The following Fedora EPEL 8 Security updates need testing:
Age URL
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-82613c63a3
tcpreplay-4.5.2-1.el8
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-7833bad127
civetweb-1.16-9.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
bitcoin-core-29.1-1.el8
libopenmpt-0.8.3-1.el8
linenoise-1.0-2.20200312git97d2850.el8
Details about builds:
================================================================================
bitcoin-core-29.1-1.el8 (FEDORA-EPEL-2025-588ff6c12c)
Peer to Peer Cryptographic Currency
--------------------------------------------------------------------------------
Update Information:
Update to 29.1.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Sep 6 2025 Simone Caronni <[email protected]> - 29.1-1
- Update to 29.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2366834 - [abrt] bitcoin-core-desktop: std::filesystem::status():
bitcoin-qt killed by SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=2366834
[ 2 ] Bug #2392917 - bitcoin-core-29.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2392917
--------------------------------------------------------------------------------
================================================================================
libopenmpt-0.8.3-1.el8 (FEDORA-EPEL-2025-8aaa96c683)
C/C++ library to decode tracker music module (MOD) files
--------------------------------------------------------------------------------
Update Information:
libopenmpt 0.8.3 (2025-09-06)
[Bug] libopenmpt is now compatible with most non-standard builds of libmpg123
which do not by default output signed 16bit PCM.
[Bug] openmpt123: Pausing playback using the space key did not work since 0.8.0.
[Bug] Windows 10 binaries wrongly targeted Windows 11 22H2. They now target
Windows 10 2004.
[Bug] in_openmpt: in_openmpt for Windows XP or later did not ever work in Winamp
2.x. We now provide a build specifically for Winamp 2.x in the Winamp2/ folder
inside the retro.winxp package. The retro.win98 build was not affected.
[Change] in_openmpt: Modern and legacy builds of in_openmpt now officially only
support Winamp 5.x.
IT: Even when the filter cutoff envelope is stopped before its first tick is
applied, the filter should still be activated.
mpg123: Update to v1.33.2 (2025-08-05).
libopenmpt 0.8.2 (2025-07-19)
[Sec] Possible out-of-bounds sample data read in a specific combination of
reverse sample playback + offset past sample loop.
[Bug] Fixed pre-C++20 undefined behaviour due to left-shifting negative integer
values.
[New] Makefile now supports DragonFly BSD.
openmpt123: FLAC multithreaded encoding has been enabled for Windows builds.
Since libopenmpt 0.8.0, swapping between samples on the rear channels could
introduce a click on the front channels.
IT: Volume column slides no longer propagate their effect memory to the regular
effect column volume slides.
FC: Allow files with a sequence size of 0 to load (fixes a broken copy of
cult.smod).
ogg: Update to v1.3.6 (2025-06-16).
--------------------------------------------------------------------------------
ChangeLog:
* Sat Sep 6 2025 Michael Schwendt <[email protected]> - 0.8.3-1
- update to 0.8.3
* Thu Jul 24 2025 Fedora Release Engineering <[email protected]> -
0.8.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sat Jul 19 2025 Michael Schwendt <[email protected]> - 0.8.2-1
- update to 0.8.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2382072 - libopenmpt-0.8.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2382072
--------------------------------------------------------------------------------
================================================================================
linenoise-1.0-2.20200312git97d2850.el8 (FEDORA-EPEL-2025-8a558394ca)
Minimal replacement for readline
--------------------------------------------------------------------------------
Update Information:
CVE-2025-9810
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 5 2025 Garry T. Williams <[email protected]> -
1.0-2.20200312git97d2850
- Fix for CVE-2025-9810
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2392575 - CVE-2025-9810 linenoise: TOCTOU race in Linenoise
enables arbitrary file overwrite and permission changes [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=2392575
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
