--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2021-b277e63494
2021-10-31 01:01:18.358949
--------------------------------------------------------------------------------Name        : java-latest-openjdk
Product     : Fedora 33
Version     : 17.0.1.0.12
Release     : 1.rolling.fc33
URL         : https://openjdk.org/
Summary     : OpenJDK 17 Runtime Environment
Description :
The OpenJDK 17 runtime environment.

--------------------------------------------------------------------------------Update Information:

New in release OpenJDK 17.0.1 (2021-10-19):
---------------------------------------------------------------- Live versions
of these release notes can be found at:  -https://builds.shipilev.net/backports-monitor/release-notes-17.0.1.txt  Security
fixes --------------------------   - JDK-8263314: Enhance XML Dsig modes   -JDK-8265167, CVE-2021-35556: Richer Text Editors   - JDK-8265574: Improve
handling of sheets   - JDK-8265580, CVE-2021-35559: Enhanced style for RTF kit
- JDK-8265776: Improve Stream handling for SSL   - JDK-8266097, CVE-2021-35561:
Better hashing support   - JDK-8266103: Better specified spec values   -JDK-8266109: More Resilient Classloading   - JDK-8266115: More Manifest Jar
Loading   - JDK-8266137, CVE-2021-35564: Improve Keystore integrity   -JDK-8266689, CVE-2021-35567: More Constrained Delegation   - JDK-8267086:
ArrayIndexOutOfBoundsException in java.security.KeyFactory.generatePublic   -JDK-8267712: Better LDAP reference processing   - JDK-8267729, CVE-2021-35578:
Improve TLS client handshaking   - JDK-8267735, CVE-2021-35586: Better BMP
support   - JDK-8268193: Improve requests of certificates   - JDK-8268199:
Correct certificate requests   - JDK-8268205: Enhance DTLS client handshake   -JDK-8268500: Better specified ParameterSpecs   - JDK-8268506: More Manifest
Digests   - JDK-8269618, CVE-2021-35603: Better session identification   -JDK-8269624: Enhance method selection support   - JDK-8270398: Enhance
canonicalization   - JDK-8270404: Better canonicalization  Other changes
----------------------------    - JDK-8225082: Remove IdenTrust certificate that
is expiring in September 2021   - JDK-8243543: jtreg test
security/infra/java/security/cert/CertPathValidator/certification/BuypassCA.java
fails   - JDK-8248899: security/infra/java/security/cert/CertPathValidator/certi
fication/QuoVadisCA.java fails, Certificate has been revoked   - JDK-8261088:
Repeatable annotations without @Target cannot have containers that target module
declarations   - JDK-8262731: [macOS] Exception from "Printable.print" is
swallowed during "PrinterJob.print"   - JDK-8263531: Remove unused buffer int
- JDK-8266182: Automate manual steps listed in the test
jdk/sun/security/pkcs12/ParamsTest.java   - JDK-8267625: AARCH64: typo in
LIR_Assembler::emit_profile_type   - JDK-8267666: Add option to jcmd
GC.heap_dump to use existing file   - JDK-8268019: C2: assert(no_dead_loop)
failed: dead loop detected   - JDK-8268261: C2: assert(n != __null) failed: Bad
immediate dominator info.   - JDK-8268427: Improve
AlgorithmConstraints:checkAlgorithm performance   - JDK-8268963: [IR Framework]
Some default regexes matching on PrintOptoAssembly in IRNode.java do not work on
