Monday 2nd May 2022

Local Packages

• Updated python-bcrypt to 3.2.2:

  • Added support for compilation on z/OS

  • The next release of 'bcrypt' with be 4.0 and it will require Rust at compile time, for users building from source; the minimum supported Rust version will be 1.56.0

  • This will be the final release for which we ship 'manylinux2010' wheels; going forward the minimum supported manylinux ABI for our wheels will be 'manylinux2014'

  • Fixed packaging of 'py.typed' files in wheels so that 'mypy' works

• I won't be building python-bcrypt for distributions from Fedora 37 onwards (the system version should be fine) and won't be updating it for older distributions as I don't want to get into Rust packaging

Tuesday 3rd May 2022

Fedora Project

• Branched and built perl-Hash-Merge-Simple (0.051) for EPEL-9

• Imported and built perl-Parse-Distname (0.05) for F-34, F-35, F-36, Rawhide, EPEL-8 and EPEL-9

• Updated perl-Perl-PrereqScanner-NotQuiteLite to 0.9916 in Rawhide:

  • Ignore core modules with undef version correctly

  • Drop URI::cpan dependency and use Parse::Distname to parse cpan URI

• Updated perl-PPI to 1.274 in Rawhide:

  • Indentation in here-docs is now preserved (GH#252)

Local Packages

• Updated libxml2 to 2.9.14 (https://mail.gnome.org/archives/xml/2022-May/msg00000.html)

• Updated perl-PPI to 1.274 as per the Fedora version

Thursday 5th May 2022

Fedora Project

• Updated perl-Cpanel-JSON-XS to 4.28 in Rawhide:

  • Validate the JSON struct, which might get corrupted by wrong FREEZE/THAW methods, or other serializers, or corrupting our magic object (GH#192)

  • Improve our DESTROY and END methods to avoid NULL dereferences (https://github.com/rurban/perl-compiler/issues/438)

  • Fix 3 tests in t/20_unknown.t with the latest 5.35.10 bool enhancements and JSON::PP (GH#194)

  • Fix t/118_type.t with Windows ivtype long long (GH#178)

  • Added GitHub actions

Local Packages

• Updated nmap (7.92) to have ncat close on EOF by default, with a new --no-terminate option for backwards compatibility (Bug #2082270)

• Updated perl-Cpanel-JSON-XS to 4.28 as per the Fedora version

Sunday 8th May 2022

Local Packages

• Updated unrar to 6.12

Tuesday 10th May 2022

Local Packages

• Updated perl-Module-Refresh to 0.18:

  • Fix uninitialized warnings when modules were not successfully loaded

Wednesday 11th May 2022

Local Packages

• Updated curl to 7.83.1

  • altsvc: Fix host name matching for trailing dots

  • cirrus: Update to FreeBSD 12.3

  • cirrus: Use pip for Python packages on FreeBSD

  • conn: Fix typo 'connnection' → 'connection' in two function names

  • cookies: Make bad_domain() not consider a trailing dot fine (CVE-2022-27779)

  • curl: Free resource in error path

  • curl: Guard against size_t wraparound in no-clobber code

  • CURLOPT_DOH_URL.3: Mention the known bug

  • CURLOPT_HSTS*FUNCTION.3: Document the involved structs as well

  • CURLOPT_SSH_AUTH_TYPES.3: Fix the default

  • data/test376: Set a proper name

  • GHA/mbedtls: Enabled nghttp2 in the build
  • gha: Build msh3

  • gskit: Fixed bogus setsockopt calls

  • gskit: Remove unused function set_callback

  • hsts: Ignore trailing dots when comparing hosts' names (CVE-2022-30115)

  • HTTP-COOKIES: Add missing CURLOPT_COOKIESESSION

  • http: Move Curl_allow_auth_to_host()

  • http_proxy/hyper: Handle closed connections
  • hyper: Fix test 357

  • Makefile: Fix "make ca-firefox"

  • mbedtls: Bail out if rng init fails
  • mbedtls: Fix compile when h2-enabled
  • mbedtls: Fix some error messages

  • misc: Use "autoreconf -fi" instead of buildconf

  • msh3: Get msh3 version from MsH3Version

  • msh3: Print boolean value as text representation

  • msh3: Pass remote_port to MsH3ConnectionOpen

  • ngtcp2: Add ca-fallback support for OpenSSL backend

  • nss: Return error if seemingly stuck in a cert loop (CVE-2022-27781)

