December 2025 - Epel-packagers-sig - Fedora mailing-lists

[Bug 2374572] New: python-numpydoc-1.9.0 is available
by bugzilla＠redhat.com 11 Jun '26

11 Jun '26

https://bugzilla.redhat.com/show_bug.cgi?id=2374572 Bug ID: 2374572 Summary: python-numpydoc-1.9.0 is available Product: Fedora Version: rawhide Status: NEW Component: python-numpydoc Keywords: FutureFeature, Triaged Assignee: python-packagers-sig(a)lists.fedoraproject.org Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, jonathan(a)almalinux.org, orion(a)nwra.com, python-packagers-sig(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora Releases retrieved: 1.9.0rc0, 1.9.0 Upstream release that is considered latest: 1.9.0 Current version/release in rawhide: 1.8.0-3.fc43 URL: https://pypi.python.org/pypi/numpydoc Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/10343/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/python-numpydoc -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2374572 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 8

[Bug 2394107] New: golang-x-net-0.44.0 is available
by bugzilla＠redhat.com 11 Jun '26

11 Jun '26

https://bugzilla.redhat.com/show_bug.cgi?id=2394107 Bug ID: 2394107 Summary: golang-x-net-0.44.0 is available Product: Fedora Version: rawhide Status: NEW Component: golang-x-net Keywords: FutureFeature, Triaged Assignee: mark.e.fuller(a)gmx.de Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, go-sig(a)lists.fedoraproject.org, mark.e.fuller(a)gmx.de Target Milestone: --- Classification: Fedora Releases retrieved: 0.44.0 Upstream release that is considered latest: 0.44.0 Current version/release in rawhide: 0.43.0-1.fc44 URL: https://github.com/golang/net Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/368696/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/golang-x-net -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2394107 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 12

[Bug 2424573] New: python-readme-renderer fails to build with Python 3.15: test_cli_package: No content rendered from RST source.
by bugzilla＠redhat.com 10 Jun '26

10 Jun '26

https://bugzilla.redhat.com/show_bug.cgi?id=2424573 Bug ID: 2424573 Summary: python-readme-renderer fails to build with Python 3.15: test_cli_package: No content rendered from RST source. Product: Fedora Version: rawhide Status: NEW Component: python-readme-renderer Assignee: michel(a)michel-slm.name Reporter: ksurma(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: davide(a)cavalca.name, epel-packagers-sig(a)lists.fedoraproject.org, ksurma(a)redhat.com, mhroncok(a)redhat.com, michel(a)michel-slm.name, romain.geissler(a)amadeus.com Blocks: 2412434 (PYTHON3.15) Target Milestone: --- Classification: Fedora python-readme-renderer fails to build with Python 3.15.0a3. _ test_cli_package[docutils-Docutils is a modular system for processing documentation] _ package = 'docutils' contains = 'Docutils is a modular system for processing documentation' @pytest.mark.parametrize("package, contains", [ ("readme_renderer", "Readme Renderer is a library that will safely render"), ("docutils", "Docutils is a modular system for processing documentation"), ]) def test_cli_package(package, contains): with mock.patch("builtins.print") as print_: > main(["-p", package]) tests/test_cli.py:67: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ cli_args = ['-p', 'docutils'] def main(cli_args: Optional[List[str]] = None) -> None: parser = argparse.ArgumentParser( description="Renders a .md, .rst, or .txt README to HTML", ) parser.add_argument("-p", "--package", help="Get README from package metadata", action="store_true") parser.add_argument("-f", "--format", choices=["md", "rst", "txt"], help="README format (inferred from input file name or package)") parser.add_argument('input', help="Input README file or package name") parser.add_argument('-o', '--output', help="Output file (default: stdout)", default='-') args = parser.parse_args(cli_args) content_format = args.format if args.package: message = metadata(args.input) source = message.get_payload() # type: ignore[attr-defined] # noqa: E501 https://peps.python.org/pep-0566/ # Infer the format of the description from package metadata. if not content_format: content_type = message.get("Description-Content-Type", "text/x-rst") if content_type == "text/x-rst": content_format = "rst" elif content_type == "text/markdown": content_format = "md" elif content_type == "text/plain": content_format = "txt" else: raise ValueError(f"invalid content type {content_type} for package " "`long_description`") else: filename = pathlib.Path(args.input) content_format = content_format or filename.suffix.lstrip(".") with filename.open() as fp: source = fp.read() if content_format == "md": rendered = render_md(source, stream=sys.stderr) elif content_format == "rst": rendered = render_rst(source, stream=sys.stderr) elif content_format == "txt": rendered = render_txt(source, stream=sys.stderr) else: raise ValueError(f"invalid README format: {content_format} (expected `md`, " "`rst`, or `txt`)") if rendered is None: > sys.exit(1) E SystemExit: 1 readme_renderer/__main__.py:57: SystemExit ----------------------------- Captured stderr call ----------------------------- No content rendered from RST source. =========================== short test summary info ============================ FAILED tests/test_cli.py::test_cli_package[readme_renderer-Readme Renderer is a library that will safely render] FAILED tests/test_cli.py::test_cli_package[docutils-Docutils is a modular system for processing documentation] =================== 2 failed, 88 passed, 2 skipped in 0.34s ==================== https://docs.python.org/3.15/whatsnew/3.15.html For the build logs, see: https://copr-be.cloud.fedoraproject.org/results/@python/python3.15/fedora-r… For all our attempts to build python-readme-renderer with Python 3.15, see: https://copr.fedorainfracloud.org/coprs/g/python/python3.15/package/python-… Testing and mass rebuild of packages is happening in copr. You can follow these instructions to test locally in mock if your package builds with Python 3.15: https://copr.fedorainfracloud.org/coprs/g/python/python3.15/ Let us know here if you have any questions. Python 3.15 is planned to be included in Fedora 45. To make that update smoother, we're building Fedora packages with all pre-releases of Python 3.15. A build failure prevents us from testing all dependent packages (transitive [Build]Requires), so if this package is required a lot, it's important for us to get it fixed soon. We'd appreciate help from the people who know this package best, but if you don't want to work on this now, let us know so we can try to work around it on our side. Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2412434 [Bug 2412434] Python 3.15 -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2424573 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 7

