[EPEL-devel] Fedora EPEL 9 updates-testing report

updates Thu, 18 Dec 2025 20:27:52 -0800

The following Fedora EPEL 9 Security updates need testing:
 Age  URL
  29  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-9a55de96db   
xpdf-4.06-1.el9
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-c9895b0a25   
python3.11-ldap-epel-3.4.5-1.el9
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-0d5788d77e   
roundcubemail-1.5.12-1.el9



The following builds have been pushed to Fedora EPEL 9 updates-testing

    btop-1.4.5-1.el9
    chromium-143.0.7499.146-1.el9
    radicale-3.5.10-1.el9
    rust-rustls-pki-types-1.13.2-1.el9
    singularity-ce-4.3.6-1.el9

Details about builds:


================================================================================
 btop-1.4.5-1.el9 (FEDORA-EPEL-2025-8e2df591e5)
 Modern and colorful command line resource monitor that shows usage and stats
--------------------------------------------------------------------------------
Update Information:

update to 1.4.5
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------


================================================================================
 chromium-143.0.7499.146-1.el9 (FEDORA-EPEL-2025-ae30e66e01)
 A WebKit (Blink) powered web browser that Google doesn't want you to use
--------------------------------------------------------------------------------
Update Information:

Update to 143.0.7499.146
  * High CVE-2025-14765: Use after free in WebGPU
  * High CVE-2025-14766: Out of bounds read and write in V8
  * Force dark mode when auto dark mode web content is on
--------------------------------------------------------------------------------
ChangeLog:

* Wed Dec 17 2025 Than Ngo <[email protected]> - 143.0.7499.146-1
- Update to 143.0.7499.146
  * High CVE-2025-14765: Use after free in WebGPU
  * High CVE-2025-14766: Out of bounds read and write in V8
- Force dark mode when auto dark mode web content is on
- Remove omnibox-next-Improve-cutout-mouse-handling-for-Wayla patch, as it's 
merged
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2423106 - CVE-2025-14765 chromium: Chromium: Use after free in 
WebGPU allows remote attacker to exploit heap corruption [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2423106
  [ 2 ] Bug #2423107 - CVE-2025-14765 chromium: Chromium: Use after free in 
WebGPU allows remote attacker to exploit heap corruption [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2423107
  [ 3 ] Bug #2423110 - CVE-2025-14766 chromium: Google Chrome V8: Out-of-bounds 
read and write leads to heap corruption [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2423110
  [ 4 ] Bug #2423111 - CVE-2025-14766 chromium: Google Chrome V8: Out-of-bounds 
read and write leads to heap corruption [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2423111
--------------------------------------------------------------------------------


================================================================================
 radicale-3.5.10-1.el9 (FEDORA-EPEL-2025-d8169c71ff)
 A simple CalDAV (calendar) and CardDAV (contact) server
--------------------------------------------------------------------------------
Update Information:

Update to 3.5.10
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec 18 2025 Peter Bieringer <[email protected]>  - 3.5.10-1
- Update to 3.5.10
--------------------------------------------------------------------------------


================================================================================
 rust-rustls-pki-types-1.13.2-1.el9 (FEDORA-EPEL-2025-8a23db504d)
 Shared types for the rustls PKI ecosystem
--------------------------------------------------------------------------------
Update Information:

Update to version 1.13.2.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec 18 2025 Fabio Valentini <[email protected]> - 1.13.2-1
- Update to version 1.13.2; Fixes RHBZ#2419306
--------------------------------------------------------------------------------


================================================================================
 singularity-ce-4.3.6-1.el9 (FEDORA-EPEL-2025-54c41ca693)
 Application and environment virtualization
--------------------------------------------------------------------------------
Update Information:

Upgrade to 4.3.6 upstream version.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec 18 2025 David Trudgian <[email protected]> - 4.3.6-1
- Upgrade to 4.3.6 upstream version.
- Fixes CVE-2025-67499
--------------------------------------------------------------------------------


-- 
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[EPEL-devel] Fedora EPEL 9 updates-testing report

Reply via email to