all platforms   - JDK-8269297: Bump version numbers for JDK 17.0.1   -JDK-8269478: Shenandoah: gc/shenandoah/mxbeans tests should be more resilient
- JDK-8269574: C2: Avoid redundant uncommon traps in GraphKit::builtin_throw()
for JVMTI exception events   - JDK-8269763: The JEditorPane is blank after
JDK-8265167   - JDK-8269851: OperatingSystemMXBean getProcessCpuLoad reports
incorrect process cpu usage in containers   - JDK-8269882: stack-use-after-scope
in NewObjectA   - JDK-8269897: Shenandoah: Resolve UNKNOWN access strength,
where possible   - JDK-8269934: RunThese24H.java failed with
EXCEPTION_ACCESS_VIOLATION in java_lang_Thread::get_thread_status   -JDK-8269993: [Test]: java/net/httpclient/DigestEchoClientSSL.java contains
redundant @run tags   - JDK-8270094: Shenandoah: Provide human-readable labels
for test configurations   - JDK-8270096: Shenandoah: Optimize
gc/shenandoah/TestRefprocSanity.java for interpreter mode   - JDK-8270098: ZGC:
ZBarrierSetC2::clone_at_expansion fails with "Guard against surprises" assert
- JDK-8270137: Kerberos Credential Retrieval from Cache not Working in Cross-Realm Setup   - JDK-8270280: security/infra/java/security/cert/CertPathValidator
/certification/LetsEncryptCA.java  OCSP response error   - JDK-8270344: Session
resumption errors   - JDK-8271203: C2: assert(iff->Opcode() == Op_If ||
iff->Opcode() == Op_CountedLoopEnd || iff->Opcode() == Op_RangeCheck) failed:
Check this code when new subtype is added   - JDK-8271276: C2: Wrong JVM state
used for receiver null check   - JDK-8271335: Updating RE Configs for BUILD
REQUEST 17.0.1+4   - JDK-8271589: fatal error with variable shift count integer
rotate operation.   - JDK-8271723: Unproblemlist
runtime/InvocationTests/invokevirtualTests.java   - JDK-8271730: Client
authentication using RSASSA-PSS fails after correct certificate requests   -JDK-8271925: ZGC: Arraycopy stub passes invalid oop to load barrier   -JDK-8272124: Cgroup v1 initialization causes NullPointerException when cgroup
path contains colon   - JDK-8272131: PhaseMacroExpand::generate_slow_arraycopy
crash when clone null CallProjections.fallthrough_ioproj   - JDK-8272326:
java/util/Random/RandomTestMoments.java had two Gaussian fails   - JDK-8272332:
--with-harfbuzz=system doesn't add -lharfbuzz after JDK-8255790   - JDK-8272472:
StackGuardPages test doesn't build with glibc 2.34   - JDK-8272581:
sun/security/pkcs11/Provider/MultipleLogins.sh fails after JDK-8266182   -JDK-8272602: [macos] not all KEY_PRESSED events sent when control modifier is
used   - JDK-8272700: [macos] Build failure with Xcode 13.0 after JDK-8264848
- JDK-8272708: [Test]: Cleanup: test/jdk/security/infra/java/security/cert/CertP
athValidator/certification/BuypassCA.java no longer needs ocspEnabled   -JDK-8272806: [macOS] "Apple AWT Internal Exception" when input method is changed
- JDK-8273358: macOS Monterey does not have the font Times needed by Serif
Notes on individual issues: -------------------------------------------security-libs/java.security:  JDK-8271434: Removed IdenTrust Root Certificate
The following root certificate from IdenTrust has been removed from the
`cacerts` keystore:  Alias Name: identrustdstx3 [jdk] Distinguished Name: CN=DST
Root CA X3, O=Digital Signature Trust Co.
--------------------------------------------------------------------------------ChangeLog:

