[EPEL-devel] Fedora EPEL 10.1 updates-testing report

updates Sun, 30 Nov 2025 16:32:29 -0800

The following Fedora EPEL 10.1 Security updates need testing:
 Age  URL
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-f5ce86fd47   
nextcloud-32.0.2-1.el10_1
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-d459347e22   
restic-0.18.1-1.el10_1
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-b5821dbb11   
rclone-1.72.0-1.el10_1
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-001ad6132c   
openbao-2.4.4-1.el10_1
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-632b8c5a36   
stb-0^20251025gitf1c79c0-2.el10_1
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-f8b4636e06   
fcgi-2.4.7-1.el10_1



The following builds have been pushed to Fedora EPEL 10.1 updates-testing

    NetworkManager-l2tp-1.20.20-5.el10_1
    libwebsockets-4.3.7-1.el10_1
    perl-Socket-GetAddrInfo-0.22-36.el10_1

Details about builds:


================================================================================
 NetworkManager-l2tp-1.20.20-5.el10_1 (FEDORA-EPEL-2025-ce9cc90e57)
 NetworkManager VPN plugin for L2TP and L2TP/IPsec
--------------------------------------------------------------------------------
Update Information:

Add README.Fedora for Fedora or README.EPEL for EPEL
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 12 2025 Douglas Kosovic <[email protected]> - 1.20.20-5
- Add README.Fedora for Fedora or README.EPEL for EPEL
- Use (go-l2tp or xl2tpd) dependency for Fedora 43 to handle upgrades
  from earlier Fedora versions that had xl2tpd installed.
* Tue Aug 26 2025 Douglas Kosovic <[email protected]> - 1.20.20-4
- Fix orphaned xl2tpd dependency issue, switch to go-l2tp 
(rhbz#2390669,rhbz#2390688)
* Wed Jul 23 2025 Fedora Release Engineering <[email protected]> - 
1.20.20-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Thu Jan 16 2025 Fedora Release Engineering <[email protected]> - 
1.20.20-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 libwebsockets-4.3.7-1.el10_1 (FEDORA-EPEL-2025-66b4d6f6bf)
 Lightweight C library for Websockets
--------------------------------------------------------------------------------
Update Information:

Update to 4.3.7
--------------------------------------------------------------------------------
ChangeLog:

* Sun Nov 30 2025 Peter Robinson <[email protected]> - 4.3.7-1
- Update to 4.3.7
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2405213 - CVE-2025-11679 libwebsockets: Out-of-bounds Read in 
libwebsockets PNG parsing [epel-10]
        https://bugzilla.redhat.com/show_bug.cgi?id=2405213
  [ 2 ] Bug #2405215 - CVE-2025-11679 libwebsockets: Out-of-bounds Read in 
libwebsockets PNG parsing [epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2405215
  [ 3 ] Bug #2405217 - CVE-2025-11679 libwebsockets: Out-of-bounds Read in 
libwebsockets PNG parsing [fedora-42]
        https://bugzilla.redhat.com/show_bug.cgi?id=2405217
  [ 4 ] Bug #2405247 - CVE-2025-11677 libwebsockets: Use After Free in 
libwebsockets WebSocket server [epel-10]
        https://bugzilla.redhat.com/show_bug.cgi?id=2405247
  [ 5 ] Bug #2405249 - CVE-2025-11677 libwebsockets: Use After Free in 
libwebsockets WebSocket server [epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2405249
  [ 6 ] Bug #2405251 - CVE-2025-11677 libwebsockets: Use After Free in 
libwebsockets WebSocket server [fedora-42]
        https://bugzilla.redhat.com/show_bug.cgi?id=2405251
  [ 7 ] Bug #2405258 - CVE-2025-11680 libwebsockets: Out-of-bounds Write in 
libwebsockets PNG parsing [epel-10]
        https://bugzilla.redhat.com/show_bug.cgi?id=2405258
  [ 8 ] Bug #2405260 - CVE-2025-11680 libwebsockets: Out-of-bounds Write in 
libwebsockets PNG parsing [epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2405260
  [ 9 ] Bug #2405262 - CVE-2025-11680 libwebsockets: Out-of-bounds Write in 
libwebsockets PNG parsing [fedora-42]
        https://bugzilla.redhat.com/show_bug.cgi?id=2405262
  [ 10 ] Bug #2405566 - CVE-2025-11678 libwebsockets: Stack-based Buffer 
Overflow in libwebsockets [epel-10]
        https://bugzilla.redhat.com/show_bug.cgi?id=2405566
  [ 11 ] Bug #2405569 - CVE-2025-11678 libwebsockets: Stack-based Buffer 
Overflow in libwebsockets [epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2405569
--------------------------------------------------------------------------------


================================================================================
 perl-Socket-GetAddrInfo-0.22-36.el10_1 (FEDORA-EPEL-2025-0dc60077a2)
 RFC 2553's "getaddrinfo" and "getnameinfo" functions
--------------------------------------------------------------------------------
Update Information:

This package contains the Perl module Socket::GetAddrInfo, which provides RFC
2553's "getaddrinfo" and "getnameinfo" functions.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> - 
0.22-36
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sat Jan 18 2025 Fedora Release Engineering <[email protected]> - 
0.22-35
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Tue Aug  6 2024 Miroslav SuchÃ½ <[email protected]> - 0.22-34
- convert license to SPDX
* Fri Jul 19 2024 Fedora Release Engineering <[email protected]> - 
0.22-33
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Thu Jan 25 2024 Fedora Release Engineering <[email protected]> - 
0.22-32
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <[email protected]> - 
0.22-31
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2417123 - Please branch and build perl-Socket-GetAddrInfo in epel10
        https://bugzilla.redhat.com/show_bug.cgi?id=2417123
--------------------------------------------------------------------------------

-- 
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[EPEL-devel] Fedora EPEL 10.1 updates-testing report

Reply via email to