Aggregator

FEDORA-2025-66fb3fa6b0 Packages in this update:

• bind-9.18.41-1.fc43
• bind-dyndb-ldap-11.11-8.fc43

Update description: Update to 9.18.41 (rhbz#2405786) Security fixes:

• DNSSEC validation fails if matching but invalid DNSKEY is found. (CVE-2025-8677)
• Address various spoofing attacks. (CVE-2025-40778)
• Cache-poisoning due to weak pseudo-random number generator. (CVE-2025-40780)

New Features:

• Support for parsing HHIT and BRID records has been added.

Removed Features:

• Deprecate the "tkey-domain" statement.
• Deprecate the "tkey-gssapi-credential" statement.

Bug Fixes:

• Prevent spurious SERVFAILs for certain 0-TTL resource records.
• Missing DNSSEC information when CD bit is set in query.

https://downloads.isc.org/isc/bind9/9.18.41/doc/arm/html/notes.html#notes-for-bind-9-18-41

FEDORA-2025-5a73e9e251 Packages in this update:

• bind-9.18.41-1.fc44
• bind-dyndb-ldap-11.11-8.fc44

Update description: Update to 9.18.41 (rhbz#2405786) Security fixes:

• DNSSEC validation fails if matching but invalid DNSKEY is found. (CVE-2025-8677)
• Address various spoofing attacks. (CVE-2025-40778)
• Cache-poisoning due to weak pseudo-random number generator. (CVE-2025-40780)

New Features:

• Support for parsing HHIT and BRID records has been added.

Removed Features:

• Deprecate the "tkey-domain" statement.
• Deprecate the "tkey-gssapi-credential" statement.

Bug Fixes:

• Prevent spurious SERVFAILs for certain 0-TTL resource records.
• Missing DNSSEC information when CD bit is set in query.

https://downloads.isc.org/isc/bind9/9.18.41/doc/arm/html/notes.html#notes-for-bind-9-18-41

FEDORA-2025-b10099f608 Packages in this update:

• ruby-3.3.10-21.fc41

Update description:

• Upgrade to Ruby 3.3.10.
• CVE-2025-58767 ruby: REXML denial of service (rhbz#2396203)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network file system (NFS) server daemon; - Packet sockets; - Network traffic control; - VMware vSockets driver; (CVE-2025-38617, CVE-2025-21796, CVE-2025-38618, CVE-2025-37785, CVE-2025-38477)

Version:next-20251024 (linux-next) Released:2025-10-24

Damien Tournoud, Patrick Dawkins, Vince Parker, and Jules Duvivier discovered that Go Cryptography incorrectly handled public keys during SSH operations. An attacker could possibly use this issue to bypass authorization mechanisms.

FEDORA-2025-5905c468d2 Packages in this update:

• pcre2-10.46-1.fc42

Update description:

Fix for CVE-2025-58050

FEDORA-2025-4bf7795b4e Packages in this update:

• openbao-2.4.3-1.fc42

Update description:

Update to upstream 2.4.3, including fixes for CVE-2025-62513 and CVE-2025-62705.

FEDORA-EPEL-2025-3975babff2 Packages in this update:

• openbao-2.4.3-1.el10_2

Update description:

Update to upstream 2.4.3, including fixes for CVE-2025-62513 and CVE-2025-62705.

FEDORA-2025-ab1fce816d Packages in this update:

• openbao-2.4.3-1.fc41

Update description:

Update to upstream 2.4.3, including fixes for CVE-2025-62513 and CVE-2025-62705.

FEDORA-EPEL-2025-7bec9f8025 Packages in this update:

• openbao-2.4.3-1.el10_0

Update description:

Update to upstream 2.4.3, including fixes for CVE-2025-62513 and CVE-2025-62705.

FEDORA-EPEL-2025-ffd437e0e8 Packages in this update:

• openbao-2.4.3-1.el9

Update description:

Update to upstream 2.4.3, including fixes for CVE-2025-62513 and CVE-2025-62705.

FEDORA-2025-0687b2debc Packages in this update:

• openbao-2.4.3-1.fc43

Update description:

Update to upstream 2.4.3, including fixes for CVE-2025-62513 and CVE-2025-62705.

FEDORA-EPEL-2025-bdd3bd8616 Packages in this update:

• openbao-2.4.3-1.el8

Update description:

Update to upstream 2.4.3, including fixes for CVE-2025-62513 and CVE-2025-62705.

FEDORA-EPEL-2025-a67eb81816 Packages in this update:

• openbao-2.4.3-1.el10_1

Update description:

Update to upstream 2.4.3, including fixes for CVE-2025-62513 and CVE-2025-62705.

It was discovered that the fetchmail SMTP client incorrectly handled certain status code messages. An attacker controlling a malicious server could possibly use this issue to cause fetchmail to crash, resulting in a denial of service.

Version:6.17.5 (stable) Released:2025-10-23 Source:linux-6.17.5.tar.xz PGP Signature:linux-6.17.5.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.17.5

Version:6.12.55 (longterm) Released:2025-10-23 Source:linux-6.12.55.tar.xz PGP Signature:linux-6.12.55.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.12.55

Version:6.6.114 (longterm) Released:2025-10-23 Source:linux-6.6.114.tar.xz PGP Signature:linux-6.6.114.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.6.114