[EPEL-devel] Fedora EPEL 8 updates-testing report

updates Thu, 18 Dec 2025 20:31:22 -0800

The following Fedora EPEL 8 Security updates need testing:
 Age  URL
  29  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-5b2095e2c2   
xpdf-4.06-1.el8
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-cb47cd63d1   
python3.11-ldap-epel-3.4.5-1.el8
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-b6fbc3fa28   
python39-ldap-epel-3.4.3-2.el8
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-58be015476   
python38-ldap-epel-3.4.3-2.el8



The following builds have been pushed to Fedora EPEL 8 updates-testing

    radicale-3.5.10-1.el8
    singularity-ce-4.3.6-1.el8

Details about builds:


================================================================================
 radicale-3.5.10-1.el8 (FEDORA-EPEL-2025-85f5344a10)
 A simple CalDAV (calendar) and CardDAV (contact) server
--------------------------------------------------------------------------------
Update Information:

Update to 3.5.10
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec 18 2025 Peter Bieringer <[email protected]>  - 3.5.10-1
- Update to 3.5.10
--------------------------------------------------------------------------------


================================================================================
 singularity-ce-4.3.6-1.el8 (FEDORA-EPEL-2025-079c79139b)
 Application and environment virtualization
--------------------------------------------------------------------------------
Update Information:

Upgrade to 4.3.6 upstream version.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec 18 2025 David Trudgian <[email protected]> - 4.3.6-1
- Upgrade to 4.3.6 upstream version.
- Fixes CVE-2025-67499
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2407518 - CVE-2025-58189 singularity-ce: go crypto/tls ALPN 
negotiation error contains attacker controlled information [epel-8]
        https://bugzilla.redhat.com/show_bug.cgi?id=2407518
  [ 2 ] Bug #2408543 - CVE-2025-61725 singularity-ce: Excessive CPU consumption 
in ParseAddress in net/mail [epel-8]
        https://bugzilla.redhat.com/show_bug.cgi?id=2408543
  [ 3 ] Bug #2408970 - CVE-2025-61723 singularity-ce: Quadratic complexity when 
parsing some invalid inputs in encoding/pem [epel-8]
        https://bugzilla.redhat.com/show_bug.cgi?id=2408970
  [ 4 ] Bug #2409913 - CVE-2025-58185 singularity-ce: Parsing DER payload can 
cause memory exhaustion in encoding/asn1 [epel-8]
        https://bugzilla.redhat.com/show_bug.cgi?id=2409913
  [ 5 ] Bug #2410852 - CVE-2025-58188 singularity-ce: Panic when validating 
certificates with DSA public keys in crypto/x509 [epel-8]
        https://bugzilla.redhat.com/show_bug.cgi?id=2410852
--------------------------------------------------------------------------------


-- 
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[EPEL-devel] Fedora EPEL 8 updates-testing report

Reply via email to