Fedora 40: FEDORA-2025-df3432c3ee Critical: buku Remote Code Exec
fedora
February 3, 2025
Update to 4.9
Summary
Buku is a powerful bookmark manager written in Python3 and SQLite3.
Buku fetches the title of a bookmarked web page and stores it along
with any additional comments and tags. You can use your favourite editor
to compose and update bookmarks. With multiple search options, including regex
and a deep scan mode (particularly for URLs), it can find any bookmark
instantly. Multiple search results can be opened in the browser at once.
Update Information:
Update to 4.9
Topics Covered
Change Log
* Sat Jan 25 2025 Robert-André Mauchin
References
[ 1 ] Bug #2273856 - buku-4.9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2273856
[ 2 ] Bug #2298673 - CVE-2024-6345 buku: pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2298673
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-df3432c3ee' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: buku
Product: Fedora 40
Version: 4.9
Release: 1.fc40
Summary: Powerful command-line bookmark manager
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!