be Google Noto fonts instead
of DejaVu, to keep consistency on the text rendering and to provide
better quality among languages.
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
== Summary ==
Changing the default fonts for various languages to Noto Fonts as much
as possible, to make consistency on the text rendering.
== Owner ==
* Name: [[User:Tagoh|Akira TAGOH]]
* Email: <tagoh@redhat.com>
== Detailed Description ==
For a long time we have used DejaVu fonts as the default font for
European and other language scripts. On the other hand some language
scripts are not covered by DejaVu and hence have other default fonts.
(A few languages like Chinese, Japanese and Korean, as well as
Gurmukhi, Sinhala, and emoji are already using Noto fonts by default
for some time.) This situation leads to inconsistencies in text
rendering on applications and desktops, particularly when mixing
different character sets. Further Noto fonts bring some further
advantages: the fonts are generally higher quality and support
variable fonts for most scripts, making them more compact.
This change aims to provide better experience and consistent text
rendering across more languages by replacing DejaVu with Noto as the
general system default set of fonts.
The following packages will be installed by default to replace
DejaVu's coverage:
* google-noto-sans-vf-fonts
* google-noto-serif-vf-fonts
* google-noto-sans-mono-vf-fonts
* google-noto-sans-arabic-vf-fonts
* google-noto-sans-cherokee-vf-fonts
* google-noto-sans-thaana-vf-fonts
* google-noto-sans-hebrew-vf-fonts
* google-noto-rashi-hebrew-vf-fonts
* google-noto-sans-math-vf-fonts
* google-noto-sans-armenian-vf-fonts
* google-noto-serif-armenian-vf-fonts
* google-noto-sans-canadian-aboriginal-vf-fonts
* google-noto-sans-georgian-vf-fonts
* google-noto-serif-georgian-vf-fonts
* google-noto-sans-lao-vf-fonts
* google-noto-serif-lao-vf-fonts
* google-noto-serif-gurmukhi-vf-fonts
* google-noto-serif-sinhala-vf-fonts
And you can check
[https://tagoh.fedorapeople.org/fonts/noto/f36-noto.html the table] to
see what languages will be affected by this change.
== Benefit to Fedora ==
We would get better text rendering on applications and desktops. Also
this change should save about 6MB on the fresh install.
<pre>
$ rpm -qlv dejavu-sans-fonts dejavu-serif-fonts dejavu-sans-mono-fonts
| awk 'BEGIN{a=0}{a+=$5}END{print a}'
10789272</pre>
<pre>
$ rpm -qlv google-noto-sans-vf-fonts google-noto-serif-vf-fonts
google-noto-sans-mono-vf-fonts google-noto-sans-arabic-vf-fonts
google-noto-sans-cherokee-vf-fonts google-noto-sans-thaana-vf-fonts
google-noto
-sans-hebrew-vf-fonts google-noto-rashi-hebrew-vf-fonts
google-noto-sans-math-vf-fonts google-noto-sans-armenian-vf-f
onts google-noto-serif-armenian-vf-fonts
google-noto-sans-canadian-aboriginal-vf-fonts
google-noto-sans-georgian-vf-f
onts google-noto-serif-georgian-vf-fonts google-noto-sans-lao-vf-fonts
google-noto-serif-lao-vf-fonts google-noto-serif-gurmukhi-vf-fonts
google-noto-serif-sinhala-vf-fonts | awk 'BEGIN{a=0}{a+=$5}END{print
a}'
4753340
</pre>
== Scope ==
* Proposal owners:
** Update google-noto-fonts and dejavu-fonts to change the priority
for fontconfig config.
** Update langpacks to update the dependency.
** Update comps to make Noto fonts default.
** Update lorax templates related to DejaVu.
** Update fontconfig to change the order of fonts in the builtin config.
* Other developers:
** Packagers who owns packages implicitly expects DejaVu is installed
by default will needs to update the dependency for them.
* Release engineering: [https://pagure.io/releng/issue/10492 #10492]
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with Objectives:
== Upgrade/compatibility impact ==
The migration will be done by updating langpacks. after upgrading and
rebooting, the default font will be Noto instead of DejaVu.
Since this change aims to switch non-variable fonts to variable fonts,
it may not works with legacy applications as expected such as missing
some variants. in that case, you can install non-variable fonts
packages. the package name will be similar and simply drop `-vf` from
the variable fonts packages.
== How To Test ==
* This change can be simply tested by `fc-match` command like
`fc-match sans:lang=<your langauge>`, `fc-match serif:lang=<your
language>` and `fc-match monospace:lang=<your language>`. You can
check the expected result from
[https://tagoh.fedorapeople.org/fonts/noto/f36-noto.html the table].
* Test the text rendering in your favorite application, which use the
system default font.
== User Experience ==
Users will see the default font is changed to Noto by this change
except for some languages which has much better quality of fonts.
== Dependencies ==
Only dejavu-fonts, langpacks, and fontconfig are required to update.
Other packages which explicitly has a dependency to dejavu-fonts are
basicaly optional to update.
== Contingency Plan ==
* Contingency mechanism: Revert the relevant packages updated.
* Contingency deadline: Beta freeze
* Blocks release? No
== Documentation ==
None.
== Release Notes ==
The default fonts for most languages will be Google Noto fonts instead
of DejaVu, to keep consistency on the text rendering and to provide
better quality among languages.
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Monday, December 27, 2021
[arch-announce] libxml2>=2.9.12-6 update may require manual intervention
The libxml2 package prior to version 2.9.12-6 was missing the compiled python modules. This has been fixed in 2.9.12-6, so the upgrade may need to overwrite any untracked pyc files created. If you get errors like these
libxml2: /usr/lib/python3.10/site-packages/__pycache__/drv_libxml2.cpython-310.opt-1.pyc exists in filesystem
libxml2: /usr/lib/python3.10/site-packages/__pycache__/drv_libxml2.cpython-310.pyc exists in filesystem
libxml2: /usr/lib/python3.10/site-packages/__pycache__/libxml2.cpython-310.opt-1.pyc exists in filesystem
libxml2: /usr/lib/python3.10/site-packages/__pycache__/libxml2.cpython-310.pyc exists in filesystem
when updating, use
pacman -Syu --overwrite /usr/lib/python3.10/site-packages/__pycache__/\*
to perform the upgrade.
URL: https://archlinux.org/news/libxml22912-6-update-may-require-manual-intervention/
_______________________________________________
arch-announce mailing list
arch-announce@lists.archlinux.org
https://lists.archlinux.org/listinfo/arch-announce
libxml2: /usr/lib/python3.10/site-packages/__pycache__/drv_libxml2.cpython-310.opt-1.pyc exists in filesystem
libxml2: /usr/lib/python3.10/site-packages/__pycache__/drv_libxml2.cpython-310.pyc exists in filesystem
libxml2: /usr/lib/python3.10/site-packages/__pycache__/libxml2.cpython-310.opt-1.pyc exists in filesystem
libxml2: /usr/lib/python3.10/site-packages/__pycache__/libxml2.cpython-310.pyc exists in filesystem
when updating, use
pacman -Syu --overwrite /usr/lib/python3.10/site-packages/__pycache__/\*
to perform the upgrade.
URL: https://archlinux.org/news/libxml22912-6-update-may-require-manual-intervention/
_______________________________________________
arch-announce mailing list
arch-announce@lists.archlinux.org
https://lists.archlinux.org/listinfo/arch-announce
Thursday, December 23, 2021
Upcoming downtime for Fedora Discussion (~ Dec 27-Jan 1)
Almost three years ago, we moved the existing Ask Fedora site from an
engine which attempted to replicate Stack Exchange to a new system (the
current [Ask Fedora]) based on [Discourse], a modern open source web
forum platform. We had some frustrations with the software, and the
Stack-Exchange-like approach wasn't really working for us. This has
been a huge success, and the new Ask is incredibly popular.
At the same time, we also tried an experiment — we set up [Fedora
Discussion] as a parallel site for community and project conversations.
This goes hand-in-hand with the (soft-launch, but we're getting there)
[Matrix]-based [Fedora Chat] service — Discussion for longer-form,
long-lasting asynchronous communication, and Chat for synchronous
connections.
This experiment has gone well, and we have solid and increasing use,
with several different Fedora teams (including Fedora Council and
CommOps) making it their primary place for communication. We've had
some nice improvements over time as we've learned to use the system
(not to mention a nice new logo from Máirín Duffy and the Fedora Design
Team). But, the site's basic structure is still what we arbitrarily
came up with when we first launched it: kind of a mishmash of
categories and concepts. As we've had more requests to use the site,
it's become increasingly clear that these early decisions don't match
what we need.
So, I'm going to take the opportunity of the end-of-year break to do a
big reorganization. You can read the [background and details], and
[follow along with my task-list] if you like. The important details
are: I'm going to do most of the work behind the scenes on a temporary
staging site, but there's a lot of shuffling so I'm not sure how long
it will take. I plan to put the **current site into read-only mode on
the 27th or 28th of December, and have it back up and running by
January 1st**.
When that's done, we'll have a structure that will better handle
discussion in all the different areas and teams that comprise the whole
Fedora Project. I expect this to continue to grow in the years to come,
as part of our [overall effort to keep Fedora relevant and growing].
(Of course, [HyperKitty] is still there for more traditional mailing
lists — Discourse has a fairly decent email interaction model, but it's
definitely web-first in approach.) More about all of that when the new
site is in place and ready to show off!
(Oh, and one more thing — based on [discussion and broad community
consensus], we're actually planning to merge the two Discourse sites,
Ask and Discussion, so that we have both user and contributor
conversations close together. This reorganization will make that
easier, but we're not ready for that for a while yet.)
-- Matthew
[Ask Fedora]: https://ask.fedoraproject.org/
[Discourse]: https://www.discourse.org/
[Fedora Discussion]: https://discussion.fedoraproject.org/
[Matrix]: https://matrix.org/discover/
[Fedora Chat]: https://chat.fedoraproject.org/
[background and details]: https://discussion.fedoraproject.org/t/considering-a-general-reorganization-of-this-site/34174
[follow along with my task-list]: https://ask.fedoraproject.org/t/task-list-for-fedora-discussion-reorganization/19304
[overall effort to keep Fedora relevant and growing]: https://discussion.fedoraproject.org/t/fedora-in-2025-what-do-we-want-and-how-will-we-get-there/35258/23
[HyperKitty]: https://lists.fedoraproject.org/archives/
[discussion and broad community consensus]: https://ask.fedoraproject.org/t/considering-a-merge-into-discussion-fedoraproject-org/18941
--
Matthew Miller
<mattdm@fedoraproject.org>
Fedora Project Leader
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
engine which attempted to replicate Stack Exchange to a new system (the
current [Ask Fedora]) based on [Discourse], a modern open source web
forum platform. We had some frustrations with the software, and the
Stack-Exchange-like approach wasn't really working for us. This has
been a huge success, and the new Ask is incredibly popular.
At the same time, we also tried an experiment — we set up [Fedora
Discussion] as a parallel site for community and project conversations.
This goes hand-in-hand with the (soft-launch, but we're getting there)
[Matrix]-based [Fedora Chat] service — Discussion for longer-form,
long-lasting asynchronous communication, and Chat for synchronous
connections.
This experiment has gone well, and we have solid and increasing use,
with several different Fedora teams (including Fedora Council and
CommOps) making it their primary place for communication. We've had
some nice improvements over time as we've learned to use the system
(not to mention a nice new logo from Máirín Duffy and the Fedora Design
Team). But, the site's basic structure is still what we arbitrarily
came up with when we first launched it: kind of a mishmash of
categories and concepts. As we've had more requests to use the site,
it's become increasingly clear that these early decisions don't match
what we need.
So, I'm going to take the opportunity of the end-of-year break to do a
big reorganization. You can read the [background and details], and
[follow along with my task-list] if you like. The important details
are: I'm going to do most of the work behind the scenes on a temporary
staging site, but there's a lot of shuffling so I'm not sure how long
it will take. I plan to put the **current site into read-only mode on
the 27th or 28th of December, and have it back up and running by
January 1st**.
When that's done, we'll have a structure that will better handle
discussion in all the different areas and teams that comprise the whole
Fedora Project. I expect this to continue to grow in the years to come,
as part of our [overall effort to keep Fedora relevant and growing].
(Of course, [HyperKitty] is still there for more traditional mailing
lists — Discourse has a fairly decent email interaction model, but it's
definitely web-first in approach.) More about all of that when the new
site is in place and ready to show off!
(Oh, and one more thing — based on [discussion and broad community
consensus], we're actually planning to merge the two Discourse sites,
Ask and Discussion, so that we have both user and contributor
conversations close together. This reorganization will make that
easier, but we're not ready for that for a while yet.)
-- Matthew
[Ask Fedora]: https://ask.fedoraproject.org/
[Discourse]: https://www.discourse.org/
[Fedora Discussion]: https://discussion.fedoraproject.org/
[Matrix]: https://matrix.org/discover/
[Fedora Chat]: https://chat.fedoraproject.org/
[background and details]: https://discussion.fedoraproject.org/t/considering-a-general-reorganization-of-this-site/34174
[follow along with my task-list]: https://ask.fedoraproject.org/t/task-list-for-fedora-discussion-reorganization/19304
[overall effort to keep Fedora relevant and growing]: https://discussion.fedoraproject.org/t/fedora-in-2025-what-do-we-want-and-how-will-we-get-there/35258/23
[HyperKitty]: https://lists.fedoraproject.org/archives/
[discussion and broad community consensus]: https://ask.fedoraproject.org/t/considering-a-merge-into-discussion-fedoraproject-org/18941
--
Matthew Miller
<mattdm@fedoraproject.org>
Fedora Project Leader
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Tuesday, December 21, 2021
[CentOS-announce] CESA-2021:5192 Important CentOS 7 samba Security Update
CentOS Errata and Security Advisory 2021:5192 Important
Upstream details at : https://access.redhat.com/errata/RHSA-2021:5192
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
9e8882a42b481017ad43c670ac8c75a3a878d804f43f7716f685798813397a3f ctdb-4.10.16-17.el7_9.x86_64.rpm
d12d34da150d926afed7f5810b9ebdc562f483d0100cdce78091fd464612301d ctdb-tests-4.10.16-17.el7_9.x86_64.rpm
07502ee4563c4bdc09b8d0b67eba7577aae0d6c871501af53b038aad8812d391 libsmbclient-4.10.16-17.el7_9.i686.rpm
e28f306d4893ec7a68589345b053be93e9d807543f263f0bbfd81eacefbc4c10 libsmbclient-4.10.16-17.el7_9.x86_64.rpm
b3350c79767fa9a0a0ac49e9e26cb2d6f221c594bddb72ca5a870a8d7661e0f1 libsmbclient-devel-4.10.16-17.el7_9.i686.rpm
36410412b59ca22b5708b34c6f8dafdb38024efff345c20c4dc28c75a7eb8a0a libsmbclient-devel-4.10.16-17.el7_9.x86_64.rpm
fe31962a7aaae275d7dcbf9efe7364a94ada762b968513d3d783f9e763f8441b libwbclient-4.10.16-17.el7_9.i686.rpm
3fc9b311cc6984896d03711ca684b967577d4370b4c5b037efe81245cfc9a5f2 libwbclient-4.10.16-17.el7_9.x86_64.rpm
09cd4a65244763f9c5d860969f9294414316cc0b7472539300921b5021a3a048 libwbclient-devel-4.10.16-17.el7_9.i686.rpm
39b34f1245a4dd4e09703d7a8fa93bb27414f909eb7514764f934e9248878ee3 libwbclient-devel-4.10.16-17.el7_9.x86_64.rpm
c763f6d47ed5f33b5810818fd094773ac77ca94070088529b832a5189debe293 samba-4.10.16-17.el7_9.x86_64.rpm
4cab2e9389c0bda9927bc8ffb3f5843f6888147fd2ee09109c97a50a8e313dfa samba-client-4.10.16-17.el7_9.x86_64.rpm
594bfd4b3bb5ccb47a34df5c0220769ae40a50c53152652adbcf1803d747d0f3 samba-client-libs-4.10.16-17.el7_9.i686.rpm
5d4abbc89df8da961aa64935f5a986b89626f1f1e99a8728467557a6b761decf samba-client-libs-4.10.16-17.el7_9.x86_64.rpm
ac7d75cd25f6bfa86cdc28cc1059d66db9ae1f53bd0df0d2e026116587b508b0 samba-common-4.10.16-17.el7_9.noarch.rpm
21fa1a95375af231395873580adb9f748d65f91c14f7835244aed1cbf60db644 samba-common-libs-4.10.16-17.el7_9.i686.rpm
46b7ac1c6e8834a1d46051b922ee8bd78569b89c91a40bac7b9886b7f75ed974 samba-common-libs-4.10.16-17.el7_9.x86_64.rpm
1fb9ef577f0e9e4a896981792189019932788dd1325084e83bf11f422ec11e55 samba-common-tools-4.10.16-17.el7_9.x86_64.rpm
793ed94885ccb91d3de9ac0ee3c6ae228181f6d4d90d6c2ba44aeecea596a647 samba-dc-4.10.16-17.el7_9.x86_64.rpm
0c9251da98f68e439285f3e9fe1d2564f460335667000f17d613cca5310aa954 samba-dc-libs-4.10.16-17.el7_9.x86_64.rpm
f086e1ae057782a612a9146ab15a673cb1fc1c351507f164527a1561fe1017e1 samba-devel-4.10.16-17.el7_9.i686.rpm
5a74a6ec4e7d6d8944913ada4270edb09c6f3b75a0b4caba77d076c07bc64964 samba-devel-4.10.16-17.el7_9.x86_64.rpm
18cd5d8d39b9aec1631228c86412a11eed902b967a26b6a64c816e4fcccaff89 samba-krb5-printing-4.10.16-17.el7_9.x86_64.rpm
1b20547bbbfca3c83fa9317da6351d845a3f6ee818efb377f5a74fe92ae5a2fd samba-libs-4.10.16-17.el7_9.i686.rpm
4aab05abd1b63222c6aa994c3754ec20a9d3258f4769449d5e105f718ba5f442 samba-libs-4.10.16-17.el7_9.x86_64.rpm
b6e908a5877e75ecf0c9f0d2e6230660232dc1176edac5fab3ea2fc7d9185753 samba-pidl-4.10.16-17.el7_9.noarch.rpm
622141e5636c218b10a59ecdbd66106cdad2a25b673f891edc0d4b61ac7965f8 samba-python-4.10.16-17.el7_9.i686.rpm
fcfcf89049ecf9f09cbf47f552ddb936bf74e4cd3537825f1c463ce4d4d50c66 samba-python-4.10.16-17.el7_9.x86_64.rpm
0c6ad74477b64388fb061cd59308e5053fb53c352648ac10728050169bb9ac48 samba-python-test-4.10.16-17.el7_9.x86_64.rpm
a7a8c48658f7054decf6176a5bd02e2d560ad065376f79744ce3f8843e7b5f6f samba-test-4.10.16-17.el7_9.x86_64.rpm
bcabaf0d5da539b375bef6f5b408b4c4ec6fb3c207f79f771b9a4349431144f7 samba-test-libs-4.10.16-17.el7_9.i686.rpm
bf842b8211bed6cacf365fa45198ae4376c511311e8e65daff8a87231424ed8f samba-test-libs-4.10.16-17.el7_9.x86_64.rpm
9aaf0e40133fe06566b60b7c5045d71204f986d2fb7aef8c6375d03c80b89120 samba-vfs-glusterfs-4.10.16-17.el7_9.x86_64.rpm
dfa0087b709a643d5c0cd08f474c7f4e2246be49e0ed748ef007f5903a31b544 samba-winbind-4.10.16-17.el7_9.x86_64.rpm
4985ef8243b405acb259897280bebdf83951ffe71af3db3fcf8140797602544b samba-winbind-clients-4.10.16-17.el7_9.x86_64.rpm
0adc9fe4603e83cc02d7181487b5982803e7d1ac319a09428f7f62c4b74d8d3d samba-winbind-krb5-locator-4.10.16-17.el7_9.x86_64.rpm
e2f69cb9ce06dc6e440ee55d4de796bbf6daa032c04f11a93e33ceae0d79eb9c samba-winbind-modules-4.10.16-17.el7_9.i686.rpm
416e2bda192d4d2ef653af8a613b3317548b4dffe2455e834970d920976316a3 samba-winbind-modules-4.10.16-17.el7_9.x86_64.rpm
Source:
3ce0ce2c6b7433fe2d4edf538c0687dacdaefc649533a7779a58a8f604757d36 samba-4.10.16-17.el7_9.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://access.redhat.com/errata/RHSA-2021:5192
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
9e8882a42b481017ad43c670ac8c75a3a878d804f43f7716f685798813397a3f ctdb-4.10.16-17.el7_9.x86_64.rpm
d12d34da150d926afed7f5810b9ebdc562f483d0100cdce78091fd464612301d ctdb-tests-4.10.16-17.el7_9.x86_64.rpm
07502ee4563c4bdc09b8d0b67eba7577aae0d6c871501af53b038aad8812d391 libsmbclient-4.10.16-17.el7_9.i686.rpm
e28f306d4893ec7a68589345b053be93e9d807543f263f0bbfd81eacefbc4c10 libsmbclient-4.10.16-17.el7_9.x86_64.rpm
b3350c79767fa9a0a0ac49e9e26cb2d6f221c594bddb72ca5a870a8d7661e0f1 libsmbclient-devel-4.10.16-17.el7_9.i686.rpm
36410412b59ca22b5708b34c6f8dafdb38024efff345c20c4dc28c75a7eb8a0a libsmbclient-devel-4.10.16-17.el7_9.x86_64.rpm
fe31962a7aaae275d7dcbf9efe7364a94ada762b968513d3d783f9e763f8441b libwbclient-4.10.16-17.el7_9.i686.rpm
3fc9b311cc6984896d03711ca684b967577d4370b4c5b037efe81245cfc9a5f2 libwbclient-4.10.16-17.el7_9.x86_64.rpm
09cd4a65244763f9c5d860969f9294414316cc0b7472539300921b5021a3a048 libwbclient-devel-4.10.16-17.el7_9.i686.rpm
39b34f1245a4dd4e09703d7a8fa93bb27414f909eb7514764f934e9248878ee3 libwbclient-devel-4.10.16-17.el7_9.x86_64.rpm
c763f6d47ed5f33b5810818fd094773ac77ca94070088529b832a5189debe293 samba-4.10.16-17.el7_9.x86_64.rpm
4cab2e9389c0bda9927bc8ffb3f5843f6888147fd2ee09109c97a50a8e313dfa samba-client-4.10.16-17.el7_9.x86_64.rpm
594bfd4b3bb5ccb47a34df5c0220769ae40a50c53152652adbcf1803d747d0f3 samba-client-libs-4.10.16-17.el7_9.i686.rpm
5d4abbc89df8da961aa64935f5a986b89626f1f1e99a8728467557a6b761decf samba-client-libs-4.10.16-17.el7_9.x86_64.rpm
ac7d75cd25f6bfa86cdc28cc1059d66db9ae1f53bd0df0d2e026116587b508b0 samba-common-4.10.16-17.el7_9.noarch.rpm
21fa1a95375af231395873580adb9f748d65f91c14f7835244aed1cbf60db644 samba-common-libs-4.10.16-17.el7_9.i686.rpm
46b7ac1c6e8834a1d46051b922ee8bd78569b89c91a40bac7b9886b7f75ed974 samba-common-libs-4.10.16-17.el7_9.x86_64.rpm
1fb9ef577f0e9e4a896981792189019932788dd1325084e83bf11f422ec11e55 samba-common-tools-4.10.16-17.el7_9.x86_64.rpm
793ed94885ccb91d3de9ac0ee3c6ae228181f6d4d90d6c2ba44aeecea596a647 samba-dc-4.10.16-17.el7_9.x86_64.rpm
0c9251da98f68e439285f3e9fe1d2564f460335667000f17d613cca5310aa954 samba-dc-libs-4.10.16-17.el7_9.x86_64.rpm
f086e1ae057782a612a9146ab15a673cb1fc1c351507f164527a1561fe1017e1 samba-devel-4.10.16-17.el7_9.i686.rpm
5a74a6ec4e7d6d8944913ada4270edb09c6f3b75a0b4caba77d076c07bc64964 samba-devel-4.10.16-17.el7_9.x86_64.rpm
18cd5d8d39b9aec1631228c86412a11eed902b967a26b6a64c816e4fcccaff89 samba-krb5-printing-4.10.16-17.el7_9.x86_64.rpm
1b20547bbbfca3c83fa9317da6351d845a3f6ee818efb377f5a74fe92ae5a2fd samba-libs-4.10.16-17.el7_9.i686.rpm
4aab05abd1b63222c6aa994c3754ec20a9d3258f4769449d5e105f718ba5f442 samba-libs-4.10.16-17.el7_9.x86_64.rpm
b6e908a5877e75ecf0c9f0d2e6230660232dc1176edac5fab3ea2fc7d9185753 samba-pidl-4.10.16-17.el7_9.noarch.rpm
622141e5636c218b10a59ecdbd66106cdad2a25b673f891edc0d4b61ac7965f8 samba-python-4.10.16-17.el7_9.i686.rpm
fcfcf89049ecf9f09cbf47f552ddb936bf74e4cd3537825f1c463ce4d4d50c66 samba-python-4.10.16-17.el7_9.x86_64.rpm
0c6ad74477b64388fb061cd59308e5053fb53c352648ac10728050169bb9ac48 samba-python-test-4.10.16-17.el7_9.x86_64.rpm
a7a8c48658f7054decf6176a5bd02e2d560ad065376f79744ce3f8843e7b5f6f samba-test-4.10.16-17.el7_9.x86_64.rpm
bcabaf0d5da539b375bef6f5b408b4c4ec6fb3c207f79f771b9a4349431144f7 samba-test-libs-4.10.16-17.el7_9.i686.rpm
bf842b8211bed6cacf365fa45198ae4376c511311e8e65daff8a87231424ed8f samba-test-libs-4.10.16-17.el7_9.x86_64.rpm
9aaf0e40133fe06566b60b7c5045d71204f986d2fb7aef8c6375d03c80b89120 samba-vfs-glusterfs-4.10.16-17.el7_9.x86_64.rpm
dfa0087b709a643d5c0cd08f474c7f4e2246be49e0ed748ef007f5903a31b544 samba-winbind-4.10.16-17.el7_9.x86_64.rpm
4985ef8243b405acb259897280bebdf83951ffe71af3db3fcf8140797602544b samba-winbind-clients-4.10.16-17.el7_9.x86_64.rpm
0adc9fe4603e83cc02d7181487b5982803e7d1ac319a09428f7f62c4b74d8d3d samba-winbind-krb5-locator-4.10.16-17.el7_9.x86_64.rpm
e2f69cb9ce06dc6e440ee55d4de796bbf6daa032c04f11a93e33ceae0d79eb9c samba-winbind-modules-4.10.16-17.el7_9.i686.rpm
416e2bda192d4d2ef653af8a613b3317548b4dffe2455e834970d920976316a3 samba-winbind-modules-4.10.16-17.el7_9.x86_64.rpm
Source:
3ce0ce2c6b7433fe2d4edf538c0687dacdaefc649533a7779a58a8f604757d36 samba-4.10.16-17.el7_9.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2021:5195 Moderate CentOS 7 ipa Security Update
CentOS Errata and Security Advisory 2021:5195 Moderate
Upstream details at : https://access.redhat.com/errata/RHSA-2021:5195
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
ff13cc6851b7555532b91dc5f8a9c7b73fb8f47f0f39be06ad101f6250c679c5 ipa-client-4.6.8-5.el7.centos.10.x86_64.rpm
779491f4aff62cb66747a794b7b823e9645eed730e157ff87a8425bfd96871c9 ipa-client-common-4.6.8-5.el7.centos.10.noarch.rpm
9a646552f12a087de4493fe8a4dfec0a5fb87521f568758c6136443c9644c22f ipa-common-4.6.8-5.el7.centos.10.noarch.rpm
47f19899e75c7c9a5b74f30643d69d0ccff2cf5451546d7ad1a727bccaaf0ea4 ipa-python-compat-4.6.8-5.el7.centos.10.noarch.rpm
ac419246df9921713ed1c65bf7621fa6b5266999545f33a73aab328bcd38d3f0 ipa-server-4.6.8-5.el7.centos.10.x86_64.rpm
505e596b1b77d05f545fd3684fbdd8591bf9ca308db67ff0a6b36dd0a1341c17 ipa-server-common-4.6.8-5.el7.centos.10.noarch.rpm
878d2dbcd884adb9e2de690242d04710df89bee67b51aa86e9468e01de78341b ipa-server-dns-4.6.8-5.el7.centos.10.noarch.rpm
58790e773666a310f1c4417f46de1fb127437bce225ed0d9cbf6b4a08054ae98 ipa-server-trust-ad-4.6.8-5.el7.centos.10.x86_64.rpm
341b7f6c5352eee2a98665ce78feaf6c4a52626e0322ce9b65c82f9e08190f7e python2-ipaclient-4.6.8-5.el7.centos.10.noarch.rpm
55921bf220651db8e53c670393336486760efc2eb102ac7de7bc83f6731698f6 python2-ipalib-4.6.8-5.el7.centos.10.noarch.rpm
e568d73cd1ea3df0a67fb17bceeae36b33a91af90d651ab33c4ae492f208ff32 python2-ipaserver-4.6.8-5.el7.centos.10.noarch.rpm
Source:
cfdc4deb7112fb2ce42791bf940d930732c0ddccbe4d9ac8c29ae83a296dcfb8 ipa-4.6.8-5.el7.centos.10.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://access.redhat.com/errata/RHSA-2021:5195
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
ff13cc6851b7555532b91dc5f8a9c7b73fb8f47f0f39be06ad101f6250c679c5 ipa-client-4.6.8-5.el7.centos.10.x86_64.rpm
779491f4aff62cb66747a794b7b823e9645eed730e157ff87a8425bfd96871c9 ipa-client-common-4.6.8-5.el7.centos.10.noarch.rpm
9a646552f12a087de4493fe8a4dfec0a5fb87521f568758c6136443c9644c22f ipa-common-4.6.8-5.el7.centos.10.noarch.rpm
47f19899e75c7c9a5b74f30643d69d0ccff2cf5451546d7ad1a727bccaaf0ea4 ipa-python-compat-4.6.8-5.el7.centos.10.noarch.rpm
ac419246df9921713ed1c65bf7621fa6b5266999545f33a73aab328bcd38d3f0 ipa-server-4.6.8-5.el7.centos.10.x86_64.rpm
505e596b1b77d05f545fd3684fbdd8591bf9ca308db67ff0a6b36dd0a1341c17 ipa-server-common-4.6.8-5.el7.centos.10.noarch.rpm
878d2dbcd884adb9e2de690242d04710df89bee67b51aa86e9468e01de78341b ipa-server-dns-4.6.8-5.el7.centos.10.noarch.rpm
58790e773666a310f1c4417f46de1fb127437bce225ed0d9cbf6b4a08054ae98 ipa-server-trust-ad-4.6.8-5.el7.centos.10.x86_64.rpm
341b7f6c5352eee2a98665ce78feaf6c4a52626e0322ce9b65c82f9e08190f7e python2-ipaclient-4.6.8-5.el7.centos.10.noarch.rpm
55921bf220651db8e53c670393336486760efc2eb102ac7de7bc83f6731698f6 python2-ipalib-4.6.8-5.el7.centos.10.noarch.rpm
e568d73cd1ea3df0a67fb17bceeae36b33a91af90d651ab33c4ae492f208ff32 python2-ipaserver-4.6.8-5.el7.centos.10.noarch.rpm
Source:
cfdc4deb7112fb2ce42791bf940d930732c0ddccbe4d9ac8c29ae83a296dcfb8 ipa-4.6.8-5.el7.centos.10.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2021:5206 Moderate CentOS 7 log4j Security Update
CentOS Errata and Security Advisory 2021:5206 Moderate
Upstream details at : https://access.redhat.com/errata/RHSA-2021:5206
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
cbc27f39937173e8134e59deb6baac91cea3e9497f76d2e139b4eb64bc1aade3 log4j-1.2.17-17.el7_4.noarch.rpm
9c006d26a3fc490337a403596c661c5f56ddf827bc6cbd0f2da8d9f0c325eeb9 log4j-javadoc-1.2.17-17.el7_4.noarch.rpm
6f168ecee0a2bbae92e0564565c3d22e1bae72f64557c32569a7bffd94b76ca4 log4j-manual-1.2.17-17.el7_4.noarch.rpm
Source:
bf4b560a10d0de496a8506c2f30116b123a5423345422da9eb2369a56655d13b log4j-1.2.17-17.el7_4.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://access.redhat.com/errata/RHSA-2021:5206
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
cbc27f39937173e8134e59deb6baac91cea3e9497f76d2e139b4eb64bc1aade3 log4j-1.2.17-17.el7_4.noarch.rpm
9c006d26a3fc490337a403596c661c5f56ddf827bc6cbd0f2da8d9f0c325eeb9 log4j-javadoc-1.2.17-17.el7_4.noarch.rpm
6f168ecee0a2bbae92e0564565c3d22e1bae72f64557c32569a7bffd94b76ca4 log4j-manual-1.2.17-17.el7_4.noarch.rpm
Source:
bf4b560a10d0de496a8506c2f30116b123a5423345422da9eb2369a56655d13b log4j-1.2.17-17.el7_4.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2021:5206 Moderate CentOS 7 log4j Security Update
CentOS Errata and Security Advisory 2021:5206 Moderate
Upstream details at : https://access.redhat.com/errata/RHSA-2021:5206
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://access.redhat.com/errata/RHSA-2021:5206
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
Orphaned packages looking for new maintainers
The following packages are orphaned and will be retired when they
are orphaned for six weeks, unless someone adopts them. If you know for sure
that the package should be retired, please do so now with a proper reason:
https://fedoraproject.org/wiki/How_to_remove_a_package_at_end_of_life
Note: If you received this mail directly you (co)maintain one of the affected
packages or a package that depends on one. Please adopt the affected package or
retire your depending package to avoid broken dependencies, otherwise your
package will fail to install and/or build when the affected package gets retired.
Request package ownership via the *Take* button in he left column on
https://src.fedoraproject.org/rpms/<pkgname>
Full report available at:
https://churchyard.fedorapeople.org/orphans-2021-12-21.txt
grep it for your FAS username and follow the dependency chain.
For human readable dependency chains,
see https://packager-dashboard.fedoraproject.org/
For all orphaned packages,
see https://packager-dashboard.fedoraproject.org/orphan
Package (co)maintainers Status Change
================================================================================
PyPAM orphan, tmraz 5 weeks ago
cptutils orphan 1 weeks ago
dans-gdal-scripts orphan 1 weeks ago
direvent orphan 3 weeks ago
e00compr orphan 1 weeks ago
esniper orphan 1 weeks ago
icedtea-web jvanek, omajid, orphan 2 weeks ago
js-termynal orphan 2 weeks ago
kexi kde-sig, orphan 4 weeks ago
libgda lkundrak, orphan 0 weeks ago
ocaml-atd orphan 1 weeks ago
plantuml gil, orphan 5 weeks ago
python-jenkins-job-builder ignatenkobrain, ktdreyer, 0 weeks ago
orphan, pabelanger
python-metaextract orphan 1 weeks ago
python-productivity orphan 3 weeks ago
ravada orphan 1 weeks ago
rust-biscuit orphan 1 weeks ago
rust-signature orphan 4 weeks ago
uddi4j galileo, orphan 2 weeks ago
umph orphan 5 weeks ago
wsdl4j akurtakov, mizdebsk, orphan 2 weeks ago
wsil4j galileo, orphan 2 weeks ago
xcf-pixbuf-loader orphan 1 weeks ago
The following packages require above mentioned packages:
Depending on: e00compr (1), status change: 2021-12-13 (1 weeks ago)
saga (maintained by: volter)
saga-7.6.1-10.fc36.src requires e00compr-devel = 1.0.1-25.fc35
Depending on: libgda (6), status change: 2021-12-14 (0 weeks ago)
anjuta (maintained by: gnome-sig, kalev, limb, moezroy, rakesh)
anjuta-1:3.34.0-11.fc36.src requires libgda-devel = 1:5.2.10-3.fc36
anjuta-1:3.34.0-11.fc36.x86_64 requires libgda-sqlite = 1:5.2.10-3.fc36
anjuta-libs-1:3.34.0-11.fc36.i686 requires libgda-5.0.so.4
anjuta-libs-1:3.34.0-11.fc36.x86_64 requires libgda-5.0.so.4()(64bit)
elementary-music (maintained by: decathorpe)
elementary-music-5.1.1-2.fc35.i686 requires libgda-5.0.so.4,
libgda-sqlite(x86-32) = 1:5.2.10-3.fc36
elementary-music-5.1.1-2.fc35.src requires pkgconfig(libgda-5.0) = 5.2.10
elementary-music-5.1.1-2.fc35.x86_64 requires libgda-5.0.so.4()(64bit),
libgda-sqlite(x86-64) = 1:5.2.10-3.fc36
gtranslator (maintained by: kaio, nacho)
gtranslator-40.0-2.fc35.src requires libgda-devel = 1:5.2.10-3.fc36
gtranslator-40.0-2.fc35.x86_64 requires libgda-5.0.so.4()(64bit),
libgda-sqlite(x86-64) = 1:5.2.10-3.fc36
libgdamm (maintained by: hguemar, spot)
libgdamm-4.99.11-12.fc35.i686 requires libgda-5.0.so.4
libgdamm-4.99.11-12.fc35.src requires libgda-bdb = 1:5.2.10-3.fc36,
libgda-devel = 1:5.2.10-3.fc36
libgdamm-4.99.11-12.fc35.x86_64 requires libgda-5.0.so.4()(64bit)
libgdamm-devel-4.99.11-12.fc35.i686 requires pkgconfig(libgda-5.0) = 5.2.10
libgdamm-devel-4.99.11-12.fc35.x86_64 requires pkgconfig(libgda-5.0) = 5.2.10
sequeler (maintained by: music)
sequeler-0.8.2-2.fc36.src requires pkgconfig(libgda-5.0) = 5.2.10
sequeler-0.8.2-2.fc36.x86_64 requires libgda-5.0.so.4()(64bit)
gtkpod (maintained by: chkr, limb)
gtkpod-2.1.5-18.fc35.i686 requires libanjuta-3.so.0
gtkpod-2.1.5-18.fc35.src requires anjuta-devel = 1:3.34.0-11.fc36
gtkpod-2.1.5-18.fc35.x86_64 requires libanjuta-3.so.0()(64bit)
gtkpod-devel-2.1.5-18.fc35.i686 requires pkgconfig(libanjuta-3.0) = 3.34.0
gtkpod-devel-2.1.5-18.fc35.x86_64 requires pkgconfig(libanjuta-3.0) = 3.34.0
Depending on: plantuml (1), status change: 2021-11-16 (5 weeks ago)
plantumlqeditor (maintained by: dwrobel)
plantumlqeditor-1.2-22.20170403git964d4ef.fc35.x86_64 requires plantuml =
1:1.2021.0-3.fc35
Depending on: uddi4j (1), status change: 2021-12-02 (2 weeks ago)
wsil4j (maintained by: galileo, orphan)
wsil4j-1.0-25.fc35.noarch requires mvn(org.uddi4j:uddi4j) = 2.0.5,
osgi(org.uddi4j) = 2.0.5
wsil4j-1.0-25.fc35.src requires uddi4j = 2.0.5-25.fc35
Depending on: wsdl4j (10), status change: 2021-12-02 (2 weeks ago)
tomcat (maintained by: coolsvap, csutherl, gzaronikas, huwang, van)
tomcat-1:9.0.56-1.fc36.src requires wsdl4j = 1.6.3-21.fc35
wsil4j (maintained by: galileo, orphan)
wsil4j-1.0-25.fc35.noarch requires mvn(wsdl4j:wsdl4j) = 1.6.3,
osgi(javax.wsdl) = 1.6.3
wsil4j-1.0-25.fc35.src requires wsdl4j = 1.6.3-21.fc35
dogtag-pki (maintained by: abbra, cdorney, cfu, cipherboy, ckelley, dmoluguw,
edewata, jmagne, kwright, mharmsen, vakwetu)
dogtag-pki-11.1.0-0.1.alpha2.fc36.src requires resteasy = 3.0.26-13.fc36,
tomcat = 1:9.0.56-1.fc36, tomcatjss = 8.0.0-1.fc36
dogtag-pki-server-11.1.0-0.1.alpha2.fc36.noarch requires tomcat =
1:9.0.56-1.fc36, tomcatjss = 8.0.0-1.fc36
dogtag-pki-java-11.1.0-0.1.alpha2.fc36.noarch requires resteasy-client =
3.0.26-13.fc36, resteasy-core = 3.0.26-13.fc36, resteasy-jackson2-provider =
3.0.26-13.fc36
javahelp2 (maintained by: omajid)
javahelp2-2.0.05-31.fc35.src requires tomcat-jsp-2.3-api = 1:9.0.56-1.fc36,
tomcat-servlet-4.0-api = 1:9.0.56-1.fc36
pki-core (maintained by: abbra, cdorney, cfu, cipherboy, ckelley, dmoluguw,
edewata, jmagne, kwright, mharmsen, vakwetu)
pki-core-11.0.0-0.2.alpha1.fc35.src requires resteasy = 3.0.26-13.fc36,
tomcat = 1:9.0.56-1.fc36, tomcatjss = 8.0.0-1.fc36
pki-server-11.0.0-0.2.alpha1.fc35.noarch requires tomcat = 1:9.0.56-1.fc36,
tomcatjss = 8.0.0-1.fc36
pki-base-java-11.0.0-0.2.alpha1.fc35.noarch requires resteasy-client =
3.0.26-13.fc36, resteasy-core = 3.0.26-13.fc36, resteasy-jackson2-provider =
3.0.26-13.fc36
resteasy (maintained by: cdorney, cfu, cipherboy, ckelley, dmoluguw, edewata,
jmagne, mharmsen, vakwetu)
pki-resteasy-core-3.0.26-13.fc36.noarch requires
mvn(org.apache.tomcat:tomcat-servlet-api) = 9.0.56
pki-resteasy-jackson2-provider-3.0.26-13.fc36.noarch requires
mvn(org.apache.tomcat:tomcat-servlet-api) = 9.0.56
resteasy-3.0.26-13.fc36.src requires
mvn(org.apache.tomcat:tomcat-servlet-api) = 9.0.56
portlet-2.0-api (maintained by: jjelen)
portlet-2.0-api-1.0-24.fc35.src requires
mvn(org.apache.tomcat:tomcat-servlet-api) = 9.0.56
tomcatjss (maintained by: cdorney, cfu, cipherboy, ckelley, dmoluguw, edewata,
jmagne, kwright, mharmsen, vakwetu)
tomcatjss-8.0.0-1.fc36.noarch requires tomcat = 1:9.0.56-1.fc36
tomcatjss-8.0.0-1.fc36.src requires tomcat = 1:9.0.56-1.fc36
openstack-java-sdk (maintained by: dominik, fsimonce)
openstack-java-resteasy-connector-3.2.9-7.fc34.noarch requires
mvn(org.jboss.resteasy:resteasy-jaxrs) = 3.0.26.Final
openstack-java-sdk-3.2.9-7.fc34.src requires
mvn(org.jboss.resteasy:resteasy-jaxrs) = 3.0.26.Final
apache-commons-fileupload (maintained by: jerboaa, jjelen, mizdebsk, spike)
apache-commons-fileupload-1.4-7.fc35.src requires
mvn(javax.portlet:portlet-api) = 1.0
See dependency chains of your packages at
https://packager-dashboard.fedoraproject.org/
See all orphaned packages at https://packager-dashboard.fedoraproject.org/orphan
Affected (co)maintainers (either directly or via packages' dependencies):
abbra: wsdl4j
akurtakov: wsdl4j
cdorney: wsdl4j
cfu: wsdl4j
chkr: libgda
cipherboy: wsdl4j
ckelley: wsdl4j
coolsvap: wsdl4j
csutherl: wsdl4j
decathorpe: libgda
dmoluguw: wsdl4j
dominik: wsdl4j
dwrobel: plantuml
edewata: wsdl4j
fsimonce: wsdl4j
galileo: wsdl4j, wsil4j, uddi4j
gil: plantuml
gnome-sig: libgda
gzaronikas: wsdl4j
hguemar: libgda
huwang: wsdl4j
ignatenkobrain: python-jenkins-job-builder
jerboaa: wsdl4j
jjelen: wsdl4j
jmagne: wsdl4j
jvanek: icedtea-web
kaio: libgda
kalev: libgda
kde-sig: kexi
ktdreyer: python-jenkins-job-builder
kwright: wsdl4j
limb: libgda
lkundrak: libgda
mharmsen: wsdl4j
mizdebsk: wsdl4j
moezroy: libgda
music: libgda
nacho: libgda
omajid: wsdl4j, icedtea-web
pabelanger: python-jenkins-job-builder
rakesh: libgda
spike: wsdl4j
spot: libgda
tmraz: PyPAM
vakwetu: wsdl4j
van: wsdl4j
volter: e00compr
--
The script creating this output is run and developed by Fedora
Release Engineering. Please report issues at its pagure instance:
https://pagure.io/releng/
The sources of this script can be found at:
https://pagure.io/releng/blob/main/f/scripts/find_unblocked_orphans.py
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
are orphaned for six weeks, unless someone adopts them. If you know for sure
that the package should be retired, please do so now with a proper reason:
https://fedoraproject.org/wiki/How_to_remove_a_package_at_end_of_life
Note: If you received this mail directly you (co)maintain one of the affected
packages or a package that depends on one. Please adopt the affected package or
retire your depending package to avoid broken dependencies, otherwise your
package will fail to install and/or build when the affected package gets retired.
Request package ownership via the *Take* button in he left column on
https://src.fedoraproject.org/rpms/<pkgname>
Full report available at:
https://churchyard.fedorapeople.org/orphans-2021-12-21.txt
grep it for your FAS username and follow the dependency chain.
