python-setuptools-69.2.0-10.fc41
FEDORA-2025-1746085e78
Packages in this update:
- python-setuptools-69.2.0-10.fc41
Security fix for CVE-2025-47273
Aggregator
python-setuptools-74.1.3-7.fc42
FEDORA-2025-1c17f3520b
Packages in this update:
- python-setuptools-74.1.3-7.fc42
Security fix for CVE-2025-47273
USN-7555-2: Django vulnerability
USN-7555-1 fixed vulnerabilities in Django. The fix was incomplete.
This update applies an additional patch to fix it properly.
Original advisory details:
It was discovered that Django incorrectly handled certain
unescaped request paths. An attacker could possibly use this
issue to perform a log injection.
USN-7570-1: Python vulnerabilities
It was discovered that Python incorrectly handled certain unicode
characters during decoding. An attacker could possibly use this issue to
cause a denial of service. (CVE-2025-4516)
It was discovered that Python incorrectly handled unicode encoding of email
headers with list separators in folded lines. An attacker could possibly
use this issue to expose sensitive information. (CVE-2025-1795)
USN-7536-2: cifs-utils regression
USN-7536-1 fixed vulnerabilities in cifs-utils. This update introduced a
regression in certain environments. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that cifs-utils incorrectly handled namespaces when
obtaining Kerberos credentials. An attacker could possibly use this issue
to obtain sensitive information.
atuin-18.3.0-4.el9
FEDORA-EPEL-2025-3a9b0a638b
Packages in this update:
- atuin-18.3.0-4.el9
Rebuild applications to apply two recent security updates:
- build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded)
- build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double-free on Drop)
atuin-18.3.0-4.fc41 awatcher-0.3.1-2.fc41 gotify-desktop-1.3.7-5.fc41 keylime-agent-rust-0.2.7-5.fc41 mirrorlist-server-3.0.7-7.fc41
FEDORA-2025-297c7ac7fe
Packages in this update:
- atuin-18.3.0-4.fc41
- awatcher-0.3.1-2.fc41
- gotify-desktop-1.3.7-5.fc41
- keylime-agent-rust-0.2.7-5.fc41
- mirrorlist-server-3.0.7-7.fc41
Rebuild applications to apply two recent security updates:
- build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded)
- build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double-free on Drop)
atuin-18.3.0-4.fc42 awatcher-0.3.1-2.fc42 gotify-desktop-1.3.7-5.fc42 mirrorlist-server-3.0.7-7.fc42
FEDORA-2025-8a18a5a077
Packages in this update:
- atuin-18.3.0-4.fc42
- awatcher-0.3.1-2.fc42
- gotify-desktop-1.3.7-5.fc42
- mirrorlist-server-3.0.7-7.fc42
Rebuild applications to apply two recent security updates:
- build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded)
- build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double-free on Drop)
atuin-18.3.0-4.fc43 awatcher-0.3.1-2.fc43 gotify-desktop-1.3.7-5.fc43 mirrorlist-server-3.0.7-7.fc43
FEDORA-2025-9f8cbb5e03
Packages in this update:
- atuin-18.3.0-4.fc43
- awatcher-0.3.1-2.fc43
- gotify-desktop-1.3.7-5.fc43
- mirrorlist-server-3.0.7-7.fc43
Rebuild applications to apply two recent security updates:
- build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded)
- build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double-free on Drop)
next-20250616: linux-next
Version:next-20250616 (linux-next)
Released:2025-06-16
USN-7569-1: Dojo vulnerabilities
It was discovered that Dojo did not correctly handle DataGrids. An
attacker could possibly use this issue to execute arbitrary code. This
issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
(CVE-2018-15494)
It was discovered that Dojo was vulnerable to prototype pollution. An
attacker could possibly use this issue to execute arbitrary code.
(CVE-2021-23450)
Jonathan Leitschuh discovered that Dojo did not correctly sanitize
certain inputs. An attacker could possibly use this issue to execute a
cross-site scripting (XSS) attack. This issue only affected
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2019-10785, CVE-2020-4051)
USN-7568-1: Requests vulnerabilities
Dennis Brinkrolf and Tobias Funke discovered that Requests did not
correctly handle certain HTTP headers. A remote attacker could possibly
use this issue to leak sensitive information. This issue only affected
Ubuntu 14.04 LTS. (CVE-2023-32681)
Juho Forsén discovered that Requests did not correctly parse URLs. A
remote attacker could possibly use this issue to leak sensitive
information. (CVE-2024-47081)
6.16-rc2: mainline
Version:6.16-rc2 (mainline)
Released:2025-06-15
Source:linux-6.16-rc2.tar.gz
Patch:full (incremental)
optipng-7.9.1-1.fc42
FEDORA-2025-6b4a9c1dd1
Packages in this update:
- optipng-7.9.1-1.fc42
Update to 7.9.1
optipng-7.9.1-1.fc41
FEDORA-2025-0533c67535
Packages in this update:
- optipng-7.9.1-1.fc41
Update to 7.9.1
optipng-7.9.1-1.el10_1
FEDORA-EPEL-2025-c5e2b2171e
Packages in this update:
- optipng-7.9.1-1.el10_1
Update to 7.9.1
optipng-7.9.1-1.el9
FEDORA-EPEL-2025-b08324ec24
Packages in this update:
- optipng-7.9.1-1.el9
Update to 7.9.1
mingw-glib2-2.84.3-1.fc42
FEDORA-2025-60e9097b77
Packages in this update:
- mingw-glib2-2.84.3-1.fc42
FIx CVE-2025-6052.
mingw-glib2-2.82.5-1.fc41
FEDORA-2025-2c1425a4e4
Packages in this update:
- mingw-glib2-2.82.5-1.fc41
FIx CVE-2025-6052.
mingw-python-setuptools-78.1.1-1.fc42
FEDORA-2025-db489d66e3
Packages in this update:
- mingw-python-setuptools-78.1.1-1.fc42
Update to 78.1.1, fixes CVE-2025-47273.