[Bug 2423097] New: CVE-2025-64702 dnscrypt-proxy: quic-go HTTP/3 QPACK Header Expansion DoS [fedora-42]
by bugzilla＠redhat.com 10 Jun '26

10 Jun '26

https://bugzilla.redhat.com/show_bug.cgi?id=2423097 Bug ID: 2423097 Summary: CVE-2025-64702 dnscrypt-proxy: quic-go HTTP/3 QPACK Header Expansion DoS [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["6950547e-2c92-4e8c-84f9-428e99f4597d"]} Component: dnscrypt-proxy Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: davide(a)cavalca.name Reporter: ahanwate(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: davide(a)cavalca.name, eclipseo(a)mauchin.fr, epel-packagers-sig(a)lists.fedoraproject.org, go-sig(a)lists.fedoraproject.org Blocks: 2421635 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2423097 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 2

[Bug 2423036] New: CVE-2025-14607 dcmtk: OFFIS DCMTK: Remote memory corruption vulnerability [fedora-42]
by bugzilla＠redhat.com 10 Jun '26

10 Jun '26

https://bugzilla.redhat.com/show_bug.cgi?id=2423036 Bug ID: 2423036 Summary: CVE-2025-14607 dcmtk: OFFIS DCMTK: Remote memory corruption vulnerability [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["059bea03-e33f-4de5-9b9d-c4d4df1156f3"]} Component: dcmtk Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: sanjay.ankur(a)gmail.com Reporter: saroy(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, igor.raits(a)gmail.com, neuro-sig(a)lists.fedoraproject.org, sanjay.ankur(a)gmail.com, tdawson(a)redhat.com, troels(a)arvin.dk Blocks: 2421979 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2423036 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 2

[Bug 2422531] New: [abrt] nemo: gtk_widget_get_realized(): nemo killed by SIGSEGV
by bugzilla＠redhat.com 10 Jun '26

