May 2025 - Epel-packagers-sig - Fedora mailing-lists

[Bug 2128273] New: Please port your pcre dependency to pcre2. Pcre has been deprecated
by bugzilla＠redhat.com 09 Jun '26

09 Jun '26

https://bugzilla.redhat.com/show_bug.cgi?id=2128273 Bug ID: 2128273 Summary: Please port your pcre dependency to pcre2. Pcre has been deprecated Product: Fedora Version: rawhide Status: NEW Component: ccze Assignee: dcavalca(a)fb.com Reporter: ljavorsk(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: dcavalca(a)fb.com, epel-packagers-sig(a)lists.fedoraproject.org, michel(a)michel-slm.name, pahan(a)hubbitus.info Target Milestone: --- Classification: Fedora Pcre has been deprecated since Fedora 38. Please consider porting to the new pcre2 version. Fedora change that describes the pcre deprecation is located here: https://fedoraproject.org/wiki/PcreDeprecation FESCo approval is located here: https://pagure.io/fesco/issue/2862 If your component has already ported to pcre2 or you don't Require/BuildRequire any pcre subpackage, feel free to close this Bugzilla. This Bugzilla was created automatically and some issues might have occurred along the way. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2128273

1 2

[Bug 2361982] New: CVE-2025-43965 ImageMagick: Incorrect Handling of Image Depth in MIFF Processing in ImageMagick [epel-9]
by bugzilla＠redhat.com 09 Jun '26

09 Jun '26

https://bugzilla.redhat.com/show_bug.cgi?id=2361982 Bug ID: 2361982 Summary: CVE-2025-43965 ImageMagick: Incorrect Handling of Image Depth in MIFF Processing in ImageMagick [epel-9] Product: Fedora EPEL Version: epel9 Status: NEW Whiteboard: {"flaws": ["da1ad09a-d1c0-4a0f-826a-4336cdedbe0b"]} Component: ImageMagick Keywords: Security, SecurityTracking Severity: low Priority: low Assignee: luya_tfz(a)thefinalzone.net Reporter: ahanwate(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: blaise(a)gmail.com, davide(a)cavalca.name, epel-packagers-sig(a)lists.fedoraproject.org, fedora(a)famillecollet.com, luya_tfz(a)thefinalzone.net, michel(a)michel-slm.name, ngompa13(a)gmail.com, pampelmuse(a)gmx.at, sergio(a)serjux.com Blocks: 2361876 Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=2361876 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2361982 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 3

[Bug 2361980] New: CVE-2025-43965 ImageMagick: Incorrect Handling of Image Depth in MIFF Processing in ImageMagick [epel-8]
by bugzilla＠redhat.com 09 Jun '26

09 Jun '26

https://bugzilla.redhat.com/show_bug.cgi?id=2361980 Bug ID: 2361980 Summary: CVE-2025-43965 ImageMagick: Incorrect Handling of Image Depth in MIFF Processing in ImageMagick [epel-8] Product: Fedora EPEL Version: epel8 Status: NEW Whiteboard: {"flaws": ["da1ad09a-d1c0-4a0f-826a-4336cdedbe0b"]} Component: ImageMagick Keywords: Security, SecurityTracking Severity: low Priority: low Assignee: luya_tfz(a)thefinalzone.net Reporter: ahanwate(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: blaise(a)gmail.com, davide(a)cavalca.name, epel-packagers-sig(a)lists.fedoraproject.org, fedora(a)famillecollet.com, luya_tfz(a)thefinalzone.net, michel(a)michel-slm.name, ngompa13(a)gmail.com, pampelmuse(a)gmx.at, sergio(a)serjux.com Blocks: 2361876 Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=2361876 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2361980 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 3

[Bug 2361979] New: CVE-2025-46393 ImageMagick: Incorrect Calculation of Buffer Size in ImageMagick's Multispectral MIFF Processing [epel-9]
by bugzilla＠redhat.com 09 Jun '26

