The following Fedora EPEL 8 Security updates need testing:
Age URL
2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-5b2095e2c2
xpdf-4.06-1.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
exim-4.99-2.el8
rnp-0.18.1-1.el8
teem-1.11.0-55.el8
xrootd-5.9.1-1.el8
Details about builds:
================================================================================
exim-4.99-2.el8 (FEDORA-EPEL-2025-316343e185)
The exim mail transfer agent
--------------------------------------------------------------------------------
Update Information:
This is an update fixing lookup libraries names.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 20 2025 Jaroslav Å karvada <[email protected]> - 4.99-2
- Fixed lookup libraries names
Resolves: rhbz#2415008
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2415008 - exim-4.99 fails to load dynamic lookup modules
(mysql/pgsql etc.)
https://bugzilla.redhat.com/show_bug.cgi?id=2415008
--------------------------------------------------------------------------------
================================================================================
rnp-0.18.1-1.el8 (FEDORA-EPEL-2025-c2bf491987)
OpenPGP (RFC4880) tools
--------------------------------------------------------------------------------
Update Information:
Version 0.18.1
Security
Fixed critical issue where PKESK (public-key encrypted) session keys were
generated as all-zero, allowing trivial decryption of messages encrypted with
public keys only (CVE-2025-13402)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 21 2025 Remi Collet <[email protected]> - 0.18.1-1
- update to 0.18.1 for CVE-2025-13402
- disable gpg check reported as https://github.com/rnpgp/rnp/issues/2375
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2415866 - CVE-2025-13402 rnp: RNP PKESK Session Keys Generated as
AllâZero [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=2415866
--------------------------------------------------------------------------------
================================================================================
teem-1.11.0-55.el8 (FEDORA-EPEL-2025-744e938611)
Libraries for processing and visualizing scientific raster data
--------------------------------------------------------------------------------
Update Information:
Update License expression: LicenseRef-Fedora-Temporary-Simple-Library-exception
was assigned SPDX identifier Simple-Library-Usage-exception.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 20 2025 Benjamin A. Beasley <[email protected]> - 1.11.0-55
- Update License expression
- LicenseRef-Fedora-Temporary-Simple-Library-exception was assigned SPDX
identifier Simple-Library-Usage-exception
--------------------------------------------------------------------------------
================================================================================
xrootd-5.9.1-1.el8 (FEDORA-EPEL-2025-542c9a4155)
Extended ROOT file server
--------------------------------------------------------------------------------
Update Information:
XRootD 5.9.1
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 18 2025 Mattias Ellert <[email protected]> - 1:5.9.1-1
- Update to version 5.9.1
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
