Latest upstream release: 7.5 Current version/release in rawhide: 7.4-1.fc36 URL: https://www.rpki-client.org/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/77982/
FEDORA-2021-c9852f0be4 has been submitted as an update to Fedora 35. https://bodhi.fedoraproject.org/updates/FEDORA-2021-c9852f0be4
FEDORA-2021-31012ee5a0 has been submitted as an update to Fedora 33. https://bodhi.fedoraproject.org/updates/FEDORA-2021-31012ee5a0
FEDORA-2021-2f9642ec0c has been submitted as an update to Fedora 34. https://bodhi.fedoraproject.org/updates/FEDORA-2021-2f9642ec0c
FEDORA-EPEL-2021-05dd12001e has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-05dd12001e
FEDORA-EPEL-2021-742db3f554 has been submitted as an update to Fedora EPEL 8. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-742db3f554
FEDORA-2021-31012ee5a0 has been pushed to the Fedora 33 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-31012ee5a0` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-31012ee5a0 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-EPEL-2021-742db3f554 has been pushed to the Fedora EPEL 8 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-742db3f554 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-EPEL-2021-05dd12001e has been pushed to the Fedora EPEL 7 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-05dd12001e See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2021-2f9642ec0c has been pushed to the Fedora 34 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-2f9642ec0c` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-2f9642ec0c See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2021-c9852f0be4 has been pushed to the Fedora 35 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-c9852f0be4` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-c9852f0be4 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Will this be indicated to be a security update? I do not think OpenBSD requested a CVE - but 7.5 fixes multiple issues due to how input from un-trusted parties was handled; issues for which other implementations requested a CVE. There was a CVD for this (https://english.ncsc.nl/latest/news/2021/october/29/upcoming-announcement-of-rpki-cvd-procedure) - as well as a lot of comments on how the CVD was handled. The best source to see that this is a vulnerability is https://rpki.exposed. This (marketing) site is controlled by one the rpki-client authors and acknowledges that rpki-client was vulnerable to issues that other implementations issued a CVE for.
Ok - unfamiliar with the Fedora release infrastructure. Turns out it _is_ a security update in testing. In which case let's hope it goes out soon :)
FEDORA-EPEL-2021-742db3f554 has been pushed to the Fedora EPEL 8 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2021-2f9642ec0c has been pushed to the Fedora 34 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2021-c9852f0be4 has been pushed to the Fedora 35 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-EPEL-2021-05dd12001e has been pushed to the Fedora EPEL 7 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2021-31012ee5a0 has been pushed to the Fedora 33 stable repository. If problem still persists, please make note of it in this bug report.