Aggregator

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.44 in Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. Ubuntu 25.04 and Ubuntu 25.10 have been updated to MySQL 8.4.7. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-44.html https://dev.mysql.com/doc/relnotes/mysql/8.4/en/news-8-4-7.html https://www.oracle.com/security-alerts/cpuoct2025.html

Version:next-20251119 (linux-next) Released:2025-11-19

FEDORA-2025-15c3d1dcfc Packages in this update:

• openbao-2.4.3-2.fc41

Update description:

Rebuild to add hsm tag.

The fedora-41 build was done with golang-1.24.10 which fixed CVE-2025-58189, CVE-2025-61725, CVE-2025-61723, CVE-2025-58185, and CVE-2025-58183.

FEDORA-2025-3e35532d2a Packages in this update:

• openbao-2.4.3-2.fc43

Update description:

Rebuild to add hsm tag.

The fedora-43 build was done with golang-1.25.4 which fixed CVE-2025-58189, CVE-2025-58188, CVE-2025-61725, CVE-2025-61723, CVE-2025-58185, and CVE-2025-58183.

FEDORA-2025-e14e668afa Packages in this update:

• openbao-2.4.3-2.fc42

Update description:

Rebuild to add hsm tag.

The fedora-42 build was done with golang-1.24.10 which fixed CVE-2025-58183.

It was discovered that Lasso incorrectly handled certain malformed SAML responses. A remote attacker could possibly use this issue to cause Lasso to crash, resulting in a denial of service. (CVE-2025-46404) It was discovered that Lasso incorrectly handled certain malformed SAML assertion responses. A remote attacker could possibly use this issue to cause Lasso to crash, resulting in a denial of service. (CVE-2025-46705) It was discovered that Lasso incorrectly handled certain malformed SAML responses. A remote attacker could possibly use this issue to cause Lasso to consume memory, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2025-46784) It was discovered that Lasso incorrectly handled certain malformed SAML responses. A remote attacker could use this issue to cause Lasso to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-47151)

Version:next-20251118 (linux-next) Released:2025-11-18

FEDORA-2025-1ccd7dbf40 Packages in this update:

• docker-buildkit-0.26.1-1.fc41

Update description:

Update to release v0.26.1

• Update to release v0.26.0
• Resolves: rhbz#2412681, rhbz#2412761
• Upstream new features and fixes
• dependency override for moby/policy-helper needed for license (default version does not a a license file)

FEDORA-2025-308cf4259b Packages in this update:

• docker-buildkit-0.26.1-1.fc42

Update description:

Update to release v0.26.1

• Update to release v0.26.0
• Resolves: rhbz#2412681, rhbz#2412761
• Upstream new features and fixes
• dependency override for moby/policy-helper needed for license (default version does not a a license file)c

FEDORA-2025-6e24679a4d Packages in this update:

• docker-buildx-0.30.1-1.fc41

Update description:

• Update to release v0.30.1
• Upstream fix

• Update to release v0.30.0
• Resolves: rhbz#2413270
• Resolves: rhbz#2407614, rhbz#2407881, rhbz#2408158, rhbz#2409066
• Resolves: rhbz#2409350, rhbz#2409628, rhbz#2410014, rhbz#2410300
• Resolves: rhbz#2410579, rhbz#2410946, rhbz#2411477, rhbz#2412381
• Resolves: rhbz#2412530, rhbz#2412682, rhbz#2412762
• Upstream new features and fixes

FEDORA-2025-04cf139ee2 Packages in this update:

• docker-buildx-0.30.1-1.fc42

Update description:

• Update to release v0.30.1
• Upstream fix

• Update to release v0.30.0
• Resolves: rhbz#2413270
• Resolves: rhbz#2407614, rhbz#2407881, rhbz#2408158, rhbz#2409066
• Resolves: rhbz#2409350, rhbz#2409628, rhbz#2410014, rhbz#2410300
• Resolves: rhbz#2410579, rhbz#2410946, rhbz#2411477, rhbz#2412381
• Resolves: rhbz#2412530, rhbz#2412682, rhbz#2412762
• Upstream new features and fixes

FEDORA-2025-264853458b Packages in this update:

• docker-buildkit-0.26.1-1.fc43

Update description:

Update to release v0.26.1

• Update to release v0.26.0
• Resolves: rhbz#2412681, rhbz#2412761
• Upstream new features and fixes
• dependency override for moby/policy-helper needed for license (default version does not a a license file)

FEDORA-2025-b1d7d7f8db Packages in this update:

• docker-buildx-0.30.1-1.fc43

Update description:

• Update to release v0.30.1
• Upstream fix

• Update to release v0.30.0
• Resolves: rhbz#2413270
• Resolves: rhbz#2407614, rhbz#2407881, rhbz#2408158, rhbz#2409066
• Resolves: rhbz#2409350, rhbz#2409628, rhbz#2410014, rhbz#2410300
• Resolves: rhbz#2410579, rhbz#2410946, rhbz#2411477, rhbz#2412381
• Resolves: rhbz#2412530, rhbz#2412682, rhbz#2412762
• Upstream new features and fixes

FEDORA-2025-ada7909175 Packages in this update:

• sudo-rs-0.2.10-1.fc41

Update description:

Update to version 0.2.10.

This release includes fixes for CVE-2025-64170 and CVE-2025-64517.

FEDORA-2025-4388808bbf Packages in this update:

• sudo-rs-0.2.10-1.fc42

Update description:

Update to version 0.2.10.

This release includes fixes for CVE-2025-64170 and CVE-2025-64517.

FEDORA-2025-a9d9780cbb Packages in this update:

• sudo-rs-0.2.10-1.fc43

Update description:

Update to version 0.2.10.

This release includes fixes for CVE-2025-64170 and CVE-2025-64517.

FEDORA-2025-0ef7552461 Packages in this update:

• linux-firmware-20251111-1.fc43

Update description:

Upstream linux-firmware 20251111 release:

• rtl_bt: Update RTL8922A BT USB firmware to 0x41C0_C905
• add firmware for mt7987 internal 2.5G ethernet phy
• rtw88: 8822b: Update firmware to v30.20.0
• rtl_nic: add firmware rtl8125k-1
• ASoC: tas2781: Update dsp firmware for HP and ASUS projects
• amdgpu: DMCUB updates for various ASICs
• qcom: add SOCCP firmware for kaanapali platform
• xe: Update GUC to v70.53.0 for BMG, LNL, PTL
• i915: Update GUC to v70.53.0 for DG2, MTL
• rtw89: 8851b: update fw to v0.29.41.5
• rtw89: 8852b: update fw to v0.29.128.0 with format suffix -2
• rtw89: 8852b: update fw to v0.29.29.14
• rtw89: 8852bt: update fw to v0.29.127.0 with format suffix -1
• Update firmware file for Intel BlazarI/BlazarU core
• Create audio folder in ti folder, and move all the audio firmwares into it
• amdgpu: DMCUB updates for various ASICs
• Update AMD cpu microcode
• mediatek MT7925: update bluetooth firmware to 20251015213201
• rtl_bt: Add firmware and config files for RTL8761CUV
• Update AMD cpu microcode
• qcom: add ADSP firmware for kaanapali platform
• amdgpu: DMCUB updates for various ASICs
• mediatek MT7920: update bluetooth firmware to 20251020151255
• update firmware for MT7920/MT7922/MT7925 WiFi device
• amd-ucode: Fix minimum revisions in README
• cirrus: cs35l41: Rename various Asus Laptop firmware files to not have Speaker ID
• mediatek MT7922: update bluetooth firmware to 20251020143443

FEDORA-2025-ecd9a3485b Packages in this update:

• linux-firmware-20251111-1.fc42

Update description:

Upstream linux-firmware 20251111 release:

• rtl_bt: Update RTL8922A BT USB firmware to 0x41C0_C905
• add firmware for mt7987 internal 2.5G ethernet phy
• rtw88: 8822b: Update firmware to v30.20.0
• rtl_nic: add firmware rtl8125k-1
• ASoC: tas2781: Update dsp firmware for HP and ASUS projects
• amdgpu: DMCUB updates for various ASICs
• qcom: add SOCCP firmware for kaanapali platform
• xe: Update GUC to v70.53.0 for BMG, LNL, PTL
• i915: Update GUC to v70.53.0 for DG2, MTL
• rtw89: 8851b: update fw to v0.29.41.5
• rtw89: 8852b: update fw to v0.29.128.0 with format suffix -2
• rtw89: 8852b: update fw to v0.29.29.14
• rtw89: 8852bt: update fw to v0.29.127.0 with format suffix -1
• Update firmware file for Intel BlazarI/BlazarU core
• Create audio folder in ti folder, and move all the audio firmwares into it
• amdgpu: DMCUB updates for various ASICs
• Update AMD cpu microcode
• mediatek MT7925: update bluetooth firmware to 20251015213201
• rtl_bt: Add firmware and config files for RTL8761CUV
• Update AMD cpu microcode
• qcom: add ADSP firmware for kaanapali platform
• amdgpu: DMCUB updates for various ASICs
• mediatek MT7920: update bluetooth firmware to 20251020151255
• update firmware for MT7920/MT7922/MT7925 WiFi device
• amd-ucode: Fix minimum revisions in README
• cirrus: cs35l41: Rename various Asus Laptop firmware files to not have Speaker ID
• mediatek MT7922: update bluetooth firmware to 20251020143443

FEDORA-EPEL-2025-f63e98e319 Packages in this update:

• jfrog-cli-2.78.3-2.el9

Update description:

Rebuild with Go 1.25.3 to address standard library vulnerabilities: CVE-2025-58189, CVE-2025-61725, CVE-2025-61723, CVE-2025-58185, CVE-2025-58188, CVE-2025-58183.