Fedora Security Advisories

• xorg-x11-server-Xwayland-24.1.8-1.fc42

Update to xserver 24.1.8, contains an additional fix for CVE-2025-49176

Update to xserver 24.1.7, CVE fix for CVE-2025-49175, CVE-2025-49176, CVE-2025-49177, CVE-2025-49178, CVE-2025-49179, CVE-2025-49180

• pam-1.7.0-6.fc42

pam_namespace: fix potential privilege escalation. Resolves: CVE-2025-6020

• xorg-x11-server-Xwayland-24.1.7-1.fc41

Update to xserver 24.1.7, CVE fix for CVE-2025-49175, CVE-2025-49176, CVE-2025-49177, CVE-2025-49178, CVE-2025-49179, CVE-2025-49180

• xorg-x11-server-Xwayland-24.1.7-1.fc42

Update to xserver 24.1.7, CVE fix for CVE-2025-49175, CVE-2025-49176, CVE-2025-49177, CVE-2025-49178, CVE-2025-49179, CVE-2025-49180

• xorg-x11-server-21.1.17-1.fc41

Update to xserver 21.1.17, CVE fix for CVE-2025-49175, CVE-2025-49176, CVE-2025-49177, CVE-2025-49178, CVE-2025-49179, CVE-2025-49180

• xorg-x11-server-21.1.17-1.fc42

Update to xserver 21.1.17, CVE fix for CVE-2025-49175, CVE-2025-49176, CVE-2025-49177, CVE-2025-49178, CVE-2025-49179, CVE-2025-49180

• perl-Crypt-OpenSSL-RSA-0.35-1.fc41

Update to 0.35, fixes CVE-2024-2467

• perl-Crypt-OpenSSL-RSA-0.35-1.el10_1

Update to 0.35, fixes CVE-2024-2467

• perl-Crypt-OpenSSL-RSA-0.35-1.fc42

Update to 0.35, fixes CVE-2024-2467

• perl-Crypt-OpenSSL-RSA-0.35-1.el10_0

Update to 0.35, fixes CVE-2024-2467

• perl-CryptX-0.087-2.el9

Update to 0.087, fixes CVE-2025-40914

• perl-CryptX-0.087-2.fc42

Update to 0.087, fixes CVE-2025-40914

• perl-CryptX-0.087-2.el10_0

Update to 0.087, fixes CVE-2025-40914

• perl-CryptX-0.087-2.el8

Update to 0.087, fixes CVE-2025-40914

• perl-CryptX-0.087-2.fc41

Update to 0.087, fixes CVE-2025-40914

• perl-CryptX-0.087-2.el10_1

Update to 0.087, fixes CVE-2025-40914

• libblockdev-3.2.2-1.fc41

Don't allow suid and dev set on fs resize (Thomas.Blume)

• libblockdev-3.3.1-1.fc42

Automatic update for libblockdev-3.3.1-1.fc42.

• python-pycares-4.9.0-1.fc41

4.9.0

• spdlog-1.14.1-4.fc41

Backported the upstream CVE-2025-6140 fix.