For human readable dependency chains,
see https://packager-dashboard.fedoraproject.org/
For all orphaned packages,
see https://packager-dashboard.fedoraproject.org/orphan
Package (co)maintainers Status Change
================================================================================
PyPAM orphan, tmraz 5 weeks ago
cptutils orphan 1 weeks ago
dans-gdal-scripts orphan 1 weeks ago
direvent orphan 3 weeks ago
e00compr orphan 1 weeks ago
esniper orphan 1 weeks ago
icedtea-web jvanek, omajid, orphan 2 weeks ago
js-termynal orphan 2 weeks ago
kexi kde-sig, orphan 4 weeks ago
libgda lkundrak, orphan 0 weeks ago
ocaml-atd orphan 1 weeks ago
plantuml gil, orphan 5 weeks ago
python-jenkins-job-builder ignatenkobrain, ktdreyer, 0 weeks ago
orphan, pabelanger
python-metaextract orphan 1 weeks ago
python-productivity orphan 3 weeks ago
ravada orphan 1 weeks ago
rust-biscuit orphan 1 weeks ago
rust-signature orphan 4 weeks ago
uddi4j galileo, orphan 2 weeks ago
umph orphan 5 weeks ago
wsdl4j akurtakov, mizdebsk, orphan 2 weeks ago
wsil4j galileo, orphan 2 weeks ago
xcf-pixbuf-loader orphan 1 weeks ago
The following packages require above mentioned packages:
Depending on: e00compr (1), status change: 2021-12-13 (1 weeks ago)
saga (maintained by: volter)
saga-7.6.1-10.fc36.src requires e00compr-devel = 1.0.1-25.fc35
Depending on: libgda (6), status change: 2021-12-14 (0 weeks ago)
anjuta (maintained by: gnome-sig, kalev, limb, moezroy, rakesh)
anjuta-1:3.34.0-11.fc36.src requires libgda-devel = 1:5.2.10-3.fc36
anjuta-1:3.34.0-11.fc36.x86_64 requires libgda-sqlite = 1:5.2.10-3.fc36
anjuta-libs-1:3.34.0-11.fc36.i686 requires libgda-5.0.so.4
anjuta-libs-1:3.34.0-11.fc36.x86_64 requires libgda-5.0.so.4()(64bit)
elementary-music (maintained by: decathorpe)
elementary-music-5.1.1-2.fc35.i686 requires libgda-5.0.so.4,
libgda-sqlite(x86-32) = 1:5.2.10-3.fc36
elementary-music-5.1.1-2.fc35.src requires pkgconfig(libgda-5.0) = 5.2.10
elementary-music-5.1.1-2.fc35.x86_64 requires libgda-5.0.so.4()(64bit),
libgda-sqlite(x86-64) = 1:5.2.10-3.fc36
gtranslator (maintained by: kaio, nacho)
gtranslator-40.0-2.fc35.src requires libgda-devel = 1:5.2.10-3.fc36
gtranslator-40.0-2.fc35.x86_64 requires libgda-5.0.so.4()(64bit),
libgda-sqlite(x86-64) = 1:5.2.10-3.fc36
libgdamm (maintained by: hguemar, spot)
libgdamm-4.99.11-12.fc35.i686 requires libgda-5.0.so.4
libgdamm-4.99.11-12.fc35.src requires libgda-bdb = 1:5.2.10-3.fc36,
libgda-devel = 1:5.2.10-3.fc36
libgdamm-4.99.11-12.fc35.x86_64 requires libgda-5.0.so.4()(64bit)
libgdamm-devel-4.99.11-12.fc35.i686 requires pkgconfig(libgda-5.0) = 5.2.10
libgdamm-devel-4.99.11-12.fc35.x86_64 requires pkgconfig(libgda-5.0) = 5.2.10
sequeler (maintained by: music)
sequeler-0.8.2-2.fc36.src requires pkgconfig(libgda-5.0) = 5.2.10
sequeler-0.8.2-2.fc36.x86_64 requires libgda-5.0.so.4()(64bit)
gtkpod (maintained by: chkr, limb)
gtkpod-2.1.5-18.fc35.i686 requires libanjuta-3.so.0
gtkpod-2.1.5-18.fc35.src requires anjuta-devel = 1:3.34.0-11.fc36
gtkpod-2.1.5-18.fc35.x86_64 requires libanjuta-3.so.0()(64bit)
gtkpod-devel-2.1.5-18.fc35.i686 requires pkgconfig(libanjuta-3.0) = 3.34.0
gtkpod-devel-2.1.5-18.fc35.x86_64 requires pkgconfig(libanjuta-3.0) = 3.34.0
Depending on: plantuml (1), status change: 2021-11-16 (5 weeks ago)
plantumlqeditor (maintained by: dwrobel)
plantumlqeditor-1.2-22.20170403git964d4ef.fc35.x86_64 requires plantuml =
1:1.2021.0-3.fc35
Depending on: uddi4j (1), status change: 2021-12-02 (2 weeks ago)
wsil4j (maintained by: galileo, orphan)
wsil4j-1.0-25.fc35.noarch requires mvn(org.uddi4j:uddi4j) = 2.0.5,
osgi(org.uddi4j) = 2.0.5
wsil4j-1.0-25.fc35.src requires uddi4j = 2.0.5-25.fc35
Depending on: wsdl4j (10), status change: 2021-12-02 (2 weeks ago)
tomcat (maintained by: coolsvap, csutherl, gzaronikas, huwang, van)
tomcat-1:9.0.56-1.fc36.src requires wsdl4j = 1.6.3-21.fc35
wsil4j (maintained by: galileo, orphan)
wsil4j-1.0-25.fc35.noarch requires mvn(wsdl4j:wsdl4j) = 1.6.3,
osgi(javax.wsdl) = 1.6.3
wsil4j-1.0-25.fc35.src requires wsdl4j = 1.6.3-21.fc35
dogtag-pki (maintained by: abbra, cdorney, cfu, cipherboy, ckelley, dmoluguw,
edewata, jmagne, kwright, mharmsen, vakwetu)
dogtag-pki-11.1.0-0.1.alpha2.fc36.src requires resteasy = 3.0.26-13.fc36,
tomcat = 1:9.0.56-1.fc36, tomcatjss = 8.0.0-1.fc36
dogtag-pki-server-11.1.0-0.1.alpha2.fc36.noarch requires tomcat =
1:9.0.56-1.fc36, tomcatjss = 8.0.0-1.fc36
dogtag-pki-java-11.1.0-0.1.alpha2.fc36.noarch requires resteasy-client =
3.0.26-13.fc36, resteasy-core = 3.0.26-13.fc36, resteasy-jackson2-provider =
3.0.26-13.fc36
javahelp2 (maintained by: omajid)
javahelp2-2.0.05-31.fc35.src requires tomcat-jsp-2.3-api = 1:9.0.56-1.fc36,
tomcat-servlet-4.0-api = 1:9.0.56-1.fc36
pki-core (maintained by: abbra, cdorney, cfu, cipherboy, ckelley, dmoluguw,
edewata, jmagne, kwright, mharmsen, vakwetu)
pki-core-11.0.0-0.2.alpha1.fc35.src requires resteasy = 3.0.26-13.fc36,
tomcat = 1:9.0.56-1.fc36, tomcatjss = 8.0.0-1.fc36
pki-server-11.0.0-0.2.alpha1.fc35.noarch requires tomcat = 1:9.0.56-1.fc36,
tomcatjss = 8.0.0-1.fc36
pki-base-java-11.0.0-0.2.alpha1.fc35.noarch requires resteasy-client =
3.0.26-13.fc36, resteasy-core = 3.0.26-13.fc36, resteasy-jackson2-provider =
3.0.26-13.fc36
resteasy (maintained by: cdorney, cfu, cipherboy, ckelley, dmoluguw, edewata,
jmagne, mharmsen, vakwetu)
pki-resteasy-core-3.0.26-13.fc36.noarch requires
mvn(org.apache.tomcat:tomcat-servlet-api) = 9.0.56
pki-resteasy-jackson2-provider-3.0.26-13.fc36.noarch requires
mvn(org.apache.tomcat:tomcat-servlet-api) = 9.0.56
resteasy-3.0.26-13.fc36.src requires
mvn(org.apache.tomcat:tomcat-servlet-api) = 9.0.56
portlet-2.0-api (maintained by: jjelen)
portlet-2.0-api-1.0-24.fc35.src requires
mvn(org.apache.tomcat:tomcat-servlet-api) = 9.0.56
tomcatjss (maintained by: cdorney, cfu, cipherboy, ckelley, dmoluguw, edewata,
jmagne, kwright, mharmsen, vakwetu)
tomcatjss-8.0.0-1.fc36.noarch requires tomcat = 1:9.0.56-1.fc36
tomcatjss-8.0.0-1.fc36.src requires tomcat = 1:9.0.56-1.fc36
openstack-java-sdk (maintained by: dominik, fsimonce)
openstack-java-resteasy-connector-3.2.9-7.fc34.noarch requires
mvn(org.jboss.resteasy:resteasy-jaxrs) = 3.0.26.Final
openstack-java-sdk-3.2.9-7.fc34.src requires
mvn(org.jboss.resteasy:resteasy-jaxrs) = 3.0.26.Final
apache-commons-fileupload (maintained by: jerboaa, jjelen, mizdebsk, spike)
apache-commons-fileupload-1.4-7.fc35.src requires
mvn(javax.portlet:portlet-api) = 1.0
See dependency chains of your packages at
https://packager-dashboard.fedoraproject.org/
See all orphaned packages at https://packager-dashboard.fedoraproject.org/orphan
Affected (co)maintainers (either directly or via packages' dependencies):
abbra: wsdl4j
akurtakov: wsdl4j
cdorney: wsdl4j
cfu: wsdl4j
chkr: libgda
cipherboy: wsdl4j
ckelley: wsdl4j
coolsvap: wsdl4j
csutherl: wsdl4j
decathorpe: libgda
dmoluguw: wsdl4j
dominik: wsdl4j
dwrobel: plantuml
edewata: wsdl4j
fsimonce: wsdl4j
galileo: wsdl4j, wsil4j, uddi4j
gil: plantuml
gnome-sig: libgda
gzaronikas: wsdl4j
hguemar: libgda
huwang: wsdl4j
ignatenkobrain: python-jenkins-job-builder
jerboaa: wsdl4j
jjelen: wsdl4j
jmagne: wsdl4j
jvanek: icedtea-web
kaio: libgda
kalev: libgda
kde-sig: kexi
ktdreyer: python-jenkins-job-builder
kwright: wsdl4j
limb: libgda
lkundrak: libgda
mharmsen: wsdl4j
mizdebsk: wsdl4j
moezroy: libgda
music: libgda
nacho: libgda
omajid: wsdl4j, icedtea-web
pabelanger: python-jenkins-job-builder
rakesh: libgda
spike: wsdl4j
spot: libgda
tmraz: PyPAM
vakwetu: wsdl4j
van: wsdl4j
volter: e00compr
--
The script creating this output is run and developed by Fedora
Release Engineering. Please report issues at its pagure instance:
https://pagure.io/releng/
The sources of this script can be found at:
https://pagure.io/releng/blob/main/f/scripts/find_unblocked_orphans.py
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Monday, December 20, 2021
[USN-5186-2] Firefox regressions
==========================================================================
Ubuntu Security Notice USN-5186-2
December 20, 2021
firefox regressions
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.10
- Ubuntu 21.04
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
USN-5186-1 caused some minor regressions in Firefox.
Software Description:
- firefox: Mozilla Open Source web browser
Details:
USN-5186-1 fixed vulnerabilities in Firefox. The update introduced several
minor regressions. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information, conduct spoofing attacks, bypass CSP restrictions, or
execute arbitrary code. (CVE-2021-43536, CVE-2021-43537, CVE-2021-43538,
CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543,
CVE-2021-43545, CVE-2021-43546)
A security issue was discovered with the handling of WebExtension
permissions. If a user were tricked into installing a specially crafted
extension, an attacker could potentially exploit this to create and
install a service worker that wouldn't be uninstalled with the extension.
(CVE-2021-43540)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.10:
firefox 95.0.1+build2-0ubuntu0.21.10.1
Ubuntu 21.04:
firefox 95.0.1+build2-0ubuntu0.21.04.1
Ubuntu 20.04 LTS:
firefox 95.0.1+build2-0ubuntu0.20.04.1
Ubuntu 18.04 LTS:
firefox 95.0.1+build2-0ubuntu0.18.04.1
After a standard system update you need to restart Firefox to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5186-2
https://ubuntu.com/security/notices/USN-5186-1
https://launchpad.net/bugs/1955433
Package Information:
https://launchpad.net/ubuntu/+source/firefox/95.0.1+build2-0ubuntu0.21.10.1
https://launchpad.net/ubuntu/+source/firefox/95.0.1+build2-0ubuntu0.21.04.1
https://launchpad.net/ubuntu/+source/firefox/95.0.1+build2-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/firefox/95.0.1+build2-0ubuntu0.18.04.1
Ubuntu Security Notice USN-5186-2
December 20, 2021
firefox regressions
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.10
- Ubuntu 21.04
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
USN-5186-1 caused some minor regressions in Firefox.
Software Description:
- firefox: Mozilla Open Source web browser
Details:
USN-5186-1 fixed vulnerabilities in Firefox. The update introduced several
minor regressions. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information, conduct spoofing attacks, bypass CSP restrictions, or
execute arbitrary code. (CVE-2021-43536, CVE-2021-43537, CVE-2021-43538,
CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543,
CVE-2021-43545, CVE-2021-43546)
A security issue was discovered with the handling of WebExtension
permissions. If a user were tricked into installing a specially crafted
extension, an attacker could potentially exploit this to create and
install a service worker that wouldn't be uninstalled with the extension.
(CVE-2021-43540)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.10:
firefox 95.0.1+build2-0ubuntu0.21.10.1
Ubuntu 21.04:
firefox 95.0.1+build2-0ubuntu0.21.04.1
Ubuntu 20.04 LTS:
firefox 95.0.1+build2-0ubuntu0.20.04.1
Ubuntu 18.04 LTS:
firefox 95.0.1+build2-0ubuntu0.18.04.1
After a standard system update you need to restart Firefox to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5186-2
https://ubuntu.com/security/notices/USN-5186-1
https://launchpad.net/bugs/1955433
Package Information:
https://launchpad.net/ubuntu/+source/firefox/95.0.1+build2-0ubuntu0.21.10.1
https://launchpad.net/ubuntu/+source/firefox/95.0.1+build2-0ubuntu0.21.04.1
https://launchpad.net/ubuntu/+source/firefox/95.0.1+build2-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/firefox/95.0.1+build2-0ubuntu0.18.04.1
F36 Change: Ruby 3.1 (System-Wide Change proposal)
https://fedoraproject.org/wiki/Changes/Ruby_3.1
== Summary ==
Ruby 3.1 is the latest stable version of Ruby. Many new features and
improvements are included for the increasingly diverse and expanding
demands for Ruby. With this major update from Ruby 3.0 in Fedora 35 to
Ruby 3.1 in Fedora 36, Fedora becomes the superior Ruby development
platform.
== Owner ==
* Name: [[User:vondruch| Vít Ondruch]]
* Email: vondruch@redhat.com
== Detailed Description ==
Ruby 3.1 is upstream's new major release of Ruby. Many new features
and improvements are included.
=== YJIT: New experimental in-process JIT compiler ===
Ruby 3.1 merges YJIT, a new in-process JIT compiler developed by Shopify.
Since Ruby 2.6 introduced MJIT in 2018, its performance greatly
improved, and finally we achieved Ruby3x3 last year. But even though
Optcarrot has shown impressive speedups, the JIT hasn't benefited real
world business applications.
Recently Shopify contributed many Ruby improvements to speed up their
Rails application. YJIT is an important contribution, and aims to
improve the performance of Rails applications.
Though MJIT is a method-based JIT compiler and uses an external C
compiler, YJIT uses Basic Block Versioning and includes JIT compiler
inside it. With Lazy Basic Block Versioning (LBBV) it first compiles
the beginning of a method, and incrementally compiles the rest when
the type of arguments and variables are dynamically determined. See
YJIT: a basic block versioning JIT compiler for CRuby for a detailed
introduction.
