Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Fedora 41: FEDORA-2025-f8be7978e3 critical: openssl crate security fix

fedora
Calendar Grey February 8, 2025
Dist Fedora Esm H88
Fedora Alert: Security Update for openssl crate and rust-openssl-sys to resolve RUSTSEC-2025-0004 vulnerabilities.
Update the openssl crate to version 0.10.70 and the openssl-sys crate to version 0.9.105

Summary

FFI bindings to OpenSSL.

Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version 0.9.105. This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all packages that statically link the openssl crate.

Topics%20covered

Topics Covered

security advisory security issue software update Fedora openssl rust crate

Change Log

* Wed Feb 5 2025 Fabio Valentini - 0.9.105-1 - Update to version 0.9.105; Fixes RHBZ#2343422 * Sun Jan 19 2025 Fedora Release Engineering - 0.9.104-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild

References


[ 1 ] Bug #2343479 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2343479

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-f8be7978e3' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: rust-openssl-sys
Product: Fedora 41
Version: 0.9.105
Release: 1.fc41
URL: https://crates.io/crates/openssl-sys
Summary: FFI bindings to OpenSSL

Topics%20covered

Topics Covered

security advisory security issue software update Fedora openssl rust crate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here