The following Fedora EPEL 10.2 Security updates need testing:
Age URL
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-899d88629d
mbedtls-3.6.4-2.el10_2
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-6ec36372bb
python-aiohttp-3.11.18-4.el10_2
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-b882a0a154
perl-YAML-Syck-1.36-1.el10_2
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-1fe5205aa6
fluidsynth-2.4.8-2.el10_2
The following builds have been pushed to Fedora EPEL 10.2 updates-testing
debmirror-2.47-2.el10_2
openarm-can-1.1.0^20251016git010ea25-1.el10_2
php-nikic-php-parser5-5.6.2-1.el10_2
qt5-qtbase-5.15.17-2.el10_2
ruff-0.14.1-1.el10_2
rust-astral-tokio-tar-0.5.6-1.el10_2
rust-attribute-derive-0.10.5-1.el10_2
rust-attribute-derive-macro-0.10.5-1.el10_2
rust-backon-1.5.2-2.el10_2
rust-basic-toml-0.1.10-2.el10_2
rust-collection_literals-1.0.3-1.el10_2
rust-derive_more-2.0.1-3.el10_2
rust-derive_more-impl-2.0.1-2.el10_2
rust-dlv-list-0.5.2-2.el10_2
rust-dotenv-0.15.0-16.el10_2
rust-get-size-derive2-0.7.0-1.el10_2
rust-get-size2-0.7.0-2.el10_2
rust-interpolator-0.5.0-3.el10_2
rust-intrusive-collections-0.9.7-3.el10_2
rust-macro_rules_attribute-0.2.2-2.el10_2
rust-macro_rules_attribute-proc_macro-0.2.2-2.el10_2
rust-manyhow-0.11.4-1.el10_2
rust-manyhow-macros-0.11.4-1.el10_2
rust-newtype-uuid-1.3.1-1.el10_2
rust-normpath-1.5.0-1.el10_2
rust-ordered-float-5.1.0-1.el10_2
rust-ordered-multimap-0.7.3-2.el10_2
rust-os_pipe-1.2.3-1.el10_2
rust-owo-colors-4.2.3-1.el10_2
rust-pem-3.0.6-1.el10_2
rust-proc-macro-utils-0.10.0-1.el10_2
rust-pyproject-toml-0.13.7-1.el10_2
rust-quote-use-0.8.4-2.el10_2
rust-quote-use-macros-0.8.4-1.el10_2
rust-regex-lite-0.1.8-1.el10_2
rust-regex-syntax-0.8.8-1.el10_2
rust-reqsign-0.17.0-1.el10_2
rust-reqsign-aws-v4-1.0.0-1.el10_2
rust-reqsign-command-execute-tokio-1.0.0-1.el10_2
rust-reqsign-core-1.0.0-1.el10_2
rust-reqsign-file-read-tokio-1.0.0-1.el10_2
rust-reqsign-http-send-reqwest-1.0.0-1.el10_2
rust-reqwest-0.12.24-1.el10_2
rust-rust-ini-0.21.3-1.el10_2
rust-rustls-native-certs-0.8.2-1.el10_2
rust-rusty-fork-0.3.1-1.el10_2
rust-scc-2.4.0-1.el10_2
rust-socket2-0.6.1-1.el10_2
rust-stable_deref_trait-1.2.1-1.el10_2
rust-syn-2.0.107-1.el10_2
rust-system-deps-7.0.6-1.el10_2
rust-tikv-jemalloc-sys-0.6.1-1.el10_2
rust-tikv-jemallocator-0.6.1-1.el10_2
rust-trybuild2-1.2.0-5.el10_2
rust-unicode-width-0.2.2-1.el10_2
rust-webpki-roots-1.0.3-1.el10_2
rust-xattr-1.6.1-1.el10_2
Details about builds:
================================================================================
debmirror-2.47-2.el10_2 (FEDORA-EPEL-2025-a14eafd8e7)
Debian partial mirror script, with ftp and package pool support
--------------------------------------------------------------------------------
Update Information:
Update to 2.47.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Simone Caronni <[email protected]> - 2.47-2
- Update sources
* Wed Oct 22 2025 Simone Caronni <[email protected]> - 2.47-1
- Update to 2.47
* Wed Jul 23 2025 Fedora Release Engineering <[email protected]> - 2.46-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
openarm-can-1.1.0^20251016git010ea25-1.el10_2 (FEDORA-EPEL-2025-2a25c46ec6)
OpenArm CAN control library
--------------------------------------------------------------------------------
Update Information:
Initial import bz#2404364
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Benson Muite <[email protected]> -
1.1.0^20251016git010ea25-1
- Initial import bz#2404364
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2404364 - Re-Review Request: openarm-can - OpenArm CAN control
library
https://bugzilla.redhat.com/show_bug.cgi?id=2404364
--------------------------------------------------------------------------------
================================================================================
php-nikic-php-parser5-5.6.2-1.el10_2 (FEDORA-EPEL-2025-77dc1eff7f)
A PHP parser written in PHP - version 5
--------------------------------------------------------------------------------
Update Information:
Version 5.6.2 (2025-10-21)
Fixed
Fixed formatting-preserving pretty-printing when changing the visibility
modifier on a node that
has attributes.
