November 2025 - Epel-packagers-sig - Fedora mailing-lists

[Bug 2342110] New: scribus-1.7.0 is available
by bugzilla＠redhat.com 13 Apr '26

13 Apr '26

https://bugzilla.redhat.com/show_bug.cgi?id=2342110 Bug ID: 2342110 Summary: scribus-1.7.0 is available Product: Fedora Version: rawhide Status: NEW Component: scribus Keywords: FutureFeature, Triaged Assignee: walter.pete(a)yandex.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: dan(a)danny.cz, epel-packagers-sig(a)lists.fedoraproject.org, luya_tfz(a)thefinalzone.net, walter.pete(a)yandex.com Target Milestone: --- Classification: Fedora Releases retrieved: 1.7.0 Upstream release that is considered latest: 1.7.0 Current version/release in rawhide: 1.6.3-2.fc42 URL: https://www.scribus.net Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/4773/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/scribus -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2342110 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 11

[Bug 2334129] New: python-django-allauth-65.3.1 is available
by bugzilla＠redhat.com 13 Apr '26

13 Apr '26

https://bugzilla.redhat.com/show_bug.cgi?id=2334129 Bug ID: 2334129 Summary: python-django-allauth-65.3.1 is available Product: Fedora Version: rawhide Status: NEW Component: python-django-allauth Keywords: FutureFeature, Triaged Assignee: michel(a)michel-slm.name Reporter: upstream-release-monitoring(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, infra-sig(a)lists.fedoraproject.org, michel(a)michel-slm.name, ngompa13(a)gmail.com, python-packagers-sig(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora Releases retrieved: 65.3.1 Upstream release that is considered latest: 65.3.1 Current version/release in rawhide: 65.3.0-1.fc42 URL: https://pypi.org/project/django-allauth/0.45.0 Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/220408/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/python-django-allauth -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2334129 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 28

[Bug 2333481] New: python-authlib-1.4.0 is available
by bugzilla＠redhat.com 13 Apr '26

13 Apr '26

https://bugzilla.redhat.com/show_bug.cgi?id=2333481 Bug ID: 2333481 Summary: python-authlib-1.4.0 is available Product: Fedora Version: rawhide Status: NEW Component: python-authlib Keywords: FutureFeature, Triaged Assignee: V02460(a)gmail.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: davidkirwanirl(a)gmail.com, epel-packagers-sig(a)lists.fedoraproject.org, python-packagers-sig(a)lists.fedoraproject.org, V02460(a)gmail.com Target Milestone: --- Classification: Fedora Releases retrieved: 1.4.0 Upstream release that is considered latest: 1.4.0 Current version/release in rawhide: 1.3.2-5.fc42 URL: https://pypi.org/project/Authlib/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/41735/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/python-authlib -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2333481 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 14

[Bug 2397961] New: CVE-2025-1131 asterisk: Asterisk Unsafe Shell Sourcing Leads to Local Privilege Escalation [fedora-42]
by bugzilla＠redhat.com 12 Apr '26

12 Apr '26

https://bugzilla.redhat.com/show_bug.cgi?id=2397961 Bug ID: 2397961 Summary: CVE-2025-1131 asterisk: Asterisk Unsafe Shell Sourcing Leads to Local Privilege Escalation [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["880a53d0-0e73-427a-a690-fe61db9a5d0d"]} Component: asterisk Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: jsmith.fedora(a)gmail.com Reporter: jmoroney(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: bennie.joubert(a)jsdaav.com, epel-packagers-sig(a)lists.fedoraproject.org, jsmith.fedora(a)gmail.com Blocks: 2397550 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2397961 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 7

[Bug 2397958] New: CVE-2025-1131 asterisk: Asterisk Unsafe Shell Sourcing Leads to Local Privilege Escalation [fedora-41]
by bugzilla＠redhat.com 12 Apr '26

12 Apr '26

https://bugzilla.redhat.com/show_bug.cgi?id=2397958 Bug ID: 2397958 Summary: CVE-2025-1131 asterisk: Asterisk Unsafe Shell Sourcing Leads to Local Privilege Escalation [fedora-41] Product: Fedora Version: 41 Status: NEW Whiteboard: {"flaws": ["880a53d0-0e73-427a-a690-fe61db9a5d0d"]} Component: asterisk Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: jsmith.fedora(a)gmail.com Reporter: jmoroney(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: bennie.joubert(a)jsdaav.com, epel-packagers-sig(a)lists.fedoraproject.org, jsmith.fedora(a)gmail.com Blocks: 2397550 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2397958 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 9

[Bug 2395450] New: CVE-2025-47779 asterisk: Using malformed From header can forge identity with ";" or NULL in name portion [fedora-42]
by bugzilla＠redhat.com 12 Apr '26

12 Apr '26

https://bugzilla.redhat.com/show_bug.cgi?id=2395450 Bug ID: 2395450 Summary: CVE-2025-47779 asterisk: Using malformed From header can forge identity with ";" or NULL in name portion [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["a2687c1b-3026-4ac0-b937-ac8f19aa2378"]} Component: asterisk Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: jsmith.fedora(a)gmail.com Reporter: gsuckevi(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: bennie.joubert(a)jsdaav.com, epel-packagers-sig(a)lists.fedoraproject.org, jsmith.fedora(a)gmail.com Blocks: 2368030 (CVE-2025-47779) Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2368030 [Bug 2368030] CVE-2025-47779 asterisk: Using malformed From header can forge identity with ";" or NULL in name portion -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2395450 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 7

[Bug 2395449] New: CVE-2025-47779 asterisk: Using malformed From header can forge identity with ";" or NULL in name portion [fedora-41]
by bugzilla＠redhat.com 12 Apr '26

12 Apr '26

https://bugzilla.redhat.com/show_bug.cgi?id=2395449 Bug ID: 2395449 Summary: CVE-2025-47779 asterisk: Using malformed From header can forge identity with ";" or NULL in name portion [fedora-41] Product: Fedora Version: 41 Status: NEW Whiteboard: {"flaws": ["a2687c1b-3026-4ac0-b937-ac8f19aa2378"]} Component: asterisk Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: jsmith.fedora(a)gmail.com Reporter: gsuckevi(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: bennie.joubert(a)jsdaav.com, epel-packagers-sig(a)lists.fedoraproject.org, jsmith.fedora(a)gmail.com Blocks: 2368030 (CVE-2025-47779) Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2368030 [Bug 2368030] CVE-2025-47779 asterisk: Using malformed From header can forge identity with ";" or NULL in name portion -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2395449 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 9

[Bug 2391522] New: CVE-2025-54995 asterisk: Asterisk resource exhaustion [fedora-42]
by bugzilla＠redhat.com 12 Apr '26

12 Apr '26

https://bugzilla.redhat.com/show_bug.cgi?id=2391522 Bug ID: 2391522 Summary: CVE-2025-54995 asterisk: Asterisk resource exhaustion [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["3789d866-2bec-45aa-a22a-f752e5605be8"]} Component: asterisk Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: jsmith.fedora(a)gmail.com Reporter: jmoroney(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: bennie.joubert(a)jsdaav.com, epel-packagers-sig(a)lists.fedoraproject.org, jsmith.fedora(a)gmail.com Blocks: 2391499 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2391522 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 7

[Bug 2391521] New: CVE-2025-54995 asterisk: Asterisk resource exhaustion [fedora-41]
by bugzilla＠redhat.com 12 Apr '26

12 Apr '26

https://bugzilla.redhat.com/show_bug.cgi?id=2391521 Bug ID: 2391521 Summary: CVE-2025-54995 asterisk: Asterisk resource exhaustion [fedora-41] Product: Fedora Version: 41 Status: NEW Whiteboard: {"flaws": ["3789d866-2bec-45aa-a22a-f752e5605be8"]} Component: asterisk Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: jsmith.fedora(a)gmail.com Reporter: jmoroney(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: bennie.joubert(a)jsdaav.com, epel-packagers-sig(a)lists.fedoraproject.org, jsmith.fedora(a)gmail.com Blocks: 2391499 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2391521 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 9

[Bug 2386210] New: CVE-2025-49832 asterisk: Asterisk SIP Profile Remote Code Execution [fedora-42]
by bugzilla＠redhat.com 12 Apr '26

12 Apr '26

https://bugzilla.redhat.com/show_bug.cgi?id=2386210 Bug ID: 2386210 Summary: CVE-2025-49832 asterisk: Asterisk SIP Profile Remote Code Execution [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["914c0cac-6697-4cf2-841a-241e408dada0"]} Component: asterisk Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: jsmith.fedora(a)gmail.com Reporter: mfindra(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: bennie.joubert(a)jsdaav.com, epel-packagers-sig(a)lists.fedoraproject.org, jsmith.fedora(a)gmail.com Blocks: 2386030 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2386210 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 7

2026

2025

2024

2023

2022

2021

Epel-packagers-sig November 2025