Fedora Security Advisories

FEDORA-2025-96f340d7a0 Packages in this update:

• source-to-image-1.5.1-1.fc42

Update description:

Update to 1.5.1, migrate to Go Vendor Tools

FEDORA-2025-dc3c993169 Packages in this update:

• source-to-image-1.5.1-1.fc43

Update description:

Update to 1.5.1, migrate to Go Vendor Tools

FEDORA-EPEL-2025-5b2095e2c2 Packages in this update:

• xpdf-4.06-1.el8

Update description:

Update to 4.06. Lots of bugfixes, but notably, security fixes for the following CVEs:

CVE-2024-2971 CVE-2024-3247 CVE-2024-3248 CVE-2024-3900 CVE-2024-4141 CVE-2024-4568 CVE-2024-4976 CVE-2024-7866 CVE-2024-7867 CVE-2024-7868 CVE-2025-2574 CVE-2025-3154 CVE-2025-11896

FEDORA-EPEL-2025-9a55de96db Packages in this update:

• xpdf-4.06-1.el9

Update description:

Update to 4.06. Lots of bugfixes, but notably, security fixes for the following CVEs:

CVE-2024-2971 CVE-2024-3247 CVE-2024-3248 CVE-2024-3900 CVE-2024-4141 CVE-2024-4568 CVE-2024-4976 CVE-2024-7866 CVE-2024-7867 CVE-2024-7868 CVE-2025-2574 CVE-2025-3154 CVE-2025-11896

FEDORA-2025-e72c726192 Packages in this update:

• xpdf-4.06-1.fc42

Update description:

Update to 4.06. Lots of bugfixes, but notably, security fixes for the following CVEs:

CVE-2024-2971 CVE-2024-3247 CVE-2024-3248 CVE-2024-3900 CVE-2024-4141 CVE-2024-4568 CVE-2024-4976 CVE-2024-7866 CVE-2024-7867 CVE-2024-7868 CVE-2025-2574 CVE-2025-3154 CVE-2025-11896

FEDORA-2025-7c5b6a3bcb Packages in this update:

• xpdf-4.06-1.fc43

Update description:

Update to 4.06. Lots of bugfixes, but notably, security fixes for the following CVEs:

CVE-2024-2971 CVE-2024-3247 CVE-2024-3248 CVE-2024-3900 CVE-2024-4141 CVE-2024-4568 CVE-2024-4976 CVE-2024-7866 CVE-2024-7867 CVE-2024-7868 CVE-2025-2574 CVE-2025-3154 CVE-2025-11896

FEDORA-2025-a6dd878882 Packages in this update:

• python-kdcproxy-1.1.0-1.fc44

Update description:

Automatic update for python-kdcproxy-1.1.0-1.fc44.

Changelog * Wed Nov 19 2025 Julien Rische <jrische@redhat.com> - 1.1.0-1 - New upstream version (1.1.0) - Use DNS discovery for declared realms only (CVE-2025-59088) Resolves: rhbz#2415861 - Fix DoS vulnerability based on unbounded TCP buffering (CVE-2025-59089) Resolves: rhbz#2415860 - Stop using deprecated \ CFLAGS="${CFLAGS:-${RPM_OPT_FLAGS}}" LDFLAGS="${LDFLAGS:-${RPM_LD_FLAGS}}"\ /usr/bin/python3 setup.py build --executable="/usr/bin/python3 -sP" /\ CFLAGS="${CFLAGS:-${RPM_OPT_FLAGS}}" LDFLAGS="${LDFLAGS:-${RPM_LD_FLAGS}}"\ /usr/bin/python3 setup.py install -O1 --skip-build --root /builddir/build/BUILD/python-kdcproxy-1.1.0-build/BUILDROOT --prefix /usr macros rm -rfv /builddir/build/BUILD/python-kdcproxy-1.1.0-build/BUILDROOT/usr/bin/__pycache__ Resolves: rhbz#2377837

FEDORA-2025-3f9b87b0e7 Packages in this update:

• python-kdcproxy-1.1.0-1.fc43

Update description:

• New upstream version (1.1.0)
• Use DNS discovery for declared realms only (CVE-2025-59088)
• Fix DoS vulnerability based on unbounded TCP buffering (CVE-2025-59089)
• Stop using deprecated %py3_build/%py3_install macros

FEDORA-2025-068c570cbf Packages in this update:

• python-kdcproxy-1.1.0-1.fc42

Update description:

• New upstream version (1.1.0)
• Use DNS discovery for declared realms only (CVE-2025-59088)
• Fix DoS vulnerability based on unbounded TCP buffering (CVE-2025-59089)

FEDORA-2025-3075610004 Packages in this update:

• python-kdcproxy-1.1.0-1.fc41

Update description:

• New upstream version (1.1.0)
• Use DNS discovery for declared realms only (CVE-2025-59088)
• Fix DoS vulnerability based on unbounded TCP buffering (CVE-2025-59089)

FEDORA-2025-15c3d1dcfc Packages in this update:

• openbao-2.4.3-2.fc41

Update description:

Rebuild to add hsm tag.

The fedora-41 build was done with golang-1.24.10 which fixed CVE-2025-58189, CVE-2025-61725, CVE-2025-61723, CVE-2025-58185, and CVE-2025-58183.

FEDORA-2025-3e35532d2a Packages in this update:

• openbao-2.4.3-2.fc43

Update description:

Rebuild to add hsm tag.

The fedora-43 build was done with golang-1.25.4 which fixed CVE-2025-58189, CVE-2025-58188, CVE-2025-61725, CVE-2025-61723, CVE-2025-58185, and CVE-2025-58183.

FEDORA-2025-e14e668afa Packages in this update:

• openbao-2.4.3-2.fc42

Update description:

Rebuild to add hsm tag.

The fedora-42 build was done with golang-1.24.10 which fixed CVE-2025-58183.

FEDORA-2025-1ccd7dbf40 Packages in this update:

• docker-buildkit-0.26.1-1.fc41

Update description:

Update to release v0.26.1

• Update to release v0.26.0
• Resolves: rhbz#2412681, rhbz#2412761
• Upstream new features and fixes
• dependency override for moby/policy-helper needed for license (default version does not a a license file)

FEDORA-2025-308cf4259b Packages in this update:

• docker-buildkit-0.26.1-1.fc42

Update description:

Update to release v0.26.1

• Update to release v0.26.0
• Resolves: rhbz#2412681, rhbz#2412761
• Upstream new features and fixes
• dependency override for moby/policy-helper needed for license (default version does not a a license file)c

FEDORA-2025-6e24679a4d Packages in this update:

• docker-buildx-0.30.1-1.fc41

Update description:

• Update to release v0.30.1
• Upstream fix

• Update to release v0.30.0
• Resolves: rhbz#2413270
• Resolves: rhbz#2407614, rhbz#2407881, rhbz#2408158, rhbz#2409066
• Resolves: rhbz#2409350, rhbz#2409628, rhbz#2410014, rhbz#2410300
• Resolves: rhbz#2410579, rhbz#2410946, rhbz#2411477, rhbz#2412381
• Resolves: rhbz#2412530, rhbz#2412682, rhbz#2412762
• Upstream new features and fixes

FEDORA-2025-04cf139ee2 Packages in this update:

• docker-buildx-0.30.1-1.fc42

Update description:

• Update to release v0.30.1
• Upstream fix

• Update to release v0.30.0
• Resolves: rhbz#2413270
• Resolves: rhbz#2407614, rhbz#2407881, rhbz#2408158, rhbz#2409066
• Resolves: rhbz#2409350, rhbz#2409628, rhbz#2410014, rhbz#2410300
• Resolves: rhbz#2410579, rhbz#2410946, rhbz#2411477, rhbz#2412381
• Resolves: rhbz#2412530, rhbz#2412682, rhbz#2412762
• Upstream new features and fixes

FEDORA-2025-264853458b Packages in this update:

• docker-buildkit-0.26.1-1.fc43

Update description:

Update to release v0.26.1

• Update to release v0.26.0
• Resolves: rhbz#2412681, rhbz#2412761
• Upstream new features and fixes
• dependency override for moby/policy-helper needed for license (default version does not a a license file)

FEDORA-2025-b1d7d7f8db Packages in this update:

• docker-buildx-0.30.1-1.fc43

Update description:

• Update to release v0.30.1
• Upstream fix

• Update to release v0.30.0
• Resolves: rhbz#2413270
• Resolves: rhbz#2407614, rhbz#2407881, rhbz#2408158, rhbz#2409066
• Resolves: rhbz#2409350, rhbz#2409628, rhbz#2410014, rhbz#2410300
• Resolves: rhbz#2410579, rhbz#2410946, rhbz#2411477, rhbz#2412381
• Resolves: rhbz#2412530, rhbz#2412682, rhbz#2412762
• Upstream new features and fixes

FEDORA-2025-ada7909175 Packages in this update:

• sudo-rs-0.2.10-1.fc41

Update description:

Update to version 0.2.10.

This release includes fixes for CVE-2025-64170 and CVE-2025-64517.