Fixed chr() deprecation warning on PHP 8.4
Added
Added Param::isFinal() method.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Remi Collet <[email protected]> - 5.6.2-1
- update to 5.6.2
--------------------------------------------------------------------------------
================================================================================
qt5-qtbase-5.15.17-2.el10_2 (FEDORA-EPEL-2025-fd412e2ace)
Qt5 - QtBase components
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2025-5455 - QtCore Assertion Failure Denial of Service
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 20 2025 Than Ngo <[email protected]> - 5.15.17-2
- Fix rhbz#2405076 - CVE-2025-5455 qt5-qtbase: QtCore Assertion Failure Denial
of Service
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2369868 - CVE-2025-5455 qt5-qtbase: QtCore Assertion Failure
Denial of Service [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2369868
[ 2 ] Bug #2369869 - CVE-2025-5455 qt5-qtbase: QtCore Assertion Failure
Denial of Service [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2369869
[ 3 ] Bug #2405076 - CVE-2025-5455 qt5-qtbase: QtCore Assertion Failure
Denial of Service [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405076
--------------------------------------------------------------------------------
================================================================================
ruff-0.14.1-1.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Extremely fast Python linter and code formatter
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 20 2025 Benjamin A. Beasley <[email protected]> - 0.14.1-1
- Update to 0.14.1 (close RHBZ#2360699)
* Mon Oct 20 2025 Benjamin A. Beasley <[email protected]> - 0.14.0-2
- Skip salsaâs execute_cancellation tests on all architectures
* Mon Oct 20 2025 Benjamin A. Beasley <[email protected]> - 0.14.0-1
- Update to 0.14.0
* Mon Oct 20 2025 Benjamin A. Beasley <[email protected]> - 0.13.3-1
- Update to 0.13.3
* Mon Oct 20 2025 Benjamin A. Beasley <[email protected]> - 0.13.2-1
- Update to 0.13.2
* Thu Oct 16 2025 Gordon Messmer <[email protected]> - 0.12.1-2
- Use rpm's native resource tunable to limit parallelism.
