valkey-8.0.3-2.el9
FEDORA-EPEL-2025-3d709b6d04
Packages in this update:
- valkey-8.0.3-2.el9
Fix CVE-2025-49112
Fedora Security Advisories
valkey-8.0.3-2.el8
FEDORA-EPEL-2025-cb5da834b7
Packages in this update:
- valkey-8.0.3-2.el8
Fix CVE-2025-49112
krb5-1.21.3-5.fc41
FEDORA-2025-42a13f896e
Packages in this update:
- krb5-1.21.3-5.fc41
- Disallowing use of the arcfour-hmac(-md5) encryption type for session keys
- Add support for the PKINIT paChecksum2 sequence, required for Active Directory interoperability on Windows Server 2025
- Fix generation of RADIUS Message-Authenticator in FIPS mode
krb5-1.21.3-6.fc42
FEDORA-2025-3de9fe91ff
Packages in this update:
- krb5-1.21.3-6.fc42
- Disallowing use of the arcfour-hmac(-md5) encryption type for session keys
- Add support for the PKINIT paChecksum2 sequence, required for Active Directory interoperability on Windows Server 2025
- Fix generation of RADIUS Message-Authenticator in FIPS mode
krb5-1.21.3-6.fc43
FEDORA-2025-1c915db8a5
Packages in this update:
- krb5-1.21.3-6.fc43
Automatic update for krb5-1.21.3-6.fc43.
Changelog * Wed Jun 4 2025 Julien Rische <jrische@redhat.com> - 1.21.3-6 - Do not block HMAC-MD4/5 in FIPS mode Resolves: rhbz#2370259 - PKINIT: implement paChecksum2 from MS-PKCA v20230920 Resolves: rhbz#2357215 - Disallow RC4 HMAC-MD5 session keys by default (CVE-2025-3576) Resolves: rhbz#2359705perl-File-Find-Rule-0.35-1.el10_0
FEDORA-EPEL-2025-0d08cf47ee
Packages in this update:
- perl-File-Find-Rule-0.35-1.el10_0
This update fixes an arbitrary code execution vulnerability (CVE-2011-10007) by using a 3-argument version of open() instead of the old-fashioned 2-argument version.
perl-File-Find-Rule-0.35-1.el10_1
FEDORA-EPEL-2025-9dcb1aae07
Packages in this update:
- perl-File-Find-Rule-0.35-1.el10_1
This update fixes an arbitrary code execution vulnerability (CVE-2011-10007) by using a 3-argument version of open() instead of the old-fashioned 2-argument version.
golang-x-perf-0-0.28.20250326git02a15fd.fc41
FEDORA-2025-333708f4ce
Packages in this update:
- golang-x-perf-0-0.28.20250326git02a15fd.fc41
Security update
golang-x-perf-0-0.28.20250326git02a15fd.fc42
FEDORA-2025-ee0831e677
Packages in this update:
- golang-x-perf-0-0.28.20250326git02a15fd.fc42
Security update
wireshark-4.4.7-1.fc42
FEDORA-2025-b979c16d88
Packages in this update:
- wireshark-4.4.7-1.fc42
New version 4.4.7
Ignoring potential error when using udevadm in %post scriptlet
wireshark-4.4.7-1.fc41
FEDORA-2025-8043d4cd71
Packages in this update:
- wireshark-4.4.7-1.fc41
New version 4.4.7
Ignoring potential error when using udevadm in %post scriptlet
samba-4.22.2-1.fc42
FEDORA-2025-68d1e02e61
Packages in this update:
- samba-4.22.2-1.fc42
Update to Samba 4.22.2 - Security fix for CVE-2025-0620
samba-4.22.2-1.fc43
FEDORA-2025-a0d44a3ecf
Packages in this update:
- samba-4.22.2-1.fc43
Automatic update for samba-4.22.2-1.fc43.
Changelog * Thu Jun 5 2025 Günther Deschner <gd@samba.org> - 2:4.22.2-1 - Update to Samba 4.22.2 - resolves: rhbz#2370468 - resolves: rhbz#2370455 - Security fix for CVE-2025-0620 * Wed Jun 4 2025 Python Maint <python-maint@redhat.com> - 2:4.22.1-2 - Rebuilt for Python 3.14python3-docs-3.13.4-1.fc41 python3.13-3.13.4-1.fc41
FEDORA-2025-098fa1945a
Packages in this update:
- python3.13-3.13.4-1.fc41
- python3-docs-3.13.4-1.fc41
Update to 3.13.4, this releases fixes the following CVEs: CVE 2024-12718, CVE 2025-4138, CVE 2025-4330, CVE-2025-4435, and CVE 2025-4517
python3-docs-3.13.4-1.fc42 python3.13-3.13.4-1.fc42
FEDORA-2025-47cf891973
Packages in this update:
- python3.13-3.13.4-1.fc42
- python3-docs-3.13.4-1.fc42
Update to 3.13.4, this releases fixes the following CVEs: CVE 2024-12718, CVE 2025-4138, CVE 2025-4330, CVE-2025-4435, and CVE 2025-4517
libkrun-1.13.0-1.fc41 rust-kbs-types-0.11.0-1.fc41 rust-sev-6.1.0-2.fc41 rust-sevctl-0.6.2-3.fc41
FEDORA-2025-c53905e83d
Packages in this update:
- libkrun-1.13.0-1.fc41
- rust-kbs-types-0.11.0-1.fc41
- rust-sev-6.1.0-2.fc41
- rust-sevctl-0.6.2-3.fc41
This release includes improvements and fixes, and updates crossbeam-channel dependency to address CVE-2025-4574
libkrun-1.13.0-1.fc42 rust-kbs-types-0.11.0-1.fc42 rust-sev-6.1.0-2.fc42 rust-sevctl-0.6.2-3.fc42
FEDORA-2025-4fc3431dab
Packages in this update:
- libkrun-1.13.0-1.fc42
- rust-kbs-types-0.11.0-1.fc42
- rust-sev-6.1.0-2.fc42
- rust-sevctl-0.6.2-3.fc42
This release includes improvements and fixes, and updates crossbeam-channel dependency to address CVE-2025-4574
libkrun-1.13.0-1.fc43 rust-kbs-types-0.11.0-1.fc43 rust-sev-6.1.0-2.fc43 rust-sevctl-0.6.2-3.fc43
FEDORA-2025-57f7169b9d
Packages in this update:
- libkrun-1.13.0-1.fc43
- rust-kbs-types-0.11.0-1.fc43
- rust-sev-6.1.0-2.fc43
- rust-sevctl-0.6.2-3.fc43
This release includes improvements and fixes, and updates crossbeam-channel dependency to address CVE-2025-4574
aerc-0.20.1-2.fc41
FEDORA-2025-5566a46596
Packages in this update:
- aerc-0.20.1-2.fc41
Fix CVE-2025-49466 (fedora#2370375)
python3.12-3.12.11-1.fc42
FEDORA-2025-41dc96c19a
Packages in this update:
- python3.12-3.12.11-1.fc42
Update to 3.12.11.
- gh-135034: [CVE 2024-12718] [CVE 2025-4138] [CVE 2025-4330] [CVE 2025-4435] [CVE 2025-4517] Fixes multiple issues that allowed tarfile extraction filters (filter="data" and filter="tar") to be bypassed using crafted symlinks and hard links.
- gh-133767: Fix use-after-free in the “unicode-escape” decoder with a non-“strict” error handler.
- gh-128840: Short-circuit the processing of long IPv6 addresses early in ipaddress to prevent excessive memory consumption and a minor denial-of-service.