  • openssl: Define HAVE_SSL_CTX_SET_EC_CURVES for libressl

  • post_per_transfer: Remove the updated file name (CVE-2022-27778)

  • sectransp: Bail out if SSLSetPeerDomainName fails

  • tests/server: Declare variable 'reqlogfile' static

  • tests: Fix markdown formatting in README

  • test{898,974,976}: Add 'HTTP proxy' keywords

  • tls: Check more TLS details for connection reuse (CVE-2022-27782)

  • url: Check SSH config match on connection reuse (CVE-2022-27782)

  • urlapi: Address (harmless) UndefinedBehavior sanitizer warning

  • urlapi: Reject percent-decoding host name into separator bytes (CVE-2022-27780)

  • x509asn1: Make do_pubkey handle EC public keys

• I skipped failing test977 on EL-7 for now (GH#8834)

• Updated nmap (7.92) to revert the previous close-on-EOF change as it would do more harm than good

Thursday 12th May 2022

Local Packages

• New package ansible-collection-community-libvirt (1.0.2)

• I have switched my local infrastructure over from ansible to ansible-core in readiness for Fedora 36 and this was the only collection I needed that was not already packaged

Friday 13th May 2022

Fedora Project

• Updated perl-BerkeleyDB to 0.65 in Rawhide:

  • Update to license wording

• Updated perl-Compress-Raw-Zlib to 2.104 in Rawhide:

  • Prefix Zlib symbols with "Perl_crz" when building from bundled sources to avoid symbol conflicts with system Zlib (GH#8, GH#11)

  • Add tests for crc32/adler32_combine

Local Packages

• Updated perl-BerkeleyDB to 0.65 as per the Fedora version

• Updated perl-Compress-Raw-Zlib to 2.104 as per the Fedora version

Saturday 14th May 2022

Fedora Project

• Updated perl-Compress-Raw-Zlib to 2.105:

  • Add BUILD_ZLIB to the test matrix

  • Fix for BUILD_ZLIB disabled (GH#8)

  • Dump version info when running test harness

  • Add Compress::Raw::Zlib::VERSION to output

Local Packages

• Updated perl-Compress-Raw-Zlib to 2.105 as per the Fedora version

Sunday 15th May 2022

Local Packages

• Updated ansible-collection-community-libvirt to 1.1.0:

  • Replace deprecated 'distutils.spawn.find_executable' with Ansible's 'get_bin_path' in '_search_executable' function

Monday 16th May 2022

Fedora Project

• Updated perl-Modern-Perl to 1.20220515 in F-36, Rawhide and EPEL-9:

  • Enable signatures in 2022 year bundle
  • Add 2021 and 2022 year bundles

Local Packages

• Updated ansible-collection-community-libvirt (1.1.0) to incorporate feedback from package review (Bug #2086299) and to manually specify the URL: tag for EPEL-9 compatibility

  • Add %check section to run unit tests

  • Handle file exclusions using galaxy.yml

  • Generate test dependencies dynamically

• Updated perl-XML-LibXSLT to 2.001000:

  • XML::LibXSLT::Quick.pm: add 'params' support for generic_transform()

Tuesday 17th May 2022

Fedora Project

• Updated python-paramiko to 2.11.0 in F-34, F-35, F-36 and Rawhide:

  • Align signature verification algorithm with OpenSSH re: zero-padding signatures that don't match their nominal size/length; this shouldn't affect most users, but will help Paramiko-implemented SSH servers handle poorly behaved clients such as PuTTY (GH#1933)

  • OpenSSH 7.7 and older has a bug preventing it from understanding how to perform SHA2 signature verification for RSA certificates (specifically certs - not keys), so when we added SHA2 support it broke all clients using RSA certificates with these servers; this has been fixed in a manner similar to what OpenSSH's own client does - a version check is performed and the algorithm used is downgraded if needed (GH#2017)

  • Recent versions of Cryptography have deprecated Blowfish algorithm support; in lieu of an easy method for users to remove it from the list of algorithms Paramiko tries to import and use, we've decided to remove it from our "preferred algorithms" list, which will both discourage use of a weak algorithm, and avoid warnings (GH#2038, GH#2039)