* Wed Oct 20 2021 Petra Alice Mikova  - 1:17.0.1.0.12-1.rolling
- October CPU update to jdk 17.0.1+12
- dropped commented-out source line
- bump buildjdkver to 17
* Mon Oct 11 2021 Andrew Hughes  - 1:17.0.0.0.35-3.rolling
- Update release notes to document the major changes between OpenJDK 11 & 17.
* Sun Oct 10 2021 Andrew Hughes  - 1:17.0.0.0.35-2.rolling
- Fix unused function compiler warning found in systemconf.c
- Extend the default security policy to accomodate PKCS11 accessing jdk.internal.access.
- Allow plain key import to be disabled with -Dcom.redhat.fips.plainKeySupport=false
* Sun Oct 10 2021 Martin Balao  - 1:17.0.0.0.35-2.rolling
- Add patch to disable non-FIPS crypto in the SUN and SunEC security providers.
- Add patch to login to the NSS software token when in FIPS mode.
- Add patch to allow plain key import.
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-b277e63494' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Fedora 33: java-latest-openjdk 2021-b277e63494

October 30, 2021

New in release OpenJDK 17.0.1 (2021-10-19): ---------------------------------------------------------------- Live versions of these release notes can be found at: - https://builds....

Summary

The OpenJDK 17 runtime environment.

New in release OpenJDK 17.0.1 (2021-10-19):

of these release notes can be found at: -https://builds.shipilev.net/backports-monitor/release-notes-17.0.1.txt Security

fixes -------------------------- - JDK-8263314: Enhance XML Dsig modes -JDK-8265167, CVE-2021-35556: Richer Text Editors - JDK-8265574: Improve

handling of sheets - JDK-8265580, CVE-2021-35559: Enhanced style for RTF kit

- JDK-8265776: Improve Stream handling for SSL - JDK-8266097, CVE-2021-35561:

Better hashing support - JDK-8266103: Better specified spec values -JDK-8266109: More Resilient Classloading - JDK-8266115: More Manifest Jar

Loading - JDK-8266137, CVE-2021-35564: Improve Keystore integrity -JDK-8266689, CVE-2021-35567: More Constrained Delegation - JDK-8267086:

ArrayIndexOutOfBoundsException in java.security.KeyFactory.generatePublic -JDK-8267712: Better LDAP reference processing - JDK-8267729, CVE-2021-35578:

Improve TLS client handshaking - JDK-8267735, CVE-2021-35586: Better BMP

support - JDK-8268193: Improve requests of certificates - JDK-8268199:

Correct certificate requests - JDK-8268205: Enhance DTLS client handshake -JDK-8268500: Better specified ParameterSpecs - JDK-8268506: More Manifest

Digests - JDK-8269618, CVE-2021-35603: Better session identification -JDK-8269624: Enhance method selection support - JDK-8270398: Enhance

canonicalization - JDK-8270404: Better canonicalization Other changes

---------------------------- - JDK-8225082: Remove IdenTrust certificate that

is expiring in September 2021 - JDK-8243543: jtreg test

security/infra/java/security/cert/CertPathValidator/certification/BuypassCA.java

fails - JDK-8248899: security/infra/java/security/cert/CertPathValidator/certi

fication/QuoVadisCA.java fails, Certificate has been revoked - JDK-8261088:

Repeatable annotations without @Target cannot have containers that target module

declarations - JDK-8262731: [macOS] Exception from "Printable.print" is

swallowed during "PrinterJob.print" - JDK-8263531: Remove unused buffer int

- JDK-8266182: Automate manual steps listed in the test

jdk/sun/security/pkcs12/ParamsTest.java - JDK-8267625: AARCH64: typo in

LIR_Assembler::emit_profile_type - JDK-8267666: Add option to jcmd

GC.heap_dump to use existing file - JDK-8268019: C2: assert(no_dead_loop)

failed: dead loop detected - JDK-8268261: C2: assert(n != __null) failed: Bad

immediate dominator info. - JDK-8268427: Improve

AlgorithmConstraints:checkAlgorithm performance - JDK-8268963: [IR Framework]

Some default regexes matching on PrintOptoAssembly in IRNode.java do not work on

all platforms - JDK-8269297: Bump version numbers for JDK 17.0.1 -JDK-8269478: Shenandoah: gc/shenandoah/mxbeans tests should be more resilient

