May 2025 - Epel-packagers-sig - Fedora mailing-lists

[Bug 2333628] New: python-tmuxp-1.50.0 is available
by bugzilla＠redhat.com 24 Jan '26

24 Jan '26

https://bugzilla.redhat.com/show_bug.cgi?id=2333628 Bug ID: 2333628 Summary: python-tmuxp-1.50.0 is available Product: Fedora Version: rawhide Status: NEW Component: python-tmuxp Keywords: FutureFeature, Triaged Assignee: michel(a)michel-slm.name Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: davide(a)cavalca.name, epel-packagers-sig(a)lists.fedoraproject.org, michel(a)michel-slm.name, python-packagers-sig(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora Releases retrieved: 1.50.0 Upstream release that is considered latest: 1.50.0 Current version/release in rawhide: 1.49.0-2.fc42 URL: https://pypi.org/project/tmuxp/1.5.4 Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/39311/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/python-tmuxp -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2333628 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 18

[Bug 2364284] New: CVE-2025-46728 cpp-httplib: cpp-httplib has Unbounded Memory Allocation in Chunked/No-Length Requests [fedora-42]
by bugzilla＠redhat.com 21 Jan '26

21 Jan '26

https://bugzilla.redhat.com/show_bug.cgi?id=2364284 Bug ID: 2364284 Summary: CVE-2025-46728 cpp-httplib: cpp-httplib has Unbounded Memory Allocation in Chunked/No-Length Requests [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["01fb962b-0af2-4cde-81a7-2ce8beff6043"]} Component: cpp-httplib Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: pemensik(a)redhat.com Reporter: ahanwate(a)redhat.com CC: epel-packagers-sig(a)lists.fedoraproject.org, orion(a)nwra.com, pemensik(a)redhat.com Blocks: 2364271 Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=2364271 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2364284 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 3

[Bug 2338561] New: cpp-httplib-0.18.4 is available
by bugzilla＠redhat.com 21 Jan '26

21 Jan '26

https://bugzilla.redhat.com/show_bug.cgi?id=2338561 Bug ID: 2338561 Summary: cpp-httplib-0.18.4 is available Product: Fedora Version: rawhide Status: NEW Component: cpp-httplib Keywords: FutureFeature, Triaged Assignee: pemensik(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, orion(a)nwra.com, pemensik(a)redhat.com Target Milestone: --- Classification: Fedora Releases retrieved: 0.18.4 Upstream release that is considered latest: 0.18.4 Current version/release in rawhide: 0.18.3-1.fc42 URL: https://github.com/yhirose/cpp-httplib Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/274636/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/cpp-httplib -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2338561 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 23

[Bug 2364281] New: CVE-2025-46728 cpp-httplib: cpp-httplib has Unbounded Memory Allocation in Chunked/No-Length Requests [epel-9]
by bugzilla＠redhat.com 21 Jan '26

21 Jan '26

https://bugzilla.redhat.com/show_bug.cgi?id=2364281 Bug ID: 2364281 Summary: CVE-2025-46728 cpp-httplib: cpp-httplib has Unbounded Memory Allocation in Chunked/No-Length Requests [epel-9] Product: Fedora EPEL Version: epel9 Status: NEW Whiteboard: {"flaws": ["01fb962b-0af2-4cde-81a7-2ce8beff6043"]} Component: cpp-httplib Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: pemensik(a)redhat.com Reporter: ahanwate(a)redhat.com CC: epel-packagers-sig(a)lists.fedoraproject.org, orion(a)nwra.com, pemensik(a)redhat.com Blocks: 2364271 Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=2364271 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2364281 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 4

[Bug 2363017] New: rocksdb-10.2.1 is available
by bugzilla＠redhat.com 21 Jan '26

21 Jan '26

https://bugzilla.redhat.com/show_bug.cgi?id=2363017 Bug ID: 2363017 Summary: rocksdb-10.2.1 is available Product: Fedora Version: rawhide Status: NEW Component: rocksdb Keywords: FutureFeature, Triaged Assignee: hegjon(a)gmail.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: davide(a)cavalca.name, epel-packagers-sig(a)lists.fedoraproject.org, hegjon(a)gmail.com, kkeithle(a)redhat.com, lemenkov(a)gmail.com, mmuzila(a)redhat.com Target Milestone: --- Classification: Fedora Releases retrieved: 10.2.1 Upstream release that is considered latest: 10.2.1 Current version/release in rawhide: 10.1.3-1.fc43 URL: https://github.com/facebook/rocksdb Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/15560/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/rocksdb -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2363017 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 19

