{"update": {"autokarma": true, "autotime": true, "stable_karma": 3, "stable_days": 14, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "# libbsd 0.11.7\n  - Portability fixes for the Hurd\n  - Fix ELF support for big endian SH\n  - Sync the `arc4random(3)` implementation from OpenBSD\n  - Adjust declaration shadowing to match new glibc additions\n  - Manual pages and documentation cleanups\n  - Manual page rewrite to get rid of a BSD-4-Clause license\n\n\n# libbsd 0.11.6\n  - Build system and test suite fixes for musl\n  - Removal of unused OpenBSD support for `arc4random()`\n  - LoongArch support for `nlist()`\n\n\n# libbsd 0.11.5\n  - Build system and test suite regression fixes\n  - Documentation on how to build the project\n\n\n# libbsd 0.11.4\n  - Further rework of the libmd wrapping code, to simplify it again, and make it work even when we do not need SHA-2 functions\n  - Fix builds with LTO\n  - Various build system fixes\n  - Various portability fixes\n  - Various documentation fixes\n\n\n# libbsd 0.11.3\n  - Rework of the libmd wrapping code to not require users to explicitly link against libmd\n  - Various build system fixes\n  - Various portability fixes\n\n\n# libbsd 0.11.2\n  - Update `<sys/queue.h>` from FreeBSD\n  - Import some `closefrom()` changes from sudo\n  - Make `closefrom()` use `close_range()` syscall on Linux when available\n  - Update `libbsd(7)` man page with updates in 0.11.0\n\n\n# libbsd 0.11.0/0.11.1\n  - Export `strnvisx()` function\n  - New `recallocarray()` and `freezero()` from OpenBSD\n  - New pwcache module from OpenBSD\n  - New `timespec(3bsd)` man page alias to `timeval(3bsd)`\n  - New progname implementation for Windows\n  - New `LIBBSD_VIS_OPENBSD` selection macro\n  - Switch from embedded hashing function implementations to use libmd\n  - Various man pages cleanups\n  - Various portability fixes\n  - Various memory leak fixes\n\n\n# libbsd 0.10.0\n  - Several security related fixes for `nlist()`\n  - Preliminary and partial Windows porting\n  - Fix for a leak in the vis family of functions\n  - Fix for a configure check to not unnecessarily link against librt\n  - General portability fixes for musl, uClibc, macOS and GNU/kFreeBSD\n  - New architectures support for `nlist()`\n  - Switch the `<err.h>` `*c()` functions to be standalone and add `err()`, `warn()`, `errx()` and `warnx()` familiy of functions in case the system lacks them\n  - Several man page fixes\n\n\n# libbsd 0.9.0/0.9.1\n  - Add `__arraycount()` macro\n  - Add `flopenat()` function\n  - Add `strtoi()` and `strtou()` functions\n  - Add several new vis and unvis functions\n  - Add `pidfile_fileno()` function, and `struct pidfh` is now opaque\n  - The `humanize_number()` now understands `HN_IEC_PREFIXES`\n  - The `fmtcheck()` function supports all standard `printf(3)` conversions\n  - The `getentropy()`, and thus `arc4random()` functions will not block anymore on Linux on boot when there's not enough entropy available\n  - The `arc4random()` function handles direct `clone()` calls better\n\n\n# libbsd 0.8.7\nFixes the `nlist()` unit test on IA64, handles glibc now providing some of the functions, restores support for old gcc, and documents the availability of `arcrandom(3)` on other BSDs\n", "type": "security", "status": "stable", "request": null, "severity": "medium", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": false, "critpath_groups": null, "close_bugs": true, "date_submitted": "2022-11-24 00:01:26", "date_modified": "2022-12-04 21:14:28", "date_approved": null, "date_testing": "2022-12-05 01:54:39", "date_stable": "2022-12-20 00:37:20", "alias": "FEDORA-EPEL-2022-10049c7b14", "test_gating_status": "ignored", "from_tag": null, "date_pushed": "2022-12-20 00:37:20", "meets_testing_requirements": true, "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-10049c7b14", "title": "libbsd-0.11.7-2.el7", "version_hash": "2ca375d08c948a452a1e238d224c6f65e449aede", "release": {"name": "EPEL-7", "long_name": "Fedora EPEL 7", "version": "7", "id_prefix": "FEDORA-EPEL", "branch": "epel7", "dist_tag": "epel7", "stable_tag": "epel7", "testing_tag": "epel7-testing", "candidate_tag": "epel7-testing-candidate", "pending_signing_tag": "epel7-signing-pending", "pending_testing_tag": "epel7-testing-pending", "pending_stable_tag": "epel7-pending", "override_tag": "epel7-override", "mail_template": "fedora_epel_legacy_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "unspecified", "testing_repository": null, "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "robert", "email": "redhat@linuxnetz.de", "id": 172, "avatar": "https://seccdn.libravatar.org/avatar/5ce2f7b6de1c95bdf5b1d0f117f568f9955a164c0916ea7552b5db21bf3e689a?s=24&d=retro", "openid": "robert.id.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "ambassadors"}, {"name": "campusambassadors"}, {"name": "gitfedora-web"}, {"name": "fedora-contributor"}, {"name": "advocates"}, {"name": "fedorabugs"}, {"name": "gitsecurity-spin"}, {"name": "signed_fpca"}, {"name": "gitfama"}, {"name": "epel-packagers-sig"}, {"name": "web"}, {"name": "clamav"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by robert. ", "timestamp": "2022-11-24 00:01:26", "update_id": 462955, "user_id": 91, "id": 2794952, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2022-11-24 00:01:27", "update_id": 462955, "user_id": 91, "id": 2794953, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2022-11-24 03:26:20", "update_id": 462955, "user_id": 91, "id": 2795378, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update can be pushed to stable now if the maintainer wishes", "timestamp": "2022-12-01 03:28:59", "update_id": 462955, "user_id": 91, "id": 2803674, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "robert edited this update.\n\nNew build(s):\n\n- libbsd-0.11.7-2.el7\n\nRemoved build(s):\n\n- libbsd-0.11.7-1.el7\n\nKarma has been reset.", "timestamp": "2022-12-04 21:14:24", "update_id": 462955, "user_id": 91, "id": 2807511, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by robert. ", "timestamp": "2022-12-04 21:14:27", "update_id": 462955, "user_id": 91, "id": 2807512, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2022-12-05 01:54:50", "update_id": 462955, "user_id": 91, "id": 2807634, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update can be pushed to stable now if the maintainer wishes", "timestamp": "2022-12-12 01:57:32", "update_id": 462955, "user_id": 91, "id": 2815068, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by bodhi. ", "timestamp": "2022-12-19 01:54:54", "update_id": 462955, "user_id": 91, "id": 2822265, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2022-12-20 00:37:29", "update_id": 462955, "user_id": 91, "id": 2823194, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "libbsd-0.11.7-2.el7", "signed": true, "release_id": 8, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 1742611, "title": "libbsd-0.11.7 is available", "security": false, "parent": false, "feedback": [{"karma": 1, "comment_id": 2796735, "bug_id": 1742611, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2022-11-25 12:34:34", "update_id": 462952, "user_id": 5881, "id": 2796735, "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}}, {"karma": 0, "comment_id": 2807473, "bug_id": 1742611, "comment": {"karma": 0, "karma_critpath": 0, "text": "@mikelo2, however this \"only\" breaks build-time, not run-time, correct?", "timestamp": "2022-12-04 20:33:31", "update_id": 462950, "user_id": 172, "id": 2807473, "testcase_feedback": [], "user": {"name": "robert", "email": "redhat@linuxnetz.de", "id": 172, "avatar": "https://seccdn.libravatar.org/avatar/5ce2f7b6de1c95bdf5b1d0f117f568f9955a164c0916ea7552b5db21bf3e689a?s=24&d=retro", "openid": "robert.id.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "ambassadors"}, {"name": "campusambassadors"}, {"name": "gitfedora-web"}, {"name": "fedora-contributor"}, {"name": "advocates"}, {"name": "fedorabugs"}, {"name": "gitsecurity-spin"}, {"name": "signed_fpca"}, {"name": "gitfama"}, {"name": "epel-packagers-sig"}, {"name": "web"}, {"name": "clamav"}]}}}, {"karma": 0, "comment_id": 2807465, "bug_id": 1742611, "comment": {"karma": -1, "karma_critpath": 0, "text": "The `Switch from embedded hashing function implementations to use libmd` change will break several packages. \n\nCheck https://src.fedoraproject.org/rpms/libbsd/pull-request/2", "timestamp": "2022-12-04 19:42:16", "update_id": 462950, "user_id": 5300, "id": 2807465, "testcase_feedback": [], "user": {"name": "mikelo2", "email": "mikel@olasagasti.info", "id": 5300, "avatar": "https://seccdn.libravatar.org/avatar/cc3edee2f036633c66dc33c970298c607f2a28d3d3235fbc0bb0e60d131d799c?s=24&d=retro", "openid": "mikelo2.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}]}}}, {"karma": 0, "comment_id": 2807467, "bug_id": 1742611, "comment": {"karma": -1, "karma_critpath": 0, "text": "The `Switch from embedded hashing function implementations to use libmd` change will break several packages. \n\nCheck https://src.fedoraproject.org/rpms/libbsd/pull-request/2", "timestamp": "2022-12-04 19:42:35", "update_id": 462952, "user_id": 5300, "id": 2807467, "testcase_feedback": [], "user": {"name": "mikelo2", "email": "mikel@olasagasti.info", "id": 5300, "avatar": "https://seccdn.libravatar.org/avatar/cc3edee2f036633c66dc33c970298c607f2a28d3d3235fbc0bb0e60d131d799c?s=24&d=retro", "openid": "mikelo2.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}]}}}, {"karma": 0, "comment_id": 2807474, "bug_id": 1742611, "comment": {"karma": 0, "karma_critpath": 0, "text": "@mikelo2, however this \"only\" breaks build-time, not run-time, correct?", "timestamp": "2022-12-04 20:33:47", "update_id": 462952, "user_id": 172, "id": 2807474, "testcase_feedback": [], "user": {"name": "robert", "email": "redhat@linuxnetz.de", "id": 172, "avatar": "https://seccdn.libravatar.org/avatar/5ce2f7b6de1c95bdf5b1d0f117f568f9955a164c0916ea7552b5db21bf3e689a?s=24&d=retro", "openid": "robert.id.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "ambassadors"}, {"name": "campusambassadors"}, {"name": "gitfedora-web"}, {"name": "fedora-contributor"}, {"name": "advocates"}, {"name": "fedorabugs"}, {"name": "gitsecurity-spin"}, {"name": "signed_fpca"}, {"name": "gitfama"}, {"name": "epel-packagers-sig"}, {"name": "web"}, {"name": "clamav"}]}}}, {"karma": 0, "comment_id": 2807479, "bug_id": 1742611, "comment": {"karma": 0, "karma_critpath": 0, "text": "Correct. \n\nI checked latest libbsd build and I can see it Requires libmd:\n\n`\nRequires: (...) libmd.so.0()(64bit) libmd.so.0(LIBMD_0.0)(64bit) rtld(GNU_HASH)\n`\n\nhttps://kojipkgs.fedoraproject.org//packages/libbsd/0.11.7/1.fc37/data/logs/x86_64/build.log\n\nTesting on a fresh install I can se installing `libbsd-0.11.7-1.fc37.x86_64.rpm` installs `libmd` as dependency.\n\nBut I just realized that libbsd-devel should bring libmd also and I checked this happens in a koschei build:\n\nhttps://koschei.fedoraproject.org/build/14176169\n\n", "timestamp": "2022-12-04 20:46:14", "update_id": 462950, "user_id": 5300, "id": 2807479, "testcase_feedback": [], "user": {"name": "mikelo2", "email": "mikel@olasagasti.info", "id": 5300, "avatar": "https://seccdn.libravatar.org/avatar/cc3edee2f036633c66dc33c970298c607f2a28d3d3235fbc0bb0e60d131d799c?s=24&d=retro", "openid": "mikelo2.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}]}}}, {"karma": 0, "comment_id": 2807480, "bug_id": 1742611, "comment": {"karma": 0, "karma_critpath": 0, "text": "Thank you for the confirmation and thank you also for pointing out this issue!", "timestamp": "2022-12-04 20:50:04", "update_id": 462950, "user_id": 172, "id": 2807480, "testcase_feedback": [], "user": {"name": "robert", "email": "redhat@linuxnetz.de", "id": 172, "avatar": "https://seccdn.libravatar.org/avatar/5ce2f7b6de1c95bdf5b1d0f117f568f9955a164c0916ea7552b5db21bf3e689a?s=24&d=retro", "openid": "robert.id.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "ambassadors"}, {"name": "campusambassadors"}, {"name": "gitfedora-web"}, {"name": "fedora-contributor"}, {"name": "advocates"}, {"name": "fedorabugs"}, {"name": "gitsecurity-spin"}, {"name": "signed_fpca"}, {"name": "gitfama"}, {"name": "epel-packagers-sig"}, {"name": "web"}, {"name": "clamav"}]}}}]}, {"bug_id": 1789459, "title": "CVE-2019-20367 libbsd: Out-of-bounds read in nlist.c", "security": true, "parent": true, "feedback": []}, {"bug_id": 1789461, "title": "CVE-2019-20367 libbsd: Out-of-bounds read in nlist.c [epel-all]", "security": true, "parent": false, "feedback": []}, {"bug_id": 2148612, "title": "libbsd-devel now needs to require libmd-devel", "security": false, "parent": false, "feedback": []}], "updateid": "FEDORA-EPEL-2022-10049c7b14", "karma": 0, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}