The following Fedora EPEL 9 Security updates need testing: Age URL 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-5c25fd8e2d roundcubemail-1.5.10-1.el9 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-1994b4dec7 seamonkey-2.53.21-1.el9 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-f9b95079ea yarnpkg-1.22.22-8.el9 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-66a01bfb0d valkey-8.0.3-3.el9 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-ead5908650 python-django4.2-4.2.22-1.el9 The following builds have been pushed to Fedora EPEL 9 updates-testing distcc-3.4-9.el9 kea-2.6.3-1.el9 mold-2.40.1-1.el9 parsertl17-1.2.0-1.el9 pythoncapi-compat-0^20250609gitffae0ff-1.el9 salt3006-3006.11-1.el9 Details about builds: ================================================================================ distcc-3.4-9.el9 (FEDORA-EPEL-2025-028275d127) Distributed C/C++ compilation -------------------------------------------------------------------------------- Update Information: Initial EL-9 build -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 2 2025 Python Maint <python-maint@xxxxxxxxxx> - 3.4-9 - Rebuilt for Python 3.14 * Thu Jan 16 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.4-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild * Mon Oct 21 2024 Gwyn Ciesla <gwync@xxxxxxxxxxxxxx> - 3.4-7 - Patch for Py_ssize_t * Wed Jul 17 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.4-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Fri Jun 7 2024 Python Maint <python-maint@xxxxxxxxxx> - 3.4-5 - Rebuilt for Python 3.13 * Tue Feb 13 2024 Gwyn Ciesla <gwync@xxxxxxxxxxxxxx> - 3.4-4 - Disable LTO to fix distccmon-gnome crash, 2263992. * Wed Jan 24 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jan 19 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jan 5 2024 Gwyn Ciesla <gwync@xxxxxxxxxxxxxx> - 3.4-1 - 3.4 * Wed Jul 19 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.3.5-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Tue Jun 13 2023 Python Maint <python-maint@xxxxxxxxxx> - 3.3.5-14 - Rebuilt for Python 3.12 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2370615 - Please branch and build distcc and distcc-server in epel9 https://bugzilla.redhat.com/show_bug.cgi?id=2370615 -------------------------------------------------------------------------------- ================================================================================ kea-2.6.3-1.el9 (FEDORA-EPEL-2025-a36cdc1182) DHCPv4, DHCPv6 and DDNS server from ISC -------------------------------------------------------------------------------- Update Information: New version 2.6.3 (rhbz#2368989) Fix for: CVE-2025-32801, CVE-2025-32802, CVE-2025-32803 kea.conf: Remove /tmp/ from socket-name for existing configurations kea.conf: Set pseudo-random password for default config to secure fresh install and allow CA startup without user intervention kea.conf: Restrict directory permissions Sync service files with upstream Fix leases ownership when switching from root to kea user (rhbz#2324168) Release Notes: The new default configuration file, kea-ctrl-agent.conf, introduces an authentication setting, "password-file", which restricts access to the REST API. On Fedora, the kea-api-password file is automatically populated with a pseudo- random password to secure new installations. For system upgrades, it is strongly recommended to update any custom configurations to restrict access to the REST API. For more details, including information on CVE fixes and incompatible changes, refer to the upstream release notes: https://downloads.isc.org/isc/kea/2.6.3/Kea-2.6.3-ReleaseNotes.txt -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 9 2025 Martin Osvald <mosvald@xxxxxxxxxx> - 2.6.3-1 - New version 2.6.3 (rhbz#2368989) - Fix for: CVE-2025-32801, CVE-2025-32802, CVE-2025-32803 - kea.conf: Remove /tmp/ from socket-name for existing configurations - kea.conf: Set pseudo-random password for default config to secure fresh install and allow CA startup without user intervention - kea.conf: Restrict directory permissions - Sync service files with upstream - Fix leases ownership when switching from root to kea user (rhbz#2324168) - Add Keama migration utility (rhbz#2250608) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2324168 - System update from F40 to F41: kea-dhcp unusable https://bugzilla.redhat.com/show_bug.cgi?id=2324168 [ 2 ] Bug #2368989 - kea-2.6.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2368989 [ 3 ] Bug #2369335 - CVE-2025-32803 kea: Insecure file permissions can result in confidential information leakage [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2369335 [ 4 ] Bug #2369381 - CVE-2025-32801 kea: Loading a malicious hook library can lead to local privilege escalation [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2369381 [ 5 ] Bug #2370277 - CVE-2025-32802 kea: Insecure handling of file paths allows multiple local attacks [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2370277 -------------------------------------------------------------------------------- ================================================================================ mold-2.40.1-1.el9 (FEDORA-EPEL-2025-bf0cba8c99) A Modern Linker -------------------------------------------------------------------------------- Update Information: Update to 2.40.1 (#2371058) -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 9 2025 Christoph Erhardt <fedora@xxxxxxxxxxx> - 2.40.1-1 - Update to 2.40.1 (#2371058) * Mon Jun 9 2025 Christoph Erhardt <fedora@xxxxxxxxxxx> - 2.40.0-2 - Do not rely on `alternatives` path -------------------------------------------------------------------------------- References: [ 1 ] Bug #2371058 - mold-2.40.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2371058 -------------------------------------------------------------------------------- ================================================================================ parsertl17-1.2.0-1.el9 (FEDORA-EPEL-2025-f105fc575e) The Modular Parser Generator -------------------------------------------------------------------------------- Update Information: Update to 1.2.0: add line_column -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 9 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 1:1.2.0-1 - Update to 1.2.0 (close RHBZ#2370999) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2370999 - parsertl17-1.2.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2370999 -------------------------------------------------------------------------------- ================================================================================ pythoncapi-compat-0^20250609gitffae0ff-1.el9 (FEDORA-EPEL-2025-4f7bb9de8f) Python C API compatibility -------------------------------------------------------------------------------- Update Information: Update to 0^20250609gitffae0ff Add PyUnicodeWriter_WriteASCII() Update to 0^20250603gitfd34d34 Add PySys_GetAttr() function -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 9 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0^20250609gitffae0ff-1 - Update to 0^20250609gitffae0ff - Add `PyUnicodeWriter_WriteASCII()` * Wed Jun 4 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0^20250603gitfde4d34-1 - Update to 0^20250603gitfd34d34 - Add `PySys_GetAttr()` function -------------------------------------------------------------------------------- ================================================================================ salt3006-3006.11-1.el9 (FEDORA-EPEL-2025-6ba52391d1) A parallel remote execution system -------------------------------------------------------------------------------- Update Information: This update contains various bugfixes to the 3006 LTS. -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 9 2025 Robby Callicotte <rcallicotte@xxxxxxxxxxxxxxxxx> - 3006.11-1 - Updated to 3006.11 -------------------------------------------------------------------------------- -- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