[Bug 2210415] New: gajim-1.8.0 is available
by bugzilla＠redhat.com 20 Jan '26

20 Jan '26

https://bugzilla.redhat.com/show_bug.cgi?id=2210415 Bug ID: 2210415 Summary: gajim-1.8.0 is available Product: Fedora Version: rawhide Status: NEW Component: gajim Keywords: FutureFeature, Triaged Assignee: mschmidt(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, lemenkov(a)gmail.com, mschmidt(a)redhat.com, redhat-bugzilla(a)linuxnetz.de, suraia(a)ikkoku.de Target Milestone: --- Classification: Fedora Releases retrieved: 1.8.0 Upstream release that is considered latest: 1.8.0 Current version/release in rawhide: 1.7.3-2.fc39 URL: https://gajim.org/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/870/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/gajim -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2210415

1 94

[Bug 2362228] New: jackson-parent-2.19 is available
by bugzilla＠redhat.com 18 Jan '26

18 Jan '26

https://bugzilla.redhat.com/show_bug.cgi?id=2362228 Bug ID: 2362228 Summary: jackson-parent-2.19 is available Product: Fedora Version: rawhide Status: NEW Component: jackson-parent Keywords: FutureFeature, Triaged Assignee: mfargett(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: ckelley(a)redhat.com, edewata(a)redhat.com, epel-packagers-sig(a)lists.fedoraproject.org, java-sig-commits(a)lists.fedoraproject.org, mfargett(a)redhat.com, michel(a)michel-slm.name, puntogil(a)libero.it Target Milestone: --- Classification: Fedora Releases retrieved: 2.19 Upstream release that is considered latest: 2.19 Current version/release in rawhide: 2.18.1-2.fc42 URL: https://github.com/FasterXML/jackson-parent Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/7567/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/jackson-parent -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2362228 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 5

[Bug 2349114] New: jackson-databind-2.18.3 is available
by bugzilla＠redhat.com 18 Jan '26

18 Jan '26

https://bugzilla.redhat.com/show_bug.cgi?id=2349114 Bug ID: 2349114 Summary: jackson-databind-2.18.3 is available Product: Fedora Version: rawhide Status: NEW Component: jackson-databind Keywords: FutureFeature, Triaged Assignee: mfargett(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: ckelley(a)redhat.com, edewata(a)redhat.com, epel-packagers-sig(a)lists.fedoraproject.org, java-sig-commits(a)lists.fedoraproject.org, mfargett(a)redhat.com, michel(a)michel-slm.name, puntogil(a)libero.it Target Milestone: --- Classification: Fedora Releases retrieved: 2.18.3 Upstream release that is considered latest: 2.18.3 Current version/release in rawhide: 2.18.2-2.fc42 URL: https://github.com/FasterXML/jackson-databind/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/10963/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/jackson-databind -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2349114 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 6

[Bug 2349112] New: jackson-bom-2.18.3 is available
by bugzilla＠redhat.com 18 Jan '26

18 Jan '26

https://bugzilla.redhat.com/show_bug.cgi?id=2349112 Bug ID: 2349112 Summary: jackson-bom-2.18.3 is available Product: Fedora Version: rawhide Status: NEW Component: jackson-bom Keywords: FutureFeature, Triaged Assignee: mfargett(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: ckelley(a)redhat.com, edewata(a)redhat.com, epel-packagers-sig(a)lists.fedoraproject.org, mfargett(a)redhat.com, michel(a)michel-slm.name Target Milestone: --- Classification: Fedora Releases retrieved: 2.18.3 Upstream release that is considered latest: 2.18.3 Current version/release in rawhide: 2.18.2-2.fc42 URL: https://github.com/FasterXML/jackson-bom Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/351854/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/jackson-bom -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2349112 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 6

[Bug 2349113] New: jackson-core-2.18.3 is available
by bugzilla＠redhat.com 18 Jan '26

18 Jan '26

https://bugzilla.redhat.com/show_bug.cgi?id=2349113 Bug ID: 2349113 Summary: jackson-core-2.18.3 is available Product: Fedora Version: rawhide Status: NEW Component: jackson-core Keywords: FutureFeature, Triaged Assignee: mfargett(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: ckelley(a)redhat.com, edewata(a)redhat.com, epel-packagers-sig(a)lists.fedoraproject.org, java-sig-commits(a)lists.fedoraproject.org, mfargett(a)redhat.com, michel(a)michel-slm.name, puntogil(a)libero.it Target Milestone: --- Classification: Fedora Releases retrieved: 2.18.3 Upstream release that is considered latest: 2.18.3 Current version/release in rawhide: 2.18.2-2.fc42 URL: https://github.com/FasterXML/jackson-core Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/10962/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/jackson-core -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2349113 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 6

2026

2025

2024

2023

2022

2021

Epel-packagers-sig May 2025