With this technology, YJIT achieves both fast warmup time and
performance improvements on most real-world software, up to 22% on
railsbench, 39% on liquid-render.
YJIT is still an experimental feature, and as such, it is disabled by
default. If you want to use this, specify the --yjit command-line
option to enable YJIT. It is also limited to macOS & Linux on x86-64
platforms for now.
https://bugs.ruby-lang.org/issues/18229
https://shopify.engineering/yjit-just-in-time-compiler-cruby
https://www.youtube.com/watch?v=PBVLf3yfMs8
=== debug gem: A new debugger ===
A new debugger debug.gem is bundled. debug.gem is fast debugger
implementation and it provides many features like remote debugging,
colorful REPL, IDE (VSCode) integration and more. It replaces
lib/debug.rb standard library.
=== error_highlight: Fine-grained error location in backtrace ===
A built-in gem, error_highlight, has been introduced. It includes
fine-grained error location in backtrace:
$ ruby test.rb
test.rb:1:in `<main>': undefined method `time' for 1:Integer (NoMethodError)
1.time {}
^^^^^
Did you mean? times
This gem is enabled by default. You can disable it by using a
command-line option --disable-error_highlight. See the repository in
detail.
=== Irb improvement ===
=== Other Notable New Features ===
* Language
** Values in Hash literals and keyword arguments can be omitted.
** Pin operator in pattern matching now takes an expression.
* RBS
** `rbs collection` has been introduced to manage gems' RBSs.
** Many signatures for built-in and standard libraries have been added/updated.
** It includes many bug fixes and performance improvements too.
* TypeProf
** Experimental IDE support has been implemented.
** Many bug fixes and performance improvements.
=== Performance improvements ===
* MJIT
** For workloads like Rails, the default --jit-max-cache is changed
from 100 to 10000. The JIT compiler no longer skips compilation of
methods longer than 1000 instructions.
** To support Zeitwerk of Rails, JIT-ed code is no longer cancelled
when a TracePoint for class events is enabled.
=== Other notable changes since 3.0 ===
* One-line pattern matching, e.g., ary => [x, y, z], is no longer experimental.
* Multiple assignment evaluation order has been changed slightly.
** foo[0], bar[0] = baz, qux was evaluated in order baz, qux, foo, and
then bar in Ruby 3.0. In Ruby 3.1, it is evaluated in order foo, bar,
baz, and then qux.
* Variable Width Allocation: Strings (experimental)
* Standard libraries updates
== Benefit to Fedora ==
With a latest release, Ruby language is supporting the newest language
features, which enables even faster and easier development of Ruby
applications.
== Scope ==
* Proposal owners:
** Finish packaging of Ruby 3.1. Current changes available in PR
https://src.fedoraproject.org/rpms/ruby/pull-request/106
** Rebuilding of Ruby packages providing native extensions (i.e.
packages which depends on libruby).
* Other developers:
** Rebuild of packages with binary extensions (i.e. packages which
depends on libruby) will be handled automatically, but some packages
might need fixes/updates to support Ruby 3.1 properly.
* Release engineering: [https://pagure.io/releng/issue/10478 #10478]
** The packages are going to be rebuild in side-tag, but that does not
need releng involvement nowadays.
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with Objectives:
== Upgrade/compatibility impact ==
* User specific Ruby binary extensions need to be rebuild.
* Ruby packages/application dependencies might need to be adjusted if
net-* and other newly bundled gems are used.
== How To Test ==
* No special hardware is needed.
* To test, install Ruby 3.1. The test builds are pusblished in PR or
on Ruby-SIG ML
* Try to locally rebuild your packages using Ruby 3.1.
* Use the packages with your applications previously written in Ruby.
* If something doesn't work as it should, let us know.
== User Experience ==
The Ruby programs/scripts should behave as they were used to.
== Dependencies ==
<pre>
$ dnf repoquery --disablerepo=* --enablerepo=rawhide
--enablerepo=rawhide-source --arch=src --whatrequires 'ruby-devel' |
sort | uniq | wc -l
130
</pre>
== Contingency Plan ==
* Contingency mechanism: We would like to get a special buildroot tag
to be able to rebuild necessary the packages with Ruby 3.1. If
anything goes wrong, the tag could be easily dropped and previous
version of Ruby 3.0 and its dependencies stays intact. The tag would
be merged into F36 after everything is rebuild.
* Contingency deadline: Mass Rebuild
* Blocks release? No
== Documentation ==
* [http://www.ruby-doc.org/ Help and documentation for the Ruby
programming language]
* [https://github.com/ruby/ruby/blob/v3_1_0_preview1/NEWS.md Ruby 3.1.0 NEWS]
* [https://www.ruby-lang.org/en/news/2021/11/09/ruby-3-1-0-preview1-released/
Ruby 3.1 release announcement]
== Release Notes ==
* The Ruby 3.1 bumps soname, therefore Ruby packages, which use binary
extensions, should be rebuilt. Nevertheless, since upstream paid great
attention to source compatibility, no changes to your code are needed.
https://github.com/ruby/ruby/blob/v3_1_0_preview1/NEWS.md
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
== Summary ==
Ruby 3.1 is the latest stable version of Ruby. Many new features and
improvements are included for the increasingly diverse and expanding
demands for Ruby. With this major update from Ruby 3.0 in Fedora 35 to
Ruby 3.1 in Fedora 36, Fedora becomes the superior Ruby development
platform.
== Owner ==
* Name: [[User:vondruch| Vít Ondruch]]
* Email: vondruch@redhat.com
== Detailed Description ==
Ruby 3.1 is upstream's new major release of Ruby. Many new features
and improvements are included.
=== YJIT: New experimental in-process JIT compiler ===
Ruby 3.1 merges YJIT, a new in-process JIT compiler developed by Shopify.
Since Ruby 2.6 introduced MJIT in 2018, its performance greatly
improved, and finally we achieved Ruby3x3 last year. But even though
Optcarrot has shown impressive speedups, the JIT hasn't benefited real
world business applications.
Recently Shopify contributed many Ruby improvements to speed up their
Rails application. YJIT is an important contribution, and aims to
improve the performance of Rails applications.
Though MJIT is a method-based JIT compiler and uses an external C
compiler, YJIT uses Basic Block Versioning and includes JIT compiler
inside it. With Lazy Basic Block Versioning (LBBV) it first compiles
the beginning of a method, and incrementally compiles the rest when
the type of arguments and variables are dynamically determined. See
YJIT: a basic block versioning JIT compiler for CRuby for a detailed
introduction.
With this technology, YJIT achieves both fast warmup time and
performance improvements on most real-world software, up to 22% on
railsbench, 39% on liquid-render.
YJIT is still an experimental feature, and as such, it is disabled by
default. If you want to use this, specify the --yjit command-line
option to enable YJIT. It is also limited to macOS & Linux on x86-64
platforms for now.
https://bugs.ruby-lang.org/issues/18229
https://shopify.engineering/yjit-just-in-time-compiler-cruby
https://www.youtube.com/watch?v=PBVLf3yfMs8
=== debug gem: A new debugger ===
A new debugger debug.gem is bundled. debug.gem is fast debugger
implementation and it provides many features like remote debugging,
colorful REPL, IDE (VSCode) integration and more. It replaces
lib/debug.rb standard library.
=== error_highlight: Fine-grained error location in backtrace ===
A built-in gem, error_highlight, has been introduced. It includes
fine-grained error location in backtrace:
$ ruby test.rb
test.rb:1:in `<main>': undefined method `time' for 1:Integer (NoMethodError)
1.time {}
^^^^^
Did you mean? times
This gem is enabled by default. You can disable it by using a
command-line option --disable-error_highlight. See the repository in
detail.
=== Irb improvement ===
=== Other Notable New Features ===
* Language
** Values in Hash literals and keyword arguments can be omitted.
** Pin operator in pattern matching now takes an expression.
* RBS
** `rbs collection` has been introduced to manage gems' RBSs.
** Many signatures for built-in and standard libraries have been added/updated.
** It includes many bug fixes and performance improvements too.
* TypeProf
** Experimental IDE support has been implemented.
** Many bug fixes and performance improvements.
=== Performance improvements ===
* MJIT
** For workloads like Rails, the default --jit-max-cache is changed
from 100 to 10000. The JIT compiler no longer skips compilation of
methods longer than 1000 instructions.
** To support Zeitwerk of Rails, JIT-ed code is no longer cancelled
when a TracePoint for class events is enabled.
=== Other notable changes since 3.0 ===
* One-line pattern matching, e.g., ary => [x, y, z], is no longer experimental.
* Multiple assignment evaluation order has been changed slightly.
** foo[0], bar[0] = baz, qux was evaluated in order baz, qux, foo, and
then bar in Ruby 3.0. In Ruby 3.1, it is evaluated in order foo, bar,
baz, and then qux.
* Variable Width Allocation: Strings (experimental)
* Standard libraries updates
== Benefit to Fedora ==
With a latest release, Ruby language is supporting the newest language
features, which enables even faster and easier development of Ruby
applications.
== Scope ==
* Proposal owners:
** Finish packaging of Ruby 3.1. Current changes available in PR
https://src.fedoraproject.org/rpms/ruby/pull-request/106
** Rebuilding of Ruby packages providing native extensions (i.e.
packages which depends on libruby).
* Other developers:
** Rebuild of packages with binary extensions (i.e. packages which
depends on libruby) will be handled automatically, but some packages
might need fixes/updates to support Ruby 3.1 properly.
* Release engineering: [https://pagure.io/releng/issue/10478 #10478]
** The packages are going to be rebuild in side-tag, but that does not
need releng involvement nowadays.
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with Objectives:
== Upgrade/compatibility impact ==
* User specific Ruby binary extensions need to be rebuild.
* Ruby packages/application dependencies might need to be adjusted if
net-* and other newly bundled gems are used.
== How To Test ==
* No special hardware is needed.
* To test, install Ruby 3.1. The test builds are pusblished in PR or
on Ruby-SIG ML
* Try to locally rebuild your packages using Ruby 3.1.
* Use the packages with your applications previously written in Ruby.
* If something doesn't work as it should, let us know.
== User Experience ==
The Ruby programs/scripts should behave as they were used to.
== Dependencies ==
<pre>
$ dnf repoquery --disablerepo=* --enablerepo=rawhide
--enablerepo=rawhide-source --arch=src --whatrequires 'ruby-devel' |
sort | uniq | wc -l
130
</pre>
== Contingency Plan ==
* Contingency mechanism: We would like to get a special buildroot tag
to be able to rebuild necessary the packages with Ruby 3.1. If
anything goes wrong, the tag could be easily dropped and previous
version of Ruby 3.0 and its dependencies stays intact. The tag would
be merged into F36 after everything is rebuild.
* Contingency deadline: Mass Rebuild
* Blocks release? No
== Documentation ==
* [http://www.ruby-doc.org/ Help and documentation for the Ruby
programming language]
* [https://github.com/ruby/ruby/blob/v3_1_0_preview1/NEWS.md Ruby 3.1.0 NEWS]
* [https://www.ruby-lang.org/en/news/2021/11/09/ruby-3-1-0-preview1-released/
Ruby 3.1 release announcement]
== Release Notes ==
* The Ruby 3.1 bumps soname, therefore Ruby packages, which use binary
extensions, should be rebuilt. Nevertheless, since upstream paid great
attention to source compatibility, no changes to your code are needed.
https://github.com/ruby/ruby/blob/v3_1_0_preview1/NEWS.md
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
F36 Change: %set_build_flags for %build and %check (System-Wide Change proposal)
https://fedoraproject.org/wiki/Changes/SetBuildFlagsBuildCheck
== Summary ==
Call %set_build_flags macro automatically at the beginning of the
%build and %check phases of RPM builds in Fedora Linux. This will
ensure that the compiler flag environment variables are set for every
RPM build.
== Owner ==
* Name: [[User:tstellar| Tom Stellard]]
* Email: <tstellar@redhat.com>
== Detailed Description ==
The %set_build_flags macro exports common environment variables used
for building packages:
* CFLAGS
* CXXFLAGS
* FFLAGS
* FCFLAGS
* LDFLAGS
* LT_SYS_LIBRARY_PATH
* CC
* CXX
These environment variables are set to the compiler flags defined in
the system RPM configuration. This macro is currently implicitly
called when packages use some of the build system helper macros, like
%configure, %cmake, and %meson. However, not all packages use these
macros and so some packages do not use the correct compiler flags as
required by the Fedora packaging guidelines[1].
This change will be implemented by updating the %__spec_build_pre and
%__speck_check_pre macros in redhat-rpm-config to include
%set_build_flags. This will set these environment variables
automatically before the %build and %check sections. See the proposed
[https://src.fedoraproject.org/fork/tstellar/rpms/redhat-rpm-config/c/a39741bbebd645c46e5d675920b4bffe390c95bb?branch=set-build-flags-build-check
implementation] for more details.
The purpose for making this change in both the %build and %check
sections is because sometimes test code gets built in the %check
sections for unit tests and this will ensure that the application code
and its tests are built with the same set of flags.
This change should have no impact on packages that already use
%set_build_flags either directly or indirectly through another macro.
It also won't impact any package that currently sets these environment
variables or modifies any of the %{build*_flags} macros in their
%build or %check sections.
[1] https://docs.fedoraproject.org/en-US/packaging-guidelines/#_compiler_flags
== Benefit to Fedora ==
This change will ensure that more packages are built using the correct
compiler flags, and bring them in compliance with the Fedora packaging
guidelines. It will also help improve the security of the
distribution as many of the compiler flags help defend against common
security attacks.
== Scope ==
* Proposal owners:
** Make the necessary changes to redhat-rpm-config.
** Help debug any issues uncovered by this change during the mass rebuild.
* Other developers:
** Report bugs to the proposal owner.
* Release engineering: [https://pagure.io/releng/issue/10482 #10482]
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with Objectives:
== How To Test ==
This change will be tested by rebuilding packages as part of the mass rebuild.
== User Experience ==
This change will make some packages less susceptible to security exploits.
== Contingency Plan ==
* Contingency mechanism: The proposal owner will revert the change in
redhat-rpm-config
* Contingency deadline: Beta Freeze
* Blocks release? No
== Documentation ==
None needed.
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
== Summary ==
Call %set_build_flags macro automatically at the beginning of the
%build and %check phases of RPM builds in Fedora Linux. This will
ensure that the compiler flag environment variables are set for every
RPM build.
== Owner ==
* Name: [[User:tstellar| Tom Stellard]]
* Email: <tstellar@redhat.com>
== Detailed Description ==
The %set_build_flags macro exports common environment variables used
for building packages:
* CFLAGS
* CXXFLAGS
* FFLAGS
* FCFLAGS
* LDFLAGS
* LT_SYS_LIBRARY_PATH
* CC
* CXX
These environment variables are set to the compiler flags defined in
the system RPM configuration. This macro is currently implicitly
called when packages use some of the build system helper macros, like
%configure, %cmake, and %meson. However, not all packages use these
macros and so some packages do not use the correct compiler flags as
required by the Fedora packaging guidelines[1].
This change will be implemented by updating the %__spec_build_pre and
%__speck_check_pre macros in redhat-rpm-config to include
%set_build_flags. This will set these environment variables
automatically before the %build and %check sections. See the proposed
[https://src.fedoraproject.org/fork/tstellar/rpms/redhat-rpm-config/c/a39741bbebd645c46e5d675920b4bffe390c95bb?branch=set-build-flags-build-check
implementation] for more details.
