python-uv-build-0.6.14-2.fc43
rust-gitui-0.26.3-6.fc43
rust-gstreamer-0.23.5-2.fc43
rust-ron-0.9.0-1.fc43
rust-version-ranges-0.1.1-2.fc43
rust-zip-2.6.1-1.fc43
uv-0.6.14-3.fc43
Update rust-ron to 0.9.
Update rust-zip to 2.6.1, fixing GHSA-94vh-gphv-8pm8.
rpki-client-9.5-1.el10_0
rpki-client now includes arin.tal which is no longer legally encumbered. See https://www.arin.net/announcements/20250116-tal/
rpki-client reports Certification Authorities that do not meaningfully participate in the RPKI as non-functional CAs. By definition, a CA is non-functional if there is no currently valid Manifest. The number of such CAs is printed at the end of each run and more detailed information is available in the JSON (-j) and ometrics (-m) output.
OpenBSD reliability errata 014: Incorrect internal RRDP state handling in rpki-client can lead to a denial of service. Affected are rpki-client versions 7.5 – 9.4.
Termination of rsync child processes with SIGTERM is no longer treated as an error if rpki-client has sent this signal. This only affects openrsync.
Do not exit filemode with an error if a .gbr or a .tak object contains control characters in its UTF-8 strings. Instead, only warn and emit a sanitized version in JSON output.
Upcoming breaking change:
Starting with release 9.6, rpki-client will emit all key identifiers (AKI and SKI) encoded in JSON as bare hex strings without colons.
rpki-client-9.5-1.fc41
rpki-client now includes arin.tal which is no longer legally encumbered. See https://www.arin.net/announcements/20250116-tal/
rpki-client reports Certification Authorities that do not meaningfully participate in the RPKI as non-functional CAs. By definition, a CA is non-functional if there is no currently valid Manifest. The number of such CAs is printed at the end of each run and more detailed information is available in the JSON (-j) and ometrics (-m) output.
OpenBSD reliability errata 014: Incorrect internal RRDP state handling in rpki-client can lead to a denial of service. Affected are rpki-client versions 7.5 – 9.4.
Termination of rsync child processes with SIGTERM is no longer treated as an error if rpki-client has sent this signal. This only affects openrsync.
Do not exit filemode with an error if a .gbr or a .tak object contains control characters in its UTF-8 strings. Instead, only warn and emit a sanitized version in JSON output.
Upcoming breaking change:
Starting with release 9.6, rpki-client will emit all key identifiers (AKI and SKI) encoded in JSON as bare hex strings without colons.
rpki-client-9.5-1.fc40
rpki-client now includes arin.tal which is no longer legally encumbered. See https://www.arin.net/announcements/20250116-tal/
rpki-client reports Certification Authorities that do not meaningfully participate in the RPKI as non-functional CAs. By definition, a CA is non-functional if there is no currently valid Manifest. The number of such CAs is printed at the end of each run and more detailed information is available in the JSON (-j) and ometrics (-m) output.
OpenBSD reliability errata 014: Incorrect internal RRDP state handling in rpki-client can lead to a denial of service. Affected are rpki-client versions 7.5 – 9.4.
Termination of rsync child processes with SIGTERM is no longer treated as an error if rpki-client has sent this signal. This only affects openrsync.
Do not exit filemode with an error if a .gbr or a .tak object contains control characters in its UTF-8 strings. Instead, only warn and emit a sanitized version in JSON output.
Upcoming breaking change:
Starting with release 9.6, rpki-client will emit all key identifiers (AKI and SKI) encoded in JSON as bare hex strings without colons.
rpki-client-9.5-1.el9
rpki-client now includes arin.tal which is no longer legally encumbered. See https://www.arin.net/announcements/20250116-tal/
rpki-client reports Certification Authorities that do not meaningfully participate in the RPKI as non-functional CAs. By definition, a CA is non-functional if there is no currently valid Manifest. The number of such CAs is printed at the end of each run and more detailed information is available in the JSON (-j) and ometrics (-m) output.
