The following Fedora EPEL 9 Security updates need testing:
Age URL
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-ab0fae74f1
opentofu-1.10.3-1.el9
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-72356603ed
node-exporter-1.9.1-2.el9
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-e0c2088c0b
perl-Crypt-CBC-3.07-1.el9
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-3ad6d2fe5c
rclone-1.70.3-1.el9
0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-c0a44d2c63
python3.13-3.13.5-4.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
clamav-1.4.3-1.el9
firejail-0.9.76-1.el9
kustomize-5.7.1-1.el9
powerman-2.4.4-1.el9
python-radexreader-1.2.5-4.el9
rust-calloop-0.14.3-1.el9
rust-clap-4.5.42-1.el9
rust-clap_builder-4.5.42-1.el9
rust-clap_mangen-0.2.29-1.el9
rust-dyn-clone-1.0.20-1.el9
rust-hyper-util-0.1.16-1.el9
rust-idna-1.0.3-3.el9
rust-litrs-0.4.2-1.el9
rust-prettyplease-0.2.36-1.el9
rust-psl-2.1.127-1.el9
rust-rstest-0.26.1-1.el9
rust-rstest0.23-0.23.0-1.el9
rust-rstest_macros-0.26.1-1.el9
rust-rstest_macros0.23-0.23.0-1.el9
rust-rustc-demangle-0.1.26-1.el9
rust-tokio-1.47.0-1.el9
rust-webpki-roots-1.0.2-1.el9
rust-zune-jpeg-0.4.20-1.el9
yarnpkg-1.22.22-11.el9
Details about builds:
================================================================================
clamav-1.4.3-1.el9 (FEDORA-EPEL-2025-f4ad866dec)
End-user tools for the Clam Antivirus scanner
--------------------------------------------------------------------------------
Update Information:
Upgrade to current LTS as 1.0.x is soon EOL.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 23 2025 Orion Poplawski <[email protected]> - 1.4.3-1
- Update to 1.4.3
* Wed Jul 23 2025 Orion Poplawski <[email protected]> - 1.4.1-1
- Update to 1.4.1
* Wed Jul 23 2025 Orion Poplawski <[email protected]> - 1.0.9-2
- Update the image crate dependency to 0.25, the current release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2374009 - 1.4 LTS Availability for el9 [EPEL-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2374009
--------------------------------------------------------------------------------
================================================================================
firejail-0.9.76-1.el9 (FEDORA-EPEL-2025-1ca7555b8f)
Linux namespaces sandbox program
--------------------------------------------------------------------------------
Update Information:
Update to v0.9.76
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 30 2025 Artur Frenszek-Iwicki <[email protected]> - 0.9.76-1
- Update to v0.9.76
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2385125 - firejail-0.9.76 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2385125
--------------------------------------------------------------------------------
================================================================================
kustomize-5.7.1-1.el9 (FEDORA-EPEL-2025-de4b7670a0)
Customization of kubernetes YAML configurations
--------------------------------------------------------------------------------
Update Information:
Initial package of kustomize
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 30 2025 Mikel Olasagasti Uranga <[email protected]> - 5.7.1-1
- Initial package - Closes rhbz#2336849
--------------------------------------------------------------------------------
================================================================================
powerman-2.4.4-1.el9 (FEDORA-EPEL-2025-c807c660c5)
Centralized power control for clusters
--------------------------------------------------------------------------------
Update Information:
Update to 2.4.4
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 29 2025 Dave Love <[email protected]> - 2.4.4-1
- Update to 2.4.4
- Remove el7 conditional
- Exclude s390x
- Run all the checks
- Drop patch 0
- Adjust dependencies and installed files
--------------------------------------------------------------------------------
================================================================================
python-radexreader-1.2.5-4.el9 (FEDORA-EPEL-2025-650d84385c)
Reader for the RADEX RD1212 and ONE Geiger counters
--------------------------------------------------------------------------------
Update Information:
Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
1.2.5-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sat Jul 12 2025 Fabrice Creuzot <[email protected]> - 1.2.5-3
- Migrating to %pyproject macros
* Mon Jun 2 2025 Python Maint <[email protected]> - 1.2.5-2
- Rebuilt for Python 3.14
* Mon Mar 3 2025 Fabrice Creuzot <[email protected]> - 1.2.5-1
- New upstream release
* Sat Jan 18 2025 Fedora Release Engineering <[email protected]> -
1.2.4-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Fri Jul 26 2024 Miroslav Suchý <[email protected]> - 1.2.4-4
- convert license to SPDX
* Fri Jul 19 2024 Fedora Release Engineering <[email protected]> -
1.2.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Fri Jun 7 2024 Python Maint <[email protected]> - 1.2.4-2
- Rebuilt for Python 3.13
* Fri Feb 2 2024 Fabrice Creuzot <[email protected]> - 1.2.4-1
- New upstream release
* Fri Jan 26 2024 Fedora Release Engineering <[email protected]> -
1.2.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Mon Jan 22 2024 Fedora Release Engineering <[email protected]> -
1.2.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Tue Oct 10 2023 Fabrice Creuzot <[email protected]> - 1.2.3-1
- New upstream release
--------------------------------------------------------------------------------
================================================================================
rust-calloop-0.14.3-1.el9 (FEDORA-EPEL-2025-7e918bcddf)
Callback-based event loop
--------------------------------------------------------------------------------
Update Information:
