The following Fedora EPEL 9 Security updates need testing:
Age URL
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-70ce865582
fcgi-2.4.0-52.el9
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-5c25fd8e2d
roundcubemail-1.5.10-1.el9
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-1994b4dec7
seamonkey-2.53.21-1.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
arpwatch-3.8-4.el9
did-0.22-1.el9
java-latest-openjdk-24.0.1.0.9-3.rolling.el9
libmongocrypt-1.14.1-1.el9
nginx-mod-modsecurity-1.0.4-1.el9
perl-Devel-Hexdump-0.02-36.el9
python-google-auth-2.40.3-1.el9
python-specfile-0.36.0-1.el9
pythoncapi-compat-0^20250603gitfde4d34-1.el9
tmt-1.50.0-1.el9
yarnpkg-1.22.22-8.el9
Details about builds:
================================================================================
arpwatch-3.8-4.el9 (FEDORA-EPEL-2025-f1b709c787)
Network monitoring tools for tracking IP addresses on a network
--------------------------------------------------------------------------------
Update Information:
Generate ethercodes.dat from latest oui.csv
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 3 2025 Benjamin A. Beasley <[email protected]> - 14:3.8-4
- Generate ethercodes.dat from latest oui.csv
--------------------------------------------------------------------------------
================================================================================
did-0.22-1.el9 (FEDORA-EPEL-2025-46ef081164)
What did you do last week, month, year?
--------------------------------------------------------------------------------
Update Information:
Gather stats in parallel, handle rate limiting, Public Inbox, hyperkitty...
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 3 2025 Petr Å plÃchal <[email protected]> - 0.22-1
- Implement `transition` stats for the `jira` plugin (#352)
- Fix issue with wrong `until` in GitHub search (#376)
- List resolved jira by tester and contributor field
- Fix `zammad` token bug, some minor adjustments
- Better handling auth max retry in jira plugin
- Handle JSON decode errors in pagure plugin
- Reuse bodhi connection instead of opening new ones
- Properly handle timeout in pagure plugin
- Complete report even on plugin error
- Better handling on server errors for pagure plugin
- Better handling of wrong url in confluence plugin
- Handle timeout fetching batches in jira plugin
- Fixed Jira updated issues and support timeout
- Collect stats in parallel
- Add stats for updated jira tickets
- Handle rate limiting in Jira plugin
- Allow to filter out orgs in GitHub plugin
- Properly collect comments in GitHub
- Improve items plugin
- Enable pagure closed PRs stats collection
- Add hyperkitty support
- Handle better the GitLab expired token case
- Increased test coverage
- Use pytest-xdist for parallelizing test execution
- Add collection of comments for Pagure
- Cover markdown format while testing Koji
- Use tenacity handling retry connection to GitHub
- Added stats for modified pages in Confluence
- Allow to skip SSL verification in bugzilla plugin
- Added markdown support to google plugin
- Add token authentication to confluence plugin
- Add markdown support to koji plugin
- Fetch all created issues correctly in `pagure` (#379)
- Use custom `user-agent` in the `public_inbox` plugin (#392)
- Fix dockerfile executable path, add git to container (#354)
- Support `user`, `org`, `repo` in the `github` plugin (#373)
- Handle the GitHub rate limit in a better way (#374)
- Create a Public Inbox Plugin
- Implement `did last [monday..sunday]`
- Correctly handle merge commits in verbose mode
- Prevent duplicates in github issue stats
- Retry connecting to GitLab API on error
- Add a `Toolbelt Catalog` entry for `did`
- Allow skipping events that are not reportable
- Add a team report example using login aliases
- Migrate to the `SPDX` identifier
--------------------------------------------------------------------------------
================================================================================
java-latest-openjdk-24.0.1.0.9-3.rolling.el9 (FEDORA-EPEL-2025-d8088bae7b)
OpenJDK 24 Runtime Environment
--------------------------------------------------------------------------------
Update Information:
enabled 493 and added proper debuginfo
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 4 2025 Jiri Vanek <[email protected]> - 1:24.0.1.0.9-14
- RPMAUTOSPEC: unresolvable merge
--------------------------------------------------------------------------------
================================================================================
libmongocrypt-1.14.1-1.el9 (FEDORA-EPEL-2025-cde9a9ab73)
The companion C library for client side encryption in drivers
--------------------------------------------------------------------------------
Update Information:
Version 1.14.1
Fix possible missing error state on mongocrypt_ctx_finalize.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 4 2025 Remi Collet <[email protected]> - 1.14.1-1
- update to 1.14.1
--------------------------------------------------------------------------------
================================================================================
nginx-mod-modsecurity-1.0.4-1.el9 (FEDORA-EPEL-2025-7c0bdb80e3)
ModSecurity v3 nginx connector
--------------------------------------------------------------------------------
Update Information:
Update to 1.0.4
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 4 2025 Mikel Olasagasti Uranga <[email protected]> - 1.0.4-1
- Update to 1.0.4 - Closes rhbz#2367873
* Thu Feb 6 2025 Felix Kaechele <[email protected]> - 1.0.3-16
- Rebuild for nginx 1.26.3
* Fri Jan 17 2025 Fedora Release Engineering <[email protected]> -
1.0.3-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Mon Aug 26 2024 Felix Kaechele <[email protected]> - 1.0.3-14
- Rebuild for nginx 1.26.2... again.
