Fedora Security Advisories

• perl-CryptX-0.087-2.fc41

Update to 0.087, fixes CVE-2025-40914

• perl-CryptX-0.087-2.el10_1

Update to 0.087, fixes CVE-2025-40914

• libblockdev-3.2.2-1.fc41

Don't allow suid and dev set on fs resize (Thomas.Blume)

• libblockdev-3.3.1-1.fc42

Automatic update for libblockdev-3.3.1-1.fc42.

• python-pycares-4.9.0-1.fc41

4.9.0

• spdlog-1.14.1-4.fc41

Backported the upstream CVE-2025-6140 fix.

• dotnet8.0-8.0.117-1.fc41

This is the June 2025 monthly update for .NET 8.

Release Notes:

• SDK: https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.17/8.0.117.md
• Runtime: https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.17/8.0.17.md

• dotnet8.0-8.0.117-1.fc42

This is the June 2025 monthly update for .NET 8.

Release Notes:

• SDK: https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.17/8.0.117.md
• Runtime: https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.17/8.0.17.md

• python-setuptools-69.2.0-10.fc41

Security fix for CVE-2025-47273

• python-setuptools-74.1.3-7.fc42

Security fix for CVE-2025-47273

• atuin-18.3.0-4.el9

Rebuild applications to apply two recent security updates:

• build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded)
• build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double-free on Drop)

• atuin-18.3.0-4.fc41
• awatcher-0.3.1-2.fc41
• gotify-desktop-1.3.7-5.fc41
• keylime-agent-rust-0.2.7-5.fc41
• mirrorlist-server-3.0.7-7.fc41

Rebuild applications to apply two recent security updates:

• build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded)
• build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double-free on Drop)

• atuin-18.3.0-4.fc42
• awatcher-0.3.1-2.fc42
• gotify-desktop-1.3.7-5.fc42
• mirrorlist-server-3.0.7-7.fc42

Rebuild applications to apply two recent security updates:

• build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded)
• build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double-free on Drop)

• atuin-18.3.0-4.fc43
• awatcher-0.3.1-2.fc43
• gotify-desktop-1.3.7-5.fc43
• mirrorlist-server-3.0.7-7.fc43

Rebuild applications to apply two recent security updates:

• build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded)
• build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double-free on Drop)

• optipng-7.9.1-1.fc42

Update to 7.9.1

• optipng-7.9.1-1.fc41

Update to 7.9.1

• optipng-7.9.1-1.el10_1

Update to 7.9.1

• optipng-7.9.1-1.el9

Update to 7.9.1

• mingw-glib2-2.84.3-1.fc42

FIx CVE-2025-6052.

• mingw-glib2-2.82.5-1.fc41

FIx CVE-2025-6052.