Fedora 40: uv 2025-e923d51676 critical: rust dependency updates
fedora
April 21, 2025
Update uv to 0.6.14, with various bugfixes and new features
Summary
An extremely fast Python package installer and resolver, written in Rust.
Designed as a drop-in replacement for common pip and pip-tools workflows.
Highlights:
⢠âï¸ Drop-in replacement for common pip, pip-tools, and virtualenv commands.
⢠â¡ï¸ 10-100x faster than pip and pip-tools (pip-compile and pip-sync).
⢠ð¾ Disk-space efficient, with a global cache for dependency deduplication.
⢠ð Installable via curl, pip, pipx, etc. uv is a static binary that can be
installed without Rust or Python.
⢠𧪠Tested at-scale against the top 10,000 PyPI packages.
⢠ð¥ï¸ Support for macOS, Linux, and Windows.
⢠𧰠Advanced features such as dependency version overrides and alternative
resolution strategies.
⢠âï¸ Best-in-class error messages with a conflict-tracking resolver.
⢠ð¤ Support for a wide range of advanced pip features, including editable
installs, Git dependencies, direct URL dependencies, local dependencies,
constraints, source distributions, HTML and JSON indexes, and more.
Update Information:
Update uv to 0.6.14, with various bugfixes and new features. Update rust-idna to 1.0.3 (fixing RUSTSEC-2024-0421), rust-url to 2.5.4, rust- adblock to 0.9.6, and rust-cookie_store to 0.21.1; adjust some reverse dependencies of rust-idna. Initial packages for many dependencies. Update rust-ron to 0.9. Update rust-zip to 2.6.1, fixing GHSA-94vh-gphv-8pm8.
Topics Covered
Change Log
* Fri Apr 11 2025 Benjamin A. Beasley
References
[ 1 ] Bug #2277901 - rust-adblock-0.9.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2277901
[ 2 ] Bug #2291175 - rust-idna-1.0.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2291175
[ 3 ] Bug #2323618 - rust-url-2.5.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2323618
[ 4 ] Bug #2324926 - rust-cookie_store-0.21.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2324926
[ 5 ] Bug #2352783 - rust-zip-2.6.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2352783
[ 6 ] Bug #2358015 - Review Request: rust-write16 - UTF-16 analog of the Write trait
https://bugzilla.redhat.com/show_bug.cgi?id=2358015
[ 7 ] Bug #2358018 - Review Request: rust-utf16_iter - Iterator by char over potentially-invalid UTF-16 in &[u16]
https://bugzilla.redhat.com/show_bug.cgi?id=2358018
[ 8 ] Bug #2358020 - Review Request: rust-icu_locid - API for managing Unicode Language and Locale Ide...
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-e923d51676' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: uv
Product: Fedora 40
Version: 0.6.14
Release: 3.fc40
Summary: An extremely fast Python package installer and resolver, written in Rust
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!