[EPEL-devel] Fedora EPEL 9 updates-testing report

updates Sat, 14 Jun 2025 19:02:49 -0700

The following Fedora EPEL 9 Security updates need testing:
 Age  URL
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-ead5908650   
python-django4.2-4.2.22-1.el9
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-a36cdc1182   
kea-2.6.3-1.el9
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-9c03a7aa1d   
konsole5-23.08.5-2.el9
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-549cb45f1c   
chromium-137.0.7151.103-1.el9



The following builds have been pushed to Fedora EPEL 9 updates-testing

    blivet-gui-2.5.0-1.el9
    radicale-3.5.4-3.el9
    rust-below-common-0.9.0-3.el9
    rust-find-crate-0.6.3-11.el9
    rust-jiff-0.2.15-1.el9
    salt3006-3006.12-1.el9

Details about builds:


================================================================================
 blivet-gui-2.5.0-1.el9 (FEDORA-EPEL-2025-36c5f2c745)
 Tool for data storage configuration
--------------------------------------------------------------------------------
Update Information:

Initial release for EPEL9. Upstream release 2.5.0 compatible with blivet 3.6.0
available in C9S/RHEL9.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jun 14 2025 Vojtech Trefny <vtre...@redhat.com> - 2.5.0-1
- Initial build for EPEL9
--------------------------------------------------------------------------------


================================================================================
 radicale-3.5.4-3.el9 (FEDORA-EPEL-2025-07867cf944)
 A simple CalDAV (calendar) and CardDAV (contact) server
--------------------------------------------------------------------------------
Update Information:

Rename InfCloud-fonts package to InfCloud-fontware (BZ#2372650)
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jun 16 2025 Peter Bieringer <p...@bieringer.de> - 3.5.4-3
- Rename InfCloud-fonts package to InfCloud-fontware (BZ#2372650)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2372650 - radicale3-InfCloud-fonts get confused as a font package
        https://bugzilla.redhat.com/show_bug.cgi?id=2372650
--------------------------------------------------------------------------------


================================================================================
 rust-below-common-0.9.0-3.el9 (FEDORA-EPEL-2025-04574dbb9d)
 Common below code
--------------------------------------------------------------------------------
Update Information:

Bump cursive dependency from 0.20 to 0.21
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jun 14 2025 Michel Lind <sali...@fedoraproject.org> - 0.9.0-3
- Bump cursive dependency from 0.20 to 0.21
--------------------------------------------------------------------------------


================================================================================
 rust-find-crate-0.6.3-11.el9 (FEDORA-EPEL-2025-21b68bd2b3)
 Find the crate name from the current Cargo.toml
--------------------------------------------------------------------------------
Update Information:

Bump semver dependency from 0.11 to 1.0
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jun 13 2025 Michel Lind <sali...@fedoraproject.org> - 0.6.3-11
- Bump semver dependency from 0.11 to 1.0
* Sun Jan 19 2025 Fedora Release Engineering <rel...@fedoraproject.org> - 
0.6.3-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Fri Jul 19 2024 Fedora Release Engineering <rel...@fedoraproject.org> - 
0.6.3-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Fri Jan 26 2024 Fedora Release Engineering <rel...@fedoraproject.org> - 
0.6.3-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jul 21 2023 Fedora Release Engineering <rel...@fedoraproject.org> - 
0.6.3-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 rust-jiff-0.2.15-1.el9 (FEDORA-EPEL-2025-80c8c7d8ed)
 Date-time library that encourages you to jump into the pit of success
--------------------------------------------------------------------------------
Update Information:

0.2.15 (2025-06-13)
This release fixes a bug where error values were being constructed during
parsing even in the success case. This was a regression introduced in 0.2.14
as a result of trying to improve compilation times. Thankfully, fixing this
regression doesn't seem to meaningfully impact the amount of IR generated by
compiling Jiff.
Bug fixes:
#385:
Fixes a performance regression for parsing.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jun 14 2025 Benjamin A. Beasley <c...@musicinmybrain.net> - 0.2.15-1
- Update to version 0.2.15; Fixes RHBZ#2372783
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2372783 - rust-jiff-0.2.15 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2372783
--------------------------------------------------------------------------------


================================================================================
 salt3006-3006.12-1.el9 (FEDORA-EPEL-2025-56a6ede4ef)
 A parallel remote execution system
--------------------------------------------------------------------------------
Update Information:

Resolves multiple CVEs.  Update to 3006.12.
This update contains various bugfixes to the 3006 LTS.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jun 14 2025 Robby Callicotte <rcallico...@fedoraproject.org> - 3006.12-1
- Updated to 3006.12
- Resolves CVE-2024-38822 RHBZ#2372754
- Resolves CVE-2024-38823 RHBZ#2372743
- Resolves CVE-2024-38824 RHBZ#2372729
- Resolves CVE-2024-38825 RHBZ#2372749
- Resolves CVE-2025-22236 RHBZ#2372771
- Resolves CVE-2025-22237 RHBZ#2372770
- Resolves CVE-2025-22238 RHBZ#2372769
- Resolves CVE-2025-22239 RHBZ#2372730
- Resolves CVE-2025-22240 RHBZ#2372742
- Resolves CVE-2025-22241 RHBZ#2372737
- Resolves CVE-2025-22242 RHBZ#2372739
* Mon Jun  9 2025 Robby Callicotte <rcallico...@fedoraproject.org> - 3006.11-1
- Updated to 3006.11
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2372729 - CVE-2024-38824 salt3006: Directory traversal in 
saltstack [epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2372729
  [ 2 ] Bug #2372730 - CVE-2025-22239 salt3006: Event injection in saltstack 
[epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2372730
  [ 3 ] Bug #2372737 - CVE-2025-22241 salt3006: File overwrite in saltstack 
[epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2372737
  [ 4 ] Bug #2372739 - CVE-2025-22242 salt3006: Denial of service in saltstack 
[epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2372739
  [ 5 ] Bug #2372742 - CVE-2025-22240 salt3006: Path traversal in saltstack 
[epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2372742
  [ 6 ] Bug #2372743 - CVE-2024-38823 salt3006: Replay attack in saltstack 
[epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2372743
  [ 7 ] Bug #2372749 - CVE-2024-38825 salt3006: Authentication bypass in 
saltstack [epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2372749
  [ 8 ] Bug #2372754 - CVE-2024-38822 salt3006: Token validation errors in 
saltstack [epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2372754
  [ 9 ] Bug #2372769 - CVE-2025-22238 salt3006: Directory traversal in salt 
project [epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2372769
  [ 10 ] Bug #2372770 - CVE-2025-22237 salt3006: Code injection in salt project 
[epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2372770
  [ 11 ] Bug #2372771 - CVE-2025-22236 salt3006: Authorization bypass in salt 
project [epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2372771
--------------------------------------------------------------------------------


-- 
_______________________________________________
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[EPEL-devel] Fedora EPEL 9 updates-testing report

Reply via email to