09 Jun '26

https://bugzilla.redhat.com/show_bug.cgi?id=2361979 Bug ID: 2361979 Summary: CVE-2025-46393 ImageMagick: Incorrect Calculation of Buffer Size in ImageMagick's Multispectral MIFF Processing [epel-9] Product: Fedora EPEL Version: epel9 Status: NEW Whiteboard: {"flaws": ["6332bd55-2779-4707-882f-094f8266d5dd"]} Component: ImageMagick Keywords: Security, SecurityTracking Severity: low Priority: low Assignee: luya_tfz(a)thefinalzone.net Reporter: ahanwate(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: blaise(a)gmail.com, davide(a)cavalca.name, epel-packagers-sig(a)lists.fedoraproject.org, fedora(a)famillecollet.com, luya_tfz(a)thefinalzone.net, michel(a)michel-slm.name, ngompa13(a)gmail.com, pampelmuse(a)gmx.at, sergio(a)serjux.com Blocks: 2361888 Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=2361888 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2361979 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 3

[Bug 2361978] New: CVE-2025-46393 ImageMagick: Incorrect Calculation of Buffer Size in ImageMagick's Multispectral MIFF Processing [epel-8]
by bugzilla＠redhat.com 09 Jun '26

09 Jun '26

https://bugzilla.redhat.com/show_bug.cgi?id=2361978 Bug ID: 2361978 Summary: CVE-2025-46393 ImageMagick: Incorrect Calculation of Buffer Size in ImageMagick's Multispectral MIFF Processing [epel-8] Product: Fedora EPEL Version: epel8 Status: NEW Whiteboard: {"flaws": ["6332bd55-2779-4707-882f-094f8266d5dd"]} Component: ImageMagick Keywords: Security, SecurityTracking Severity: low Priority: low Assignee: luya_tfz(a)thefinalzone.net Reporter: ahanwate(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: blaise(a)gmail.com, davide(a)cavalca.name, epel-packagers-sig(a)lists.fedoraproject.org, fedora(a)famillecollet.com, luya_tfz(a)thefinalzone.net, michel(a)michel-slm.name, ngompa13(a)gmail.com, pampelmuse(a)gmx.at, sergio(a)serjux.com Blocks: 2361888 Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=2361888 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2361978 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 4

[Bug 2314486] New: CVE-2024-45230 python-django3: Potential denial-of-service vulnerability in django.utils.html.urlize() [epel-all]
by bugzilla＠redhat.com 09 Jun '26

09 Jun '26

https://bugzilla.redhat.com/show_bug.cgi?id=2314486 Bug ID: 2314486 Summary: CVE-2024-45230 python-django3: Potential denial-of-service vulnerability in django.utils.html.urlize() [epel-all] Product: Fedora EPEL Version: epel8 Status: NEW Whiteboard: {"flaws": ["4fdc933a-92b1-4da5-856a-07a95761c0fb"]} Component: python-django3 Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: michel(a)michel-slm.name Reporter: mbenatto(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, michel(a)michel-slm.name Blocks: 2314485 (CVE-2024-45230) Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=2314485 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2314485 [Bug 2314485] CVE-2024-45230 python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2314486 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 3

[Bug 2365039] New: CVE-2025-32873 python-django3: Django StripTags Denial of Service [epel-8]
by bugzilla＠redhat.com 09 Jun '26

09 Jun '26

https://bugzilla.redhat.com/show_bug.cgi?id=2365039 Bug ID: 2365039 Summary: CVE-2025-32873 python-django3: Django StripTags Denial of Service [epel-8] Product: Fedora EPEL Version: epel8 Status: NEW Whiteboard: {"flaws": ["97167560-5733-42ec-a135-f00f7dde8055"]} Component: python-django3 Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: michel(a)michel-slm.name Reporter: ahanwate(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, michel(a)michel-slm.name Blocks: 2364980 Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=2364980 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2365039 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 1

[Bug 2252960] New: Handle correctly 'NO FOUND' in memached delete method
by bugzilla＠redhat.com 09 Jun '26

