Releases retrieved: 5.2.8 Upstream release that is considered latest: 5.2.8 Current version/release in rawhide: 5.2.7-1.fc38 URL: http://tukaani.org/xz/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_Monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/5277/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/xz
Created attachment 1924075 [details] Update to 5.2.8 (#2142405)
the-new-hotness/release-monitoring.org's scratch build of xz-5.2.8-1.fc36.src.rpm for rawhide failed http://koji.fedoraproject.org/koji/taskinfo?taskID=94138831
Releases retrieved: 5.2.9 Upstream release that is considered latest: 5.2.9 Current version/release in rawhide: 5.2.7-1.fc38 URL: http://tukaani.org/xz/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_Monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/5277/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/xz
Created attachment 1928950 [details] Update to 5.2.9 (#2142405)
the-new-hotness/release-monitoring.org's scratch build of xz-5.2.9-1.fc36.src.rpm for rawhide completed http://koji.fedoraproject.org/koji/taskinfo?taskID=94758414
Rawhide build: https://koji.fedoraproject.org/koji/taskinfo?taskID=94776012
Releases retrieved: 5.2.10, 5.4.0 Upstream release that is considered latest: 5.4.0 Current version/release in rawhide: 5.2.9-1.fc38 URL: https://tukaani.org/xz/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_Monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/5277/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/xz
Created attachment 1932449 [details] Update to 5.4.0 (#2142405)
the-new-hotness/release-monitoring.org's scratch build of xz-5.4.0-1.fc36.src.rpm for rawhide failed http://koji.fedoraproject.org/koji/taskinfo?taskID=95328187
*** Bug 2025309 has been marked as a duplicate of this bug. ***
(In reply to Upstream Release Monitoring from comment #7) > Releases retrieved: 5.2.10, 5.4.0 > Upstream release that is considered latest: 5.4.0 > Current version/release in rawhide: 5.2.9-1.fc38 > URL: https://tukaani.org/xz/ > Based on the information from Anitya: https://release-monitoring.org/project/5277/ Could it be updated to 5.2.10?, to fix this bug: https://git.tukaani.org/?p=xz.git;a=blob;f=NEWS;hb=HEAD#l632 * xz: Don't modify argv[] when parsing the --memlimit* and --block-list command line options. This fixes confusing arguments in process listing (like "ps auxf"). Thank you.
Can we get a 5.4 version in rawhide before the f38 branch for MicroLZMA support? Every other distro I see already has it in testing if not stable, so it's unlikely to have major issues (Arch, Gentoo, Debian bookworm, Ubuntu lunar, openSUSE Tumbleweed).
> Can we get a 5.4 version in rawhide before the f38 branch for MicroLZMA support? Sure, I can do 5.4.0 now. Seems like there was a bit of confusion in the bug. > Could it be updated to 5.2.10?, to fix this bug: https://git.tukaani.org/?p=xz.git;a=blob;f=NEWS;hb=HEAD#l632 Hopefully updating all branches will fix this too.
I update F36 & F37 branches too, since I cannot see how having an old, insecure version of xz there helps us, and the lzma API appears unchanged.
FEDORA-2023-8362bcf475 has been submitted as an update to Fedora 37. https://bodhi.fedoraproject.org/updates/FEDORA-2023-8362bcf475
FEDORA-2023-d823c8dfb8 has been submitted as an update to Fedora 36. https://bodhi.fedoraproject.org/updates/FEDORA-2023-d823c8dfb8
Thanks!
FEDORA-2023-d823c8dfb8 has been pushed to the Fedora 36 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-d823c8dfb8` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-d823c8dfb8 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2023-8362bcf475 has been pushed to the Fedora 37 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-8362bcf475` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-8362bcf475 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2023-8362bcf475 has been pushed to the Fedora 37 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2023-d823c8dfb8 has been pushed to the Fedora 36 stable repository. If problem still persists, please make note of it in this bug report.