Update to version 0.14.3.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 30 2025 Fabio Valentini <[email protected]> - 0.14.3-1
- Update to version 0.14.3; Fixes RHBZ#2384411
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.14.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-clap-4.5.42-1.el9 (FEDORA-EPEL-2025-4e92c147e5)
Simple to use, efficient, and full-featured Command Line Argument Parser
--------------------------------------------------------------------------------
Update Information:
Update the clap and clap_builder crates to version 4.5.42.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 30 2025 Fabio Valentini <[email protected]> - 4.5.42-1
- Update to version 4.5.42; Fixes RHBZ#2384404
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
4.5.41-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-clap_builder-4.5.42-1.el9 (FEDORA-EPEL-2025-4e92c147e5)
Simple to use, efficient, and full-featured Command Line Argument Parser
--------------------------------------------------------------------------------
Update Information:
Update the clap and clap_builder crates to version 4.5.42.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 30 2025 Fabio Valentini <[email protected]> - 4.5.42-1
- Update to version 4.5.42; Fixes RHBZ#2384403
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
4.5.41-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-clap_mangen-0.2.29-1.el9 (FEDORA-EPEL-2025-382f6c6dbb)
Manpage generator for clap
--------------------------------------------------------------------------------
Update Information:
Update to version 0.2.29.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 30 2025 Fabio Valentini <[email protected]> - 0.2.29-1
- Update to version 0.2.29; Fixes RHBZ#2384188
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.2.28-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-dyn-clone-1.0.20-1.el9 (FEDORA-EPEL-2025-b3244116d0)
Clone trait that is dyn-compatible
--------------------------------------------------------------------------------
Update Information:
Update to version 1.0.20.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 30 2025 Fabio Valentini <[email protected]> - 1.0.20-1
- Update to version 1.0.20; Fixes RHBZ#2383788
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
1.0.19-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-hyper-util-0.1.16-1.el9 (FEDORA-EPEL-2025-405979dcee)
Hyper utilities
--------------------------------------------------------------------------------
Update Information:
Update to version 0.1.16.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 30 2025 Fabio Valentini <[email protected]> - 0.1.16-1
- Update to version 0.1.16; Fixes RHBZ#2382700
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.1.15-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-idna-1.0.3-3.el9 (FEDORA-EPEL-2025-46d863ba10)
IDNA (Internationalizing Domain Names in Applications) and Punycode
--------------------------------------------------------------------------------
Update Information:
Patch tests for ICU4X 2.0; exclude a Unicode-3.0 test data file
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 30 2025 Benjamin A. Beasley <[email protected]> - 1.0.3-3
- Patch tests for ICU4X 2.0; exclude a Unicode-3.0 test data file
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
1.0.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-litrs-0.4.2-1.el9 (FEDORA-EPEL-2025-5f9671456a)
Parse and inspect Rust literals
--------------------------------------------------------------------------------
Update Information:
Update to version 0.4.2.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 30 2025 Fabio Valentini <[email protected]> - 0.4.2-1
- Update to version 0.4.2
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.4.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sun Jan 19 2025 Fedora Release Engineering <[email protected]> -
0.4.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Sat Jul 20 2024 Fedora Release Engineering <[email protected]> -
0.4.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Fri Jan 26 2024 Fedora Release Engineering <[email protected]> -
0.4.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-prettyplease-0.2.36-1.el9 (FEDORA-EPEL-2025-12ec69d670)
Minimal syn syntax tree pretty-printer
--------------------------------------------------------------------------------
Update Information:
Update to version 0.2.36.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 30 2025 Fabio Valentini <[email protected]> - 0.2.36-1
- Update to version 0.2.36; Fixes RHBZ#2383190
--------------------------------------------------------------------------------
================================================================================
rust-psl-2.1.127-1.el9 (FEDORA-EPEL-2025-1953f7635b)
Extract root domain and suffix from a domain name
--------------------------------------------------------------------------------
Update Information:
Update to version 2.1.127.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 30 2025 Fabio Valentini <[email protected]> - 2.1.127-1
- Update to version 2.1.127; Fixes RHBZ#2383181
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
2.1.126-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-rstest-0.26.1-1.el9 (FEDORA-EPEL-2025-edb66fd96b)
Rust fixture based test framework
--------------------------------------------------------------------------------
Update Information:
Update the rstest and rstest_macros crates to version 0.26.1 and add compat
packages for version 0.23.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 30 2025 Fabio Valentini <[email protected]> - 0.26.1-1
- Update to version 0.26.1; Fixes RHBZ#2335196
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.23.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sun Jan 19 2025 Fedora Release Engineering <[email protected]> -
