The following Fedora EPEL 9 Security updates need testing:
Age URL
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-8e5425643f
lua-http-0.3-11.el9
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-dcd0590d66
libmodsecurity-3.0.14-1.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
fcgi-2.4.0-52.el9
jello-1.6.1-1.el9
libev-epel-4.33-6.el9
prosody-13.0.2-1.el9
python-pylero-0.1.1-1.el9
rust-clap2-2.34.0-12.el9
rust-clap3-3.2.25-6.el9
rust-petgraph0.7-0.7.1-1.el9
Details about builds:
================================================================================
fcgi-2.4.0-52.el9 (FEDORA-EPEL-2025-70ce865582)
FastCGI development kit
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2025-23016
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 30 2025 Andrew Bauer <[email protected]> - 2.4.0-52
- Fix CVE-2025-23016
* Thu Jan 16 2025 Fedora Release Engineering <[email protected]> -
2.4.0-51
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Wed Jul 17 2024 Fedora Release Engineering <[email protected]> -
2.4.0-50
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Wed Jan 24 2024 Fedora Release Engineering <[email protected]> -
2.4.0-49
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jan 19 2024 Fedora Release Engineering <[email protected]> -
2.4.0-48
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Jul 19 2023 Fedora Release Engineering <[email protected]> -
2.4.0-47
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2369269 - CVE-2025-23016 FastCGI integer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=2369269
--------------------------------------------------------------------------------
================================================================================
jello-1.6.1-1.el9 (FEDORA-EPEL-2025-78332c98d8)
Query JSON at the command line with Python syntax
--------------------------------------------------------------------------------
Update Information:
jello 20250529 v1.6.1
Add the -R option to ingest the data as a raw string instead of converting to a
dict/list
Add more information to query errors
Add the ability to add more information to the query scope
Add Python runtime information to -v option
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 30 2025 Benjamin A. Beasley <[email protected]> - 1.6.1-1
- Update to 1.6.1 (close RHBZ#2369302)
* Fri May 30 2025 Benjamin A. Beasley <[email protected]> - 1.6.0-4
- Replace deprecated license_file with license_files in setup.cfg
* Fri May 30 2025 Benjamin A. Beasley <[email protected]> - 1.6.0-3
- Assert that %pyproject_files contains a license file
* Fri May 30 2025 Benjamin A. Beasley <[email protected]> - 1.6.0-2
- F38+: Use %{py3_test_envvars}
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2369302 - jello-1.6.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2369302
--------------------------------------------------------------------------------
================================================================================
libev-epel-4.33-6.el9 (FEDORA-EPEL-2025-6c98adc63f)
High-performance event loop/event model with lots of features
--------------------------------------------------------------------------------
Update Information:
Synchronize with CentOS Stream sources
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 30 2025 Peter Georg <[email protected]> - 4.33-6
- EPEL missing subpackages (-libevent-devel, -source) only package
* Tue Sep 17 2024 Mohan Boddu <[email protected]> - 4.33-6
- add -devel subpackage into CRB
- Resolves: RHEL-38617
--------------------------------------------------------------------------------
================================================================================
prosody-13.0.2-1.el9 (FEDORA-EPEL-2025-4d01463b03)
Flexible communications server for Jabber/XMPP
--------------------------------------------------------------------------------
Update Information:
Prosody 13.0.2
Upstream is pleased to announce a new minor release from their stable branch.
This update addresses various issues that have been noticed since the previous
release, as well as a few improvements, including some important fixes for
invites. Some log messages and prosodyctl commands have been improved as well.
