The following Fedora EPEL 8 Security updates need testing: Age URL 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-ab11f6d0c5 lua-http-0.3-6.el8 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-ecb2c4b05c libmodsecurity-3.0.14-8.el8

The following builds have been pushed to Fedora EPEL 8 updates-testing

libxmp-4.6.3-2.el8

Details about builds:

================================================================================ libxmp-4.6.3-2.el8 (FEDORA-EPEL-2025-ccb0435da4) A multi-format module playback library -------------------------------------------------------------------------------- Update Information:

Latest upstream stable release. Backwards ABI and API compatible. Resolves CVE-2025-47256 . -------------------------------------------------------------------------------- ChangeLog:

* Sat May 24 2025 Dominik Mierzejewski dominik@greysector.net - 4.6.3-1 - update to 4.6.3 (resolves rhbz#2365514) - drop obsolete patch * Wed May 7 2025 Michael Schwendt mschwendt@fedoraproject.org - 4.6.2-3 - Fix array subscript underflow in Pha Packer loader (CVE-2025-47256). * Wed May 7 2025 Michael Schwendt mschwendt@fedoraproject.org - 4.6.2-2 - own cmake libxmp dir * Wed Feb 26 2025 Dominik 'Rathann' Mierzejewski dominik@greysector.net - 4.6.2-1 - update to 4.6.2 (resolves rhbz#2347277) * Mon Jan 20 2025 Fedora Release Engineering releng@fedoraproject.org - 4.6.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild * Thu Jan 2 2025 Dominik Mierzejewski dominik@greysector.net - 4.6.1-1 - update to 4.6.1 (rhbz#2335113) - enumerate source licenses and correct License tag * Mon Sep 2 2024 Miroslav Suchý msuchy@redhat.com - 4.6.0-6 - convert license to SPDX * Thu Jul 18 2024 Fedora Release Engineering releng@fedoraproject.org - 4.6.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Thu Jan 25 2024 Fedora Release Engineering releng@fedoraproject.org - 4.6.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sun Jan 21 2024 Fedora Release Engineering releng@fedoraproject.org - 4.6.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Thu Jul 20 2023 Fedora Release Engineering releng@fedoraproject.org - 4.6.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Wed Jul 5 2023 Dominik Mierzejewski dominik@greysector.net - 4.6.0-1 - update to 4.6.0 (#2216871) - drop obsolete patch - fix SONAME glob in file list - include cmake files * Thu Jan 19 2023 Fedora Release Engineering releng@fedoraproject.org - 4.5.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org - 4.5.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 4.5.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Thu Jul 22 2021 Fedora Release Engineering releng@fedoraproject.org - 4.5.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Tue Jun 22 2021 Dominik Mierzejewski rpm@greysector.net - 4.5.0-1 - update to 4.5.0 (#1971814) - ensure SONAME changes are noticed - re-enable LTO - use modern make_* macros * Tue Jan 26 2021 Fedora Release Engineering releng@fedoraproject.org - 4.4.1-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Tue Jul 28 2020 Fedora Release Engineering releng@fedoraproject.org - 4.4.1-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Wed Jul 1 2020 Jeff Law law@redhat.com - 4.4.1-11 - Disable LTO * Wed Jan 29 2020 Fedora Release Engineering releng@fedoraproject.org - 4.4.1-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- References:

[ 1 ] Bug #2364610 - CVE-2025-47256 libxmp: stack-based buffer overflow via a malformed Pha format tracker module [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2364610 --------------------------------------------------------------------------------