February 2026 - Epel-packagers-sig - Fedora mailing-lists

[Bug 2428090] New: python-zstd-1.5.7.3 is available
by bugzilla＠redhat.com 07 Mar '26

07 Mar '26

https://bugzilla.redhat.com/show_bug.cgi?id=2428090 Bug ID: 2428090 Summary: python-zstd-1.5.7.3 is available Product: Fedora Version: rawhide Status: NEW Component: python-zstd Keywords: FutureFeature, Triaged Assignee: ngompa13(a)gmail.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: daltonminer(a)gmail.com, epel-packagers-sig(a)lists.fedoraproject.org, jonathan(a)almalinux.org, michel(a)michel-slm.name, ngompa13(a)gmail.com, python-packagers-sig(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora Releases retrieved: 1.5.7.3 Upstream release that is considered latest: 1.5.7.3 Current version/release in rawhide: 1.5.7.2-3.fc44 URL: https://pypi.org/project/zstd/1.4.4.0 Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/38517/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/python-zstd -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2428090 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 12

[Bug 2418489] New: CVE-2025-65896 python-asyncmy: Asyncmy SQL injection [fedora-43]
by bugzilla＠redhat.com 07 Mar '26

07 Mar '26

https://bugzilla.redhat.com/show_bug.cgi?id=2418489 Bug ID: 2418489 Summary: CVE-2025-65896 python-asyncmy: Asyncmy SQL injection [fedora-43] Product: Fedora Version: 43 Status: NEW Whiteboard: {"flaws": ["15c909b6-40cb-48a6-8eef-a770c657891e"]} Component: python-asyncmy Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: nphilipp(a)redhat.com Reporter: jmoroney(a)redhat.com CC: epel-packagers-sig(a)lists.fedoraproject.org, nphilipp(a)redhat.com, python-packagers-sig(a)lists.fedoraproject.org Blocks: 2418446 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2418489 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 5

[Bug 2441656] New: cpp-httplib-0.33.1 is available
by bugzilla＠redhat.com 07 Mar '26

07 Mar '26

https://bugzilla.redhat.com/show_bug.cgi?id=2441656 Bug ID: 2441656 Summary: cpp-httplib-0.33.1 is available Product: Fedora Version: rawhide Status: NEW Component: cpp-httplib Keywords: FutureFeature, Triaged Assignee: pemensik(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, orion(a)nwra.com, pemensik(a)redhat.com Target Milestone: --- Classification: Fedora Releases retrieved: 0.33.0, 0.33.1 Upstream release that is considered latest: 0.33.1 Current version/release in rawhide: 0.32.0-1.fc45 URL: https://github.com/yhirose/cpp-httplib Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/274636/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/cpp-httplib -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2441656 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 4

[Bug 2418486] New: CVE-2025-65896 python-asyncmy: Asyncmy SQL injection [epel-10]
by bugzilla＠redhat.com 07 Mar '26

07 Mar '26

https://bugzilla.redhat.com/show_bug.cgi?id=2418486 Bug ID: 2418486 Summary: CVE-2025-65896 python-asyncmy: Asyncmy SQL injection [epel-10] Product: Fedora EPEL Version: epel10 Status: NEW Whiteboard: {"flaws": ["15c909b6-40cb-48a6-8eef-a770c657891e"]} Component: python-asyncmy Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: nphilipp(a)redhat.com Reporter: jmoroney(a)redhat.com CC: epel-packagers-sig(a)lists.fedoraproject.org, nphilipp(a)redhat.com, python-packagers-sig(a)lists.fedoraproject.org Blocks: 2418446 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2418486 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 3

[Bug 2418488] New: CVE-2025-65896 python-asyncmy: Asyncmy SQL injection [fedora-42]
by bugzilla＠redhat.com 07 Mar '26

07 Mar '26

https://bugzilla.redhat.com/show_bug.cgi?id=2418488 Bug ID: 2418488 Summary: CVE-2025-65896 python-asyncmy: Asyncmy SQL injection [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["15c909b6-40cb-48a6-8eef-a770c657891e"]} Component: python-asyncmy Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: nphilipp(a)redhat.com Reporter: jmoroney(a)redhat.com CC: epel-packagers-sig(a)lists.fedoraproject.org, nphilipp(a)redhat.com, python-packagers-sig(a)lists.fedoraproject.org Blocks: 2418446 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2418488 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 4

[Bug 2418487] New: CVE-2025-65896 python-asyncmy: Asyncmy SQL injection [epel-9]
by bugzilla＠redhat.com 07 Mar '26

07 Mar '26

https://bugzilla.redhat.com/show_bug.cgi?id=2418487 Bug ID: 2418487 Summary: CVE-2025-65896 python-asyncmy: Asyncmy SQL injection [epel-9] Product: Fedora EPEL Version: epel9 Status: NEW Whiteboard: {"flaws": ["15c909b6-40cb-48a6-8eef-a770c657891e"]} Component: python-asyncmy Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: nphilipp(a)redhat.com Reporter: jmoroney(a)redhat.com CC: epel-packagers-sig(a)lists.fedoraproject.org, nphilipp(a)redhat.com, python-packagers-sig(a)lists.fedoraproject.org Blocks: 2418446 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2418487 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 3

