Yq is a portable command-line YAML, JSON, XML, CSV, TOML and properties
processor.
Update Information:
Add shell-completions Update to 4.47.1 and adopt go-vendor-tools
* Fri Aug 29 2025 Mikel Olasagasti Uranga
[ 1 ] Bug #2352349 - CVE-2025-22870 yq: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2352349
[ 2 ] Bug #2360619 - CVE-2025-22872 yq: Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2360619
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-d8a379a267' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
Get the latest Linux and open source security news straight to your inbox.