Manage your dotfiles across multiple diverse machines, securely.
Update Information:
Update to 2.69.0
* Mon Jan 5 2026 Packit
[ 1 ] Bug #2409601 - CVE-2025-61723 chezmoi: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409601
[ 2 ] Bug #2410552 - CVE-2025-58185 chezmoi: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410552
[ 3 ] Bug #2411450 - CVE-2025-58188 chezmoi: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411450
[ 4 ] Bug #2412669 - CVE-2025-58183 chezmoi: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412669
[ 5 ] Bug #2420608 - CVE-2025-47913 chezmoi: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2420608
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-004192d79d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
Get the latest Linux and open source security news straight to your inbox.