09 Jun '26

https://bugzilla.redhat.com/show_bug.cgi?id=2252960 Bug ID: 2252960 Summary: Handle correctly 'NO FOUND' in memached delete method Product: Fedora EPEL Version: epel8 Status: NEW Component: python-django3 Assignee: michel(a)michel-slm.name Reporter: zhechka.toteva(a)cern.ch QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, michel(a)michel-slm.name Target Milestone: --- Classification: Fedora Created attachment 2002824 --> https://bugzilla.redhat.com/attachment.cgi?id=2002824&action=edit patch that fixes the bug Description of problem: Version-Release number of selected component (if applicable): python3-django3-3.2.20-1.el8.noarch How reproducible: With python-memcached 1.58.8 present in EPEL8 if a non-existing key is attempted for deletion it raises an error ``` File "/usr/lib/python3.6/site-packages/memcache.py", line 584, in _deletetouch % (cmd, ' or '.join(expected), line)) ``` Actual results: Expected results: Additional info: The fix is attached. The bug officially was fixed in 4.1, by commit https://github.com/django/django/commit/05f3a6186efefc9fca2204a745b992501c6… Cheers Zhechka -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2252960 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 1

[Bug 2369051] New: [abrt] gnome-calendar: gtk_list_box_row_get_child(): gnome-calendar killed by SIGSEGV
by bugzilla＠redhat.com 08 Jun '26

08 Jun '26

https://bugzilla.redhat.com/show_bug.cgi?id=2369051 Bug ID: 2369051 Summary: [abrt] gnome-calendar: gtk_list_box_row_get_child(): gnome-calendar killed by SIGSEGV Product: Fedora Version: 42 Hardware: x86_64 Status: NEW Whiteboard: abrt_hash:ca7a59a53752557e80062383671d27cc665e7a45;VAR IANT_ID=workstation; Component: gnome-calendar Assignee: gnome-sig(a)lists.fedoraproject.org Reporter: prd-fedora(a)nobig5.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, gnome-sig(a)lists.fedoraproject.org, igor.raits(a)gmail.com, kalevlember(a)gmail.com Target Milestone: --- Classification: Fedora Description of problem: I just advanced to the next month/week. Seems like there might be a bad event in the near future? Version-Release number of selected component: gnome-calendar-48.1-1.fc42 Additional info: reporter: libreport-2.17.15 cgroup: 0::/user.slice/user-13013.slice/user@13013.service/app.slice/dbus-daemon.service journald_cursor: s=9326cb40d2134d7197ef17a678529923;i=2d85d68;b=242e2c9fc689463e86fc2dff80005f22;m=23209710f7;t=63635ca6fa883;x=49a84b00651e8151 dso_list: /usr/bin/gnome-calendar gnome-calendar-48.1-1.fc42.x86_64 (Fedora Project) 1747020279 cmdline: /usr/bin/gnome-calendar --gapplication-service package: gnome-calendar-48.1-1.fc42 crash_function: gtk_list_box_row_get_child type: CCpp backtrace_rating: 4 comment: I just advanced to the next month/week. Seems like there might be a bad event in the near future? executable: /usr/bin/gnome-calendar reason: gnome-calendar killed by SIGSEGV rootdir: / runlevel: N 5 kernel: 6.14.6-300.fc42.x86_64 Truncated backtrace: Thread no. 1 (8 frames) #0 gtk_list_box_row_get_child at ../gtk/gtklistbox.c:3360 #1 gcal_agenda_view_remove_event at ../src/gui/views/gcal-agenda-view.c:636 #2 remove_event_from_subscriber at ../src/core/gcal-timeline.c:255 #3 timeline_source_dispatch at ../src/core/gcal-timeline.c:795 #5 g_main_context_dispatch_unlocked at ../glib/gmain.c:4249 #6 g_main_context_iterate_unlocked at ../glib/gmain.c:4314 #7 g_main_context_iteration at ../glib/gmain.c:4379 #8 g_application_run at ../gio/gapplication.c:2715 Potential duplicate: bug 2255116 -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2369051 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 4

[Bug 2367646] New: nut-scanner missing libraries
by bugzilla＠redhat.com 08 Jun '26

08 Jun '26

https://bugzilla.redhat.com/show_bug.cgi?id=2367646 Bug ID: 2367646 Summary: nut-scanner missing libraries Product: Fedora Version: 42 Hardware: x86_64 URL: https://forums.fedoraforum.org/showthread.php?332980-I f-you-re-trying-to-configure-NUT-(Network-UPS-Tool) OS: Linux Status: NEW Component: nut Severity: medium Assignee: mhlavink(a)redhat.com Reporter: jorgeml(a)jorgeml.me QA Contact: extras-qa(a)fedoraproject.org CC: cra(a)fea.st, epel-packagers-sig(a)lists.fedoraproject.org, extras-qa(a)fedoraproject.org, james(a)greycastle.net, jonathan(a)almalinux.org, jorgeml(a)jorgeml.me, mhlavink(a)redhat.com, orion(a)nwra.com, scott(a)scottknight.com, tim(a)timblundell.com Target Milestone: --- Link ID: Github networkupstools/nut/issues/2431 Classification: Fedora +++ This bug was initially created as a clone of Bug #2325505 +++ Missing libraries for nut-scanner in nut-2.8.2-1.fc40.x86_64: Cannot load USB library (libusb-1.0.so) : file not found. USB search disabled. Cannot load SNMP library (libnetsnmp.so) : file not found. SNMP search disabled. Cannot load XML library (libneon.so) : file not found. XML search disabled. Cannot load AVAHI library (libavahi-client.so) : file not found. AVAHI search disabled. Cannot load IPMI library (libfreeipmi.so) : file not found. IPMI search disabled. Cannot load NUT library (libupsclient.so) : file not found. NUT search disabled. Reproducible: Always Steps to Reproduce: 1.Run nut-scanner as root Actual Results: Cannot load USB library (libusb-1.0.so) : file not found. USB search disabled. Cannot load SNMP library (libnetsnmp.so) : file not found. SNMP search disabled. Cannot load XML library (libneon.so) : file not found. XML search disabled. Cannot load AVAHI library (libavahi-client.so) : file not found. AVAHI search disabled. Cannot load IPMI library (libfreeipmi.so) : file not found. IPMI search disabled. Cannot load NUT library (libupsclient.so) : file not found. NUT search disabled. No start IP, skipping NUT bus (old connect method) Scanning NUT simulation devices. Expected Results: Unknown https://forums.fedoraforum.org/showthread.php?332980-If-you-re-trying-to-co… Link above shows how to resolve. Can this be corrected by whomever is preparing the package? --- Additional comment from Jorge Martínez López on 2025-03-10 18:07:43 GMT --- Upstream issue, including workaround: https://github.com/networkupstools/nut/issues/2431 Unfortunately the workaround doesn't work on Fedora IOT, /usr being read-only. --- Additional comment from Aoife Moloney on 2025-04-28 16:22:31 BST --- This message is a reminder that Fedora Linux 40 is nearing its end of life. Fedora will stop maintaining and issuing updates for Fedora Linux 40 on 2025-05-13. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a 'version' of '40'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, change the 'version' to a later Fedora Linux version. Note that the version field may be hidden. Click the "Show advanced fields" button if you do not see it. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora Linux 40 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora Linux, you are encouraged to change the 'version' to a later version prior to this bug being closed. --- Additional comment from Jorge Martínez López on 2025-04-28 19:09:41 BST --- Still present in F42: # nut-scanner Cannot load USB library (libusb-1.0.so) : file not found. USB search disabled. Cannot load SNMP library (libnetsnmp.so) : file not found. SNMP search disabled. Cannot load XML library (libneon.so) : file not found. XML search disabled. Cannot load AVAHI library (libavahi-client.so) : file not found. AVAHI search disabled. Cannot load IPMI library (libfreeipmi.so) : file not found. IPMI search disabled. Cannot load NUT library (libupsclient.so) : file not found. NUT search disabled. Scanning NUT simulation devices. nut-2.8.2.1-4.fc42.1.git20240703pr2505.aarch64 As I'm not the original reporter it seems I can't change the release in the bug report. --- Additional comment from Aoife Moloney on 2025-05-20 21:11:13 BST --- Fedora Linux 40 entered end-of-life (EOL) status on 2025-05-13. Fedora Linux 40 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora Linux please feel free to reopen this bug against that version. Note that the version field may be hidden. Click the "Show advanced fields" button if you do not see the version field. If you are unable to reopen this bug, please file a new report against an active release. Thank you for reporting this bug and we are sorry it could not be fixed. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2367646 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 2

2026

2025

2024

2023

2022

2021

Epel-packagers-sig May 2025