10 Jun '26

https://bugzilla.redhat.com/show_bug.cgi?id=2422531 Bug ID: 2422531 Summary: [abrt] nemo: gtk_widget_get_realized(): nemo killed by SIGSEGV Product: Fedora Version: 42 Hardware: x86_64 Status: NEW Whiteboard: abrt_hash:c336f6ad969f68faa0690f7b4de8bf5acec52014;VAR IANT_ID=workstation; Component: nemo Assignee: leigh123linux(a)gmail.com Reporter: semcvicar(a)gmail.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, leigh123linux(a)gmail.com Target Milestone: --- Classification: Fedora Version-Release number of selected component: nemo-6.4.5-1.fc42 Additional info: reporter: libreport-2.17.15 type: CCpp reason: nemo killed by SIGSEGV journald_cursor: s=6f08c5821a004c3c9218a94521d8da58;i=2a8f1b;b=43c862e9055b4f1c903ae15ef079c3f9;m=603589c93;t=645f922369f3b;x=4f482f8c72f7be5f executable: /usr/bin/nemo cmdline: nemo cgroup: 0::/user.slice/user-1000.slice/user@1000.service/app.slice/ptyxis-spawn-1dab9f2b-8e3d-43b6-aa01-2b3a153d89fb.scope rootdir: / uid: 1000 kernel: 6.17.11-200.fc42.x86_64 package: nemo-6.4.5-1.fc42 runlevel: N 5 backtrace_rating: 4 crash_function: gtk_widget_get_realized Truncated backtrace: Thread no. 1 (2 frames) #0 gtk_widget_get_realized at ../gtk/gtkwidget.c:9287 #1 rebuild_menu at ../src/nemo-places-sidebar.c:3510 -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2422531 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 2

[Bug 2421167] New: CVE-2025-66628 ImageMagick: ImageMagick Integer Overflow leading to out of bounds read (32-bit only) [fedora-42]
by bugzilla＠redhat.com 10 Jun '26

10 Jun '26

https://bugzilla.redhat.com/show_bug.cgi?id=2421167 Bug ID: 2421167 Summary: CVE-2025-66628 ImageMagick: ImageMagick Integer Overflow leading to out of bounds read (32-bit only) [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["0bd5c270-d1f4-4006-888b-c56b1a8c9bf6"]} Component: ImageMagick Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: luya_tfz(a)thefinalzone.net Reporter: jmoroney(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: blaise(a)gmail.com, davide(a)cavalca.name, epel-packagers-sig(a)lists.fedoraproject.org, fedora(a)famillecollet.com, luya_tfz(a)thefinalzone.net, michel(a)michel-slm.name, ngompa13(a)gmail.com, pampelmuse(a)gmx.at Blocks: 2421159 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2421167 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 2

[Bug 2421042] New: CVE-2025-65803 freeimage: FreeImage integer overflow [fedora-42]
by bugzilla＠redhat.com 10 Jun '26

10 Jun '26

https://bugzilla.redhat.com/show_bug.cgi?id=2421042 Bug ID: 2421042 Summary: CVE-2025-65803 freeimage: FreeImage integer overflow [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["c567a921-aea1-41fc-8218-1ecf0f3fab32"]} Component: freeimage Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: bruno(a)wolff.to Reporter: jmoroney(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: bruno(a)wolff.to, epel-packagers-sig(a)lists.fedoraproject.org, hobbes1069(a)gmail.com, i(a)cicku.me Blocks: 2420985 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2421042 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 2

[Bug 2420596] New: CVE-2025-47913 golang-x-crypto: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS [fedora-42]
by bugzilla＠redhat.com 10 Jun '26

10 Jun '26

https://bugzilla.redhat.com/show_bug.cgi?id=2420596 Bug ID: 2420596 Summary: CVE-2025-47913 golang-x-crypto: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["857bba6c-8cdd-46f7-9cc3-6f53e80e17bf"]} Component: golang-x-crypto Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: mark.e.fuller(a)gmx.de Reporter: saroy(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, go-sig(a)lists.fedoraproject.org, mark.e.fuller(a)gmx.de Blocks: 2414943 (CVE-2025-47913) Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2414943 [Bug 2414943] CVE-2025-47913 golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2420596 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 2

[Bug 2418554] New: CVE-2025-65955 ImageMagick: ImageMagick use-after-free/double-free [fedora-42]
by bugzilla＠redhat.com 10 Jun '26

10 Jun '26

https://bugzilla.redhat.com/show_bug.cgi?id=2418554 Bug ID: 2418554 Summary: CVE-2025-65955 ImageMagick: ImageMagick use-after-free/double-free [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["f9b551fd-c8e5-4fa0-a825-effb93fd6621"]} Component: ImageMagick Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: luya_tfz(a)thefinalzone.net Reporter: jmoroney(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: blaise(a)gmail.com, davide(a)cavalca.name, epel-packagers-sig(a)lists.fedoraproject.org, fedora(a)famillecollet.com, luya_tfz(a)thefinalzone.net, michel(a)michel-slm.name, ngompa13(a)gmail.com, pampelmuse(a)gmx.at Blocks: 2418549 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2418554 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 2

2026

2025

2024

2023

2022

2021

Epel-packagers-sig December 2025