[Bug 2434977] New: python-django-configurations: FTBFS in Fedora rawhide/f44
by bugzilla＠redhat.com 07 Mar '26

07 Mar '26

https://bugzilla.redhat.com/show_bug.cgi?id=2434977 Bug ID: 2434977 Summary: python-django-configurations: FTBFS in Fedora rawhide/f44 Product: Fedora Version: rawhide Status: NEW Component: python-django-configurations Assignee: michel(a)michel-slm.name Reporter: releng(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: davide(a)cavalca.name, epel-packagers-sig(a)lists.fedoraproject.org, michel(a)michel-slm.name Blocks: 2384424 (F44FTBFS) Target Milestone: --- Classification: Fedora python-django-configurations failed to build from source in Fedora rawhide/f44 https://koji.fedoraproject.org/koji/taskinfo?taskID=141193782 For details on the mass rebuild see: https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild Please fix python-django-configurations at your earliest convenience and set the bug's status to ASSIGNED when you start fixing it. If the bug remains in NEW state for 8 weeks, python-django-configurations will be orphaned. Before branching of Fedora 45, python-django-configurations will be retired, if it still fails to build. For more details on the FTBFS policy, please visit: https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails… Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2384424 [Bug 2384424] Fedora 44 FTBFS Tracker -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2434977 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 6

[Bug 2442231] New: CVE-2026-21863 valkey: Valkey: Denial of Service via invalid clusterbus packet [fedora-all]
by bugzilla＠redhat.com 07 Mar '26

07 Mar '26

https://bugzilla.redhat.com/show_bug.cgi?id=2442231 Bug ID: 2442231 Summary: CVE-2026-21863 valkey: Valkey: Denial of Service via invalid clusterbus packet [fedora-all] Product: Fedora Version: rawhide Status: NEW Whiteboard: {"flaws": ["f65b99c4-7238-4f51-8f7a-2842dbce400b"]} Component: valkey Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: jonathan(a)almalinux.org Reporter: trathi(a)redhat.com CC: epel-packagers-sig(a)lists.fedoraproject.org, fedora(a)famillecollet.com, jonathan(a)almalinux.org, nathans(a)redhat.com, ngompa13(a)gmail.com Blocks: 2442026 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2442231 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 9

[Bug 2442222] New: CVE-2026-27623 valkey: Valkey: Denial of Service via specially crafted network requests [fedora-all]
by bugzilla＠redhat.com 07 Mar '26

07 Mar '26

https://bugzilla.redhat.com/show_bug.cgi?id=2442222 Bug ID: 2442222 Summary: CVE-2026-27623 valkey: Valkey: Denial of Service via specially crafted network requests [fedora-all] Product: Fedora Version: rawhide Status: NEW Whiteboard: {"flaws": ["b6977e4b-ee23-48da-a135-1fcd9f2b45dc"]} Component: valkey Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: jonathan(a)almalinux.org Reporter: saroy(a)redhat.com CC: epel-packagers-sig(a)lists.fedoraproject.org, fedora(a)famillecollet.com, jonathan(a)almalinux.org, nathans(a)redhat.com, ngompa13(a)gmail.com Blocks: 2442021 (CVE-2026-27623) Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2442021 [Bug 2442021] CVE-2026-27623 Valkey: Valkey: Denial of Service via specially crafted network requests -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2442222 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 3

[Bug 2442220] New: CVE-2025-67733 valkey: Valkey: Data tampering and denial of service via improper null character handling in Lua scripts [fedora-all]
by bugzilla＠redhat.com 07 Mar '26

07 Mar '26

https://bugzilla.redhat.com/show_bug.cgi?id=2442220 Bug ID: 2442220 Summary: CVE-2025-67733 valkey: Valkey: Data tampering and denial of service via improper null character handling in Lua scripts [fedora-all] Product: Fedora Version: rawhide Status: NEW Whiteboard: {"flaws": ["2e045ad3-767c-4039-9407-c3ff7b617262"]} Component: valkey Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: jonathan(a)almalinux.org Reporter: saroy(a)redhat.com CC: epel-packagers-sig(a)lists.fedoraproject.org, fedora(a)famillecollet.com, jonathan(a)almalinux.org, nathans(a)redhat.com, ngompa13(a)gmail.com Blocks: 2442025 (CVE-2025-67733) Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2442025 [Bug 2442025] CVE-2025-67733 Valkey: Valkey: Data tampering and denial of service via improper null character handling in Lua scripts -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2442220 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 9

2026

2025

2024

2023

2022

2021

Epel-packagers-sig February 2026