The following Fedora EPEL 8 Security updates need testing: Age URL 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-a3c235642b trafficserver-9.2.9-1.el8 The following builds have been pushed to Fedora EPEL 8 updates-testing AMF-1.4.36.0-1.el8 gcc-epel-8.5.0-25.el8 mold-2.37.1-1.el8 ncdu-1.22-1.el8 radare2-5.9.8-7.el8 unrealircd-6.1.10-1.el8 Details about builds: ================================================================================ AMF-1.4.36.0-1.el8 (FEDORA-EPEL-2025-7d6862c6bc) Advanced Media Framework (AMF) SDK -------------------------------------------------------------------------------- Update Information: Update to 1.4.36.0. -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 8 2025 Simone Caronni <negativo17@xxxxxxxxx> - 1.4.36.0-1 - Update to 1.4.36.0 -------------------------------------------------------------------------------- ================================================================================ gcc-epel-8.5.0-25.el8 (FEDORA-EPEL-2025-72bde1bf7d) Various compilers (C, C++, Objective-C, ...) -------------------------------------------------------------------------------- Update Information: backport from 8.5.0-23: rebuild for CVE-2020-11023 (RHEL-78274) -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 8 2025 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 8.5.0-25 - disable bootstrap mode and rebuild using gcc-epel-8.5.0-24.el8 * Sat Mar 8 2025 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 8.5.0-24 - backport from 8.5.0-23: rebuild for CVE-2020-11023 (RHEL-78274) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2350609 - GCC-GNAT 8.5.0-23 is obselete https://bugzilla.redhat.com/show_bug.cgi?id=2350609 -------------------------------------------------------------------------------- ================================================================================ mold-2.37.1-1.el8 (FEDORA-EPEL-2025-5da9635216) A Modern Linker -------------------------------------------------------------------------------- Update Information: Update to 2.37.1 (#2350273) -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 7 2025 Christoph Erhardt <fedora@xxxxxxxxxxx> - 2.37.1-1 - Update to 2.37.1 (#2350273) * Sun Feb 2 2025 Christoph Erhardt <fedora@xxxxxxxxxxx> - 2.36.0-4 - Fix static PIE on aarch64 (rhbz#2340876) * Fri Jan 24 2025 Christoph Erhardt <fedora@xxxxxxxxxxx> - 2.36.0-3 - Skip broken unit tests on s390x (rhbz#2340876) * Fri Jan 17 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.36.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2350273 - mold-2.37.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2350273 -------------------------------------------------------------------------------- ================================================================================ ncdu-1.22-1.el8 (FEDORA-EPEL-2025-896926680e) Text-based disk usage viewer -------------------------------------------------------------------------------- Update Information: Update to 1.22 (released 2025-03-05). Changes in this version: Add support for @-prefixed lines to ignore errors in config file (from 2.8) List all supported options in --help (from 2.8) Use kB instead of KB in --si mode (from 2.8) Add --graph-style option (from 2.1) Fix supported range of uid/gid numbers -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 8 2025 Richard Fearn <richardfearn@xxxxxxxxx> - 1.22-1 - Update to 1.22 (#2350431) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2350431 - ncdu-1.22 is available https://bugzilla.redhat.com/show_bug.cgi?id=2350431 -------------------------------------------------------------------------------- ================================================================================ radare2-5.9.8-7.el8 (FEDORA-EPEL-2025-b5b47ab7b3) The reverse engineering framework -------------------------------------------------------------------------------- Update Information: Fix CVE-2025-1744 and CVE-2025-1864 -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 7 2025 Michal Ambroz <rebus@xxxxxxxxx> - 5.9.8-7 - RPMAUTOSPEC: unresolvable merge -------------------------------------------------------------------------------- References: [ 1 ] Bug #2348979 - CVE-2025-1744 radare2: Out-of-bounds Write in radare2 [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2348979 [ 2 ] Bug #2349509 - CVE-2025-1864 radare2: Buffer Overflow and Potential Code Execution in Radare2 [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2349509 -------------------------------------------------------------------------------- ================================================================================ unrealircd-6.1.10-1.el8 (FEDORA-EPEL-2025-d03553e984) Open Source IRC server -------------------------------------------------------------------------------- Update Information: UnrealIRCd 6.1.10 This is mostly a maintenance release with a few small new features. Enhancements In the spamfilter { } block two new options: input-conversion: This can be set to none to make the spamfilter run against the original text. This in contrast to how default spamfilter behaves where the text is matched against text that has color and control codes removed. Can be useful if you need to match against such a special character. show-message-content-on-hit: this works like set::show-message-content-on-hit, but on an individual spamfilter basis. If unrealircd.conf doesn't exist then upstream now offers to copy the example configuration (showing a list of languages to pick from). Changes Update the example configuration: Mark specific sections with "CHANGE THIS" for people who are in a hurry and really only want to do the bare minimum to get the IRCd booted. More things are commented out by default, like example link blocks and ulines. In addition to the the default ircd.log text file log block, also add a JSON log block. JSON logging includes a lot of information about every event so is great for auditing purposes and machine readable. Error on some more duplicate config items, e.g. allow::password. In target-flood log messages upstream now shows the message type (e.g. PRIVMSG). Fixes Fix compile problems on (upcoming) GCC 15 as it assumes C23 by default. This for future Fedora 42 and possibly Ubuntu 25.04, both scheduled around April 2025. Fix crash on SPAMREPORT <ip> (IRCOp-only command) if the central-blocklist module is loaded. Fix make_channel() not checking minimal validity of channel names. Only an issue for (bad) trusted remote server traffic. -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 8 2025 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 6.1.10-1 - Upgrade to 6.1.10 (#2345958) * Sat Feb 1 2025 Björn Esser <besser82@xxxxxxxxxxxxxxxxx> - 6.1.9.1-3 - Add explicit BR: libxcrypt-devel * Sun Jan 19 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 6.1.9.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2345958 - unrealircd-6.1.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=2345958 --------------------------------------------------------------------------------
-- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
