Fedora Security Advisories

FEDORA-EPEL-2025-1facfe149a Packages in this update:

• pack-0.38.2-1.el9

Update description:

bump to v0.38.2

FEDORA-2025-387540db1f Packages in this update:

• pack-0.38.2-1.fc42

Update description:

bump to v0.38.2

FEDORA-2025-20f7fd3e95 Packages in this update:

• pack-0.38.2-1.fc43

Update description:

bump to v0.38.2

FEDORA-2025-57302ba8ea Packages in this update:

• migrate-4.19.0-1.fc42

Update description:

• Update to 4.19.0
• Address CVEs by rebuilding with Go 1.24.10

FEDORA-2025-427af3b610 Packages in this update:

• migrate-4.19.0-1.fc43

Update description:

• Update to 4.19.0
• Address CVEs by rebuilding with Go 1.25.4

FEDORA-2025-a96ccc98ca Packages in this update:

• rnp-0.18.1-1.fc43

Update description:

Version 0.18.1

Security

• Fixed critical issue where PKESK (public-key encrypted) session keys were generated as all-zero, allowing trivial decryption of messages encrypted with public keys only (CVE-2025-13402)

FEDORA-EPEL-2025-c2bf491987 Packages in this update:

• rnp-0.18.1-1.el8

Update description:

Version 0.18.1

Security

• Fixed critical issue where PKESK (public-key encrypted) session keys were generated as all-zero, allowing trivial decryption of messages encrypted with public keys only (CVE-2025-13402)

FEDORA-EPEL-2025-391c549345 Packages in this update:

• rnp-0.18.1-1.el10_1

Update description:

Version 0.18.1

Security

• Fixed critical issue where PKESK (public-key encrypted) session keys were generated as all-zero, allowing trivial decryption of messages encrypted with public keys only (CVE-2025-13402)

FEDORA-2025-7bef956026 Packages in this update:

• rnp-0.18.1-1.fc42

Update description:

Version 0.18.1

Security

• Fixed critical issue where PKESK (public-key encrypted) session keys were generated as all-zero, allowing trivial decryption of messages encrypted with public keys only (CVE-2025-13402)

FEDORA-EPEL-2025-06a66cd929 Packages in this update:

• rnp-0.18.1-1.el9

Update description:

Version 0.18.1

Security

• Fixed critical issue where PKESK (public-key encrypted) session keys were generated as all-zero, allowing trivial decryption of messages encrypted with public keys only (CVE-2025-13402)

FEDORA-2025-bc8b81c28d Packages in this update:

• rnp-0.18.1-1.fc41

Update description:

Version 0.18.1

Security

• Fixed critical issue where PKESK (public-key encrypted) session keys were generated as all-zero, allowing trivial decryption of messages encrypted with public keys only (CVE-2025-13402)

FEDORA-EPEL-2025-5eddd94672 Packages in this update:

• rnp-0.18.1-1.el10_2

Update description:

Version 0.18.1

Security

• Fixed critical issue where PKESK (public-key encrypted) session keys were generated as all-zero, allowing trivial decryption of messages encrypted with public keys only (CVE-2025-13402)

FEDORA-2025-d41f5f4a2a Packages in this update:

• chromium-142.0.7444.175-2.fc43

Update description:

Update to 142.0.7444.175

* High CVE-2025-13223: Type Confusion in V8 * High CVE-2025-13224: Type Confusion in V8

FEDORA-EPEL-2025-cdf5100498 Packages in this update:

• chromium-142.0.7444.175-2.el9

Update description:

Update to 142.0.7444.175

* High CVE-2025-13223: Type Confusion in V8 * High CVE-2025-13224: Type Confusion in V8

Update to 142.0.7444.162

* High CVE-2025-13042: Inappropriate implementation in V8

FEDORA-2025-ee528a170d Packages in this update:

• chromium-142.0.7444.175-2.fc41

Update description:

Update to 142.0.7444.175

* High CVE-2025-13223: Type Confusion in V8 * High CVE-2025-13224: Type Confusion in V8

FEDORA-EPEL-2025-62f79f7f05 Packages in this update:

• chromium-142.0.7444.175-2.el10_2

Update description:

Update to 142.0.7444.175

* High CVE-2025-13223: Type Confusion in V8 * High CVE-2025-13224: Type Confusion in V8

FEDORA-2025-54b43715b6 Packages in this update:

• chromium-142.0.7444.175-2.fc42

Update description:

Update to 142.0.7444.175

* High CVE-2025-13223: Type Confusion in V8 * High CVE-2025-13224: Type Confusion in V8

FEDORA-2025-45b1844342 Packages in this update:

• gnutls-3.8.11-1.fc43

Update description:

Update to the 3.8.11 release with a fix for CVE-2025-9820 and several enhancements.

FEDORA-2025-355d5aac01 Packages in this update:

• drupal7-7.103-1.fc43

Update description:

• https://www.drupal.org/project/drupal/releases/7.99
• https://www.drupal.org/project/drupal/releases/7.100
• https://www.drupal.org/project/drupal/releases/7.101
• https://www.drupal.org/project/drupal/releases/7.102
  • https://www.drupal.org/sa-core-2024-005
  • https://www.drupal.org/sa-core-2024-008
• https://www.drupal.org/project/drupal/releases/7.103

FEDORA-2025-f8a08bb335 Packages in this update:

• drupal7-7.103-1.fc42

Update description:

• https://www.drupal.org/project/drupal/releases/7.99
• https://www.drupal.org/project/drupal/releases/7.100
• https://www.drupal.org/project/drupal/releases/7.101
• https://www.drupal.org/project/drupal/releases/7.102
  • https://www.drupal.org/sa-core-2024-005
  • https://www.drupal.org/sa-core-2024-008
• https://www.drupal.org/project/drupal/releases/7.103