[EPEL-devel] Fedora EPEL 8 updates-testing report

Wed, 07 Jan 2026 17:21:48 -0800 

The following Fedora EPEL 8 Security updates need testing:
 Age  URL
  49  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-5b2095e2c2   
xpdf-4.06-1.el8
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-4013949761   
python-pycryptodomex-3.21.0-1.el8
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-a0fad994eb   
exim-4.99.1-1.el8
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-1d01413ac3   
coturn-4.7.0-4.el8
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-db1e2d26c5   
wasmedge-0.14.0-4.el8
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-315f806da8   
ntfs-3g-system-compression-1.1-1.el8
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-cccbda720c   
seamonkey-2.53.23-1.el8


The following builds have been pushed to Fedora EPEL 8 updates-testing

    libsodium-1.0.18-9.el8

Details about builds:


================================================================================
 libsodium-1.0.18-9.el8 (FEDORA-EPEL-2026-59cdc10842)
 The Sodium crypto library
--------------------------------------------------------------------------------
Update Information:

Fix CVE-2025-69277 libsodium: libsodium: Improper validation of elliptic curve
points could lead to data integrity or information disclosure
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan  7 2026 Remi Collet <[email protected]> - 1.0.18-9
- Security: `crypto_core_ed25519_is_valid_point()` now properly
  rejects small-order points that are not in the main subgroup
  CVE-2025-69277
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2426615 - CVE-2025-69277 libsodium: libsodium: Improper validation 
of elliptic curve points could lead to data integrity or information 
disclosure. [epel-8]
        https://bugzilla.redhat.com/show_bug.cgi?id=2426615
--------------------------------------------------------------------------------


-- 
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Reply via email to