- JDK-8269574: C2: Avoid redundant uncommon traps in GraphKit::builtin_throw()

for JVMTI exception events - JDK-8269763: The JEditorPane is blank after

JDK-8265167 - JDK-8269851: OperatingSystemMXBean getProcessCpuLoad reports

incorrect process cpu usage in containers - JDK-8269882: stack-use-after-scope

in NewObjectA - JDK-8269897: Shenandoah: Resolve UNKNOWN access strength,

where possible - JDK-8269934: RunThese24H.java failed with

EXCEPTION_ACCESS_VIOLATION in java_lang_Thread::get_thread_status -JDK-8269993: [Test]: java/net/httpclient/DigestEchoClientSSL.java contains

redundant @run tags - JDK-8270094: Shenandoah: Provide human-readable labels

for test configurations - JDK-8270096: Shenandoah: Optimize

gc/shenandoah/TestRefprocSanity.java for interpreter mode - JDK-8270098: ZGC:

ZBarrierSetC2::clone_at_expansion fails with "Guard against surprises" assert

- JDK-8270137: Kerberos Credential Retrieval from Cache not Working in Cross-Realm Setup - JDK-8270280: security/infra/java/security/cert/CertPathValidator

/certification/LetsEncryptCA.java OCSP response error - JDK-8270344: Session

resumption errors - JDK-8271203: C2: assert(iff->Opcode() == Op_If ||

iff->Opcode() == Op_CountedLoopEnd || iff->Opcode() == Op_RangeCheck) failed:

Check this code when new subtype is added - JDK-8271276: C2: Wrong JVM state

used for receiver null check - JDK-8271335: Updating RE Configs for BUILD

REQUEST 17.0.1+4 - JDK-8271589: fatal error with variable shift count integer

rotate operation. - JDK-8271723: Unproblemlist

runtime/InvocationTests/invokevirtualTests.java - JDK-8271730: Client

authentication using RSASSA-PSS fails after correct certificate requests -JDK-8271925: ZGC: Arraycopy stub passes invalid oop to load barrier -JDK-8272124: Cgroup v1 initialization causes NullPointerException when cgroup

path contains colon - JDK-8272131: PhaseMacroExpand::generate_slow_arraycopy

crash when clone null CallProjections.fallthrough_ioproj - JDK-8272326:

java/util/Random/RandomTestMoments.java had two Gaussian fails - JDK-8272332:

--with-harfbuzz=system doesn't add -lharfbuzz after JDK-8255790 - JDK-8272472:

StackGuardPages test doesn't build with glibc 2.34 - JDK-8272581:

sun/security/pkcs11/Provider/MultipleLogins.sh fails after JDK-8266182 -JDK-8272602: [macos] not all KEY_PRESSED events sent when control modifier is

used - JDK-8272700: [macos] Build failure with Xcode 13.0 after JDK-8264848

- JDK-8272708: [Test]: Cleanup: test/jdk/security/infra/java/security/cert/CertP

athValidator/certification/BuypassCA.java no longer needs ocspEnabled -JDK-8272806: [macOS] "Apple AWT Internal Exception" when input method is changed

- JDK-8273358: macOS Monterey does not have the font Times needed by Serif

The following root certificate from IdenTrust has been removed from the

`cacerts` keystore: Alias Name: identrustdstx3 [jdk] Distinguished Name: CN=DST

Root CA X3, O=Digital Signature Trust Co.

* Wed Oct 20 2021 Petra Alice Mikova - 1:17.0.1.0.12-1.rolling

- October CPU update to jdk 17.0.1+12

- dropped commented-out source line

- bump buildjdkver to 17

* Mon Oct 11 2021 Andrew Hughes - 1:17.0.0.0.35-3.rolling

- Update release notes to document the major changes between OpenJDK 11 & 17.

* Sun Oct 10 2021 Andrew Hughes - 1:17.0.0.0.35-2.rolling

- Fix unused function compiler warning found in systemconf.c

- Extend the default security policy to accomodate PKCS11 accessing jdk.internal.access.

- Allow plain key import to be disabled with -Dcom.redhat.fips.plainKeySupport=false

* Sun Oct 10 2021 Martin Balao - 1:17.0.0.0.35-2.rolling

- Add patch to disable non-FIPS crypto in the SUN and SunEC security providers.

