The following Fedora EPEL 10.1 Security updates need testing:
Age URL
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-d6b84c209d
webkitgtk-2.50.4-2.el10_1
The following builds have been pushed to Fedora EPEL 10.1 updates-testing
age-1.3.0-1.el10_1
proxychains-ng-4.17-8.el10_1
ruby-build-20251225-1.el10_1
rust-arc-swap-1.8.0-1.el10_1
rust-async-lock-3.4.2-1.el10_1
rust-bumpalo-3.19.1-1.el10_1
rust-camino-1.2.2-1.el10_1
rust-clap_complete-4.5.62-1.el10_1
rust-libz-sys-1.1.23-1.el10_1
rust-mio-1.1.1-1.el10_1
rust-num-bigint-dig-0.8.6-1.el10_1
rust-parking_lot-0.12.5-1.el10_1
rust-psl-2.1.174-1.el10_1
scorep-9.4-1.el10_1
Details about builds:
================================================================================
age-1.3.0-1.el10_1 (FEDORA-EPEL-2025-a6bc7a3439)
Simple, modern and secure encryption tool
--------------------------------------------------------------------------------
Update Information:
Update to 1.3.0
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 28 2025 Mikel Olasagasti Uranga <[email protected]> - 1.3.0-1
- Update to 1.3.0 - Closes rhbz#2425652
* Fri Oct 10 2025 Alejandro Sáez <[email protected]> - 1.2.1-10
- rebuild
* Fri Aug 15 2025 Maxwell G <[email protected]> - 1.2.1-9
- Rebuild for golang-1.25.0
* Fri Aug 15 2025 Maxwell G <[email protected]> - 1.2.1-8
- Revert "Rebuild for golang-1.25.0"
* Fri Aug 15 2025 Maxwell G <[email protected]> - 1.2.1-7
- Rebuild for golang-1.25.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2398913 - CVE-2025-47906 age: Unexpected paths returned from
LookPath in os/exec [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2398913
[ 2 ] Bug #2408909 - CVE-2025-61723 age: Quadratic complexity when parsing
some invalid inputs in encoding/pem [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2408909
[ 3 ] Bug #2409854 - CVE-2025-58185 age: Parsing DER payload can cause memory
exhaustion in encoding/asn1 [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2409854
[ 4 ] Bug #2410798 - CVE-2025-58188 age: Panic when validating certificates
with DSA public keys in crypto/x509 [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2410798
--------------------------------------------------------------------------------
================================================================================
proxychains-ng-4.17-8.el10_1 (FEDORA-EPEL-2025-5f8348d5e7)
Redirect connections through proxy servers
--------------------------------------------------------------------------------
Update Information:
Update to master to fix CVE-2025-34451
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 28 2025 Pablo Greco <[email protected]> - 4.17-8
- Update to master to fix warning and add comment
* Sat Dec 27 2025 Pablo Greco <[email protected]> - 4.17-7
- Update to master to fix CVE-2025-34451
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> - 4.17-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sat Jan 18 2025 Fedora Release Engineering <[email protected]> - 4.17-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2423793 - CVE-2025-34451 proxychains-ng: proxychains-ng: Denial of
Service due to stack-based buffer overflow via crafted proxy configuration
[epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2423793
[ 2 ] Bug #2423794 - CVE-2025-34451 proxychains-ng: proxychains-ng: Denial of
Service due to stack-based buffer overflow via crafted proxy configuration
[epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=2423794
[ 3 ] Bug #2423795 - CVE-2025-34451 proxychains-ng: proxychains-ng: Denial of
Service due to stack-based buffer overflow via crafted proxy configuration
[epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2423795
[ 4 ] Bug #2423796 - CVE-2025-34451 proxychains-ng: proxychains-ng: Denial of
Service due to stack-based buffer overflow via crafted proxy configuration
[fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2423796
[ 5 ] Bug #2423797 - CVE-2025-34451 proxychains-ng: proxychains-ng: Denial of
Service due to stack-based buffer overflow via crafted proxy configuration
[fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2423797
--------------------------------------------------------------------------------
================================================================================
ruby-build-20251225-1.el10_1 (FEDORA-EPEL-2025-fe5eacee4b)
Compile and install Ruby
--------------------------------------------------------------------------------
Update Information:
Update to 20251225 - includes ruby-4.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 25 2025 Packit <[email protected]> - 20251225-1
- Update to 20251225 upstream release
- Resolves: rhbz#2425357
--------------------------------------------------------------------------------
================================================================================
rust-arc-swap-1.8.0-1.el10_1 (FEDORA-EPEL-2025-f23aa95ab2)
Atomically swappable Arc
--------------------------------------------------------------------------------
Update Information:
Update to version 1.8.0.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 28 2025 Fabio Valentini <[email protected]> - 1.8.0-1
- Update to version 1.8.0; Fixes RHBZ#2424572
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
1.7.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sun Jan 19 2025 Fedora Release Engineering <[email protected]> -
1.7.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-async-lock-3.4.2-1.el10_1 (FEDORA-EPEL-2025-8f7c74f27d)
Async synchronization primitives
--------------------------------------------------------------------------------
Update Information:
Update to version 3.4.2.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 28 2025 Fabio Valentini <[email protected]> - 3.4.2-1
- Update to version 3.4.2; Fixes RHBZ#2424193
--------------------------------------------------------------------------------
================================================================================
rust-bumpalo-3.19.1-1.el10_1 (FEDORA-EPEL-2025-75692c1504)
Fast bump allocation arena for Rust
--------------------------------------------------------------------------------
Update Information:
Update to version 3.19.1.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 28 2025 Fabio Valentini <[email protected]> - 3.19.1-1
- Update to version 3.19.1; Fixes RHBZ#2422959
--------------------------------------------------------------------------------
================================================================================
rust-camino-1.2.2-1.el10_1 (FEDORA-EPEL-2025-5b96837bbd)
UTF-8 paths
--------------------------------------------------------------------------------
Update Information:
Update to version 1.2.2.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 28 2025 Fabio Valentini <[email protected]> - 1.2.2-1
- Update to version 1.2.2; Fixes RHBZ#2422147
--------------------------------------------------------------------------------
================================================================================
rust-clap_complete-4.5.62-1.el10_1 (FEDORA-EPEL-2025-63ae6c66cd)
Generate shell completion scripts for your clap::Command
--------------------------------------------------------------------------------
Update Information:
Update to version 4.5.62.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 28 2025 Fabio Valentini <[email protected]> - 4.5.62-1
- Update to version 4.5.62; Fixes RHBZ#2423593
--------------------------------------------------------------------------------
================================================================================
rust-libz-sys-1.1.23-1.el10_1 (FEDORA-EPEL-2025-23dca77db9)
Low-level bindings to the system libz library (also known as zlib)
--------------------------------------------------------------------------------
Update Information:
Update to version 1.1.23.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 28 2025 Fabio Valentini <[email protected]> - 1.1.23-1
- Update to version 1.1.23; Fixes RHBZ#2414332
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
1.1.22-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-mio-1.1.1-1.el10_1 (FEDORA-EPEL-2025-69dc7754b8)
Lightweight non-blocking I/O
--------------------------------------------------------------------------------
Update Information:
Update to version 1.1.1.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 28 2025 Fabio Valentini <[email protected]> - 1.1.1-1
- Update to version 1.1.1; Fixes RHBZ#2419279
--------------------------------------------------------------------------------
================================================================================
rust-num-bigint-dig-0.8.6-1.el10_1 (FEDORA-EPEL-2025-f09d583723)
Big integer implementation for Rust
--------------------------------------------------------------------------------
Update Information:
Update to version 0.8.6.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 28 2025 Fabio Valentini <[email protected]> - 0.8.6-1
- Update to version 0.8.6
--------------------------------------------------------------------------------
================================================================================
rust-parking_lot-0.12.5-1.el10_1 (FEDORA-EPEL-2025-a51ffe6728)
Efficient implementations of standard synchronization primitives
--------------------------------------------------------------------------------
Update Information:
Update to version 0.12.5.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 28 2025 Fabio Valentini <[email protected]> - 0.12.5-1
- Update to version 0.12.5; Fixes RHBZ#2401400
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.12.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-psl-2.1.174-1.el10_1 (FEDORA-EPEL-2025-2c5034611d)
Extract root domain and suffix from a domain name
--------------------------------------------------------------------------------
Update Information:
Update to version 2.1.174.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 28 2025 Fabio Valentini <[email protected]> - 2.1.174-1
- Update to version 2.1.174; Fixes RHBZ#2407291
--------------------------------------------------------------------------------
================================================================================
scorep-9.4-1.el10_1 (FEDORA-EPEL-2025-a3933bcf3f)
Scalable Performance Measurement Infrastructure for Parallel Codes
--------------------------------------------------------------------------------
Update Information:
New upstream version
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 27 2025 Dave Love <[email protected]> - 9.4-1
- Update to version 9.4
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
