The following Fedora EPEL 10.1 Security updates need testing:
Age URL
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-66b4d6f6bf
libwebsockets-4.3.7-2.el10_1
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-00dab21def
imhex-1.37.4-3.el10_1 lunasvg-3.5.0-1.el10_1
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-343fcf2075
tinyproxy-1.11.2-5.el10_1
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-e2803aecfe
singularity-ce-4.3.5-1.el10_1
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-8e02728fbe
apptainer-1.4.5-2.el10_1
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-7ff96bb97d
webkitgtk-2.50.2-2.el10_1
The following builds have been pushed to Fedora EPEL 10.1 updates-testing
bird-3.1.5-1.el10_1
modulemd-tools-0.16-13.el10_1
rust-foldhash-0.2.0-1.el10_1
rust-foldhash0.1-0.1.5-1.el10_1
scitokens-cpp-1.2.0-1.el10_1
Details about builds:
================================================================================
bird-3.1.5-1.el10_1 (FEDORA-EPEL-2025-a07f3b5795)
BIRD Internet Routing Daemon
--------------------------------------------------------------------------------
Update Information:
BIRD 3.1.5 (2025-12-04)
Babel, OSPF, RIP: Fix crash on interface reconfiguration
RAdv: Fix flags for deprecated prefixes
MRT: Fix dumps with layered attibutes
MRT: Fix crash when protocol mrtdump configured without a specified file
Filters: Fix undefined memory access in nexthop handling
BSD: Fix export of non-multipath routes
Conf: Fix thread groups
Conf: Implicit symbols should not generate warnings when overriding keywords
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 6 2025 Robert Scheck <[email protected]> - 3.1.5-1
- Upgrade to 3.1.5
--------------------------------------------------------------------------------
================================================================================
modulemd-tools-0.16-13.el10_1 (FEDORA-EPEL-2025-725e8a5d2b)
Collection of tools for modular (in terms of Fedora Modularity origin) content
creators
--------------------------------------------------------------------------------
Update Information:
Initial package for EPEL10
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 19 2025 Python Maint <[email protected]> - 0.16-13
- Rebuilt for Python 3.14.0rc3 bytecode
* Fri Aug 15 2025 Python Maint <[email protected]> - 0.16-12
- Rebuilt for Python 3.14.0rc2 bytecode
* Thu Jul 24 2025 Fedora Release Engineering <[email protected]> -
0.16-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Tue Jun 3 2025 Python Maint <[email protected]> - 0.16-10
- Rebuilt for Python 3.14
* Fri Jan 17 2025 Fedora Release Engineering <[email protected]> - 0.16-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Thu Jul 18 2024 Fedora Release Engineering <[email protected]> - 0.16-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Fri Jun 7 2024 Python Maint <[email protected]> - 0.16-7
- Rebuilt for Python 3.13
* Thu Jan 25 2024 Fedora Release Engineering <[email protected]> - 0.16-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <[email protected]> - 0.16-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Nov 1 2023 Jakub Kadlcik <[email protected]> - 0.16-4
- createrepo_mod: fix RHBZ 2247292 caused by new compression
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2419647 - Please branch and build modulemd-tools in epel10 and
epel10.1
https://bugzilla.redhat.com/show_bug.cgi?id=2419647
--------------------------------------------------------------------------------
================================================================================
rust-foldhash-0.2.0-1.el10_1 (FEDORA-EPEL-2025-e396908b8a)
Fast, non-cryptographic, minimally DoS-resistant hashing algorithm
--------------------------------------------------------------------------------
Update Information:
Update the foldhash crate to version 0.2.0 and add a compat package for version
0.1.
see https://pagure.io/epel/issue/358
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 11 2025 Fabio Valentini <[email protected]> - 0.2.0-1
- Update to version 0.2.0; Fixes RHBZ#2390561
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.1.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-foldhash0.1-0.1.5-1.el10_1 (FEDORA-EPEL-2025-e396908b8a)
Fast, non-cryptographic, minimally DoS-resistant hashing algorithm
--------------------------------------------------------------------------------
Update Information:
Update the foldhash crate to version 0.2.0 and add a compat package for version
0.1.
see https://pagure.io/epel/issue/358
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 12 2025 Fabio Valentini <[email protected]> - 0.1.5-1
- Initial import (foldhash 0.1 compat package)
--------------------------------------------------------------------------------
================================================================================
scitokens-cpp-1.2.0-1.el10_1 (FEDORA-EPEL-2025-53386df751)
C++ Implementation of the SciTokens Library
--------------------------------------------------------------------------------
Update Information:
Fix segfault if the JSON parser cannot parse the JWKS
Fix float time claims issue and improve error handling
Fix security issue with malicious issuer handling in error messages
Improve JWTVerificationException message to include the invalid issuer
Update usage on verify command to make the TOKENFILE explicit
Read token for scitokens-verify from stdin
Set CURLOPT_NOSIGNAL option in SimpleCurlGet to prevent signal interruptions
Adding asan value to the job name
Turn off building unit tests by default.
Add cmake option SCITOKENS_WITH_ASAN which enables memory checking with the
address sanitizer. Also enable this in CI, so that tests fail if they hit a
memory leak or other memory problem.
Fix memory leak in store_public_ec_key
Fix memory leaks in the unit tests
Fix memory leak in rs256_from_coords
Fix memory leak in scitokens_verify
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 5 2025 Derek Weitzel <[email protected]> - 1.2.0-1
- Fix segfault if the JSON parser cannot parse the JWKS
- Fix float time claims issue and improve error handling
- Fix security issue with malicious issuer handling in error messages
- Improve JWTVerificationException message to include the invalid issuer
- Update usage on verify command to make the TOKENFILE explicit
- Read token for scitokens-verify from stdin
- Set CURLOPT_NOSIGNAL option in SimpleCurlGet to prevent signal interruptions
- Adding asan value to the job name
- Turn off building unit tests by default.
- Add cmake option SCITOKENS_WITH_ASAN which enables memory checking with the
address sanitizer. Also enable this in CI, so that tests fail if they hit a
memory leak or other memory problem.
- Fix memory leak in store_public_ec_key
- Fix memory leaks in the unit tests
- Fix memory leak in rs256_from_coords
- Fix memory leak in scitokens_verify
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
1.1.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