- Add patch to login to the NSS software token when in FIPS mode.

- Add patch to allow plain key import.

su -c 'dnf upgrade --advisory FEDORA-2021-b277e63494' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

FEDORA-2021-b277e63494 2021-10-31 01:01:18.358949 Product : Fedora 33 Version : 17.0.1.0.12 Release : 1.rolling.fc33 URL : https://openjdk.org/ Summary : OpenJDK 17 Runtime Environment Description : The OpenJDK 17 runtime environment. New in release OpenJDK 17.0.1 (2021-10-19): of these release notes can be found at: -https://builds.shipilev.net/backports-monitor/release-notes-17.0.1.txt Security fixes -------------------------- - JDK-8263314: Enhance XML Dsig modes -JDK-8265167, CVE-2021-35556: Richer Text Editors - JDK-8265574: Improve handling of sheets - JDK-8265580, CVE-2021-35559: Enhanced style for RTF kit - JDK-8265776: Improve Stream handling for SSL - JDK-8266097, CVE-2021-35561: Better hashing support - JDK-8266103: Better specified spec values -JDK-8266109: More Resilient Classloading - JDK-8266115: More Manifest Jar Loading - JDK-8266137, CVE-2021-35564: Improve Keystore integrity -JDK-8266689, CVE-2021-35567: More Constrained Delegation - JDK-8267086: ArrayIndexOutOfBoundsException in java.security.KeyFactory.generatePublic -JDK-8267712: Better LDAP reference processing - JDK-8267729, CVE-2021-35578: Improve TLS client handshaking - JDK-8267735, CVE-2021-35586: Better BMP support - JDK-8268193: Improve requests of certificates - JDK-8268199: Correct certificate requests - JDK-8268205: Enhance DTLS client handshake -JDK-8268500: Better specified ParameterSpecs - JDK-8268506: More Manifest Digests - JDK-8269618, CVE-2021-35603: Better session identification -JDK-8269624: Enhance method selection support - JDK-8270398: Enhance canonicalization - JDK-8270404: Better canonicalization Other changes ---------------------------- - JDK-8225082: Remove IdenTrust certificate that is expiring in September 2021 - JDK-8243543: jtreg test security/infra/java/security/cert/CertPathValidator/certification/BuypassCA.java fails - JDK-8248899: security/infra/java/security/cert/CertPathValidator/certi fication/QuoVadisCA.java fails, Certificate has been revoked - JDK-8261088: Repeatable annotations without @Target cannot have containers that target module declarations - JDK-8262731: [macOS] Exception from "Printable.print" is swallowed during "PrinterJob.print" - JDK-8263531: Remove unused buffer int - JDK-8266182: Automate manual steps listed in the test jdk/sun/security/pkcs12/ParamsTest.java - JDK-8267625: AARCH64: typo in LIR_Assembler::emit_profile_type - JDK-8267666: Add option to jcmd GC.heap_dump to use existing file - JDK-8268019: C2: assert(no_dead_loop) failed: dead loop detected - JDK-8268261: C2: assert(n != __null) failed: Bad immediate dominator info. - JDK-8268427: Improve AlgorithmConstraints:checkAlgorithm performance - JDK-8268963: [IR Framework] Some default regexes matching on PrintOptoAssembly in IRNode.java do not work on all platforms - JDK-8269297: Bump version numbers for JDK 17.0.1 -JDK-8269478: Shenandoah: gc/shenandoah/mxbeans tests should be more resilient - JDK-8269574: C2: Avoid redundant uncommon traps in GraphKit::builtin_throw() for JVMTI exception events - JDK-8269763: The JEditorPane is blank after JDK-8265167 - JDK-8269851: OperatingSystemMXBean getProcessCpuLoad reports incorrect process cpu usage in containers - JDK-8269882: stack-use-after-scope in NewObjectA - JDK-8269897: Shenandoah: Resolve