Fedora EPEL 8 updates-testing report - epel-devel - Fedora mailing-lists

30 May 2025


      The following Fedora EPEL 8 Security updates need testing:
 Age  URL
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-ab11f6d0c5   lua-http-0.3-6.el8
   4  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-ecb2c4b05c   libmodsecurity-3.0.14-8.el8
   0  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-ccb0435da4   libxmp-4.6.3-2.el8
The following builds have been pushed to Fedora EPEL 8 updates-testing
fcgi-2.4.0-52.el8
    prosody-13.0.2-1.el8
    python-pylero-0.1.1-1.el8
Details about builds:
================================================================================
 fcgi-2.4.0-52.el8 (FEDORA-EPEL-2025-e655c1f968)
 FastCGI development kit
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2025-23016
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 30 2025 Andrew Bauer zonexpertconsulting@outlook.com - 2.4.0-52
- Fix CVE-2025-23016
* Thu Jan 16 2025 Fedora Release Engineering releng@fedoraproject.org - 2.4.0-51
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Wed Jul 17 2024 Fedora Release Engineering releng@fedoraproject.org - 2.4.0-50
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Wed Jan 24 2024 Fedora Release Engineering releng@fedoraproject.org - 2.4.0-49
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jan 19 2024 Fedora Release Engineering releng@fedoraproject.org - 2.4.0-48
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Jul 19 2023 Fedora Release Engineering releng@fedoraproject.org - 2.4.0-47
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu Jan 19 2023 Fedora Release Engineering releng@fedoraproject.org - 2.4.0-46
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Nov 18 2022 Florian Weimer fweimer@redhat.com - 2.4.0-45
- Fix another implicit declaration of exit (#2143591)
* Thu Nov 17 2022 Florian Weimer fweimer@redhat.com - 2.4.0-44
- Avoid implicit declaration of exit in configure (#2143591)
* Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org - 2.4.0-43
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 2.4.0-42
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Wed Jul 28 2021 Andrew Bauer zonexpertconsulting@outlook.com - 2.4.0-41
- Disable rpath bz1987468
* Wed Jul 21 2021 Fedora Release Engineering releng@fedoraproject.org - 2.4.0-40
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Tue Jan 26 2021 Fedora Release Engineering releng@fedoraproject.org - 2.4.0-39
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Jul 28 2020 Andrew Bauer zonexpertconsulting@outlook.com - 2.4.0-38
- Modernize specfile
* Tue Jan 28 2020 Fedora Release Engineering releng@fedoraproject.org - 2.4.0-37
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2369269 - CVE-2025-23016 FastCGI integer overflow
        https://bugzilla.redhat.com/show_bug.cgi?id=2369269
--------------------------------------------------------------------------------
================================================================================
 prosody-13.0.2-1.el8 (FEDORA-EPEL-2025-25e0c93fff)
 Flexible communications server for Jabber/XMPP
--------------------------------------------------------------------------------
Update Information:
Prosody 13.0.2
Upstream is pleased to announce a new minor release from their stable branch.
This update addresses various issues that have been noticed since the previous
release, as well as a few improvements, including some important fixes for
invites. Some log messages and prosodyctl commands have been improved as well.
Fixes and improvements
mod_storage_internal: Fix queries with only start returning extra items
mod_invites_register: Stricter validation of registration events
Minor changes
MUC: Ensure allow MUC PM setting has valid value
mod_storage_sql: Delay showing SQL library error until attempted load
mod_storage_sql: Handle failure to deploy new UNIQUE index
mod_storage_sql: Add shell command to create tables and indices (again)
mod_s2s: Fix log to use formatting instead of concatenation
modulemanager, util.pluginloader: Improve error message when load fails but some
candidates were filtered
prosodyctl check config: add recommendation to switch from admin_telnet to shell
mod_storage_sql: Retrieve all indices to see if the new one exists
prosodyctl check config: List modules which Prosody cannot successfully load
net.http.files: Fix issue with caching
util.jsonschema: Fix handling of false as schema
mod_invites: Consider password reset a distinct type wrt invite page
configmanager: Emit config warning when referencing non-existent value
mod_admin_shell: Add role:list() and role:show() commands
MUC: Fix nickname registration form error handling
MUC: Fix Error when join stanza sent without resource
MUC: Factor out identification of join stanza
mod_invites_register: Don’t restrict username for roster invites
mod_admin_shell: Fix matching logic in s2s:close
mod_authz_internal: Improve error message when invalid role specified
mod_http_file_share: Add media-src ‘self’ to Content-Security-Policy header
mod_admin_shell: Visual tweaks to the output of debug:cert_index()
mod_http: Log problems parsing IP addresses in X-Forwarded-For
mod_http: Fix IP address normalization
util.prosodyctl.check: Improve reporting of DNS lookup problems
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 30 2025 Robert Scheck robert@fedoraproject.org 13.0.2-1
- Upgrade to 13.0.2 (#2369268)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2369268 - prosody-13.0.2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2369268
--------------------------------------------------------------------------------
================================================================================
 python-pylero-0.1.1-1.el8 (FEDORA-EPEL-2025-e7717807af)
 Python SDK for Polarion
--------------------------------------------------------------------------------
Update Information:
python-pylero 0.1.1-1
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 30 2025 Wayne Sun gsun@redhat.com 0.1.1-1
- Update to 0.1.1
--------------------------------------------------------------------------------