Stay Informed

This week, read about:

• Fedora Asahi Remix 41 for Apple Macs Is Out.
• Database Ransom Attacks Hit CouchDB and Hadoop Servers.
• DeepSeek AI Database Exposed: Over 1 Million Log Lines, Secret Keys Leaked.
• Open Source Trends and Predictions for 2025.
• OpenLogic's Long-Term Support for End-of-Life Software.
• OpenLogic OpenJDK 2024 Release Downloads for Versions 8, 11, 17, 21 and 22 Are Now Available.

Security Based Updates

Patches for CentOS 7 January 2025 

• openssl-1.0.2k-26_ol001.el7_9
  • Backported patch to address CVE-2022-2068.
• httpd-2.4.6-99_ol007.el7.1
  • Backported patch to address CVE-2024-38473.
• openssh-7.4p1-23_ol004.el7
  • Backported patch to address CVE-2023-51385.
  • Backported patch to address CVE-2020-15778.
• python3-setuptools-39.2.0-10_ol001.el7
  • Backported patch to address CVE-2024-6345.
• libarchive-3.1.2-14_ol002.el7
  • Backported patch to address CVE-2022-36227.

Patches for CentOS 6 January 2025 

• perl-5.10.1-144_ol002.el6
  • Backported patch for CVE-2020-10543.

Non-Security Based Updates

Angular 19.1.4
core
Commit:

• [fix - 544b9ee7ca0] | check whether application is destroyed before printing hydration stats (#59716) |
• [fix - d6e78c072dc] | ensure type is preserved during HMR (#59700) |
• [fix - c2436702df9] | fixes test timer-based test flakiness in CI (#59674) |

elements
Commit:

• [fix - 44180645992] | not setting initial value on signal-based input (#59773) |

platform-browser:
Commit:

• [fix - 1828a840620] | prepend `baseHref` to `sourceMappingURL` in CSS content (#59730) |
• [fix - 1c84cbca30e] | Update pseudoevent created by createMouseSpecialEvent to populate `_originalEvent` property (#59690) |
• [fix - 12256574626] | Update pseudoevent created by createMouseSpecialEvent to populate `_originalEvent` property (#59690) |
• [fix - 3f4d5f636aa] | Update pseudoevent created by createMouseSpecialEvent to populate `_originalEvent` property (#59690) |

router
Commit:

• [fix - e3da35ec749] | prevent error handling when injector is destroyed (#59457) |

service-worker
Commit:

• [fix - 522acbf3d7e] | add missing `rxjs` peer dependency (#59747) |

Ansible v2.17.8

• Release Date: 2025-01-27
• `Porting Guide <https://docs.ansible.com/ansible-core/2.17/porting_guides/porting_guide_core_2.17.html>`__

Bugfixes:

• Ansible will now also warn when reserved keywords are set via a module (set_fact, include_vars, etc).
• Ansible.Basic - Fix ``required_if`` check when the option value to check is unset or set to null.
• Use consistent multiprocessing context for action write locks
• ansible-test - Fix up coverage reporting to properly translate the temporary path of integration test modules to the expected static test module path.
• ansible-vault will now correctly handle `--prompt`, previously it would issue an error about stdin if no 2nd argument was passed
• copy action now prevents user from setting internal options.
• gather_facts action now defaults to `ansible.legacy.setup` if `smart` was set, no network OS was found and no other alias for `setup` was present.
• gather_facts action will now issues errors and warnings as appropriate if a network OS is detected but no facts modules are defined for it.
• ssh - connection options were incorrectly templated during ``reset_connection`` tasks (https://github.com/ansible/ansible/pull/84238).

Ansible v2.18.2

• Release Date: 2025-01-27
• `Porting Guide <https://docs.ansible.com/ansible-core/2.18/porting_guides/porting_guide_core_2.18.html>`__

Bugfixes:

• Ansible will now also warn when reserved keywords are set via a module (set_fact, include_vars, etc).
• Ansible.Basic - Fix ``required_if`` check when the option value to check is unset or set to null.
• Use consistent multiprocessing context for action write locks
• ansible-test - Fix up coverage reporting to properly translate the temporary path of integration test modules to the expected static test module path.
• ansible-vault will now correctly handle `--prompt`, previously it would issue an error about stdin if no 2nd argument was passed
• copy action now prevents user from setting internal options.
• gather_facts action now defaults to `ansible.legacy.setup` if `smart` was set, no network OS was found and no other alias for `setup` was present.
• gather_facts action will now issues errors and warnings as appropriate if a network OS is detected but no facts modules are defined for it.
• ssh - Improve the logic for parsing CLIXML data in stderr when working with Windows host. This fixes issues when the raw stderr contains invalid UTF-8 byte sequences and improves embedded CLIXML sequences.
• ssh - connection options were incorrectly templated during ``reset_connection`` tasks (https://github.com/ansible/ansible/pull/84238).

