[EPEL-devel] Fedora EPEL 8 updates-testing report

updates Mon, 02 Feb 2026 19:33:22 -0800

The following Fedora EPEL 8 Security updates need testing:
 Age  URL
  75  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-5b2095e2c2   
xpdf-4.06-1.el8
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-cf486df588   
opencc-1.0.5-4.el8
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-58d7d41403   
java-latest-openjdk-26.0.0.0.32-0.0.1.ea.el8
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-5c626357f7   
xorgxrdp-0.10.5-1.el8 xrdp-0.10.5-1.el8



The following builds have been pushed to Fedora EPEL 8 updates-testing

    openssl3-3.5.5-1.1.el8

Details about builds:


================================================================================
 openssl3-3.5.5-1.1.el8 (FEDORA-EPEL-2026-96a07a6444)
 Utilities from the general purpose cryptography library with TLS implementation
--------------------------------------------------------------------------------
Update Information:

Rebased openssl3 to the latest c9s openssl for the latest round of CVEs
--------------------------------------------------------------------------------
ChangeLog:

* Mon Feb  2 2026 Michel Lind <[email protected]> - 3.5.5-1.1
- Merge c9s openssl changes to pick up CVE fixes
  Resolves: RHBZ#2400650
  Resolves: RHBZ#2400669
  Resolves: RHBZ#2433378
* Tue Jan 27 2026 Dmitry Belyavskiy <[email protected]> - 1:3.5.5-1
- Rebase to OpenSSL 3.5.5
  Resolves: RHEL-136895
  Resolves: RHEL-142004
  Resolves: RHEL-142012
  Resolves: RHEL-142020
  Resolves: RHEL-142024
  Resolves: RHEL-142028
  Resolves: RHEL-142032
  Resolves: RHEL-142036
  Resolves: RHEL-142040
  Resolves: RHEL-142044
  Resolves: RHEL-142048
  Resolves: RHEL-142052
  Resolves: RHEL-142056
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2400650 - CVE-2025-9231 openssl3: Timing side-channel in SM2 
algorithm on 64 bit ARM [epel-8]
        https://bugzilla.redhat.com/show_bug.cgi?id=2400650
  [ 2 ] Bug #2400669 - CVE-2025-9232 openssl3: Out-of-bounds read in HTTP 
client no_proxy handling [epel-8]
        https://bugzilla.redhat.com/show_bug.cgi?id=2400669
  [ 3 ] Bug #2433378 - [Minor Incident] CVE-2025-15467 openssl3: OpenSSL: 
Remote code execution or Denial of Service via oversized Initialization Vector 
in CMS parsing [epel-8]
        https://bugzilla.redhat.com/show_bug.cgi?id=2433378
--------------------------------------------------------------------------------


-- 
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: 
https://forge.fedoraproject.org/infra/tickets/issues/new

[EPEL-devel] Fedora EPEL 8 updates-testing report

Reply via email to