stable

ruff-0.14.2-1.el10_2, rust-astral-tokio-tar-0.5.6-1.el10_2, & 32 more

FEDORA-EPEL-2025-d12b62c436 created by music a month ago for Fedora EPEL 10.2

uv 0.9.5

https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md

Since uv was built with astral-tokio-tar 0.5.6, this is a security fix for CVE-2025-62518.

ruff 0.14.2

https://github.com/astral-sh/ruff/blob/0.14.2/CHANGELOG.md

rust-astral-tokio-tar 0.5.6

  • Fixed a parser desynchronization vulnerability when reading tar archives that contain mismatched size information in PAX/ustar headers.

    This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx and CVE-2025-62518.

Initial packages for a number of new dependencies for ruff and uv, and initial EPEL10 packages for a few of their dependencies.

Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1.

This update's test gating status has been changed to 'waiting'.

a month ago

This update's test gating status has been changed to 'ignored'.

a month ago

This update has been submitted for testing by bodhi.

a month ago

This update has been pushed to testing.

a month ago

music edited this update.

New build(s):

  • rust-trybuild2-1.2.0-5.el10_2
  • rust-basic-toml-0.1.10-2.el10_2
  • rust-derive_more-2.0.1-3.el10_2
  • rust-derive_more-impl-2.0.1-2.el10_2
  • rust-attribute-derive-macro-0.10.5-1.el10_2
  • rust-attribute-derive-0.10.5-1.el10_2
  • rust-quote-use-macros-0.8.4-1.el10_2
  • rust-collection_literals-1.0.3-1.el10_2
  • rust-interpolator-0.5.0-3.el10_2
  • rust-proc-macro-utils-0.10.0-1.el10_2
  • rust-manyhow-0.11.4-1.el10_2
  • rust-manyhow-macros-0.11.4-1.el10_2
  • rust-quote-use-0.8.4-2.el10_2
  • rust-tikv-jemallocator-0.6.1-1.el10_2
  • rust-tikv-jemalloc-sys-0.6.1-1.el10_2

Karma has been reset.

a month ago

This update has been submitted for testing by music.

a month ago

This update has been pushed to testing.

a month ago

music edited this update.

New build(s):

  • rust-get-size2-0.7.0-2.el10_2
  • rust-get-size-derive2-0.7.0-1.el10_2

Karma has been reset.

a month ago

This update has been submitted for testing by music.

a month ago

This update has been pushed to testing.

a month ago

music edited this update.

New build(s):

  • rust-intrusive-collections-0.9.7-3.el10_2

Karma has been reset.

a month ago

This update has been submitted for testing by music.

a month ago

music edited this update.

a month ago

This update has been pushed to testing.

a month ago

music edited this update.

New build(s):

  • ruff-0.14.1-1.el10_2
  • rust-backon-1.5.2-2.el10_2

Karma has been reset.

a month ago

This update has been submitted for testing by music.

a month ago

music edited this update.

New build(s):

  • rust-astral-tokio-tar-0.5.6-1.el10_2

Karma has been reset.

a month ago

music edited this update.

New build(s):

  • rust-rust-ini-0.21.3-1.el10_2
  • rust-reqsign-0.17.0-1.el10_2

Removed build(s):

  • rust-rust-ini-0.21.2-2.el10_2

Karma has been reset.

a month ago

This update has been pushed to testing.

a month ago

music edited this update.

New build(s):

  • uv-0.8.24-1.el10_2

Karma has been reset.

a month ago

This update has been submitted for testing by music.

a month ago

music edited this update.

New build(s):

  • uv-0.8.24-3.el10_2

Removed build(s):

  • uv-0.8.24-1.el10_2

Karma has been reset.

a month ago

This update has been pushed to testing.

a month ago

music edited this update.

a month ago

music edited this update.

New build(s):

  • ruff-0.14.2-1.el10_2

Removed build(s):

  • ruff-0.14.1-1.el10_2

Karma has been reset.

a month ago

This update has been submitted for testing by music.

a month ago

This update has been pushed to testing.

a month ago

music edited this update.

New build(s):

  • uv-0.9.5-1.el10_2
  • rust-reqsign-0.18.0-1.el10_2
  • rust-reqsign-aws-v4-2.0.0-1.el10_2
  • rust-reqsign-command-execute-tokio-2.0.0-1.el10_2
  • rust-reqsign-http-send-reqwest-2.0.0-1.el10_2
  • rust-reqsign-file-read-tokio-2.0.0-1.el10_2
  • rust-reqsign-core-2.0.0-1.el10_2

Removed build(s):

  • rust-reqsign-0.17.0-1.el10_2
  • rust-reqsign-aws-v4-1.0.0-1.el10_2
  • rust-reqsign-command-execute-tokio-1.0.0-1.el10_2
  • rust-reqsign-core-1.0.0-1.el10_2
  • rust-reqsign-file-read-tokio-1.0.0-1.el10_2
  • rust-reqsign-http-send-reqwest-1.0.0-1.el10_2
  • uv-0.8.24-3.el10_2

Karma has been reset.

a month ago

This update has been submitted for testing by music.

a month ago

music edited this update.

New build(s):

  • rust-backon-1.6.0-1.el10_2

Removed build(s):

  • rust-backon-1.5.2-2.el10_2

Karma has been reset.

a month ago
User Icon music commented & provided feedback a month ago

With ruff and uv now both fully up to date, I’m going to try to stop editing this so that it can go stable.

This update has been pushed to testing.

a month ago

This update has been submitted for stable by bodhi.

a month ago

This update has been pushed to stable.

a month ago

Please log in to add feedback.

Metadata
Type
security
Severity
low
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
a month ago
in testing
a month ago
in stable
a month ago
modified
a month ago
approved
a month ago
Builds
34
ruff-0.14.2-1.el10_2
rust-astral-tokio-tar-0.5.6-1.el10_2
rust-attribute-derive-0.10.5-1.el10_2
rust-attribute-derive-macro-0.10.5-1.el10_2
rust-backon-1.6.0-1.el10_2
rust-basic-toml-0.1.10-2.el10_2
rust-collection_literals-1.0.3-1.el10_2
rust-derive_more-2.0.1-3.el10_2
rust-derive_more-impl-2.0.1-2.el10_2
rust-dlv-list-0.5.2-2.el10_2
rust-dotenv-0.15.0-16.el10_2
rust-get-size2-0.7.0-2.el10_2
rust-get-size-derive2-0.7.0-1.el10_2
rust-interpolator-0.5.0-3.el10_2
rust-intrusive-collections-0.9.7-3.el10_2
rust-macro_rules_attribute-0.2.2-2.el10_2
rust-macro_rules_attribute-proc_macro-0.2.2-2.el10_2
rust-manyhow-0.11.4-1.el10_2
rust-manyhow-macros-0.11.4-1.el10_2
rust-ordered-multimap-0.7.3-2.el10_2
rust-proc-macro-utils-0.10.0-1.el10_2
rust-quote-use-0.8.4-2.el10_2
rust-quote-use-macros-0.8.4-1.el10_2
rust-reqsign-0.18.0-1.el10_2
rust-reqsign-aws-v4-2.0.0-1.el10_2
rust-reqsign-command-execute-tokio-2.0.0-1.el10_2
rust-reqsign-core-2.0.0-1.el10_2
rust-reqsign-file-read-tokio-2.0.0-1.el10_2
rust-reqsign-http-send-reqwest-2.0.0-1.el10_2
rust-rust-ini-0.21.3-1.el10_2
rust-tikv-jemallocator-0.6.1-1.el10_2
rust-tikv-jemalloc-sys-0.6.1-1.el10_2
rust-trybuild2-1.2.0-5.el10_2
uv-0.9.5-1.el10_2
BZ#2360699 ruff-0.14.1 is available
0
0
BZ#2402441 rust-reqsign-core-2.0.0 is available
0
0
BZ#2402442 rust-reqsign-command-execute-tokio-2.0.0 is available
0
0
BZ#2402443 rust-reqsign-http-send-reqwest-2.0.0 is available
0
0
BZ#2402923 uv-0.9.5 is available
0
0
BZ#2405468 CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar Vulnerable to PAX Header Desynchronization [epel-10]
0
0
BZ#2405469 CVE-2025-62518 uv: astral-tokio-tar Vulnerable to PAX Header Desynchronization [epel-10]
0
0
BZ#2406135 ruff-0.14.2 is available
0
0
ruff-0.14.2-1.el10_2
rust-astral-tokio-tar-0.5.6-1.el10_2
rust-attribute-derive-0.10.5-1.el10_2
rust-attribute-derive-macro-0.10.5-1.el10_2
rust-backon-1.6.0-1.el10_2
rust-basic-toml-0.1.10-2.el10_2
rust-collection_literals-1.0.3-1.el10_2
rust-derive_more-2.0.1-3.el10_2
rust-derive_more-impl-2.0.1-2.el10_2
rust-dlv-list-0.5.2-2.el10_2
rust-dotenv-0.15.0-16.el10_2
rust-get-size2-0.7.0-2.el10_2
rust-get-size-derive2-0.7.0-1.el10_2
rust-interpolator-0.5.0-3.el10_2
rust-intrusive-collections-0.9.7-3.el10_2
rust-macro_rules_attribute-0.2.2-2.el10_2
rust-macro_rules_attribute-proc_macro-0.2.2-2.el10_2
rust-manyhow-0.11.4-1.el10_2
rust-manyhow-macros-0.11.4-1.el10_2
rust-ordered-multimap-0.7.3-2.el10_2
rust-proc-macro-utils-0.10.0-1.el10_2
rust-quote-use-0.8.4-2.el10_2
rust-quote-use-macros-0.8.4-1.el10_2
rust-reqsign-0.18.0-1.el10_2
rust-reqsign-aws-v4-2.0.0-1.el10_2
rust-reqsign-command-execute-tokio-2.0.0-1.el10_2
rust-reqsign-core-2.0.0-1.el10_2
rust-reqsign-file-read-tokio-2.0.0-1.el10_2
rust-reqsign-http-send-reqwest-2.0.0-1.el10_2
rust-rust-ini-0.21.3-1.el10_2
rust-tikv-jemallocator-0.6.1-1.el10_2
rust-tikv-jemalloc-sys-0.6.1-1.el10_2
rust-trybuild2-1.2.0-5.el10_2
uv-0.9.5-1.el10_2

Automated Test Results

Copyright © 2007-2025 Red Hat, Inc. and others.

Running bodhi-server 25.11.2 on bodhi-web-12-sgbl5.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy