Fedora 42 openQA Update for lodash Important Protection CVE-2025-13465

openQA is a testing framework that allows you to test GUI applications on one

hand and bootloader and kernel on the other. In both cases, it is difficult to

script tests and verify the output. Output can be a popup window or it can be

an error in early boot even before init is executed.

openQA is an automated test tool that makes it possible to test the whole

installation process of an operating system. It uses virtual machines to

reproduce the process, check the output (both serial console and screen) in

every step and send the necessary keystrokes and commands to proceed to the

next. openQA can check whether the system can be installed, whether it works

properly in 'live' mode, whether applications work or whether the system

responds as expected to different installation options and commands.

Even more importantly, openQA can run several combinations of tests for every

revision of the operating system, reporting the errors detected for each

combination of hardware configuration, installation options and variant of the

operating system.

This update bumps the bundled lodash to 4.17.23 to ensure openQA is protected against CVE-2025-13465. It likely was not vulnerable in any case, though, as I don't believe the vulnerable codepaths were exposed by openQA's use of lodash.