Fixes and improvements
mod_storage_internal: Fix queries with only start returning extra items
mod_invites_register: Stricter validation of registration events
Minor changes
MUC: Ensure allow MUC PM setting has valid value
mod_storage_sql: Delay showing SQL library error until attempted load
mod_storage_sql: Handle failure to deploy new UNIQUE index
mod_storage_sql: Add shell command to create tables and indices (again)
mod_s2s: Fix log to use formatting instead of concatenation
modulemanager, util.pluginloader: Improve error message when load fails but some
candidates were filtered
prosodyctl check config: add recommendation to switch from admin_telnet to shell
mod_storage_sql: Retrieve all indices to see if the new one exists
prosodyctl check config: List modules which Prosody cannot successfully load
net.http.files: Fix issue with caching
util.jsonschema: Fix handling of false as schema
mod_invites: Consider password reset a distinct type wrt invite page
configmanager: Emit config warning when referencing non-existent value
mod_admin_shell: Add role:list() and role:show() commands
MUC: Fix nickname registration form error handling
MUC: Fix Error when join stanza sent without resource
MUC: Factor out identification of join stanza
mod_invites_register: Donât restrict username for roster invites
mod_admin_shell: Fix matching logic in s2s:close
mod_authz_internal: Improve error message when invalid role specified
mod_http_file_share: Add media-src âselfâ to Content-Security-Policy header
mod_admin_shell: Visual tweaks to the output of debug:cert_index()
mod_http: Log problems parsing IP addresses in X-Forwarded-For
mod_http: Fix IP address normalization
util.prosodyctl.check: Improve reporting of DNS lookup problems
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 30 2025 Robert Scheck <[email protected]> 13.0.2-1
- Upgrade to 13.0.2 (#2369268)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2369268 - prosody-13.0.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2369268
--------------------------------------------------------------------------------
================================================================================
python-pylero-0.1.1-1.el9 (FEDORA-EPEL-2025-bbdbf77c1e)
Python SDK for Polarion
--------------------------------------------------------------------------------
Update Information:
python-pylero 0.1.1-1
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 30 2025 Wayne Sun <[email protected]> 0.1.1-1
- Update to 0.1.1
--------------------------------------------------------------------------------
================================================================================
rust-clap2-2.34.0-12.el9 (FEDORA-EPEL-2025-973345d0ea)
Simple to use, efficient, and full-featured Command Line Argument Parser
--------------------------------------------------------------------------------
Update Information:
Port clap v2 and v3 from the unmaintained and obsolete attycrate to interfaces
provided by the Rust standard library since 1.70.0.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 30 2025 Fabio Valentini <[email protected]> - 2.34.0-12
- Drop atty dependency and replace with std::io::IsTerminal
* Sat Mar 15 2025 Benjamin A. Beasley <[email protected]> - 2.34.0-11
- Update strsim to 0.11
* Sun Jan 19 2025 Fedora Release Engineering <[email protected]> -
2.34.0-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-clap3-3.2.25-6.el9 (FEDORA-EPEL-2025-973345d0ea)
Simple to use, efficient, and full-featured Command Line Argument Parser
--------------------------------------------------------------------------------
Update Information:
Port clap v2 and v3 from the unmaintained and obsolete attycrate to interfaces
provided by the Rust standard library since 1.70.0.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 30 2025 Fabio Valentini <[email protected]> - 3.2.25-6
- Drop atty dependency and replace with std::io::IsTerminal
* Sat Mar 15 2025 Benjamin A. Beasley <[email protected]> - 3.2.25-5
- Update strsim to 0.11
* Sun Jan 19 2025 Fedora Release Engineering <[email protected]> -
3.2.25-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Fri Jul 19 2024 Fedora Release Engineering <[email protected]> -
3.2.25-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Fri Jan 26 2024 Fedora Release Engineering <[email protected]> -
3.2.25-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-petgraph0.7-0.7.1-1.el9 (FEDORA-EPEL-2025-6d955ce542)
Graph data structure library
--------------------------------------------------------------------------------
Update Information:
Initial import of the petgraph 0.7 compat package for EPEL 9.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 14 2025 Fabio Valentini <[email protected]> - 0.7.1-1
- Initial import (petgraph 0.7 compat package)
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