* Wed Sep 24 2025 Benjamin A. Beasley <[email protected]> - 0.12.1-1
- Update to 0.12.1
* Wed Sep 24 2025 Benjamin A. Beasley <[email protected]> - 0.12.0-1
- Update to 0.12.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-astral-tokio-tar-0.5.6-1.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Rust implementation of an async TAR file reader and writer
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 21 2025 Benjamin A. Beasley <[email protected]> - 0.5.6-1
- Update to version 0.5.6; Fixes RHBZ#2405351
- Security fix for CVE-2025-62518
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-attribute-derive-0.10.5-1.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Clap like parsing for attributes in proc-macros
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 15 2025 Benjamin A. Beasley <[email protected]> - 0.10.5-1
- Initial package (close RHBZ#2398133)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-attribute-derive-macro-0.10.5-1.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Clap for proc macro attributes
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 11 2025 Benjamin A. Beasley <[email protected]> - 0.10.5-1
- Initial package (close RHBZ#2398120)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-backon-1.5.2-2.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Make retry like a built-in feature provided by Rust
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 21 2025 Benjamin A. Beasley <[email protected]> - 1.5.2-2
- Drop unnecessary sqlx dev-dependency
* Wed Jul 30 2025 Fabio Valentini <[email protected]> - 1.5.2-1
- Update to version 1.5.2; Fixes RHBZ#2384769
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
1.5.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Thu Jun 19 2025 Fabio Valentini <[email protected]> - 1.5.1-1
- Update to version 1.5.1
* Wed Apr 23 2025 Fabio Valentini <[email protected]> - 1.5.0-3
- Drop WASM-specific features
* Tue Apr 22 2025 Fabio Valentini <[email protected]> - 1.5.0-2
- Fix invalid rust2rpm.toml, regenerate spec, relax spin dependency
* Sun Apr 20 2025 Andreas Schneider <[email protected]> - 1.5.0-1
- New package version 1.5.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-basic-toml-0.1.10-2.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Minimal TOML library with few dependencies
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.1.10-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Mon Mar 3 2025 Fabio Valentini <[email protected]> - 0.1.10-1
- Update to version 0.1.10; Fixes RHBZ#2349381
* Sun Jan 19 2025 Fedora Release Engineering <[email protected]> -
0.1.9-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Fri Jul 19 2024 Fedora Release Engineering <[email protected]> -
0.1.9-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Thu Apr 25 2024 Fabio Valentini <[email protected]> - 0.1.9-1
- Update to version 0.1.9; Fixes RHBZ#2269097
* Fri Jan 26 2024 Fedora Release Engineering <[email protected]> -
0.1.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Jan 3 2024 Fabio Valentini <[email protected]> - 0.1.8-1
- Update to version 0.1.8; Fixes RHBZ#2256493
* Sun Nov 12 2023 Fabio Valentini <[email protected]> - 0.1.7-1
- Update to version 0.1.7; Fixes RHBZ#2246261
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-collection_literals-1.0.3-1.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Easy-to-use macros for initializing any collection
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 1 2025 Benjamin A. Beasley <[email protected]> - 1.0.3-1
- Update to version 1.0.3; Fixes RHBZ#2400587
- Upstream now provides a LICENSE file
* Mon Sep 29 2025 Benjamin A. Beasley <[email protected]> - 1.0.2-1
- Initial package (close RHBZ#2398064)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-derive_more-2.0.1-3.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Adds #[derive(x)] macros for more traits
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
2.0.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Tue Mar 25 2025 Fabio Valentini <[email protected]> - 2.0.1-2
- Skip three tests that fail on big-endian architectures
* Sat Mar 22 2025 Fabio Valentini <[email protected]> - 2.0.1-1
- Update to version 2.0.1; Fixes RHBZ#2343601
* Sun Jan 19 2025 Fedora Release Engineering <[email protected]> -
1.0.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Mon Sep 2 2024 Fabio Valentini <[email protected]> - 1.0.0-1
- Update to version 1.0.0; Fixes RHBZ#2303544
* Fri Jul 19 2024 Fedora Release Engineering <[email protected]> -
0.99.17-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Fri Jan 26 2024 Fedora Release Engineering <[email protected]> -
0.99.17-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sat Aug 5 2023 Fabio Valentini <[email protected]> - 0.99.17-6
- Regenerate with rust2rpm v24
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-derive_more-impl-2.0.1-2.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Internal implementation of derive_more crate
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
2.0.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sat Mar 22 2025 Fabio Valentini <[email protected]> - 2.0.1-1
- Update to version 2.0.1; Fixes RHBZ#2343600
* Sun Jan 19 2025 Fedora Release Engineering <[email protected]> -
1.0.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Sun Sep 8 2024 Fabio Valentini <[email protected]> - 1.0.0-1
- Initial import (#2309192)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-dlv-list-0.5.2-2.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Semi-doubly linked list implemented using a vector
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.5.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Fri May 2 2025 Cristian Le <[email protected]> - 0.5.2-1
- Update to version 0.5.2; Fixes RHBZ#1989392
* Sun Jan 19 2025 Fedora Release Engineering <[email protected]> -
0.3.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Fri Jul 19 2024 Fedora Release Engineering <[email protected]> -
0.3.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Fri Jan 26 2024 Fedora Release Engineering <[email protected]> -
0.3.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-dotenv-0.15.0-16.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Dotenv implementation for Rust
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.15.0-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sun Jan 19 2025 Fedora Release Engineering <[email protected]> -
0.15.0-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Fri Sep 13 2024 Fabio Valentini <[email protected]> - 0.15.0-14
- Remove reference to readme file that is not included in published crates
* Fri Jul 19 2024 Fedora Release Engineering <[email protected]> -
0.15.0-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Fri Jan 26 2024 Fedora Release Engineering <[email protected]> -
0.15.0-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-get-size-derive2-0.7.0-1.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Derives the GetSize trait
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 20 2025 Benjamin A. Beasley <[email protected]> - 0.7.0-1
- Initial package (close RHBZ#2398141)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-get-size2-0.7.0-2.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Determine the size in bytes an object occupies inside RAM
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 20 2025 Benjamin A. Beasley <[email protected]> - 0.7.0-2
- Add missing rust2rpm.toml file
* Mon Oct 20 2025 Benjamin A. Beasley <[email protected]> - 0.7.0-1
- Initial package (close RHBZ#2398235)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-interpolator-0.5.0-3.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Runtime format strings, fully compatible with std's macros
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 4 2025 Benjamin A. Beasley <[email protected]> - 0.5.0-3
- Omit some unnecessary dev-dependencies
* Sat Oct 4 2025 Benjamin A. Beasley <[email protected]> - 0.5.0-2
- No longer allow proptest-derive 0.5
* Thu Oct 2 2025 Benjamin A. Beasley <[email protected]> - 0.5.0-1
- Initial package (close RHBZ#2398112)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-intrusive-collections-0.9.7-3.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Intrusive collections for Rust (linked list and red-black tree)
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.9.7-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sun Jan 19 2025 Fedora Release Engineering <[email protected]> -
0.9.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Tue Sep 17 2024 Fabio Valentini <[email protected]> - 0.9.7-1
- Update to version 0.9.7; Fixes RHBZ#2310229
* Fri Jul 19 2024 Fedora Release Engineering <[email protected]> -
0.9.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Wed Jul 10 2024 Oliver Steffen <[email protected]> - 0.9.6-1
- Initial import (fedora#2290692).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-macro_rules_attribute-0.2.2-2.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Use declarative macros in attribute or derive position
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.2.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Tue Jun 10 2025 Alexander F. Lent <[email protected]> - 0.2.2-1
- Initial Import (rhbz#2358542).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-macro_rules_attribute-proc_macro-0.2.2-2.el10_2
(FEDORA-EPEL-2025-d12b62c436)
Use declarative macros as proc_macro attributes or derives
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.2.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Tue Jun 3 2025 Alexander F. Lent <[email protected]> - 0.2.2-1
- Update macro_rules_attribute-proc_macro to 0.2.2
* Tue Jun 3 2025 Alexander F. Lent <[email protected]> - 0.2.0-1
- Initial Import (rhbz#2358541).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-manyhow-0.11.4-1.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Proc macro error handling à la anyhow x proc-macro-error
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 4 2025 Benjamin A. Beasley <[email protected]> - 0.11.4-1
- Initial package (close RHBZ#2398062)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-manyhow-macros-0.11.4-1.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Macro for manyhow
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 2 2025 Benjamin A. Beasley <[email protected]> - 0.11.4-1
- Initial package (close RHBZ#2398059)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-newtype-uuid-1.3.1-1.el10_2 (FEDORA-EPEL-2025-6cde68051a)
Newtype wrapper around UUIDs
--------------------------------------------------------------------------------
Update Information:
Update to version 1.3.1.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Fabio Valentini <[email protected]> - 1.3.1-1
- Update to version 1.3.1; Fixes RHBZ#2400557
--------------------------------------------------------------------------------
================================================================================
rust-normpath-1.5.0-1.el10_2 (FEDORA-EPEL-2025-d0ba8cbd73)
More reliable path manipulation
--------------------------------------------------------------------------------