The purpose for making this change in both the %build and %check
sections is because sometimes test code gets built in the %check
sections for unit tests and this will ensure that the application code
and its tests are built with the same set of flags.
This change should have no impact on packages that already use
%set_build_flags either directly or indirectly through another macro.
It also won't impact any package that currently sets these environment
variables or modifies any of the %{build*_flags} macros in their
%build or %check sections.
[1] https://docs.fedoraproject.org/en-US/packaging-guidelines/#_compiler_flags
== Benefit to Fedora ==
This change will ensure that more packages are built using the correct
compiler flags, and bring them in compliance with the Fedora packaging
guidelines. It will also help improve the security of the
distribution as many of the compiler flags help defend against common
security attacks.
== Scope ==
* Proposal owners:
** Make the necessary changes to redhat-rpm-config.
** Help debug any issues uncovered by this change during the mass rebuild.
* Other developers:
** Report bugs to the proposal owner.
* Release engineering: [https://pagure.io/releng/issue/10482 #10482]
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with Objectives:
== How To Test ==
This change will be tested by rebuilding packages as part of the mass rebuild.
== User Experience ==
This change will make some packages less susceptible to security exploits.
== Contingency Plan ==
* Contingency mechanism: The proposal owner will revert the change in
redhat-rpm-config
* Contingency deadline: Beta Freeze
* Blocks release? No
== Documentation ==
None needed.
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
F36 Change: LLVM 14 (System-Wide Change proposal)
https://fedoraproject.org/wiki/Changes/LLVM-14
== Summary ==
Update all llvm sub-projects in Fedora Linux to version 14.
== Owner ==
* Name: [[User:tstellar| Tom Stellard]]
* Email: <tstellar@redhat.com>
== Detailed Description ==
All llvm sub-projects in Fedora will be updated to version 14, and
there will be a soname version change for the llvm libraries.
Compatibility packages clang13 and llvm13 will be added to ensure that
packages that currently depend on clang and llvm version 13 libraries
will continue to work.
Unlike previous releases, we will no longer be packaging release
candidate builds in Rawhide or F36. Release candidates are not
guaranteed to be ABI compatible with each other, so upgrading from one
release candidate to another (or to the final release) requires
rebuilding all the clang/LLVM library users. This has become very
difficult to coordinate given the increased number of packages using
the clang/LLVM libraries, so we decided to only package the final
release.
We do plan to build release candidate versions into a side-tag for
testing. We will also create an llvm-14 branch in dist-git, so that
we can build the release candidate versions while still being able to
fix bugs and make changes to LLVM 13 in the rawhide branch.
'''Note: we are still discussing with Release Engineering if a branch
+ side-tag will be possible [https://pagure.io/releng/issue/10414
#10414]. If it's not possible, we will use COPR instead.'''
== Benefit to Fedora ==
New features and bug fixes provided by the latest version of LLVM.
== Scope ==
* Proposal owners:
** Review existing llvm and clang compatibility packages and orphan
any packages that are no longer used.
** Request an llvm-14 branch in dist-git for each llvm sub-project.
** Request a side-tag.
** Build llvm13 and clang13 compat packages into the side-tag.
** When upstream LLVM project releases version 14.0.0-rc1 (Late
January 2021), package this using the llvm-14 branches and build it
into the side-tag.
*** Repeat process for each release candidate.
** When upstream LLVM project releases version 14.0.0-final (March
2021), package this using the rawhide and f36 branches.
* Other developers:
** Maintainers of packages that depend on clang-libs or llvm-libs will
need to update their spec files to depend on the clang13 and llvm13
compatibility packages if they want to rebuild their package and it
does not work with LLVM 14 yet. The key point here is that spec file
changes are only needed if a package is going to be rebuilt after LLVM
14 is added to Fedora. The compatibility packages will ensure that
already built packages continue to work.
* Release engineering: [https://pagure.io/releng/issue/10414 #10414]
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with Objectives:
== Upgrade/compatibility impact ==
This change should not impact upgradeability.
== How To Test ==
The CI tests for the llvm sub-packages in Fedora will be used to catch
regressions that might be potentially introduced by the update to LLVM
14.
== User Experience ==
Users will benefit from new features and bug-fixes in the latest
version of LLVM.
== Dependencies ==
This change can be made without updating any other packages. However,
as mention before, packages that need to use LLVM 13 will need to
update their spec file on their first rebuild after this change.
== Contingency Plan ==
* Contingency mechanism: (What to do? Who will do it?): If there are
major problems with LLVM 14, the compatibility package provide a way
for other packages to continue using LLVM 13.
* Contingency deadline: Final Freeze
* Blocks release? No
== Documentation ==
Release notes will be added for this change.
== Release Notes ==
LLVM sub-projects in Fedora have been updated to version 14:
* llvm
* clang
* lld
* lldb
* compiler-rt
* libomp
* llvm-test-suite
* libcxx
* libcxxabi
* python-lit
* flang
* mlir
* polly
* libclc
* llvm-unwind
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
== Summary ==
Update all llvm sub-projects in Fedora Linux to version 14.
== Owner ==
* Name: [[User:tstellar| Tom Stellard]]
* Email: <tstellar@redhat.com>
== Detailed Description ==
All llvm sub-projects in Fedora will be updated to version 14, and
there will be a soname version change for the llvm libraries.
Compatibility packages clang13 and llvm13 will be added to ensure that
packages that currently depend on clang and llvm version 13 libraries
will continue to work.
Unlike previous releases, we will no longer be packaging release
candidate builds in Rawhide or F36. Release candidates are not
guaranteed to be ABI compatible with each other, so upgrading from one
release candidate to another (or to the final release) requires
rebuilding all the clang/LLVM library users. This has become very
difficult to coordinate given the increased number of packages using
the clang/LLVM libraries, so we decided to only package the final
release.
We do plan to build release candidate versions into a side-tag for
testing. We will also create an llvm-14 branch in dist-git, so that
we can build the release candidate versions while still being able to
fix bugs and make changes to LLVM 13 in the rawhide branch.
'''Note: we are still discussing with Release Engineering if a branch
+ side-tag will be possible [https://pagure.io/releng/issue/10414
#10414]. If it's not possible, we will use COPR instead.'''
== Benefit to Fedora ==
New features and bug fixes provided by the latest version of LLVM.
== Scope ==
* Proposal owners:
** Review existing llvm and clang compatibility packages and orphan
any packages that are no longer used.
** Request an llvm-14 branch in dist-git for each llvm sub-project.
** Request a side-tag.
** Build llvm13 and clang13 compat packages into the side-tag.
** When upstream LLVM project releases version 14.0.0-rc1 (Late
January 2021), package this using the llvm-14 branches and build it
into the side-tag.
*** Repeat process for each release candidate.
** When upstream LLVM project releases version 14.0.0-final (March
2021), package this using the rawhide and f36 branches.
* Other developers:
** Maintainers of packages that depend on clang-libs or llvm-libs will
need to update their spec files to depend on the clang13 and llvm13
compatibility packages if they want to rebuild their package and it
does not work with LLVM 14 yet. The key point here is that spec file
changes are only needed if a package is going to be rebuilt after LLVM
14 is added to Fedora. The compatibility packages will ensure that
already built packages continue to work.
* Release engineering: [https://pagure.io/releng/issue/10414 #10414]
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with Objectives:
== Upgrade/compatibility impact ==
This change should not impact upgradeability.
== How To Test ==
The CI tests for the llvm sub-packages in Fedora will be used to catch
regressions that might be potentially introduced by the update to LLVM
14.
== User Experience ==
Users will benefit from new features and bug-fixes in the latest
version of LLVM.
== Dependencies ==
This change can be made without updating any other packages. However,
as mention before, packages that need to use LLVM 13 will need to
update their spec file on their first rebuild after this change.
== Contingency Plan ==
* Contingency mechanism: (What to do? Who will do it?): If there are
major problems with LLVM 14, the compatibility package provide a way
for other packages to continue using LLVM 13.
* Contingency deadline: Final Freeze
* Blocks release? No
== Documentation ==
Release notes will be added for this change.
== Release Notes ==
LLVM sub-projects in Fedora have been updated to version 14:
* llvm
* clang
* lld
* lldb
* compiler-rt
* libomp
* llvm-test-suite
* libcxx
* libcxxabi
* python-lit
* flang
* mlir
* polly
* libclc
* llvm-unwind
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Sunday, December 19, 2021
[USN-5203-1] Apache Log4j 2 vulnerability
==========================================================================
Ubuntu Security Notice USN-5203-1
December 19, 2021
apache-log4j2 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.10
- Ubuntu 21.04
- Ubuntu 20.04 LTS
Summary:
Apache Log4j 2 could be made to crash if it received specially crafted
input.
Software Description:
- apache-log4j2: Apache Log4j - Logging Framework for Java
Details:
Hideki Okamoto and Guy Lederfein discovered that Apache Log4j 2 did not
protect against infinite recursion in lookup evaluation. A remote attacker
could possibly use this issue to cause Apache Log4j 2 to crash, leading to
a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.10:
liblog4j2-java 2.17.0-0.21.10.1
Ubuntu 21.04:
liblog4j2-java 2.17.0-0.21.04.1
Ubuntu 20.04 LTS:
liblog4j2-java 2.17.0-0.20.04.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5203-1
CVE-2021-45105
Package Information:
https://launchpad.net/ubuntu/+source/apache-log4j2/2.17.0-0.21.10.1
https://launchpad.net/ubuntu/+source/apache-log4j2/2.17.0-0.21.04.1
https://launchpad.net/ubuntu/+source/apache-log4j2/2.17.0-0.20.04.1
Ubuntu Security Notice USN-5203-1
December 19, 2021
apache-log4j2 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.10
- Ubuntu 21.04
- Ubuntu 20.04 LTS
Summary:
Apache Log4j 2 could be made to crash if it received specially crafted
input.
Software Description:
- apache-log4j2: Apache Log4j - Logging Framework for Java
Details:
Hideki Okamoto and Guy Lederfein discovered that Apache Log4j 2 did not
protect against infinite recursion in lookup evaluation. A remote attacker
could possibly use this issue to cause Apache Log4j 2 to crash, leading to
a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.10:
liblog4j2-java 2.17.0-0.21.10.1
Ubuntu 21.04:
liblog4j2-java 2.17.0-0.21.04.1
Ubuntu 20.04 LTS:
liblog4j2-java 2.17.0-0.20.04.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5203-1
CVE-2021-45105
Package Information:
https://launchpad.net/ubuntu/+source/apache-log4j2/2.17.0-0.21.10.1
https://launchpad.net/ubuntu/+source/apache-log4j2/2.17.0-0.21.04.1
https://launchpad.net/ubuntu/+source/apache-log4j2/2.17.0-0.20.04.1
Saturday, December 18, 2021
Updated Debian 11: 11.2 released
------------------------------------------------------------------------
The Debian Project https://www.debian.org/
Updated Debian 11: 11.2 released press@debian.org
December 18th, 2021 https://www.debian.org/News/2021/20211218
------------------------------------------------------------------------
The Debian project is pleased to announce the second update of its
stable distribution Debian 11 (codename "bullseye"). This point release
mainly adds corrections for security issues, along with a few
adjustments for serious problems. Security advisories have already been
published separately and are referenced where available.
Please note that the point release does not constitute a new version of
Debian 11 but only updates some of the packages included. There is no
need to throw away old "bullseye" media. After installation, packages
can be upgraded to the current versions using an up-to-date Debian
mirror.
Those who frequently install updates from security.debian.org won't have
to update many packages, and most such updates are included in the point
release.
New installation images will be available soon at the regular locations.