OpenBSD reliability errata 014: Incorrect internal RRDP state handling in rpki-client can lead to a denial of service. Affected are rpki-client versions 7.5 – 9.4.
Termination of rsync child processes with SIGTERM is no longer treated as an error if rpki-client has sent this signal. This only affects openrsync.
Do not exit filemode with an error if a .gbr or a .tak object contains control characters in its UTF-8 strings. Instead, only warn and emit a sanitized version in JSON output.
Upcoming breaking change:
Starting with release 9.6, rpki-client will emit all key identifiers (AKI and SKI) encoded in JSON as bare hex strings without colons.
rpki-client-9.5-1.el10_1
rpki-client now includes arin.tal which is no longer legally encumbered. See https://www.arin.net/announcements/20250116-tal/
rpki-client reports Certification Authorities that do not meaningfully participate in the RPKI as non-functional CAs. By definition, a CA is non-functional if there is no currently valid Manifest. The number of such CAs is printed at the end of each run and more detailed information is available in the JSON (-j) and ometrics (-m) output.
OpenBSD reliability errata 014: Incorrect internal RRDP state handling in rpki-client can lead to a denial of service. Affected are rpki-client versions 7.5 – 9.4.
Termination of rsync child processes with SIGTERM is no longer treated as an error if rpki-client has sent this signal. This only affects openrsync.
Do not exit filemode with an error if a .gbr or a .tak object contains control characters in its UTF-8 strings. Instead, only warn and emit a sanitized version in JSON output.
Upcoming breaking change:
Starting with release 9.6, rpki-client will emit all key identifiers (AKI and SKI) encoded in JSON as bare hex strings without colons.
rpki-client-9.5-1.fc42
rpki-client now includes arin.tal which is no longer legally encumbered. See https://www.arin.net/announcements/20250116-tal/
rpki-client reports Certification Authorities that do not meaningfully participate in the RPKI as non-functional CAs. By definition, a CA is non-functional if there is no currently valid Manifest. The number of such CAs is printed at the end of each run and more detailed information is available in the JSON (-j) and ometrics (-m) output.
OpenBSD reliability errata 014: Incorrect internal RRDP state handling in rpki-client can lead to a denial of service. Affected are rpki-client versions 7.5 – 9.4.
Termination of rsync child processes with SIGTERM is no longer treated as an error if rpki-client has sent this signal. This only affects openrsync.
Do not exit filemode with an error if a .gbr or a .tak object contains control characters in its UTF-8 strings. Instead, only warn and emit a sanitized version in JSON output.
Upcoming breaking change:
Starting with release 9.6, rpki-client will emit all key identifiers (AKI and SKI) encoded in JSON as bare hex strings without colons.
rpki-client-9.5-1.el8
rpki-client now includes arin.tal which is no longer legally encumbered. See https://www.arin.net/announcements/20250116-tal/
rpki-client reports Certification Authorities that do not meaningfully participate in the RPKI as non-functional CAs. By definition, a CA is non-functional if there is no currently valid Manifest. The number of such CAs is printed at the end of each run and more detailed information is available in the JSON (-j) and ometrics (-m) output.
OpenBSD reliability errata 014: Incorrect internal RRDP state handling in rpki-client can lead to a denial of service. Affected are rpki-client versions 7.5 – 9.4.
Termination of rsync child processes with SIGTERM is no longer treated as an error if rpki-client has sent this signal. This only affects openrsync.
Do not exit filemode with an error if a .gbr or a .tak object contains control characters in its UTF-8 strings. Instead, only warn and emit a sanitized version in JSON output.
Upcoming breaking change:
Starting with release 9.6, rpki-client will emit all key identifiers (AKI and SKI) encoded in JSON as bare hex strings without colons.
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
ruby-3.3.8-19.fc41
Upgrade to Ruby 3.3.8.
CVE-2025-25186: Fix Net::IMAP vulnerable to possible DoS by memory exhaustion
Resolves: rhbz#2345557
CVE-2025-27219: Denial of Service in CGI::Cookie.parse
Resolves: rhbz#2357516
CVE-2025-27221: userinfo leakage in URI#join, URI#merge and URI#+