UNKNOWN access strength, where possible - JDK-8269934: RunThese24H.java failed with EXCEPTION_ACCESS_VIOLATION in java_lang_Thread::get_thread_status -JDK-8269993: [Test]: java/net/httpclient/DigestEchoClientSSL.java contains redundant @run tags - JDK-8270094: Shenandoah: Provide human-readable labels for test configurations - JDK-8270096: Shenandoah: Optimize gc/shenandoah/TestRefprocSanity.java for interpreter mode - JDK-8270098: ZGC: ZBarrierSetC2::clone_at_expansion fails with "Guard against surprises" assert - JDK-8270137: Kerberos Credential Retrieval from Cache not Working in Cross-Realm Setup - JDK-8270280: security/infra/java/security/cert/CertPathValidator /certification/LetsEncryptCA.java OCSP response error - JDK-8270344: Session resumption errors - JDK-8271203: C2: assert(iff->Opcode() == Op_If || iff->Opcode() == Op_CountedLoopEnd || iff->Opcode() == Op_RangeCheck) failed: Check this code when new subtype is added - JDK-8271276: C2: Wrong JVM state used for receiver null check - JDK-8271335: Updating RE Configs for BUILD REQUEST 17.0.1+4 - JDK-8271589: fatal error with variable shift count integer rotate operation. - JDK-8271723: Unproblemlist runtime/InvocationTests/invokevirtualTests.java - JDK-8271730: Client authentication using RSASSA-PSS fails after correct certificate requests -JDK-8271925: ZGC: Arraycopy stub passes invalid oop to load barrier -JDK-8272124: Cgroup v1 initialization causes NullPointerException when cgroup path contains colon - JDK-8272131: PhaseMacroExpand::generate_slow_arraycopy crash when clone null CallProjections.fallthrough_ioproj - JDK-8272326: java/util/Random/RandomTestMoments.java had two Gaussian fails - JDK-8272332: --with-harfbuzz=system doesn't add -lharfbuzz after JDK-8255790 - JDK-8272472: StackGuardPages test doesn't build with glibc 2.34 - JDK-8272581: sun/security/pkcs11/Provider/MultipleLogins.sh fails after JDK-8266182 -JDK-8272602: [macos] not all KEY_PRESSED events sent when control modifier is used - JDK-8272700: [macos] Build failure with Xcode 13.0 after JDK-8264848 - JDK-8272708: [Test]: Cleanup: test/jdk/security/infra/java/security/cert/CertP athValidator/certification/BuypassCA.java no longer needs ocspEnabled -JDK-8272806: [macOS] "Apple AWT Internal Exception" when input method is changed - JDK-8273358: macOS Monterey does not have the font Times needed by Serif The following root certificate from IdenTrust has been removed from the `cacerts` keystore: Alias Name: identrustdstx3 [jdk] Distinguished Name: CN=DST Root CA X3, O=Digital Signature Trust Co. * Wed Oct 20 2021 Petra Alice Mikova - 1:17.0.1.0.12-1.rolling - October CPU update to jdk 17.0.1+12 - dropped commented-out source line - bump buildjdkver to 17 * Mon Oct 11 2021 Andrew Hughes - 1:17.0.0.0.35-3.rolling - Update release notes to document the major changes between OpenJDK 11 & 17. * Sun Oct 10 2021 Andrew Hughes - 1:17.0.0.0.35-2.rolling - Fix unused function compiler warning found in systemconf.c - Extend the default security policy to accomodate PKCS11 accessing jdk.internal.access. - Allow plain key import to be disabled with -Dcom.redhat.fips.plainKeySupport=false * Sun Oct 10 2021 Martin Balao - 1:17.0.0.0.35-2.rolling - Add patch to disable non-FIPS crypto in the SUN and SunEC security providers. - Add patch to login to the NSS software token when in FIPS mode. - Add patch to allow plain key import. su -c 'dnf upgrade --advisory FEDORA-2021-b277e63494' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure