The following Fedora EPEL 9 Security updates need testing: Age URL 6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-ead5908650 python-django4.2-4.2.22-1.el9 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-a36cdc1182 kea-2.6.3-1.el9 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-9c03a7aa1d konsole5-23.08.5-2.el9 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-549cb45f1c chromium-137.0.7151.103-1.el9 The following builds have been pushed to Fedora EPEL 9 updates-testing blivet-gui-2.5.0-1.el9 radicale-3.5.4-3.el9 rust-below-common-0.9.0-3.el9 rust-find-crate-0.6.3-11.el9 rust-jiff-0.2.15-1.el9 salt3006-3006.12-1.el9 Details about builds: ================================================================================ blivet-gui-2.5.0-1.el9 (FEDORA-EPEL-2025-36c5f2c745) Tool for data storage configuration -------------------------------------------------------------------------------- Update Information: Initial release for EPEL9. Upstream release 2.5.0 compatible with blivet 3.6.0 available in C9S/RHEL9. -------------------------------------------------------------------------------- ChangeLog: * Sat Jun 14 2025 Vojtech Trefny <vtrefny@xxxxxxxxxx> - 2.5.0-1 - Initial build for EPEL9 -------------------------------------------------------------------------------- ================================================================================ radicale-3.5.4-3.el9 (FEDORA-EPEL-2025-07867cf944) A simple CalDAV (calendar) and CardDAV (contact) server -------------------------------------------------------------------------------- Update Information: Rename InfCloud-fonts package to InfCloud-fontware (BZ#2372650) -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 16 2025 Peter Bieringer <pb@xxxxxxxxxxxx> - 3.5.4-3 - Rename InfCloud-fonts package to InfCloud-fontware (BZ#2372650) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2372650 - radicale3-InfCloud-fonts get confused as a font package https://bugzilla.redhat.com/show_bug.cgi?id=2372650 -------------------------------------------------------------------------------- ================================================================================ rust-below-common-0.9.0-3.el9 (FEDORA-EPEL-2025-04574dbb9d) Common below code -------------------------------------------------------------------------------- Update Information: Bump cursive dependency from 0.20 to 0.21 -------------------------------------------------------------------------------- ChangeLog: * Sat Jun 14 2025 Michel Lind <salimma@xxxxxxxxxxxxxxxxx> - 0.9.0-3 - Bump cursive dependency from 0.20 to 0.21 -------------------------------------------------------------------------------- ================================================================================ rust-find-crate-0.6.3-11.el9 (FEDORA-EPEL-2025-21b68bd2b3) Find the crate name from the current Cargo.toml -------------------------------------------------------------------------------- Update Information: Bump semver dependency from 0.11 to 1.0 -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 13 2025 Michel Lind <salimma@xxxxxxxxxxxxxxxxx> - 0.6.3-11 - Bump semver dependency from 0.11 to 1.0 * Sun Jan 19 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.6.3-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild * Fri Jul 19 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.6.3-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Fri Jan 26 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.6.3-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jul 21 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.6.3-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ rust-jiff-0.2.15-1.el9 (FEDORA-EPEL-2025-80c8c7d8ed) Date-time library that encourages you to jump into the pit of success -------------------------------------------------------------------------------- Update Information: 0.2.15 (2025-06-13) This release fixes a bug where error values were being constructed during parsing even in the success case. This was a regression introduced in 0.2.14 as a result of trying to improve compilation times. Thankfully, fixing this regression doesn't seem to meaningfully impact the amount of IR generated by compiling Jiff. Bug fixes: #385: Fixes a performance regression for parsing. -------------------------------------------------------------------------------- ChangeLog: * Sat Jun 14 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.2.15-1 - Update to version 0.2.15; Fixes RHBZ#2372783 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2372783 - rust-jiff-0.2.15 is available https://bugzilla.redhat.com/show_bug.cgi?id=2372783 -------------------------------------------------------------------------------- ================================================================================ salt3006-3006.12-1.el9 (FEDORA-EPEL-2025-56a6ede4ef) A parallel remote execution system -------------------------------------------------------------------------------- Update Information: Resolves multiple CVEs. Update to 3006.12. This update contains various bugfixes to the 3006 LTS. -------------------------------------------------------------------------------- ChangeLog: * Sat Jun 14 2025 Robby Callicotte <rcallicotte@xxxxxxxxxxxxxxxxx> - 3006.12-1 - Updated to 3006.12 - Resolves CVE-2024-38822 RHBZ#2372754 - Resolves CVE-2024-38823 RHBZ#2372743 - Resolves CVE-2024-38824 RHBZ#2372729 - Resolves CVE-2024-38825 RHBZ#2372749 - Resolves CVE-2025-22236 RHBZ#2372771 - Resolves CVE-2025-22237 RHBZ#2372770 - Resolves CVE-2025-22238 RHBZ#2372769 - Resolves CVE-2025-22239 RHBZ#2372730 - Resolves CVE-2025-22240 RHBZ#2372742 - Resolves CVE-2025-22241 RHBZ#2372737 - Resolves CVE-2025-22242 RHBZ#2372739 * Mon Jun 9 2025 Robby Callicotte <rcallicotte@xxxxxxxxxxxxxxxxx> - 3006.11-1 - Updated to 3006.11 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2372729 - CVE-2024-38824 salt3006: Directory traversal in saltstack [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2372729 [ 2 ] Bug #2372730 - CVE-2025-22239 salt3006: Event injection in saltstack [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2372730 [ 3 ] Bug #2372737 - CVE-2025-22241 salt3006: File overwrite in saltstack [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2372737 [ 4 ] Bug #2372739 - CVE-2025-22242 salt3006: Denial of service in saltstack [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2372739 [ 5 ] Bug #2372742 - CVE-2025-22240 salt3006: Path traversal in saltstack [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2372742 [ 6 ] Bug #2372743 - CVE-2024-38823 salt3006: Replay attack in saltstack [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2372743 [ 7 ] Bug #2372749 - CVE-2024-38825 salt3006: Authentication bypass in saltstack [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2372749 [ 8 ] Bug #2372754 - CVE-2024-38822 salt3006: Token validation errors in saltstack [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2372754 [ 9 ] Bug #2372769 - CVE-2025-22238 salt3006: Directory traversal in salt project [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2372769 [ 10 ] Bug #2372770 - CVE-2025-22237 salt3006: Code injection in salt project [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2372770 [ 11 ] Bug #2372771 - CVE-2025-22236 salt3006: Authorization bypass in salt project [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2372771 -------------------------------------------------------------------------------- -- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
