Aggregator

FEDORA-2025-324c3261b1 Packages in this update:

• mingw-qt5-qtsvg-5.15.17-3.fc41
• mingw-qt6-qtsvg-6.8.3-2.fc41

Update description:

Backport fix for CVE-2025-10729.

FEDORA-2025-f11955cbd4 Packages in this update:

• mingw-qt5-qtsvg-5.15.17-3.fc43
• mingw-qt6-qtsvg-6.9.2-2.fc43

Update description:

Backport fix for CVE-2025-10729.

FEDORA-2025-ec083036ae Packages in this update:

• mingw-python3-3.11.14-1.fc43

Update description:

Update to python-3.11.14, fixes CVE-2025-8291.

FEDORA-2025-ccc3e0a219 Packages in this update:

• mingw-python3-3.11.14-1.fc42

Update description:

Update to python-3.11.14, fixes CVE-2025-8291.

FEDORA-2025-d94c21c98f Packages in this update:

• mingw-python3-3.11.14-1.fc41

Update description:

Update to python-3.11.14, fixes CVE-2025-8291.

FEDORA-2025-c2fa2eb17c Packages in this update:

• runc-1.3.2-1.fc41

Update description:

Update to release v1.3.2

FEDORA-2025-c4d00e29b7 Packages in this update:

• runc-1.3.2-1.fc42

Update description:

Update to release v1.3.2

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

FEDORA-2025-44ccc989e1 Packages in this update:

• runc-1.3.2-1.fc43

Update description:

Update to release v1.3.2

FEDORA-2025-d5eb72768a Packages in this update:

• dovecot-2.4.1-6.fc44

Update description:

Automatic update for dovecot-2.4.1-6.fc44.

Changelog * Thu Oct 9 2025 Michal Hlavinka <mhlavink@redhat.com> - 1:2.4.1-6 - fix CVE-2025-30189: users would end up overwriting each other in cache (rhbz#2402122)

FEDORA-2025-6e5c27d218 Packages in this update:

• rubygem-actioncable-8.0.3-1.fc44
• rubygem-actionmailbox-8.0.3-1.fc44
• rubygem-actionmailer-8.0.3-1.fc44
• rubygem-actionpack-8.0.3-1.fc44
• rubygem-actiontext-8.0.3-1.fc44
• rubygem-actionview-8.0.3-1.fc44
• rubygem-activejob-8.0.3-1.fc44
• rubygem-activemodel-8.0.3-1.fc44
• rubygem-activerecord-8.0.3-1.fc44
• rubygem-activestorage-8.0.3-1.fc44
• rubygem-activesupport-8.0.3-1.fc44
• rubygem-rails-8.0.3-1.fc44
• rubygem-railties-8.0.3-1.fc44

Update description:

Update to Ruby on Rails 8.0.3

• Fix CVE-2025-24293: Active Storage allowed transformation methods potentially unsafe
• Fix CVE-2025-55193: ANSI escape injection in Active Record logging

It was discovered that DPDK incorrectly handled the mlx5 Ethernet poll mode driver. An attacker could possibly use this issue to obtain sensitive information, or cause the network interface to crash, resulting in a denial of service.

Version:next-20251009 (linux-next) Released:2025-10-09

FEDORA-EPEL-2025-ead145711a Packages in this update:

• qt5-qtsvg-5.15.17-2.el10_2

Update description:

Fix CVE-2025-10729

FEDORA-2025-753bfca24c Packages in this update:

• qt5-qtsvg-5.15.17-2.fc41

Update description:

Fix CVE-2025-10729

FEDORA-2025-e9d4da200a Packages in this update:

• qt5-qtsvg-5.15.17-3.fc43

Update description:

Fix CVE-2025-10729

FEDORA-2025-151117f1f8 Packages in this update:

• qt5-qtsvg-5.15.17-2.fc42

Update description:

Fix CVE-2025-10729

FEDORA-2025-fa8d0fb866 Packages in this update:

• fetchmail-6.5.6-1.fc41

Update description:

Update to fetchmail-6.5.6 (CVE-2025-61962)

FEDORA-2025-ab3c40c1f4 Packages in this update:

• fetchmail-6.5.6-1.fc42

Update description:

Update to fetchmail-6.5.6 (CVE-2025-61962)

FEDORA-2025-891d4dd5d6 Packages in this update:

• fetchmail-6.5.6-1.fc43

Update description:

Update to fetchmail-6.5.6 (CVE-2025-61962)