Update Information:
Update to version 1.5.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Fabio Valentini <[email protected]> - 1.5.0-1
- Update to version 1.5.0
--------------------------------------------------------------------------------
================================================================================
rust-ordered-float-5.1.0-1.el10_2 (FEDORA-EPEL-2025-14c2869900)
Wrappers for total ordering on floats
--------------------------------------------------------------------------------
Update Information:
Update to version 5.1.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Fabio Valentini <[email protected]> - 5.1.0-1
- Update to version 5.1.0; Fixes RHBZ#2400474
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
5.0.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-ordered-multimap-0.7.3-2.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Insertion ordered multimap
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.7.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Thu May 1 2025 Cristian Le <[email protected]> - 0.7.3-1
- Update to version 0.7.3; Fixes RHBZ#1976416
* Sun Jan 19 2025 Fedora Release Engineering <[email protected]> -
0.4.3-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Sat Jul 20 2024 Fedora Release Engineering <[email protected]> -
0.4.3-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Fri Jan 26 2024 Fedora Release Engineering <[email protected]> -
0.4.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-os_pipe-1.2.3-1.el10_2 (FEDORA-EPEL-2025-2559918f89)
Cross-platform library for opening OS pipes
--------------------------------------------------------------------------------
Update Information:
Update to version 1.2.3.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Fabio Valentini <[email protected]> - 1.2.3-1
- Update to version 1.2.3; Fixes RHBZ#2403315
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
1.2.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-owo-colors-4.2.3-1.el10_2 (FEDORA-EPEL-2025-9bbf48b4a7)
Zero-allocation terminal colors that'll make people go owo
--------------------------------------------------------------------------------
Update Information:
Update to version 4.2.3.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Fabio Valentini <[email protected]> - 4.2.3-1
- Update to version 4.2.3; Fixes RHBZ#2400178
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
4.2.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-pem-3.0.6-1.el10_2 (FEDORA-EPEL-2025-75ee065645)
Parse and encode PEM-encoded data
--------------------------------------------------------------------------------
Update Information:
Update to version 3.0.6.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Fabio Valentini <[email protected]> - 3.0.6-1
- Update to version 3.0.6; Fixes RHBZ#2403116
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
3.0.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-proc-macro-utils-0.10.0-1.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Low-level utilities on proc-macro and proc-macro2 types
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 29 2025 Benjamin A. Beasley <[email protected]> - 0.10.0-1
- Initial package (close RHBZ#2398050)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-pyproject-toml-0.13.7-1.el10_2 (FEDORA-EPEL-2025-70db50a2aa)
Pyproject.toml parser in Rust
--------------------------------------------------------------------------------
Update Information:
Update to version 0.13.7.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Fabio Valentini <[email protected]> - 0.13.7-1
- Update to version 0.13.7; Fixes RHBZ#2402709
--------------------------------------------------------------------------------
================================================================================
rust-quote-use-0.8.4-2.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Support use in procmacros hygienically
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 7 2025 Benjamin A. Beasley <[email protected]> - 0.8.4-2
- Omit several unused dev-dependencies
* Sat Oct 4 2025 Benjamin A. Beasley <[email protected]> - 0.8.4-1
- Initial package (close RHBZ#2398057)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-quote-use-macros-0.8.4-1.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Support use in procmacros hygienically
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 2 2025 Benjamin A. Beasley <[email protected]> - 0.8.4-1
- Initial package (close RHBZ#2398054)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-regex-lite-0.1.8-1.el10_2 (FEDORA-EPEL-2025-d6a791280e)
Lightweight regex engine that optimizes for binary size and compilation time
--------------------------------------------------------------------------------
Update Information:
Update to version 0.1.8.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Fabio Valentini <[email protected]> - 0.1.8-1
- Update to version 0.1.8; Fixes RHBZ#2403246
--------------------------------------------------------------------------------
================================================================================
rust-regex-syntax-0.8.8-1.el10_2 (FEDORA-EPEL-2025-f4d78efa12)
Regular expression parser
--------------------------------------------------------------------------------
Update Information:
Update to version 0.8.8.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Fabio Valentini <[email protected]> - 0.8.8-1
- Update to version 0.8.8; Fixes RHBZ#2403247
--------------------------------------------------------------------------------
