Fedora Security Advisories

FEDORA-2025-698dc1bbfa Packages in this update:

• linux-firmware-20251125-1.fc43

Update description:

Update to 20251125:

• Revert "amdgpu: update GC 11.0.1 firmware"
• QCA: Add Bluetooth firmware for WCN685x uart interface
• qcom: Add ADSP firmware for qcs6490-thundercomm-rubikpi3
• qcom: venus-5.4: update firmware binary for v5.4
• qcom: venus-5.4: remove unused firmware file
• iwlwifi: add Sc/Wh FW for core98-181 release
• amdgpu: DMCUB updates for various ASICs
• rtl_bt: Update RTL8852B BT USB FW to 0x42D3_4E04
• ASoC: tas2781: Add more symbol links on SPI devices
• amdgpu: update numerous firmware
• amdgpu: add vce1 firmware
• mediatek MT7922: update bluetooth firmware to 20251118163447
• update firmware for MT7922 WiFi device
• qcom: update ADSP, CDSP firmware for kaanapali platform, change the license
• qcom: add ADSP, CDSP firmware for sm8750 platform
• rtl_nic: add firmware rtl9151a-1
• qcom: Update aic100 firmware files
• mt76: add firmware for MT7990
• mt76: update firmware for MT7992/MT7996
• cirrus: cs35l57: Add firmware for a few Dell products
• cirrus: cs42l45: Add firmware for Cirrus Logic CS42L45 SDCA codec
• qcom: Add sdx35 Foxconn vendor firmware image file
• Update AMD cpu microcode

FEDORA-2025-a45a370014 Packages in this update:

• linux-firmware-20251125-1.fc42

Update description:

Update to 20251125:

• Revert "amdgpu: update GC 11.0.1 firmware"
• QCA: Add Bluetooth firmware for WCN685x uart interface
• qcom: Add ADSP firmware for qcs6490-thundercomm-rubikpi3
• qcom: venus-5.4: update firmware binary for v5.4
• qcom: venus-5.4: remove unused firmware file
• iwlwifi: add Sc/Wh FW for core98-181 release
• amdgpu: DMCUB updates for various ASICs
• rtl_bt: Update RTL8852B BT USB FW to 0x42D3_4E04
• ASoC: tas2781: Add more symbol links on SPI devices
• amdgpu: update numerous firmware
• amdgpu: add vce1 firmware
• mediatek MT7922: update bluetooth firmware to 20251118163447
• update firmware for MT7922 WiFi device
• qcom: update ADSP, CDSP firmware for kaanapali platform, change the license
• qcom: add ADSP, CDSP firmware for sm8750 platform
• rtl_nic: add firmware rtl9151a-1
• qcom: Update aic100 firmware files
• mt76: add firmware for MT7990
• mt76: update firmware for MT7992/MT7996
• cirrus: cs35l57: Add firmware for a few Dell products
• cirrus: cs42l45: Add firmware for Cirrus Logic CS42L45 SDCA codec
• qcom: Add sdx35 Foxconn vendor firmware image file
• Update AMD cpu microcode

FEDORA-EPEL-2025-a91b94e5c1 Packages in this update:

• stb-0^20251025gitf1c79c0-2.el9

Update description:

Patch two newly-reported memory-safety bugs in stb_image:

• https://github.com/nothings/stb/issues/1860
• https://github.com/nothings/stb/issues/1861

FEDORA-2025-073e4f7991 Packages in this update:

• usd-25.02a-3.fc42

Update description:

Rebuilt with stb_image patched for two new security bugs.

FEDORA-EPEL-2025-632b8c5a36 Packages in this update:

• stb-0^20251025gitf1c79c0-2.el10_1

Update description:

Patch two newly-reported memory-safety bugs in stb_image:

• https://github.com/nothings/stb/issues/1860
• https://github.com/nothings/stb/issues/1861

FEDORA-2025-66db1eaeb8 Packages in this update:

• usd-25.08-10.fc43

Update description:

Rebuilt with stb_image patched for two new security bugs.

FEDORA-EPEL-2025-3c4c4e0490 Packages in this update:

• stb-0^20251025gitf1c79c0-2.el10_2

Update description:

Patch two newly-reported memory-safety bugs in stb_image:

• https://github.com/nothings/stb/issues/1860
• https://github.com/nothings/stb/issues/1861

FEDORA-2025-7ea43a29f2 Packages in this update:

• stb-0^20251025gitf1c79c0-2.fc42

Update description:

Patch two newly-reported memory-safety bugs in stb_image:

• https://github.com/nothings/stb/issues/1860
• https://github.com/nothings/stb/issues/1861

FEDORA-2025-55bbd18c79 Packages in this update:

• stb-0^20251025gitf1c79c0-2.fc43

Update description:

Patch two newly-reported memory-safety bugs in stb_image:

• https://github.com/nothings/stb/issues/1860
• https://github.com/nothings/stb/issues/1861

FEDORA-2025-6b2336ec55 Packages in this update:

• openbao-2.4.4-1.fc42

Update description:

update to upstream 2.4.4, which fixed CVE-2025-64761

Adds hsm tag.

The fedora-42 build was done with golang-1.24.10 which fixed CVE-2025-58183.

FEDORA-2025-c7f4367479 Packages in this update:

• openbao-2.4.4-1.fc43

Update description:

update to upstream 2.4.4, fixing CVE-2025-64761.

Adds hsm tag.

The fedora-43 build was done with golang-1.25.4 which fixed CVE-2025-58189, CVE-2025-58188, CVE-2025-61725, CVE-2025-61723, CVE-2025-58185, and CVE-2025-58183.

FEDORA-EPEL-2025-001ad6132c Packages in this update:

• openbao-2.4.4-1.el10_1

Update description:

update to upstream 2.4.4 which fixed CVE-2025-64761

FEDORA-EPEL-2025-054eae36ef Packages in this update:

• openbao-2.4.4-1.el9

Update description:

update to upstream 2.4.4 which fixed CVE-2025-64761

Adds hsm tag.

FEDORA-EPEL-2025-fae772942c Packages in this update:

• openbao-2.4.4-1.el10_2

Update description:

update to upstream 2.4.4 which fixed CVE-2025-64761

Rebuild to add hsm tag.

FEDORA-2025-45a7dd8f10 Packages in this update:

• openbao-2.4.4-1.fc41

Update description:

update to upstream 2.4.4, which fixed CVE-2025-64761

Adds hsm tag.

The fedora-41 build was done with golang-1.24.10 which fixed CVE-2025-58189, CVE-2025-61725, CVE-2025-61723, CVE-2025-58185, and CVE-2025-58183.

FEDORA-EPEL-2025-0739431e45 Packages in this update:

• openbao-2.4.4-1.el8

Update description:

update to upstream 2.4.4 which fixed CVE-2025-64761

Adds hsm tag.

FEDORA-2025-cb26113de5 Packages in this update:

• python-mkdocs-include-markdown-plugin-7.2.0-1.fc42

Update description: v7.2.0 New features

• Add new argument order to sort multiple inclusions.

v7.1.8 Bug fixes

• Escape substitution placeholders to prevent malformed output in edge cases. (CVE-2025-59940)

FEDORA-2025-1b1bb708af Packages in this update:

• python-mkdocs-include-markdown-plugin-7.2.0-1.fc43

Update description: v7.2.0 New features

• Add new argument order to sort multiple inclusions.

v7.1.8 Bug fixes

• Escape substitution placeholders to prevent malformed output in edge cases. (CVE-2025-59940)

FEDORA-2025-0ec38c29fa Packages in this update:

• python-mkdocs-include-markdown-plugin-7.2.0-1.fc44

Update description:

Automatic update for python-mkdocs-include-markdown-plugin-7.2.0-1.fc44.

Changelog * Mon Nov 24 2025 Michel Lind <salimma@fedoraproject.org> - 7.2.0-1 - Update to 7.2.0 - Resolves: rhbz#2344045 - 7.1.8 fixes CVE-2025-59940; Resolves: rhbz#2400521

FEDORA-EPEL-2025-c7b9b07dd3 Packages in this update:

• rclone-1.72.0-1.el10_2

Update description:

Update to 1.72.0