The following Fedora EPEL 9 Security updates need testing: Age URL 2 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-7168a5211b yarnpkg-1.22.22-9.el9 The following builds have been pushed to Fedora EPEL 9 updates-testing chromium-138.0.7204.49-1.el9 cloc-2.06-1.el9 debmirror-2.46-1.el9 dpkg-1.22.15-4.el9 perl-Crypt-SmbHash-0.12-48.el9 rust-enum-primitive-derive-0.3.0-1.el9 rust-matrixcompare-mock-0.1.0-14.el9 rust-matrixmultiply-0.3.10-1.el9 rust-postcard-1.1.2-1.el9 testssl-3.2.1-1.el9 Details about builds: ================================================================================ chromium-138.0.7204.49-1.el9 (FEDORA-EPEL-2025-86c3f41c0e) A WebKit (Blink) powered web browser that Google doesn't want you to use -------------------------------------------------------------------------------- Update Information: Update to 138.0.7204.49 CVE-2025-6555: Use after free in Animation CVE-2025-6556: Insufficient policy enforcement in Loader CVE-2025-6557: Insufficient data validation in DevTools -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 24 2025 Than Ngo <than@xxxxxxxxxx> - 138.0.7204.49-1 - Update to 138.0.7204.49 * CVE-2025-6555: Use after free in Animation * CVE-2025-6556: Insufficient policy enforcement in Loader * CVE-2025-6557: Insufficient data validation in DevTools -------------------------------------------------------------------------------- References: [ 1 ] Bug #2374686 - CVE-2025-6555 chromium: Chromium use after free vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2374686 [ 2 ] Bug #2374687 - CVE-2025-6557 chromium: Chromium data validation vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2374687 [ 3 ] Bug #2374688 - CVE-2025-6556 chromium: Chromium policy enforcement vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2374688 [ 4 ] Bug #2374689 - CVE-2025-6555 chromium: Chromium use after free vulnerability [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2374689 [ 5 ] Bug #2374690 - CVE-2025-6556 chromium: Chromium policy enforcement vulnerability [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2374690 [ 6 ] Bug #2374691 - CVE-2025-6557 chromium: Chromium data validation vulnerability [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2374691 -------------------------------------------------------------------------------- ================================================================================ cloc-2.06-1.el9 (FEDORA-EPEL-2025-1391aba2f1) Count lines of code -------------------------------------------------------------------------------- Update Information: Update to 2.06 -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 25 2025 Mikel Olasagasti Uranga <mikel@xxxxxxxxxxxxxxx> - 2.06-1 - Update to 2.06 - Closes rhbz#2374730 * Tue May 6 2025 Mikel Olasagasti Uranga <mikel@xxxxxxxxxxxxxxx> - 2.04-1 - Update to 2.04 - Closes rhbz#2343225 * Thu Jan 16 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.02-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ debmirror-2.46-1.el9 (FEDORA-EPEL-2025-cd11da684d) Debian partial mirror script, with ftp and package pool support -------------------------------------------------------------------------------- Update Information: Update to 2.46. Allow mirroring Debian repositories that do not follow the Debian/Ubuntu structure (JFrog, Hashicorp, NVIDIA, Spotify, etc.). General cleanup. -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 26 2025 Simone Caronni <negativo17@xxxxxxxxx> - 2.46-1 - Update to 2.46 * Thu Jun 26 2025 Simone Caronni <negativo17@xxxxxxxxx> - 2.43-3 - Clean up. * Thu Jun 26 2025 Simone Caronni <negativo17@xxxxxxxxx> - 2.43-2 - Allow mirroring Debian repositories that do not follow the Debian/Ubuntu structure (JFrog, Hashicorp, NVIDIA, Spotify, etc.). * Fri Feb 7 2025 Packit <hello@xxxxxxxxxx> - 2.43-1 - Update to version 2.43 - Resolves: rhbz#2335288 * Thu Jan 16 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.42-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2362607 - debmirror-2.46 is available https://bugzilla.redhat.com/show_bug.cgi?id=2362607 -------------------------------------------------------------------------------- ================================================================================ dpkg-1.22.15-4.el9 (FEDORA-EPEL-2025-8940f3f9b4) Package maintenance system for Debian Linux -------------------------------------------------------------------------------- Update Information: Major clean up. Enable all tests. Trim changelog. Adjust Requires and BuildRequires. Update configure options. -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 26 2025 Simone Caronni <negativo17@xxxxxxxxx> - 1.22.15-4 - Enable all tests. - Trim changelog. * Thu Jun 26 2025 Simone Caronni <negativo17@xxxxxxxxx> - 1.22.15-3 - Clean up SPEC file. - Adjust Requires and BuildRequires. - Update configure options. - Fix all tests except one. * Mon Mar 31 2025 Tim Landscheidt <tim@xxxxxxxxxxxxxxxxxx> - 1.22.15-2 - Remove obsolete requirement for %post scriptlet -------------------------------------------------------------------------------- ================================================================================ perl-Crypt-SmbHash-0.12-48.el9 (FEDORA-EPEL-2025-d4ab830b99) Pure-perl Lanman and NT MD4 hash functions -------------------------------------------------------------------------------- Update Information: This is the first EPEL-9 build of perl-Crypt-SmbHash. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 20 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.12-48 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Fri Jul 22 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.12-47 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Tue May 31 2022 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 0.12-46 - Perl 5.36 rebuild * Fri Jan 21 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.12-45 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Thu Jul 22 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.12-44 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Fri May 21 2021 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 0.12-43 - Perl 5.34 rebuild * Wed Jan 27 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.12-42 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2374088 - Add perl-Crypt-SmbHash to EPEL 9 https://bugzilla.redhat.com/show_bug.cgi?id=2374088 -------------------------------------------------------------------------------- ================================================================================ rust-enum-primitive-derive-0.3.0-1.el9 (FEDORA-EPEL-2025-340e652b05) Enum_primitive implementation using procedural macros to have a custom derive -------------------------------------------------------------------------------- Update Information: Bulid for EPEL9 -------------------------------------------------------------------------------- ChangeLog: * Wed May 8 2024 Orion Poplawski <orion@xxxxxxxx> - 0.3.0-1 - Initial import -------------------------------------------------------------------------------- ================================================================================ rust-matrixcompare-mock-0.1.0-14.el9 (FEDORA-EPEL-2025-1a2a282f6d) Internal mock data structures for testing of matrixcompare -------------------------------------------------------------------------------- Update Information: Update num dependency to 0.4 -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 26 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.1.0-14 - Update num dependency to 0.4 -------------------------------------------------------------------------------- ================================================================================ rust-matrixmultiply-0.3.10-1.el9 (FEDORA-EPEL-2025-5240d9fea3) General matrix multiplication for f32 and f64 matrices -------------------------------------------------------------------------------- Update Information: Update to version 0.3.10: Reduce unnecessary AVX register permutations in sgemm and fix a few warnings -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 26 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.3.10-1 - Update to version 0.3.10; Fixes RHBZ#2365659 * Thu Jun 26 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.3.9-4 - Update itertools dev-dependency from 0.8 to 0.14 * Thu Jun 26 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.3.9-3 - Remove benchmark-only bencher dev-dependency -------------------------------------------------------------------------------- References: [ 1 ] Bug #2365659 - rust-matrixmultiply-0.3.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=2365659 -------------------------------------------------------------------------------- ================================================================================ rust-postcard-1.1.2-1.el9 (FEDORA-EPEL-2025-2176604b14) No_std + serde compatible message library for Rust -------------------------------------------------------------------------------- Update Information: Update to version 1.1.2: https://github.com/jamesmunns/postcard/releases/tag/postcard%2Fv1.1.2 -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 26 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 1.1.2-1 - Update to version 1.1.2; Fixes RHBZ#2374857 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2374857 - rust-postcard-1.1.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2374857 -------------------------------------------------------------------------------- ================================================================================ testssl-3.2.1-1.el9 (FEDORA-EPEL-2025-e06e1414a3) Testing TLS/SSL encryption -------------------------------------------------------------------------------- Update Information: Update to 3.2.1 -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 26 2025 Mikel Olasagasti Uranga <mikel@xxxxxxxxxxxxxxx> - 3.2.1-1 - Update to 3.2.1 - Closes rhbz#2372680 -------------------------------------------------------------------------------- -- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