================================================================================
rust-reqsign-0.17.0-1.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Signing HTTP requests for popular cloud services
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Benjamin A. Beasley <[email protected]> - 0.17.0-1
- Initial package (close RHBZ#2400218)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-reqsign-aws-v4-1.0.0-1.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Signing API requests without effort
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 11 2025 Benjamin A. Beasley <[email protected]> - 1.0.0-1
- Initial package (close RHBZ#2400195)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-reqsign-command-execute-tokio-1.0.0-1.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Tokio-based command execution implementation for reqsign
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 2 2025 Benjamin A. Beasley <[email protected]> - 1.0.0-1
- Initial package (close RHBZ#2400111)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-reqsign-core-1.0.0-1.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Signing API requests without effort
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 30 2025 Benjamin A. Beasley <[email protected]> - 1.0.0-1
- Initial package (close RHBZ#2400096)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-reqsign-file-read-tokio-1.0.0-1.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Signing API requests without effort
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 8 2025 Benjamin A. Beasley <[email protected]> - 1.0.0-1
- Initial package (close RHBZ#2400101)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-reqsign-http-send-reqwest-1.0.0-1.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Signing API requests without effort
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 2 2025 Benjamin A. Beasley <[email protected]> - 1.0.0-1
- Initial package (close RHBZ#2400100)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-reqwest-0.12.24-1.el10_2 (FEDORA-EPEL-2025-3c514266f2)
Higher level HTTP client library
--------------------------------------------------------------------------------
Update Information:
Update to version 0.12.24.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Fabio Valentini <[email protected]> - 0.12.24-1
- Update to version 0.12.24; Fixes RHBZ#2403553
--------------------------------------------------------------------------------
================================================================================
rust-rust-ini-0.21.3-1.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Ini configuration file parsing library in Rust
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Fabio Valentini <[email protected]> - 0.21.3-1
- Update to version 0.21.3; Fixes RHBZ#2392154
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.21.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Tue Jul 8 2025 Fabio Valentini <[email protected]> - 0.21.2-1
- Update to version 0.21.2; Fixes RHBZ#2375939
* Thu May 1 2025 Cristian Le <[email protected]> - 0.21.1-1
- Update to version 0.21.1; Fixes RHBZ#2193253
* Sun Jan 19 2025 Fedora Release Engineering <[email protected]> -
0.18.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Sat Jul 20 2024 Fedora Release Engineering <[email protected]> -
0.18.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Fri Jan 26 2024 Fedora Release Engineering <[email protected]> -
0.18.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-rustls-native-certs-0.8.2-1.el10_2 (FEDORA-EPEL-2025-02566e181d)
Allows rustls to use the platform native certificate store
--------------------------------------------------------------------------------
Update Information:
Update to version 0.8.2.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Fabio Valentini <[email protected]> - 0.8.2-1
- Update to version 0.8.2; Fixes RHBZ#2404132
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.8.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sun Jan 19 2025 Fedora Release Engineering <[email protected]> -
0.8.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-rusty-fork-0.3.1-1.el10_2 (FEDORA-EPEL-2025-b164b07693)
Library for running Rust tests in sub-processes using a fork-like interface
--------------------------------------------------------------------------------
Update Information:
Update to version 0.3.1.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Fabio Valentini <[email protected]> - 0.3.1-1
- Update to version 0.3.1; Fixes RHBZ#2401611
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.3.0-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sun Jan 19 2025 Fedora Release Engineering <[email protected]> -
0.3.0-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-scc-2.4.0-1.el10_2 (FEDORA-EPEL-2025-dbbfc1ef69)
Containers and utilities for concurrent and asynchronous programming
--------------------------------------------------------------------------------
Update Information:
Update to version 2.4.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Fabio Valentini <[email protected]> - 2.4.0-1
- Update to version 2.4.0
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
2.3.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-socket2-0.6.1-1.el10_2 (FEDORA-EPEL-2025-bea7bb72c7)
Utilities for handling networking sockets
--------------------------------------------------------------------------------
Update Information:
Update to version 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Fabio Valentini <[email protected]> - 0.6.1-1
