The following Fedora EPEL 9 Security updates need testing:
Age URL
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-7168a5211b
yarnpkg-1.22.22-9.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
chromium-138.0.7204.49-1.el9
cloc-2.06-1.el9
debmirror-2.46-1.el9
dpkg-1.22.15-4.el9
perl-Crypt-SmbHash-0.12-48.el9
rust-enum-primitive-derive-0.3.0-1.el9
rust-matrixcompare-mock-0.1.0-14.el9
rust-matrixmultiply-0.3.10-1.el9
rust-postcard-1.1.2-1.el9
testssl-3.2.1-1.el9
Details about builds:
================================================================================
chromium-138.0.7204.49-1.el9 (FEDORA-EPEL-2025-86c3f41c0e)
A WebKit (Blink) powered web browser that Google doesn't want you to use
--------------------------------------------------------------------------------
Update Information:
Update to 138.0.7204.49
CVE-2025-6555: Use after free in Animation
CVE-2025-6556: Insufficient policy enforcement in Loader
CVE-2025-6557: Insufficient data validation in DevTools
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 24 2025 Than Ngo <[email protected]> - 138.0.7204.49-1
- Update to 138.0.7204.49
* CVE-2025-6555: Use after free in Animation
* CVE-2025-6556: Insufficient policy enforcement in Loader
* CVE-2025-6557: Insufficient data validation in DevTools
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2374686 - CVE-2025-6555 chromium: Chromium use after free
vulnerability [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2374686
[ 2 ] Bug #2374687 - CVE-2025-6557 chromium: Chromium data validation
vulnerability [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2374687
[ 3 ] Bug #2374688 - CVE-2025-6556 chromium: Chromium policy enforcement
vulnerability [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2374688
[ 4 ] Bug #2374689 - CVE-2025-6555 chromium: Chromium use after free
vulnerability [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2374689
[ 5 ] Bug #2374690 - CVE-2025-6556 chromium: Chromium policy enforcement
vulnerability [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2374690
[ 6 ] Bug #2374691 - CVE-2025-6557 chromium: Chromium data validation
vulnerability [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2374691
--------------------------------------------------------------------------------
================================================================================
cloc-2.06-1.el9 (FEDORA-EPEL-2025-1391aba2f1)
Count lines of code
--------------------------------------------------------------------------------
Update Information:
Update to 2.06
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 25 2025 Mikel Olasagasti Uranga <[email protected]> - 2.06-1
- Update to 2.06 - Closes rhbz#2374730
* Tue May 6 2025 Mikel Olasagasti Uranga <[email protected]> - 2.04-1
- Update to 2.04 - Closes rhbz#2343225
* Thu Jan 16 2025 Fedora Release Engineering <[email protected]> - 2.02-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
debmirror-2.46-1.el9 (FEDORA-EPEL-2025-cd11da684d)
Debian partial mirror script, with ftp and package pool support
--------------------------------------------------------------------------------
Update Information:
Update to 2.46.
Allow mirroring Debian repositories that do not follow the Debian/Ubuntu
structure (JFrog, Hashicorp, NVIDIA, Spotify, etc.).
General cleanup.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 26 2025 Simone Caronni <[email protected]> - 2.46-1
- Update to 2.46
* Thu Jun 26 2025 Simone Caronni <[email protected]> - 2.43-3
- Clean up.
* Thu Jun 26 2025 Simone Caronni <[email protected]> - 2.43-2
- Allow mirroring Debian repositories that do not follow the Debian/Ubuntu
structure (JFrog, Hashicorp, NVIDIA, Spotify, etc.).
* Fri Feb 7 2025 Packit <[email protected]> - 2.43-1
- Update to version 2.43
- Resolves: rhbz#2335288
* Thu Jan 16 2025 Fedora Release Engineering <[email protected]> - 2.42-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2362607 - debmirror-2.46 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2362607
--------------------------------------------------------------------------------
================================================================================
dpkg-1.22.15-4.el9 (FEDORA-EPEL-2025-8940f3f9b4)
Package maintenance system for Debian Linux
--------------------------------------------------------------------------------
Update Information:
Major clean up.
Enable all tests.
Trim changelog.
Adjust Requires and BuildRequires.
Update configure options.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 26 2025 Simone Caronni <[email protected]> - 1.22.15-4
- Enable all tests.
- Trim changelog.
* Thu Jun 26 2025 Simone Caronni <[email protected]> - 1.22.15-3
- Clean up SPEC file.
- Adjust Requires and BuildRequires.
- Update configure options.
- Fix all tests except one.
* Mon Mar 31 2025 Tim Landscheidt <[email protected]> - 1.22.15-2
- Remove obsolete requirement for %post scriptlet
--------------------------------------------------------------------------------
================================================================================
perl-Crypt-SmbHash-0.12-48.el9 (FEDORA-EPEL-2025-d4ab830b99)
Pure-perl Lanman and NT MD4 hash functions
--------------------------------------------------------------------------------
Update Information:
This is the first EPEL-9 build of perl-Crypt-SmbHash.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 20 2023 Fedora Release Engineering <[email protected]> -
0.12-48
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Jul 22 2022 Fedora Release Engineering <[email protected]> -
0.12-47
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue May 31 2022 Jitka Plesnikova <[email protected]> - 0.12-46
- Perl 5.36 rebuild
* Fri Jan 21 2022 Fedora Release Engineering <[email protected]> -
0.12-45
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Thu Jul 22 2021 Fedora Release Engineering <[email protected]> -
0.12-44
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Fri May 21 2021 Jitka Plesnikova <[email protected]> - 0.12-43
- Perl 5.34 rebuild
* Wed Jan 27 2021 Fedora Release Engineering <[email protected]> -
0.12-42
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2374088 - Add perl-Crypt-SmbHash to EPEL 9
https://bugzilla.redhat.com/show_bug.cgi?id=2374088
--------------------------------------------------------------------------------
================================================================================
rust-enum-primitive-derive-0.3.0-1.el9 (FEDORA-EPEL-2025-340e652b05)
Enum_primitive implementation using procedural macros to have a custom derive
--------------------------------------------------------------------------------
Update Information:
Bulid for EPEL9
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 8 2024 Orion Poplawski <[email protected]> - 0.3.0-1
- Initial import
--------------------------------------------------------------------------------
================================================================================
rust-matrixcompare-mock-0.1.0-14.el9 (FEDORA-EPEL-2025-1a2a282f6d)
Internal mock data structures for testing of matrixcompare
--------------------------------------------------------------------------------
Update Information:
Update num dependency to 0.4
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 26 2025 Benjamin A. Beasley <[email protected]> - 0.1.0-14
- Update num dependency to 0.4
--------------------------------------------------------------------------------
================================================================================
rust-matrixmultiply-0.3.10-1.el9 (FEDORA-EPEL-2025-5240d9fea3)
General matrix multiplication for f32 and f64 matrices
--------------------------------------------------------------------------------
Update Information:
Update to version 0.3.10: Reduce unnecessary AVX register permutations in sgemm
and fix a few warnings
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 26 2025 Benjamin A. Beasley <[email protected]> - 0.3.10-1
- Update to version 0.3.10; Fixes RHBZ#2365659
* Thu Jun 26 2025 Benjamin A. Beasley <[email protected]> - 0.3.9-4
- Update itertools dev-dependency from 0.8 to 0.14
* Thu Jun 26 2025 Benjamin A. Beasley <[email protected]> - 0.3.9-3
- Remove benchmark-only bencher dev-dependency
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2365659 - rust-matrixmultiply-0.3.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2365659
--------------------------------------------------------------------------------
================================================================================
rust-postcard-1.1.2-1.el9 (FEDORA-EPEL-2025-2176604b14)
No_std + serde compatible message library for Rust
--------------------------------------------------------------------------------
Update Information:
Update to version 1.1.2:
https://github.com/jamesmunns/postcard/releases/tag/postcard%2Fv1.1.2
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 26 2025 Benjamin A. Beasley <[email protected]> - 1.1.2-1
- Update to version 1.1.2; Fixes RHBZ#2374857
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2374857 - rust-postcard-1.1.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2374857
--------------------------------------------------------------------------------
================================================================================
testssl-3.2.1-1.el9 (FEDORA-EPEL-2025-e06e1414a3)
Testing TLS/SSL encryption
--------------------------------------------------------------------------------
Update Information:
Update to 3.2.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 26 2025 Mikel Olasagasti Uranga <[email protected]> - 3.2.1-1
- Update to 3.2.1 - Closes rhbz#2372680
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