Fluent Fluentd v1.16.7
Bug Fix:

• Windows: Fix NoMethodError of --daemon option #4796
• Windows: Fixed an issue where stopping the service immediately after startup could leave the processes #4782
• Windows: Fixed an issue where stopping service sometimes can not be completed forever #4782

Misc:

• Windows: Add workaround for unexpected exception #4747
• README: remove deprecated google analytics beacon #4797
• CI improvemnts #4723#4788#4789#4790#4791#4793#4794#4795#4798#4799#4800#4801#4803

Grafana v11.5.1
Bug fixes:

• CodeEditor:** Fix cursor alignment [#99090], [@ashharrison90]
• TransformationFilter**: Include transformation outputs in transformation filtering options: Include transformation outputs in transformation filtering options [#98323], [@Sergej-Vlasov]

Jenkins 2.495
Removed:

• Remove `com.sun.solaris:embedded_su4j` (#10188) @basil

New features and improvements:

• Improve the appearance of user avatars in Jenkins (#10180) @janfaracik

Other changes:

• Lift `Beta` constraint from `Jenkins.MANAGE` permission (#10183) @strangelookingnerd All contributors: @MarkEWaite, @basil, @janfaracik, @jenkins-release-bot, @krisstern, @renovate[bot], @strangelookingnerd and [renovate[bot]]

Nodejs  v23.7.0
Notable Changes:

• `36dd9ecc41`] - **crypto**: update root certificates to NSS 3.107 (Node.js GitHub Bot) [#56566]
• [`9414d3cbf1`] - **(SEMVER-MINOR)** **fs**: allow `exclude` option in globs to accept glob patterns (Daeyeon Jeong) [#56489]
• [`9c5c3b3115`] - **(SEMVER-MINOR)** **module**: add ERR\_UNSUPPORTED\_TYPESCRIPT\_SYNTAX (Marco Ippolito) [#56610]
• [`1e201fd5fd`] - **(SEMVER-MINOR)** **sqlite**: support TypedArray and DataView in `StatementSync` (Alex Yang) [#56385]
• [`48c813fb67`] - **(SEMVER-MINOR)** **src**: add --disable-sigusr1 to prevent signal i/o thread (Rafael Gonzaga) [#56441]
• [`cf16123785`] - **(SEMVER-MINOR)** **src,worker**: add isInternalWorker (Carlos Espa) [#56469]
• [`13bdd9c961`] - **(SEMVER-MINOR)** **test\_runner**: add TestContext.prototype.waitFor() (Colin Ihrig) [#56595]
• [`00a1943858`] - **(SEMVER-MINOR)** **test\_runner**: add t.assert.fileSnapshot() (Colin Ihrig) [#56459]
• [`3143566045`] - **(SEMVER-MINOR)** **test\_runner**: add assert.register() API (Colin Ihrig) [#56434]

Selinux 3.8
Important change:

• The internal representation of file_contexts.*.bin files is completely rewritten and new format stores all multi-byte data in network byte-order, so that such compiled files can be cross-compiled, e.g. for embedded devices with read-only filesystems.

User-visible changes:

• libsemanage: Preserve file context and ownership in policy store
• libselinux: deprecate security_disable(3)
• libsepol: Support nlmsg extended permissions
• libsepol: Add policy capability netlink_xperm
• libsemanage: Optionally allow duplicate declarations
• policycoreutils: introduce unsetfiles
• libselinux/utils: introduce selabel_compare
• improved selabel_lookup performance
• libselinux: support parallel usage of selabel_lookup(3)
• libsepol: add support for xperms in conditional policies
• Improved man pages
• Code improvements and bug fixes
• Always build for LFS mode on 32-bit archs.
• libsemanage: Mute error messages from selinux_restorecon introduced in 3.8-rc1
• Regex spec ordering is restored to pre 3.8-rc1
• Binary fcontext files format changed, files using old format are ignored
• Code improvements and bug fixes