[EPEL-devel] Fedora EPEL 9 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The following Fedora EPEL 9 Security updates need testing:
 Age  URL
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-7feb10dac5   trafficserver-9.2.9-1.el9
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-e78841c77e   python-django4.2-4.2.20-1.el9


The following builds have been pushed to Fedora EPEL 9 updates-testing

    radare2-5.9.8-7.el9
    rust-cargo_toml-0.22.1-1.el9
    rust-jiff-0.2.4-1.el9
    rust-onefetch-2.23.1-3.el9
    rust-onefetch-manifest-2.23.1-3.el9
    yamllint-1.36.0-1.el9

Details about builds:


================================================================================
 radare2-5.9.8-7.el9 (FEDORA-EPEL-2025-b3b0248eac)
 The reverse engineering framework
--------------------------------------------------------------------------------
Update Information:

fix CVE-2024-56737, CVE-2025-56737, CVE-2025-1864
Fix CVE-2025-1744  and CVE-2025-1864
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 11 2025 Michal Ambroz <rebus@xxxxxxxxx> - 5.9.8-7
- fix CVE-2024-56737
* Fri Mar  7 2025 Michal Ambroz <rebus@xxxxxxxxx> - 5.9.8-6
- fix CVE-2025-1744 and CVE-2025-1864
* Sat Jan 18 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 5.9.8-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2334774 - CVE-2024-56737 radare2: heap-based buffer overflow [epel-8]
        https://bugzilla.redhat.com/show_bug.cgi?id=2334774
  [ 2 ] Bug #2334775 - CVE-2024-56737 radare2: heap-based buffer overflow [epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2334775
  [ 3 ] Bug #2334777 - CVE-2024-56737 radare2: heap-based buffer overflow [fedora-40]
        https://bugzilla.redhat.com/show_bug.cgi?id=2334777
  [ 4 ] Bug #2334779 - CVE-2024-56737 radare2: heap-based buffer overflow [fedora-41]
        https://bugzilla.redhat.com/show_bug.cgi?id=2334779
  [ 5 ] Bug #2348976 - CVE-2025-1744 radare2: Out-of-bounds Write in radare2 [epel-8]
        https://bugzilla.redhat.com/show_bug.cgi?id=2348976
  [ 6 ] Bug #2348977 - CVE-2025-1744 radare2: Out-of-bounds Write in radare2 [epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2348977
  [ 7 ] Bug #2348978 - CVE-2025-1744 radare2: Out-of-bounds Write in radare2 [fedora-40]
        https://bugzilla.redhat.com/show_bug.cgi?id=2348978
  [ 8 ] Bug #2348979 - CVE-2025-1744 radare2: Out-of-bounds Write in radare2 [fedora-41]
        https://bugzilla.redhat.com/show_bug.cgi?id=2348979
  [ 9 ] Bug #2349508 - CVE-2025-1864 radare2: Buffer Overflow and Potential Code Execution in Radare2 [epel-8]
        https://bugzilla.redhat.com/show_bug.cgi?id=2349508
  [ 10 ] Bug #2349509 - CVE-2025-1864 radare2: Buffer Overflow and Potential Code Execution in Radare2 [epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2349509
  [ 11 ] Bug #2349510 - CVE-2025-1864 radare2: Buffer Overflow and Potential Code Execution in Radare2 [fedora-40]
        https://bugzilla.redhat.com/show_bug.cgi?id=2349510
  [ 12 ] Bug #2349511 - CVE-2025-1864 radare2: Buffer Overflow and Potential Code Execution in Radare2 [fedora-41]
        https://bugzilla.redhat.com/show_bug.cgi?id=2349511
--------------------------------------------------------------------------------


================================================================================
 rust-cargo_toml-0.22.1-1.el9 (FEDORA-EPEL-2025-5b4b4002ea)
 Cargo.toml struct definitions for parsing with Serde
--------------------------------------------------------------------------------
Update Information:

Update rust-cargo_toml from 0.21.0 to 0.22.1.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 11 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.22.1-1
- Update to 0.22.1 (close RHBZ#2350957)
* Sun Jan 19 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.21.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2350957 - rust-cargo_toml-0.22.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2350957
--------------------------------------------------------------------------------


================================================================================
 rust-jiff-0.2.4-1.el9 (FEDORA-EPEL-2025-90c2f27633)
 Date-time library that encourages you to jump into the pit of success
--------------------------------------------------------------------------------
Update Information:

https://github.com/BurntSushi/jiff/blob/0.2.4/CHANGELOG.md#024-2025-03-10
https://github.com/BurntSushi/jiff/blob/0.2.3/CHANGELOG.md#023-2025-03-07
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 11 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.2.4-1
- Update to 0.2.4 (close RHBZ#2351235)
* Sun Mar  9 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.2.3-2
- Do more dev-dependency patching with tomcli
* Sun Mar  9 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.2.3-1
- Update to 0.2.3 (close RHBZ#2350480)
* Sun Mar  9 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.2.2-1
- Update to 0.2.2
- Patch out features for static timezone databases
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2350480 - rust-jiff-0.2.3 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2350480
  [ 2 ] Bug #2351235 - rust-jiff-0.2.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2351235
--------------------------------------------------------------------------------


================================================================================
 rust-onefetch-2.23.1-3.el9 (FEDORA-EPEL-2025-5b4b4002ea)
 Command-line Git information tool
--------------------------------------------------------------------------------
Update Information:

Update rust-cargo_toml from 0.21.0 to 0.22.1.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 11 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 2.23.1-3
- Rebuilt with rust-cargo_toml 0.22.1; updated License expression
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2350957 - rust-cargo_toml-0.22.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2350957
--------------------------------------------------------------------------------


================================================================================
 rust-onefetch-manifest-2.23.1-3.el9 (FEDORA-EPEL-2025-5b4b4002ea)
 Detect and parse manifest files
--------------------------------------------------------------------------------
Update Information:

Update rust-cargo_toml from 0.21.0 to 0.22.1.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 11 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 2.23.1-3
- Update cargo_toml from 0.21.0 to 0.22.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2350957 - rust-cargo_toml-0.22.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2350957
--------------------------------------------------------------------------------


================================================================================
 yamllint-1.36.0-1.el9 (FEDORA-EPEL-2025-4975a38085)
 A linter for YAML files
--------------------------------------------------------------------------------
Update Information:

Update to latest upstream version
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 11 2025 Adrien Vergé <adrienverge@xxxxxxxxx> - 1.36.0-1
- Update to latest upstream version
--------------------------------------------------------------------------------



-- 
_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux