The following Fedora EPEL 9 Security updates need testing:
Age URL
116 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-9a55de96db
xpdf-4.06-1.el9
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-53aded8e0e
cpp-httplib-0.37.1-2.el9
3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-7fdbeef41b
wordpress-6.9.4-1.el9
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-f38b3ac925
python-scitokens-1.9.7-1.el9
1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-6d1034adaf
scitokens-cpp-1.4.1-1.el9
The following builds have been pushed to Fedora EPEL 9 updates-testing
bgpq4-1.16-1.el9
chromium-146.0.7680.71-1.el9
fedrq-1.6.0-1.el9
rust-cc-1.2.57-1.el9
rust-console-0.16.3-1.el9
rust-nettle-sys-2.3.2-1.el9
rust-once_cell-1.21.4-1.el9
rust-platforms-3.9.0-1.el9
rust-portable-atomic-util-0.2.6-1.el9
rust-roff-1.1.0-1.el9
rust-tinyvec-1.11.0-1.el9
rust-tracing-subscriber-0.3.23-1.el9
Details about builds:
================================================================================
bgpq4-1.16-1.el9 (FEDORA-EPEL-2026-478fefaa3f)
Automate BGP filter generation based on routing database information
--------------------------------------------------------------------------------
Update Information:
bgpq4 1.16
Bugfix for -w
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 15 2026 Robert Scheck <[email protected]> 1.16-1
- Upgrade to 1.16 (#2447762)
* Fri Jan 16 2026 Fedora Release Engineering <[email protected]> - 1.15-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Fri Jan 16 2026 Fedora Release Engineering <[email protected]> - 1.15-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Wed Jul 23 2025 Fedora Release Engineering <[email protected]> - 1.15-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Thu Jan 16 2025 Fedora Release Engineering <[email protected]> - 1.15-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Wed Jul 17 2024 Fedora Release Engineering <[email protected]> - 1.15-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2447762 - bgpq4-1.16 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2447762
--------------------------------------------------------------------------------
================================================================================
chromium-146.0.7680.71-1.el9 (FEDORA-EPEL-2026-4346a0ff32)
A WebKit (Blink) powered web browser that Google doesn't want you to use
--------------------------------------------------------------------------------
Update Information:
Update to 146.0.7680.71
CVE-2026-3913: Heap buffer overflow in WebML
CVE-2026-3914: Integer overflow in WebML
CVE-2026-3915: Heap buffer overflow in WebML
CVE-2026-3916: Out of bounds read in Web Speech
CVE-2026-3917: Use after free in Agents
CVE-2026-3918: Use after free in WebMCP
CVE-2026-3919: Use after free in Extensions
CVE-2026-3920: Out of bounds memory access in WebML
CVE-2026-3921: Use after free in TextEncoding
CVE-2026-3922: Use after free in MediaStream
CVE-2026-3923: Use after free in WebMIDI
CVE-2026-3924: Use after free in WindowDialog
CVE-2026-3925: Incorrect security UI in LookalikeChecks
CVE-2026-3926: Out of bounds read in V8
CVE-2026-3927: Incorrect security UI in PictureInPicture
CVE-2026-3928: Insufficient policy enforcement in Extensions
CVE-2026-3929: Side-channel information leakage in ResourceTiming
CVE-2026-3930: Unsafe navigation in Navigation
CVE-2026-3931: Heap buffer overflow in Skia
CVE-2026-3932: Insufficient policy enforcement in PDF
CVE-2026-3934: Insufficient policy enforcement in ChromeDriver
CVE-2026-3935: Incorrect security UI in WebAppInstalls
CVE-2026-3936: Use after free in WebView
CVE-2026-3937: Incorrect security UI in Downloads
CVE-2026-3938: Insufficient policy enforcement in Clipboard
CVE-2026-3939: Insufficient policy enforcement in PDF
CVE-2026-3940: Insufficient policy enforcement in DevTools
CVE-2026-3941: Insufficient policy enforcement in DevTools
CVE-2026-3942: Incorrect security UI in PictureInPicture
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 12 2026 Than Ngo <[email protected]> - 146.0.7680.71-1
- Update to 146.0.7680.71
* CVE-2026-3913: Heap buffer overflow in WebML
* CVE-2026-3914: Integer overflow in WebML
* CVE-2026-3915: Heap buffer overflow in WebML
* CVE-2026-3916: Out of bounds read in Web Speech
* CVE-2026-3917: Use after free in Agents
* CVE-2026-3918: Use after free in WebMCP
* CVE-2026-3919: Use after free in Extensions
* CVE-2026-3920: Out of bounds memory access in WebML
* CVE-2026-3921: Use after free in TextEncoding
* CVE-2026-3922: Use after free in MediaStream
* CVE-2026-3923: Use after free in WebMIDI
* CVE-2026-3924: Use after free in WindowDialog
* CVE-2026-3925: Incorrect security UI in LookalikeChecks
* CVE-2026-3926: Out of bounds read in V8
* CVE-2026-3927: Incorrect security UI in PictureInPicture
* CVE-2026-3928: Insufficient policy enforcement in Extensions
* CVE-2026-3929: Side-channel information leakage in ResourceTiming
* CVE-2026-3930: Unsafe navigation in Navigation
* CVE-2026-3931: Heap buffer overflow in Skia
* CVE-2026-3932: Insufficient policy enforcement in PDF
* CVE-2026-3934: Insufficient policy enforcement in ChromeDriver
* CVE-2026-3935: Incorrect security UI in WebAppInstalls
* CVE-2026-3936: Use after free in WebView
* CVE-2026-3937: Incorrect security UI in Downloads
* CVE-2026-3938: Insufficient policy enforcement in Clipboard
* CVE-2026-3939: Insufficient policy enforcement in PDF
* CVE-2026-3940: Insufficient policy enforcement in DevTools
* CVE-2026-3941: Insufficient policy enforcement in DevTools
* CVE-2026-3942: Incorrect security UI in PictureInPicture
--------------------------------------------------------------------------------
================================================================================
fedrq-1.6.0-1.el9 (FEDORA-EPEL-2026-4fbd8dfbb7)
A tool to query the Fedora and EPEL repositories
--------------------------------------------------------------------------------
Update Information:
https://fedrq.gtmx.me/News/#1.6.0
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 15 2026 Maxwell G <[email protected]> - 1.6.0-1
- Update to 1.6.0.
* Fri Jan 16 2026 Fedora Release Engineering <[email protected]> -
1.5.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Fri Sep 19 2025 Python Maint <[email protected]> - 1.5.0-5
- Rebuilt for Python 3.14.0rc3 bytecode
* Fri Aug 15 2025 Python Maint <[email protected]> - 1.5.0-4
- Rebuilt for Python 3.14.0rc2 bytecode
* Wed Jul 23 2025 Fedora Release Engineering <[email protected]> -
1.5.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sun Jun 22 2025 Python Maint <[email protected]> - 1.5.0-2
- Rebuilt for Python 3.14
--------------------------------------------------------------------------------
================================================================================
rust-cc-1.2.57-1.el9 (FEDORA-EPEL-2026-b34c118af5)
Build-time dependency for Cargo build scripts to invoke the native C compiler
--------------------------------------------------------------------------------
Update Information:
Update to version 1.2.57.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 15 2026 Fabio Valentini <[email protected]> - 1.2.57-1
- Update to version 1.2.57; Fixes RHBZ#2428189
--------------------------------------------------------------------------------
================================================================================
rust-console-0.16.3-1.el9 (FEDORA-EPEL-2026-9689fb28ee)
Terminal and console abstraction for Rust
--------------------------------------------------------------------------------
Update Information:
Update to version 0.16.3.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 15 2026 Fabio Valentini <[email protected]> - 0.16.3-1
- Update to version 0.16.3; Fixes RHBZ#2447296
* Sat Jan 17 2026 Fedora Release Engineering <[email protected]> -
0.16.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-nettle-sys-2.3.2-1.el9 (FEDORA-EPEL-2026-21218882c7)
Low-level Rust bindings for the Nettle cryptographic library
--------------------------------------------------------------------------------
Update Information:
Update to version 2.3.2.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 15 2026 Fabio Valentini <[email protected]> - 2.3.2-1
- Update to version 2.3.2; Fixes RHBZ#2447097
* Sat Jan 17 2026 Fedora Release Engineering <[email protected]> -
2.3.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-once_cell-1.21.4-1.el9 (FEDORA-EPEL-2026-1e4fac3081)
Single assignment cells and lazy values
--------------------------------------------------------------------------------
Update Information:
Update to version 1.21.4.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 15 2026 Fabio Valentini <[email protected]> - 1.21.4-1
- Update to version 1.21.4; Fixes RHBZ#2446935
--------------------------------------------------------------------------------
================================================================================
rust-platforms-3.9.0-1.el9 (FEDORA-EPEL-2026-b7f9fd00b7)
Rust platform registry with information about valid Rust platforms
--------------------------------------------------------------------------------
Update Information:
Update to version 3.9.0.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 15 2026 Fabio Valentini <[email protected]> - 3.9.0-1
- Update to version 3.9.0; Fixes RHBZ#2447155
--------------------------------------------------------------------------------
================================================================================
rust-portable-atomic-util-0.2.6-1.el9 (FEDORA-EPEL-2026-a0c3049aa7)
Synchronization primitives built with portable-atomic
--------------------------------------------------------------------------------
Update Information:
Update to version 0.2.6.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 15 2026 Fabio Valentini <[email protected]> - 0.2.6-1
- Update to version 0.2.6; Fixes RHBZ#2435678
* Sat Jan 17 2026 Fedora Release Engineering <[email protected]> -
0.2.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Fri Jul 25 2025 Fedora Release Engineering <[email protected]> -
0.2.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sun Jan 19 2025 Fedora Release Engineering <[email protected]> -
0.2.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-roff-1.1.0-1.el9 (FEDORA-EPEL-2026-b35722b8c0)
ROFF (man page format) generation library
--------------------------------------------------------------------------------
Update Information:
Update to version 1.1.0.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 15 2026 Fabio Valentini <[email protected]> - 1.1.0-1
- Update to version 1.1.0; Fixes RHBZ#2447156
--------------------------------------------------------------------------------
================================================================================
rust-tinyvec-1.11.0-1.el9 (FEDORA-EPEL-2026-83e9037d1c)
Tinyvec provides 100% safe vec-like data structures
--------------------------------------------------------------------------------
Update Information:
Update to version 1.11.0.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 15 2026 Fabio Valentini <[email protected]> - 1.11.0-1
- Update to version 1.11.0; Fixes RHBZ#2447646
* Sat Jan 17 2026 Fedora Release Engineering <[email protected]> -
1.10.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-tracing-subscriber-0.3.23-1.el9 (FEDORA-EPEL-2026-a05708e19e)
Utilities for implementing and composing tracing subscribers
--------------------------------------------------------------------------------
Update Information:
Update to version 0.3.23.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 14 2026 Josh Stone <[email protected]> - 0.3.23-1
- Update to 0.3.23; Fixes RHBZ#2417268
* Sat Jan 17 2026 Fedora Release Engineering <[email protected]> -
0.3.20-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://forge.fedoraproject.org/infra/tickets/issues/new