- Update to version 0.6.1; Fixes RHBZ#2403506
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.6.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-stable_deref_trait-1.2.1-1.el10_2 (FEDORA-EPEL-2025-555e84e4ae)
Dereference to a stable address even when moved
--------------------------------------------------------------------------------
Update Information:
Update to version 1.2.1.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Fabio Valentini <[email protected]> - 1.2.1-1
- Update to version 1.2.1; Fixes RHBZ#2402663
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
1.2.0-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sun Jan 19 2025 Fedora Release Engineering <[email protected]> -
1.2.0-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-syn-2.0.107-1.el10_2 (FEDORA-EPEL-2025-2a7299137e)
Parser for Rust source code
--------------------------------------------------------------------------------
Update Information:
Update to version 2.0.107.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Fabio Valentini <[email protected]> - 2.0.107-1
- Update to version 2.0.107; Fixes RHBZ#2404927
--------------------------------------------------------------------------------
================================================================================
rust-system-deps-7.0.6-1.el10_2 (FEDORA-EPEL-2025-2e162aac5c)
Declarative system dependencies in Cargo.toml
--------------------------------------------------------------------------------
Update Information:
Update to version 7.0.6.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Fabio Valentini <[email protected]> - 7.0.6-1
- Update to version 7.0.6; Fixes RHBZ#2403779
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
7.0.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-tikv-jemalloc-sys-0.6.1-1.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Rust FFI bindings to jemalloc
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 16 2025 Benjamin A. Beasley <[email protected]> - 0.6.1-1
- Update to version 0.6.1
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.6.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-tikv-jemallocator-0.6.1-1.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Rust allocator backed by jemalloc
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 16 2025 Benjamin A. Beasley <[email protected]> - 0.6.1-1
- Update to version 0.6.1; Fixes RHBZ#2404523
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.6.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-trybuild2-1.2.0-5.el10_2 (FEDORA-EPEL-2025-d12b62c436)
Test harness for ui tests of compiler diagnostics
--------------------------------------------------------------------------------
Update Information:
ruff 0.14.1
https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Initial packages for a number of new dependencies for ruff and uv, and initial
EPEL10 packages for a few of their dependencies.
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
1.2.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sun Jan 19 2025 Fedora Release Engineering <[email protected]> -
1.2.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Sat Jul 20 2024 Fedora Release Engineering <[email protected]> -
1.2.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Sat Jan 27 2024 Fedora Release Engineering <[email protected]> -
1.2.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Thu Jan 11 2024 Fabio Valentini <[email protected]> - 1.2.0-1
- Update to version 1.2.0; Fixes RHBZ#2253010
* Thu Jul 27 2023 Fabio Valentini <[email protected]> - 1.1.0-1
- Update to version 1.1.0; Fixes RHBZ#2224729
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2360699 - ruff-0.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2360699
[ 2 ] Bug #2405468 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar
Vulnerable to PAX Header Desynchronization [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2405468
--------------------------------------------------------------------------------
================================================================================
rust-unicode-width-0.2.2-1.el10_2 (FEDORA-EPEL-2025-6a333e29e8)
Determine displayed width of 'char' and 'str' types
--------------------------------------------------------------------------------
Update Information:
Update to version 0.2.2.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Fabio Valentini <[email protected]> - 0.2.2-1
- Update to version 0.2.2; Fixes RHBZ#2401886
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.2.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-webpki-roots-1.0.3-1.el10_2 (FEDORA-EPEL-2025-28d8a60398)
Mozilla's CA root certificates for use with webpki
--------------------------------------------------------------------------------
Update Information:
Update to version 1.0.3.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Fabio Valentini <[email protected]> - 1.0.3-1
- Update to version 1.0.3; Fixes RHBZ#2402416
--------------------------------------------------------------------------------
================================================================================
rust-xattr-1.6.1-1.el10_2 (FEDORA-EPEL-2025-14589f47a1)
Unix extended filesystem attributes
--------------------------------------------------------------------------------
Update Information:
Update to version 1.6.1.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2025 Fabio Valentini <[email protected]> - 1.6.1-1
- Update to version 1.6.1; Fixes RHBZ#2397136
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
1.5.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
