[EPEL-devel] Fedora EPEL 8 updates-testing report

Sat, 06 Dec 2025 18:08:15 -0800 

The following Fedora EPEL 8 Security updates need testing:
 Age  URL
  17  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-5b2095e2c2   
xpdf-4.06-1.el8
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-f1e00653f9   
suricata-7.0.13-1.el8
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-3e0de9b3c4   
tinyproxy-1.11.2-5.el8
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-160e69562b   
singularity-ce-4.3.5-1.el8
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-8e15323af1   
openssl3-3.5.1-6.1.el8
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-44da2a402e   
apptainer-1.4.5-2.el8


The following builds have been pushed to Fedora EPEL 8 updates-testing

    bird-3.1.5-1.el8
    scitokens-cpp-1.2.0-1.el8

Details about builds:


================================================================================
 bird-3.1.5-1.el8 (FEDORA-EPEL-2025-71cc36b111)
 BIRD Internet Routing Daemon
--------------------------------------------------------------------------------
Update Information:

BIRD 3.1.5 (2025-12-04)
Babel, OSPF, RIP: Fix crash on interface reconfiguration
RAdv: Fix flags for deprecated prefixes
MRT: Fix dumps with layered attibutes
MRT: Fix crash when protocol mrtdump configured without a specified file
Filters: Fix undefined memory access in nexthop handling
BSD: Fix export of non-multipath routes
Conf: Fix thread groups
Conf: Implicit symbols should not generate warnings when overriding keywords
--------------------------------------------------------------------------------
ChangeLog:

* Sat Dec  6 2025 Robert Scheck <[email protected]> - 3.1.5-1
- Upgrade to 3.1.5
--------------------------------------------------------------------------------


================================================================================
 scitokens-cpp-1.2.0-1.el8 (FEDORA-EPEL-2025-575d7ad74c)
 C++ Implementation of the SciTokens Library
--------------------------------------------------------------------------------
Update Information:

Fix segfault if the JSON parser cannot parse the JWKS
Fix float time claims issue and improve error handling
Fix security issue with malicious issuer handling in error messages
Improve JWTVerificationException message to include the invalid issuer
Update usage on verify command to make the TOKENFILE explicit
Read token for scitokens-verify from stdin
Set CURLOPT_NOSIGNAL option in SimpleCurlGet to prevent signal interruptions
Adding asan value to the job name
Turn off building unit tests by default.
Add cmake option SCITOKENS_WITH_ASAN which enables memory checking with the
address sanitizer.  Also enable this in CI, so that tests fail if they hit a
memory leak or other memory problem.
Fix memory leak in store_public_ec_key
Fix memory leaks in the unit tests
Fix memory leak in rs256_from_coords
Fix memory leak in scitokens_verify
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec  5 2025 Derek Weitzel <[email protected]> - 1.2.0-1
- Fix segfault if the JSON parser cannot parse the JWKS
- Fix float time claims issue and improve error handling
- Fix security issue with malicious issuer handling in error messages
- Improve JWTVerificationException message to include the invalid issuer
- Update usage on verify command to make the TOKENFILE explicit
- Read token for scitokens-verify from stdin
- Set CURLOPT_NOSIGNAL option in SimpleCurlGet to prevent signal interruptions
- Adding asan value to the job name
- Turn off building unit tests by default.
- Add cmake option SCITOKENS_WITH_ASAN which enables memory checking with the 
address sanitizer.  Also enable this in CI, so that tests fail if they hit a 
memory leak or other memory problem.
- Fix memory leak in store_public_ec_key
- Fix memory leaks in the unit tests
- Fix memory leak in rs256_from_coords
- Fix memory leak in scitokens_verify
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> - 
1.1.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------


-- 
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Reply via email to