Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 40: 2025-2280949271 critical: golang proxy bypass fix

fedora
Calendar Grey April 25, 2025
Dist Fedora Esm H88
Discover the recent improvements in Fedora 40, emphasizing the updated Go version that enhances security protocols for the IPP-over-USB proxy application
rebuild with new golang to fix CVE-2025-22870 (fedora#2352013)

Summary

HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables

driverless support for USB devices capable of using IPP-over-USB protocol.

Update Information:

rebuild with new golang to fix CVE-2025-22870 (fedora#2352013)

Topics%20covered

Topics Covered

security advisory update Fedora proxy golang CVE-2025-22870

Change Log

* Wed Apr 16 2025 Zdenek Dohnal - 0.9.30-4 - rebuild with new golang to fix CVE-2025-22870 (fedora#2352013) * Fri Apr 11 2025 Zdenek Dohnal - 0.9.30-3 - rebuilt with goipp 1.2.0 * Wed Mar 26 2025 Zdenek Dohnal - 0.9.30-2 - update SPEC file with new changes from go2rpm

References


[ 1 ] Bug #2351766 - CVE-2025-22870 golang.org/x/net/proxy: golang.org/x/net/http/httpproxy: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net



Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-2280949271' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: golang-github-openprinting-ipp-usb
Product: Fedora 40
Version: 0.9.30
Release: 4.fc40
URL: https://github.com/OpenPrinting/ipp-usb
Summary: HTTP reverse proxy, backed by IPP-over-USB connection to device

Topics%20covered

Topics Covered

security advisory update Fedora proxy golang CVE-2025-22870

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here