Upgrading an existing installation to this revision can be achieved by
pointing the package management system at one of Debian's many HTTP
mirrors. A comprehensive list of mirrors is available at:
https://www.debian.org/mirror/list
Miscellaneous Bugfixes
----------------------
This stable update adds a few important corrections to the following
packages:
+--------------------------+------------------------------------------+
| Package | Reason |
+--------------------------+------------------------------------------+
| authheaders [1] | New upstream bug-fix release |
| | |
| base-files [2] | Update /etc/debian_version for the 11.2 |
| | point release |
| | |
| bpftrace [3] | Fix array indexing |
| | |
| brltty [4] | Fix operation under X when using |
| | sysvinit |
| | |
| btrbk [5] | Fix regression in the update for |
| | CVE-2021-38173 |
| | |
| calibre [6] | Fix syntax error |
| | |
| chrony [7] | Fix binding a socket to a network device |
| | with a name longer than 3 characters |
| | when the system call filter is enabled |
| | |
| cmake [8] | Add PostgreSQL 13 to known versions |
| | |
| containerd [9] | New upstream stable release; handle |
| | ambiguous OCI manifest parsing |
| | [CVE-2021-41190]; support "clone3" in |
| | default seccomp profile |
| | |
| curl [10] | Remove -ffile-prefix-map from curl- |
| | config, fixing co-installability of |
| | libcurl4-gnutls-dev under multiarch |
| | |
| datatables.js [11] | Fix insufficient escaping of arrays |
| | passed to the HTML escape entities |
| | function [CVE-2021-23445] |
| | |
| debian-edu-config [12] | pxe-addfirmware: Fix TFTP server path; |
| | improve support for LTSP chroot setup |
| | and maintenance |
| | |
| debian-edu-doc [13] | Update Debian Edu Bullseye manual from |
| | the wiki; update translations |
| | |
| debian-installer [14] | Rebuild against proposed-updates; update |
| | kernel ABI to -10 |
| | |
| debian-installer- | Rebuild against proposed-updates |
| netboot-images [15] | |
| | |
| distro-info-data [16] | Update included data for Ubuntu 14.04 |
| | and 16.04 ESM; add Ubuntu 22.04 LTS |
| | |
| docker.io [17] | Fix possible change of host file system |
| | permissions [CVE-2021-41089]; lock down |
| | file permissions in /var/lib/docker |
| | [CVE-2021-41091]; prevent credentials |
| | being sent to the default registry |
| | [CVE-2021-41092]; add support for |
| | "clone3" syscall in default seccomp |
| | policy |
| | |
| edk2 [18] | Address Boot Guard TOCTOU vulnerability |
| | [CVE-2019-11098] |
| | |
| freeipmi [19] | Install pkgconfig files to correct |
| | location |
| | |
| gdal [20] | Fix BAG 2.0 Extract support in LVBAG |
| | driver |
| | |
| gerbv [21] | Fix out-of-bounds write issue [CVE-2021- |
| | 40391] |
| | |
| gmp [22] | Fix integer and buffer overflow issue |
| | [CVE-2021-43618] |
| | |
| golang-1.15 [23] | New upstream stable release; fix "net/ |
| | http: panic due to racy read of |
| | persistConn after handler |
| | panic" [CVE-2021-36221]; fix "archive/ |
| | zip: overflow in preallocation check can |
| | cause OOM panic" [CVE-2021-39293]; fix |
| | buffer over-run issue [CVE-2021-38297], |
| | out of bounds read issue [CVE-2021- |
| | 41771], denial of service issues |
| | [CVE-2021-44716 CVE-2021-44717] |
| | |
| grass [24] | Fix parsing of GDAL formats where the |
| | description contains a colon |
| | |
| horizon [25] | Re-enable translations |
| | |
| htmldoc [26] | Fix buffer overflow issues [CVE-2021- |
| | 40985 CVE-2021-43579] |
| | |
| im-config [27] | Prefer Fcitx5 over Fcitx4 |
| | |
| isync [28] | Fix multiple buffer overflow issues |
| | [CVE-2021-3657] |
| | |
| jqueryui [29] | Fix untrusted code execution issues |
| | [CVE-2021-41182 CVE-2021-41183 CVE-2021- |
| | 41184] |
| | |
| jwm [30] | Fix crash when using "Move" menu item |
| | |
| keepalived [31] | Fix overly broad DBus policy [CVE-2021- |
| | 44225] |
| | |
| keystone [32] | Resolve information leak allowing |
| | determination of whether users exist |
| | [CVE-2021-38155]; apply some performance |
| | improvements to the default keystone- |
| | uwsgi.ini |
| | |
| kodi [33] | Fix buffer overflow in PLS playlists |
| | [CVE-2021-42917] |
| | |
| libayatana- | Scale icons when loading from file; |
| indicator [34] | prevent regular crashes in indicator |
| | applets |
| | |
| libdatetime-timezone- | Update included data |
| perl [35] | |
| | |
| libencode-perl [36] | Fix a memory leak in Encode.xs |
| | |
| libseccomp [37] | Add support for syscalls up to Linux |
| | 5.15 |
| | |
| linux [38] | New upstream release; increase ABI to |
| | 10; RT: update to 5.10.83-rt58 |
| | |
| linux-signed-amd64 [39] | New upstream release; increase ABI to |
| | 10; RT: update to 5.10.83-rt58 |
| | |
| linux-signed-arm64 [40] | New upstream release; increase ABI to |
| | 10; RT: update to 5.10.83-rt58 |
| | |
| linux-signed-i386 [41] | New upstream release; increase ABI to |
| | 10; RT: update to 5.10.83-rt58 |
| | |
| lldpd [42] | Fix heap overflow issue [CVE-2021- |
| | 43612]; do not set VLAN tag if client |
| | did not set it |
| | |
| mrtg [43] | Correct errors in variable names |
| | |
| node-getobject [44] | Resolve prototype pollution issue |
| | [CVE-2020-28282] |
| | |
| node-json-schema [45] | Resolve prototype pollution issue |
| | [CVE-2021-3918] |
| | |
| open3d [46] | Ensure that python3-open3d depends on |
| | python3-numpy |
| | |
| opendmarc [47] | Fix opendmarc-import; increase maximum |
| | supported length of tokens in ARC_Seal |
| | headers, resolving crashes |
| | |
| plib [48] | Fix integer overflow issue [CVE-2021- |
| | 38714] |
| | |
| plocate [49] | Fix an issue where non-ASCII characters |
| | would be wrongly escaped |
| | |
| poco [50] | Fix installation of CMake files |
| | |
| privoxy [51] | Fix memory leaks [CVE-2021-44540 |
| | CVE-2021-44541 CVE-2021-44542]; fix |
| | cross-site scripting issue [CVE-2021- |
| | 44543] |
| | |
| publicsuffix [52] | Update included data |
| | |
| python-django [53] | New upstream security release: fix |
| | potential bypass of an upstream access |
| | control based on URL paths [CVE-2021- |
| | 44420] |
| | |
| python-eventlet [54] | Fix compatibility with dnspython 2 |
| | |
| python-virtualenv [55] | Fix crash when using --no-setuptools |
| | |
| ros-ros-comm [56] | Fix denial of service issue [CVE-2021- |
| | 37146] |
| | |
| ruby-httpclient [57] | Use system certificate store |
| | |
| rustc-mozilla [58] | New source package to support building |
| | of newer firefox-esr and thunderbird |
| | versions |
| | |
| supysonic [59] | Symlink jquery instead of loading it |
| | directly; correctly symlink minimized |
| | bootstrap CSS files |
| | |
| tzdata [60] | Update data for Fiji and Palestine |
| | |
| udisks2 [61] | Mount options: Always use |
| | errors=remount-ro for ext filesystems |
| | [CVE-2021-3802]; use the mkfs command to |
| | format exfat partitions; add Recommends |
| | exfatprogs as preferred alternative |
| | |
| ulfius [62] | Fix use of custom allocators with |
| | ulfius_url_decode and ulfius_url_encode |
| | |
| vim [63] | Fix heap overflows [CVE-2021-3770 |
| | CVE-2021-3778], use after free issue |
| | [CVE-2021-3796]; remove vim-gtk |
| | alternatives during vim-gtk -> vim-gtk3 |
| | transition, easing upgrades from buster |
| | |
| wget [64] | Fix downloads over 2GB on 32-bit systems |
| | |
+--------------------------+------------------------------------------+
1: https://packages.debian.org/src:authheaders
2: https://packages.debian.org/src:base-files
3: https://packages.debian.org/src:bpftrace
4: https://packages.debian.org/src:brltty
5: https://packages.debian.org/src:btrbk
6: https://packages.debian.org/src:calibre
7: https://packages.debian.org/src:chrony
8: https://packages.debian.org/src:cmake
9: https://packages.debian.org/src:containerd
10: https://packages.debian.org/src:curl
11: https://packages.debian.org/src:datatables.js
12: https://packages.debian.org/src:debian-edu-config
13: https://packages.debian.org/src:debian-edu-doc
14: https://packages.debian.org/src:debian-installer
15: https://packages.debian.org/src:debian-installer-netboot-images
16: https://packages.debian.org/src:distro-info-data
17: https://packages.debian.org/src:docker.io
18: https://packages.debian.org/src:edk2
19: https://packages.debian.org/src:freeipmi
20: https://packages.debian.org/src:gdal
21: https://packages.debian.org/src:gerbv
22: https://packages.debian.org/src:gmp
23: https://packages.debian.org/src:golang-1.15
24: https://packages.debian.org/src:grass
25: https://packages.debian.org/src:horizon
26: https://packages.debian.org/src:htmldoc
27: https://packages.debian.org/src:im-config
28: https://packages.debian.org/src:isync
29: https://packages.debian.org/src:jqueryui
30: https://packages.debian.org/src:jwm
31: https://packages.debian.org/src:keepalived
32: https://packages.debian.org/src:keystone
33: https://packages.debian.org/src:kodi
34: https://packages.debian.org/src:libayatana-indicator
35: https://packages.debian.org/src:libdatetime-timezone-perl
36: https://packages.debian.org/src:libencode-perl
37: https://packages.debian.org/src:libseccomp
38: https://packages.debian.org/src:linux
39: https://packages.debian.org/src:linux-signed-amd64
40: https://packages.debian.org/src:linux-signed-arm64
41: https://packages.debian.org/src:linux-signed-i386
42: https://packages.debian.org/src:lldpd
43: https://packages.debian.org/src:mrtg
44: https://packages.debian.org/src:node-getobject
45: https://packages.debian.org/src:node-json-schema
46: https://packages.debian.org/src:open3d
47: https://packages.debian.org/src:opendmarc
48: https://packages.debian.org/src:plib
49: https://packages.debian.org/src:plocate
50: https://packages.debian.org/src:poco
51: https://packages.debian.org/src:privoxy
52: https://packages.debian.org/src:publicsuffix
53: https://packages.debian.org/src:python-django
54: https://packages.debian.org/src:python-eventlet
55: https://packages.debian.org/src:python-virtualenv
56: https://packages.debian.org/src:ros-ros-comm
57: https://packages.debian.org/src:ruby-httpclient
58: https://packages.debian.org/src:rustc-mozilla
59: https://packages.debian.org/src:supysonic
60: https://packages.debian.org/src:tzdata
61: https://packages.debian.org/src:udisks2
62: https://packages.debian.org/src:ulfius
63: https://packages.debian.org/src:vim
64: https://packages.debian.org/src:wget
Security Updates
----------------
This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates:
+----------------+----------------------------+
| Advisory ID | Package |
+----------------+----------------------------+
| DSA-4980 [65] | qemu [66] |
| | |
| DSA-4981 [67] | firefox-esr [68] |
| | |
| DSA-4982 [69] | apache2 [70] |
| | |
| DSA-4983 [71] | neutron [72] |
| | |
| DSA-4984 [73] | flatpak [74] |
| | |
| DSA-4985 [75] | wordpress [76] |
| | |
| DSA-4986 [77] | tomcat9 [78] |
| | |
| DSA-4987 [79] | squashfs-tools [80] |
| | |
| DSA-4988 [81] | libreoffice [82] |
| | |
| DSA-4989 [83] | strongswan [84] |
| | |
| DSA-4992 [85] | php7.4 [86] |
| | |
| DSA-4994 [87] | bind9 [88] |
| | |
| DSA-4995 [89] | webkit2gtk [90] |
| | |
| DSA-4996 [91] | wpewebkit [92] |
| | |
| DSA-4998 [93] | ffmpeg [94] |
| | |
| DSA-5002 [95] | containerd [96] |
| | |
| DSA-5003 [97] | ldb [98] |
| | |
| DSA-5003 [99] | samba [100] |
| | |
| DSA-5004 [101] | libxstream-java [102] |
| | |
| DSA-5007 [103] | postgresql-13 [104] |
| | |
| DSA-5008 [105] | node-tar [106] |
| | |
| DSA-5009 [107] | tomcat9 [108] |
| | |
| DSA-5010 [109] | libxml-security-java [110] |
| | |
| DSA-5011 [111] | salt [112] |
| | |
| DSA-5013 [113] | roundcube [114] |
| | |
| DSA-5016 [115] | nss [116] |
| | |
| DSA-5017 [117] | xen [118] |
| | |
| DSA-5019 [119] | wireshark [120] |
| | |
| DSA-5020 [121] | apache-log4j2 [122] |
| | |
| DSA-5022 [123] | apache-log4j2 [124] |
| | |
+----------------+----------------------------+
65: https://www.debian.org/security/2021/dsa-4980
66: https://packages.debian.org/src:qemu
67: https://www.debian.org/security/2021/dsa-4981
68: https://packages.debian.org/src:firefox-esr
69: https://www.debian.org/security/2021/dsa-4982
70: https://packages.debian.org/src:apache2
71: https://www.debian.org/security/2021/dsa-4983
72: https://packages.debian.org/src:neutron
73: https://www.debian.org/security/2021/dsa-4984
74: https://packages.debian.org/src:flatpak
75: https://www.debian.org/security/2021/dsa-4985
76: https://packages.debian.org/src:wordpress
77: https://www.debian.org/security/2021/dsa-4986
78: https://packages.debian.org/src:tomcat9
79: https://www.debian.org/security/2021/dsa-4987
80: https://packages.debian.org/src:squashfs-tools
81: https://www.debian.org/security/2021/dsa-4988
82: https://packages.debian.org/src:libreoffice
83: https://www.debian.org/security/2021/dsa-4989
84: https://packages.debian.org/src:strongswan
85: https://www.debian.org/security/2021/dsa-4992
86: https://packages.debian.org/src:php7.4
87: https://www.debian.org/security/2021/dsa-4994
88: https://packages.debian.org/src:bind9
89: https://www.debian.org/security/2021/dsa-4995
90: https://packages.debian.org/src:webkit2gtk
91: https://www.debian.org/security/2021/dsa-4996
92: https://packages.debian.org/src:wpewebkit
93: https://www.debian.org/security/2021/dsa-4998
94: https://packages.debian.org/src:ffmpeg
95: https://www.debian.org/security/2021/dsa-5002
96: https://packages.debian.org/src:containerd
97: https://www.debian.org/security/2021/dsa-5003
98: https://packages.debian.org/src:ldb
99: https://www.debian.org/security/2021/dsa-5003
100: https://packages.debian.org/src:samba
101: https://www.debian.org/security/2021/dsa-5004
102: https://packages.debian.org/src:libxstream-java
103: https://www.debian.org/security/2021/dsa-5007
104: https://packages.debian.org/src:postgresql-13
105: https://www.debian.org/security/2021/dsa-5008
106: https://packages.debian.org/src:node-tar
107: https://www.debian.org/security/2021/dsa-5009
108: https://packages.debian.org/src:tomcat9
109: https://www.debian.org/security/2021/dsa-5010
110: https://packages.debian.org/src:libxml-security-java
111: https://www.debian.org/security/2021/dsa-5011
112: https://packages.debian.org/src:salt
113: https://www.debian.org/security/2021/dsa-5013
114: https://packages.debian.org/src:roundcube
115: https://www.debian.org/security/2021/dsa-5016
116: https://packages.debian.org/src:nss
117: https://www.debian.org/security/2021/dsa-5017
118: https://packages.debian.org/src:xen
119: https://www.debian.org/security/2021/dsa-5019
120: https://packages.debian.org/src:wireshark
121: https://www.debian.org/security/2021/dsa-5020
122: https://packages.debian.org/src:apache-log4j2
123: https://www.debian.org/security/2021/dsa-5022
124: https://packages.debian.org/src:apache-log4j2
Debian Installer
----------------
The installer has been updated to include the fixes incorporated into
stable by the point release.
URLs
----
The complete lists of packages that have changed with this revision:
https://deb.debian.org/debian/dists/bullseye/ChangeLog
The current stable distribution:
https://deb.debian.org/debian/dists/stable/
Proposed updates to the stable distribution:
https://deb.debian.org/debian/dists/proposed-updates
stable distribution information (release notes, errata etc.):
https://www.debian.org/releases/stable/
Security announcements and information:
https://www.debian.org/security/
About Debian
------------
The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely free
operating system Debian.
Contact Information
-------------------
For further information, please visit the Debian web pages at
https://www.debian.org/, send mail to <press@debian.org>, or contact the
stable release team at <debian-release@lists.debian.org>.
The Debian Project https://www.debian.org/
Updated Debian 11: 11.2 released press@debian.org
December 18th, 2021 https://www.debian.org/News/2021/20211218
------------------------------------------------------------------------
The Debian project is pleased to announce the second update of its
stable distribution Debian 11 (codename "bullseye"). This point release
mainly adds corrections for security issues, along with a few
adjustments for serious problems. Security advisories have already been
published separately and are referenced where available.
Please note that the point release does not constitute a new version of
Debian 11 but only updates some of the packages included. There is no
need to throw away old "bullseye" media. After installation, packages
can be upgraded to the current versions using an up-to-date Debian
mirror.
Those who frequently install updates from security.debian.org won't have
to update many packages, and most such updates are included in the point
release.
New installation images will be available soon at the regular locations.
Upgrading an existing installation to this revision can be achieved by
pointing the package management system at one of Debian's many HTTP
mirrors. A comprehensive list of mirrors is available at:
https://www.debian.org/mirror/list
Miscellaneous Bugfixes
----------------------
This stable update adds a few important corrections to the following
packages:
+--------------------------+------------------------------------------+
| Package | Reason |
+--------------------------+------------------------------------------+
| authheaders [1] | New upstream bug-fix release |
| | |
| base-files [2] | Update /etc/debian_version for the 11.2 |
| | point release |
| | |
| bpftrace [3] | Fix array indexing |
| | |
| brltty [4] | Fix operation under X when using |
| | sysvinit |
| | |
| btrbk [5] | Fix regression in the update for |
| | CVE-2021-38173 |
| | |
| calibre [6] | Fix syntax error |
| | |
| chrony [7] | Fix binding a socket to a network device |
| | with a name longer than 3 characters |
| | when the system call filter is enabled |
| | |
| cmake [8] | Add PostgreSQL 13 to known versions |
| | |
| containerd [9] | New upstream stable release; handle |
| | ambiguous OCI manifest parsing |
| | [CVE-2021-41190]; support "clone3" in |
| | default seccomp profile |
| | |
| curl [10] | Remove -ffile-prefix-map from curl- |
| | config, fixing co-installability of |
| | libcurl4-gnutls-dev under multiarch |
| | |
| datatables.js [11] | Fix insufficient escaping of arrays |
| | passed to the HTML escape entities |
| | function [CVE-2021-23445] |
| | |
| debian-edu-config [12] | pxe-addfirmware: Fix TFTP server path; |
| | improve support for LTSP chroot setup |
| | and maintenance |
| | |
| debian-edu-doc [13] | Update Debian Edu Bullseye manual from |
| | the wiki; update translations |
| | |
| debian-installer [14] | Rebuild against proposed-updates; update |
| | kernel ABI to -10 |
| | |
| debian-installer- | Rebuild against proposed-updates |
| netboot-images [15] | |
| | |
| distro-info-data [16] | Update included data for Ubuntu 14.04 |
| | and 16.04 ESM; add Ubuntu 22.04 LTS |
| | |
| docker.io [17] | Fix possible change of host file system |
| | permissions [CVE-2021-41089]; lock down |
| | file permissions in /var/lib/docker |
| | [CVE-2021-41091]; prevent credentials |
| | being sent to the default registry |
| | [CVE-2021-41092]; add support for |
| | "clone3" syscall in default seccomp |
| | policy |
| | |
| edk2 [18] | Address Boot Guard TOCTOU vulnerability |
| | [CVE-2019-11098] |
| | |
| freeipmi [19] | Install pkgconfig files to correct |
| | location |
| | |
| gdal [20] | Fix BAG 2.0 Extract support in LVBAG |
| | driver |
| | |
| gerbv [21] | Fix out-of-bounds write issue [CVE-2021- |
| | 40391] |
| | |
| gmp [22] | Fix integer and buffer overflow issue |
| | [CVE-2021-43618] |
| | |
| golang-1.15 [23] | New upstream stable release; fix "net/ |
| | http: panic due to racy read of |
| | persistConn after handler |
| | panic" [CVE-2021-36221]; fix "archive/ |
| | zip: overflow in preallocation check can |
| | cause OOM panic" [CVE-2021-39293]; fix |
| | buffer over-run issue [CVE-2021-38297], |
| | out of bounds read issue [CVE-2021- |
| | 41771], denial of service issues |
| | [CVE-2021-44716 CVE-2021-44717] |
| | |
| grass [24] | Fix parsing of GDAL formats where the |
| | description contains a colon |
| | |
| horizon [25] | Re-enable translations |
| | |
| htmldoc [26] | Fix buffer overflow issues [CVE-2021- |
| | 40985 CVE-2021-43579] |
| | |
| im-config [27] | Prefer Fcitx5 over Fcitx4 |
| | |
| isync [28] | Fix multiple buffer overflow issues |
| | [CVE-2021-3657] |
| | |
| jqueryui [29] | Fix untrusted code execution issues |
| | [CVE-2021-41182 CVE-2021-41183 CVE-2021- |
| | 41184] |
| | |
| jwm [30] | Fix crash when using "Move" menu item |
| | |
| keepalived [31] | Fix overly broad DBus policy [CVE-2021- |
| | 44225] |
| | |
| keystone [32] | Resolve information leak allowing |
| | determination of whether users exist |
| | [CVE-2021-38155]; apply some performance |
| | improvements to the default keystone- |
| | uwsgi.ini |
| | |
| kodi [33] | Fix buffer overflow in PLS playlists |
| | [CVE-2021-42917] |
| | |
| libayatana- | Scale icons when loading from file; |
| indicator [34] | prevent regular crashes in indicator |
| | applets |
| | |
| libdatetime-timezone- | Update included data |
| perl [35] | |
| | |
| libencode-perl [36] | Fix a memory leak in Encode.xs |
| | |
| libseccomp [37] | Add support for syscalls up to Linux |
| | 5.15 |
| | |
| linux [38] | New upstream release; increase ABI to |
| | 10; RT: update to 5.10.83-rt58 |
| | |
| linux-signed-amd64 [39] | New upstream release; increase ABI to |
| | 10; RT: update to 5.10.83-rt58 |
| | |
| linux-signed-arm64 [40] | New upstream release; increase ABI to |
| | 10; RT: update to 5.10.83-rt58 |
| | |
| linux-signed-i386 [41] | New upstream release; increase ABI to |
| | 10; RT: update to 5.10.83-rt58 |
| | |
| lldpd [42] | Fix heap overflow issue [CVE-2021- |
| | 43612]; do not set VLAN tag if client |
| | did not set it |
| | |
| mrtg [43] | Correct errors in variable names |
| | |
| node-getobject [44] | Resolve prototype pollution issue |
| | [CVE-2020-28282] |
| | |
| node-json-schema [45] | Resolve prototype pollution issue |
| | [CVE-2021-3918] |
| | |
| open3d [46] | Ensure that python3-open3d depends on |
| | python3-numpy |
| | |
| opendmarc [47] | Fix opendmarc-import; increase maximum |
| | supported length of tokens in ARC_Seal |
| | headers, resolving crashes |
| | |
| plib [48] | Fix integer overflow issue [CVE-2021- |
| | 38714] |
| | |
| plocate [49] | Fix an issue where non-ASCII characters |
| | would be wrongly escaped |
| | |
| poco [50] | Fix installation of CMake files |
| | |
| privoxy [51] | Fix memory leaks [CVE-2021-44540 |
| | CVE-2021-44541 CVE-2021-44542]; fix |
| | cross-site scripting issue [CVE-2021- |
| | 44543] |
| | |
| publicsuffix [52] | Update included data |
| | |
| python-django [53] | New upstream security release: fix |
| | potential bypass of an upstream access |
| | control based on URL paths [CVE-2021- |
| | 44420] |
| | |
| python-eventlet [54] | Fix compatibility with dnspython 2 |
| | |
| python-virtualenv [55] | Fix crash when using --no-setuptools |
| | |
| ros-ros-comm [56] | Fix denial of service issue [CVE-2021- |
| | 37146] |
| | |
| ruby-httpclient [57] | Use system certificate store |
| | |
| rustc-mozilla [58] | New source package to support building |
| | of newer firefox-esr and thunderbird |
| | versions |
| | |
| supysonic [59] | Symlink jquery instead of loading it |
| | directly; correctly symlink minimized |
| | bootstrap CSS files |
| | |
| tzdata [60] | Update data for Fiji and Palestine |
| | |
| udisks2 [61] | Mount options: Always use |
| | errors=remount-ro for ext filesystems |
| | [CVE-2021-3802]; use the mkfs command to |
| | format exfat partitions; add Recommends |
| | exfatprogs as preferred alternative |
| | |
| ulfius [62] | Fix use of custom allocators with |
| | ulfius_url_decode and ulfius_url_encode |
| | |
| vim [63] | Fix heap overflows [CVE-2021-3770 |
| | CVE-2021-3778], use after free issue |
| | [CVE-2021-3796]; remove vim-gtk |
| | alternatives during vim-gtk -> vim-gtk3 |
| | transition, easing upgrades from buster |
| | |
| wget [64] | Fix downloads over 2GB on 32-bit systems |
| | |
+--------------------------+------------------------------------------+
1: https://packages.debian.org/src:authheaders
2: https://packages.debian.org/src:base-files
3: https://packages.debian.org/src:bpftrace
4: https://packages.debian.org/src:brltty
5: https://packages.debian.org/src:btrbk
6: https://packages.debian.org/src:calibre
7: https://packages.debian.org/src:chrony
8: https://packages.debian.org/src:cmake
9: https://packages.debian.org/src:containerd
10: https://packages.debian.org/src:curl
11: https://packages.debian.org/src:datatables.js
12: https://packages.debian.org/src:debian-edu-config
13: https://packages.debian.org/src:debian-edu-doc
14: https://packages.debian.org/src:debian-installer
15: https://packages.debian.org/src:debian-installer-netboot-images
16: https://packages.debian.org/src:distro-info-data
17: https://packages.debian.org/src:docker.io
18: https://packages.debian.org/src:edk2
19: https://packages.debian.org/src:freeipmi
20: https://packages.debian.org/src:gdal
21: https://packages.debian.org/src:gerbv
22: https://packages.debian.org/src:gmp
23: https://packages.debian.org/src:golang-1.15
24: https://packages.debian.org/src:grass
25: https://packages.debian.org/src:horizon
26: https://packages.debian.org/src:htmldoc
27: https://packages.debian.org/src:im-config
28: https://packages.debian.org/src:isync
29: https://packages.debian.org/src:jqueryui
30: https://packages.debian.org/src:jwm
31: https://packages.debian.org/src:keepalived
32: https://packages.debian.org/src:keystone
33: https://packages.debian.org/src:kodi
34: https://packages.debian.org/src:libayatana-indicator
35: https://packages.debian.org/src:libdatetime-timezone-perl
36: https://packages.debian.org/src:libencode-perl
37: https://packages.debian.org/src:libseccomp
38: https://packages.debian.org/src:linux
39: https://packages.debian.org/src:linux-signed-amd64
40: https://packages.debian.org/src:linux-signed-arm64
41: https://packages.debian.org/src:linux-signed-i386
42: https://packages.debian.org/src:lldpd
43: https://packages.debian.org/src:mrtg
44: https://packages.debian.org/src:node-getobject
45: https://packages.debian.org/src:node-json-schema
46: https://packages.debian.org/src:open3d
47: https://packages.debian.org/src:opendmarc
48: https://packages.debian.org/src:plib
49: https://packages.debian.org/src:plocate
50: https://packages.debian.org/src:poco
51: https://packages.debian.org/src:privoxy
52: https://packages.debian.org/src:publicsuffix
53: https://packages.debian.org/src:python-django
54: https://packages.debian.org/src:python-eventlet
55: https://packages.debian.org/src:python-virtualenv
56: https://packages.debian.org/src:ros-ros-comm
57: https://packages.debian.org/src:ruby-httpclient
58: https://packages.debian.org/src:rustc-mozilla
59: https://packages.debian.org/src:supysonic
60: https://packages.debian.org/src:tzdata
61: https://packages.debian.org/src:udisks2
62: https://packages.debian.org/src:ulfius
63: https://packages.debian.org/src:vim
64: https://packages.debian.org/src:wget
Security Updates
----------------
This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates:
+----------------+----------------------------+
| Advisory ID | Package |
+----------------+----------------------------+
| DSA-4980 [65] | qemu [66] |
| | |
| DSA-4981 [67] | firefox-esr [68] |
| | |
| DSA-4982 [69] | apache2 [70] |
| | |
| DSA-4983 [71] | neutron [72] |
| | |
| DSA-4984 [73] | flatpak [74] |
| | |
| DSA-4985 [75] | wordpress [76] |
| | |
| DSA-4986 [77] | tomcat9 [78] |
| | |
| DSA-4987 [79] | squashfs-tools [80] |
| | |
| DSA-4988 [81] | libreoffice [82] |
| | |
| DSA-4989 [83] | strongswan [84] |
| | |
| DSA-4992 [85] | php7.4 [86] |
| | |
| DSA-4994 [87] | bind9 [88] |
| | |
| DSA-4995 [89] | webkit2gtk [90] |
| | |
| DSA-4996 [91] | wpewebkit [92] |
| | |
| DSA-4998 [93] | ffmpeg [94] |
| | |
| DSA-5002 [95] | containerd [96] |
| | |
| DSA-5003 [97] | ldb [98] |
| | |
| DSA-5003 [99] | samba [100] |
| | |
| DSA-5004 [101] | libxstream-java [102] |
| | |
| DSA-5007 [103] | postgresql-13 [104] |
| | |
| DSA-5008 [105] | node-tar [106] |
| | |
| DSA-5009 [107] | tomcat9 [108] |
| | |
| DSA-5010 [109] | libxml-security-java [110] |
| | |
| DSA-5011 [111] | salt [112] |
| | |
| DSA-5013 [113] | roundcube [114] |
| | |
| DSA-5016 [115] | nss [116] |
| | |
| DSA-5017 [117] | xen [118] |
| | |
| DSA-5019 [119] | wireshark [120] |
| | |
| DSA-5020 [121] | apache-log4j2 [122] |
| | |
| DSA-5022 [123] | apache-log4j2 [124] |
| | |
+----------------+----------------------------+
65: https://www.debian.org/security/2021/dsa-4980
66: https://packages.debian.org/src:qemu
67: https://www.debian.org/security/2021/dsa-4981
68: https://packages.debian.org/src:firefox-esr
69: https://www.debian.org/security/2021/dsa-4982
70: https://packages.debian.org/src:apache2
71: https://www.debian.org/security/2021/dsa-4983
72: https://packages.debian.org/src:neutron
73: https://www.debian.org/security/2021/dsa-4984
74: https://packages.debian.org/src:flatpak
75: https://www.debian.org/security/2021/dsa-4985
76: https://packages.debian.org/src:wordpress
77: https://www.debian.org/security/2021/dsa-4986
78: https://packages.debian.org/src:tomcat9
79: https://www.debian.org/security/2021/dsa-4987
80: https://packages.debian.org/src:squashfs-tools
81: https://www.debian.org/security/2021/dsa-4988
82: https://packages.debian.org/src:libreoffice
83: https://www.debian.org/security/2021/dsa-4989
84: https://packages.debian.org/src:strongswan
85: https://www.debian.org/security/2021/dsa-4992
86: https://packages.debian.org/src:php7.4
87: https://www.debian.org/security/2021/dsa-4994
88: https://packages.debian.org/src:bind9
89: https://www.debian.org/security/2021/dsa-4995
90: https://packages.debian.org/src:webkit2gtk
91: https://www.debian.org/security/2021/dsa-4996
92: https://packages.debian.org/src:wpewebkit
93: https://www.debian.org/security/2021/dsa-4998
94: https://packages.debian.org/src:ffmpeg
95: https://www.debian.org/security/2021/dsa-5002
96: https://packages.debian.org/src:containerd
97: https://www.debian.org/security/2021/dsa-5003
98: https://packages.debian.org/src:ldb
99: https://www.debian.org/security/2021/dsa-5003
100: https://packages.debian.org/src:samba
101: https://www.debian.org/security/2021/dsa-5004
102: https://packages.debian.org/src:libxstream-java
103: https://www.debian.org/security/2021/dsa-5007
104: https://packages.debian.org/src:postgresql-13
105: https://www.debian.org/security/2021/dsa-5008
106: https://packages.debian.org/src:node-tar
107: https://www.debian.org/security/2021/dsa-5009
108: https://packages.debian.org/src:tomcat9
109: https://www.debian.org/security/2021/dsa-5010
110: https://packages.debian.org/src:libxml-security-java
111: https://www.debian.org/security/2021/dsa-5011
112: https://packages.debian.org/src:salt
113: https://www.debian.org/security/2021/dsa-5013
114: https://packages.debian.org/src:roundcube
115: https://www.debian.org/security/2021/dsa-5016
116: https://packages.debian.org/src:nss
117: https://www.debian.org/security/2021/dsa-5017
118: https://packages.debian.org/src:xen
119: https://www.debian.org/security/2021/dsa-5019
120: https://packages.debian.org/src:wireshark
121: https://www.debian.org/security/2021/dsa-5020
122: https://packages.debian.org/src:apache-log4j2
123: https://www.debian.org/security/2021/dsa-5022
124: https://packages.debian.org/src:apache-log4j2
Debian Installer
----------------
The installer has been updated to include the fixes incorporated into
stable by the point release.
URLs
----
The complete lists of packages that have changed with this revision:
https://deb.debian.org/debian/dists/bullseye/ChangeLog
The current stable distribution:
https://deb.debian.org/debian/dists/stable/
Proposed updates to the stable distribution:
https://deb.debian.org/debian/dists/proposed-updates
stable distribution information (release notes, errata etc.):
https://www.debian.org/releases/stable/
Security announcements and information:
https://www.debian.org/security/
About Debian
------------
The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely free
operating system Debian.
Contact Information
-------------------
For further information, please visit the Debian web pages at
https://www.debian.org/, send mail to <press@debian.org>, or contact the
stable release team at <debian-release@lists.debian.org>.
Subscribe to:
Posts (Atom)