  • Windows-native SSH agent support as merged in 2.10 could encounter 'Errno 22' 'OSError' exceptions in some scenarios (e.g. server not cleanly closing a relevant named pipe); this has been worked around and should be less problematic (GH#2008, GH#2010)

  • Add SSH config token expansion (eg '%h', '%p') when parsing 'ProxyJump' directives (GH#1951)

  • Apply unittest 'skipIf' to tests currently using SHA1 in their critical path, to avoid failures on systems starting to disable SHA1 outright in their crypto backends (e.g. RHEL 9) (GH#2004, GH#2011)

Local Packages

• More minor packaging tweaks for ansible-collection-community-libvirt (1.1.0):

  • Add COPYING as a %license file

  • Unconditionally use dynamic buildrequires to ensure expansion of %{ansible_collection_url} in SRPM

• Updated perl-XML-LibXSLT to 2.002000:

  • XML::LibXSLT::Quick.pm:

    • Clarify license (GH#5)

    • Add docs and a $source 'string' type

  • Makefile.PL:

    • Clean-ups

    • Require perl-5.14.0 at a minimum (https://github.com/shlomif/supporting-older-perl5-releases)

Thursday 19th May 2022

Fedora Project

• Imported and built ansible-collection-community-libvirt (1.1.0) for F-35, F-36, Rawhide, EPEL-8 and EPEL-9 (Bug #2086299)

Saturday 21st May 2022

Local Packages

• Rebuilt curl (7.83.1) for updated EL-7 libpsl (GH#8834)

Sunday 22nd May 2022

Fedora Project

• Updated perl-JSON to 4.06 in Rawhide:

  • Updated backportPP with JSON::PP 4.09

• Updated perl-JSON-PP to 4.09 in Rawhide:

  • Reverted core boolean support for now (GH#72)

  • Fix incr_parse() hanging on certain inputs (GH#67)

  • Silence warnings about non-characters on older perls (GH#68)

Local Packages

• Updated perl-JSON to 4.06 as per the Fedora version

• Updated perl-JSON-PP to 4.09 as per the Fedora version

Tuesday 24th May 2022

Fedora Project

• Updated perl-MCE to 1.879 in Rawhide:

  • Replace http with https in documentation and meta files

  • Call PDL::set_autopthread_targ(1); disables PDL auto-threading

• Updated perl-MCE-Shared to 1.877 in Rawhide:

  • Replace http with https in documentation and meta files

  • Call PDL::set_autopthread_targ(1); disables PDL auto-threading

  • Allow sharing additional PDL objects via class methods: pdl_sbyte, pdl_ulong, pdl_ulonglong, pdl_ldouble, pdl_grandom, and pdl_zero

Local Packages

• Updated perl-MCE to 1.879 as per the Fedora version

• Updated perl-MCE-Shared to 1.877 as per the Fedora version

Wednesday 25th May 2022

Fedora Project

• Updated perl-Text-CSV_XS to 1.48 in Rawhide:

  • It's 2022

  • kh => 1 (use internal headers)

  • Add constants for META flags (CPAN RT#142508)

  • Update to Devel::PPPort-3.68

  • Export :CONSTANTS

  • Fix sep_set typo (GH#37)

  • Tested against perl-5.36.0

Local Packages

• Updated perl-Text-CSV_XS to 1.48 as per the Fedora version

Friday 27th May 2022

Fedora Project

• Updated perl-Cpanel-JSON-XS to 4.29 in Rawhide:

  • Hack: Revert native bool (unblessed) overloads via JSON::PP 4.08; JSON::PP ignores unblessed bools for now (GH#194)

Local Packages

• Updated perl-Cpanel-JSON-XS to 4.29 as per the Fedora version

Saturday 28th May 2022

Local Packages

• Updated perl-Module-CoreList to 5.20220527:

  • Updated for v5.36.0
  • Updated for v5.37.0

Monday 30th May 2022

Local Packages

• Updated perl-Net-DNS to 1.34:

  • Improve robustness of EDNS option compose/decompose functions

  • Simplify code in Makefile.PL

  • Avoid "Useless use of a constant in void context" warning (CPAN RT#142426)