0.23.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-rstest0.23-0.23.0-1.el9 (FEDORA-EPEL-2025-edb66fd96b)
Rust fixture based test framework
--------------------------------------------------------------------------------
Update Information:
Update the rstest and rstest_macros crates to version 0.26.1 and add compat
packages for version 0.23.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 30 2025 Fabio Valentini <[email protected]> - 0.23.0-1
- Initial import (rstest 0.23 compat package)
--------------------------------------------------------------------------------
================================================================================
rust-rstest_macros-0.26.1-1.el9 (FEDORA-EPEL-2025-edb66fd96b)
Rust fixture based test framework
--------------------------------------------------------------------------------
Update Information:
Update the rstest and rstest_macros crates to version 0.26.1 and add compat
packages for version 0.23.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 30 2025 Fabio Valentini <[email protected]> - 0.26.1-1
- Update to version 0.26.1; Fixes RHBZ#2335197
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.23.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sun Jan 19 2025 Fedora Release Engineering <[email protected]> -
0.23.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-rstest_macros0.23-0.23.0-1.el9 (FEDORA-EPEL-2025-edb66fd96b)
Rust fixture based test framework
--------------------------------------------------------------------------------
Update Information:
Update the rstest and rstest_macros crates to version 0.26.1 and add compat
packages for version 0.23.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 30 2025 Fabio Valentini <[email protected]> - 0.23.0-1
- Initial import (rstest_macros 0.23 compat package)
--------------------------------------------------------------------------------
================================================================================
rust-rustc-demangle-0.1.26-1.el9 (FEDORA-EPEL-2025-1d7b829ab3)
Rust compiler symbol demangling
--------------------------------------------------------------------------------
Update Information:
Update to version 0.1.26.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 30 2025 Fabio Valentini <[email protected]> - 0.1.26-1
- Update to version 0.1.26; Fixes RHBZ#2383757
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.1.25-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-tokio-1.47.0-1.el9 (FEDORA-EPEL-2025-f0b0212fee)
Event-driven, non-blocking I/O platform
--------------------------------------------------------------------------------
Update Information:
Update to version 1.47.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 30 2025 Fabio Valentini <[email protected]> - 1.47.0-1
- Update to version 1.47.0; Fixes RHBZ#2383645
--------------------------------------------------------------------------------
================================================================================
rust-webpki-roots-1.0.2-1.el9 (FEDORA-EPEL-2025-7754d70323)
Mozilla's CA root certificates for use with webpki
--------------------------------------------------------------------------------
Update Information:
Update to version 1.0.2.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 30 2025 Fabio Valentini <[email protected]> - 1.0.2-1
- Update to version 1.0.2; Fixes RHBZ#2381924
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
1.0.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-zune-jpeg-0.4.20-1.el9 (FEDORA-EPEL-2025-2702088e19)
Fast, correct and safe jpeg decoder
--------------------------------------------------------------------------------
Update Information:
Update to version 0.4.20.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 30 2025 Fabio Valentini <[email protected]> - 0.4.20-1
- Update to version 0.4.20; Fixes RHBZ#2384905
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.4.19-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
yarnpkg-1.22.22-11.el9 (FEDORA-EPEL-2025-5b153890b5)
Fast, reliable, and secure dependency management.
--------------------------------------------------------------------------------
Update Information:
Apply fixes for CVE-2025-8262 and CVE-2025-7783.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 30 2025 Sandro Mani <[email protected]> - 1.22.22-11
- Refresh bundle
- Drop patches obsoleted by new bundle
- Add yarn-update-jest.prebundle.patch to update jest and avoid some vulerable
dependencies
- Apply fixes for CVE-2025-8262 and CVE-2025-8263
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
1.22.22-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2382001 - CVE-2025-7783 yarnpkg: Unsafe random function in
form-data [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2382001
[ 2 ] Bug #2382007 - CVE-2025-7783 yarnpkg: Unsafe random function in
form-data [epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2382007
[ 3 ] Bug #2382017 - CVE-2025-7783 yarnpkg: Unsafe random function in
form-data [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2382017
[ 4 ] Bug #2382027 - CVE-2025-7783 yarnpkg: Unsafe random function in
form-data [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2382027
[ 5 ] Bug #2383877 - CVE-2025-8262 yarnpkg: Yarn Regex Complexity
Vulnerability [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2383877
[ 6 ] Bug #2383879 - CVE-2025-8262 yarnpkg: Yarn Regex Complexity
Vulnerability [epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2383879
[ 7 ] Bug #2383880 - CVE-2025-8262 yarnpkg: Yarn Regex Complexity
Vulnerability [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2383880
[ 8 ] Bug #2383881 - CVE-2025-8262 yarnpkg: Yarn Regex Complexity
Vulnerability [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2383881
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