* Sat Aug 17 2024 Felix Kaechele <[email protected]> - 1.0.3-13
- Rebuild for nginx 1.26.2
* Thu Jul 18 2024 Fedora Release Engineering <[email protected]> -
1.0.3-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Mon Jun 17 2024 Felix Kaechele <[email protected]> - 1.0.3-11
- Rebuild for 1.26.1 again, last rebuild still pulled in 1.26.0
* Tue Jun 4 2024 Felix Kaechele <[email protected]> - 1.0.3-10
- Rebuild for nginx 1.26.1
* Tue Apr 30 2024 Felix Kaechele <[email protected]> - 1.0.3-9
- Rebuild for nginx 1.26.0
--------------------------------------------------------------------------------
================================================================================
perl-Devel-Hexdump-0.02-36.el9 (FEDORA-EPEL-2025-30233b8151)
Print nice hex dump of binary data
--------------------------------------------------------------------------------
Update Information:
Added to EPEL
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jan 18 2025 Fedora Release Engineering <[email protected]> -
0.02-36
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Thu Jul 18 2024 Fedora Release Engineering <[email protected]> -
0.02-35
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Mon Jun 10 2024 Jitka Plesnikova <[email protected]> - 0.02-34
- Perl 5.40 rebuild
* Thu Jan 25 2024 Fedora Release Engineering <[email protected]> -
0.02-33
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <[email protected]> -
0.02-32
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Thu Jul 20 2023 Fedora Release Engineering <[email protected]> -
0.02-31
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Tue Jul 11 2023 Jitka Plesnikova <[email protected]> - 0.02-30
- Perl 5.38 rebuild
* Fri Jan 20 2023 Fedora Release Engineering <[email protected]> -
0.02-29
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2370009 - Please branch and build perl-Devel-Hexdump for EPEL
8,9,10
https://bugzilla.redhat.com/show_bug.cgi?id=2370009
--------------------------------------------------------------------------------
================================================================================
python-google-auth-2.40.3-1.el9 (FEDORA-EPEL-2025-14a6ec7176)
Google Auth Python Library
--------------------------------------------------------------------------------
Update Information:
Update to python-google-auth to 2.40.3
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 4 2025 Fedora Release Monitoring
<[email protected]> - 1:2.40.3-1
- Update to 2.40.3 (#2359565)
* Mon Jun 2 2025 Python Maint <[email protected]> - 1:2.38.0-2
- Rebuilt for Python 3.14
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2359565 - python-google-auth-2.40.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2359565
--------------------------------------------------------------------------------
================================================================================
python-specfile-0.36.0-1.el9 (FEDORA-EPEL-2025-ef7a57a856)
A library for parsing and manipulating RPM spec files
--------------------------------------------------------------------------------
Update Information:
Automatic update for python-specfile-0.36.0-1.el9.
Changelog for python-specfile
* Fri May 30 2025 Packit <[email protected]> - 0.36.0-1
- We have fixed a bug that caused specfile to traceback when section names with
conditional macro expansions containing spaces were present in the spec file.
(#476)
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 30 2025 Packit <[email protected]> - 0.36.0-1
- We have fixed a bug that caused specfile to traceback when section names with
conditional macro expansions containing spaces were present in the spec file.
(#476)
--------------------------------------------------------------------------------
================================================================================
pythoncapi-compat-0^20250603gitfde4d34-1.el9 (FEDORA-EPEL-2025-144f961c64)
Python C API compatibility
--------------------------------------------------------------------------------
Update Information:
Update to 0^20250603gitfd34d34
Add PySys_GetAttr() function
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 4 2025 Benjamin A. Beasley <[email protected]> -
0^20250603gitfde4d34-1
- Update to 0^20250603gitfd34d34
- Add `PySys_GetAttr()` function
--------------------------------------------------------------------------------
================================================================================
tmt-1.50.0-1.el9 (FEDORA-EPEL-2025-ba3b62286f)
Test Management Tool
--------------------------------------------------------------------------------
Update Information:
Automatic update for tmt-1.50.0-1.el9.
Changelog for tmt
* Wed Jun 04 2025 Packit <[email protected]> - 1.50.0-1
- Update to version 1.50.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 4 2025 Packit <[email protected]> - 1.50.0-1
- Update to version 1.50.0
--------------------------------------------------------------------------------
================================================================================
yarnpkg-1.22.22-8.el9 (FEDORA-EPEL-2025-f9b95079ea)
Fast, reliable, and secure dependency management.
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2025-48387.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 4 2025 Sandro Mani <[email protected]> - 1.22.22-8
- Refresh bundle tarball for CVE-2025-48387
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2369950 - CVE-2025-48387 yarnpkg: tar-fs has issue where extract
can write outside the specified dir with a specific tarball [epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2369950
[ 2 ] Bug #2369951 - CVE-2025-48387 yarnpkg: tar-fs has issue where extract
can write outside the specified dir with a specific tarball [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2369951
[ 3 ] Bug #2369953 - CVE-2025-48387 yarnpkg: tar-fs has issue where extract
can write outside the specified dir with a specific tarball [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2369953
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
