Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 42 aerc critical: CVE-2025-49466 attachment path traversal

fedora
Calendar Grey June 14, 2025
Dist Fedora Esm H88
Important update available to correct a serious directory traversal vulnerability in the aerc email client on Fedora 42. Ensure your command line is secure by updating immediately!
Fix CVE-2025-49466 (fedora#2370376)

Summary

Aerc is an email client that runs in your terminal. It is highly

efficient and extensible, perfect for the discerning hacker.

Update Information:

Fix CVE-2025-49466 (fedora#2370376)

Topics%20covered

Topics Covered

security advisory fedora update critical aerc attachment path traversal

Change Log

* Thu Jun 5 2025 Robin Jarry - 0.20.1-3 - Fix CVE-2025-49466 (fedora#2370376) * Wed Apr 16 2025 Michael J Gruber - 0.20.1-2 - exclude i686 arch for i686 leaf package

References


[ 1 ] Bug #2370376 - CVE-2025-49466 aerc: Aerc Attachment Path Traversal Vulnerability [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2370376

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-8efa183a30' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: aerc
Product: Fedora 42
Version: 0.20.1
Release: 3.fc42
URL: https://git.sr.ht/~rjarry/aerc
Summary: Email client for your terminal

Topics%20covered

Topics Covered

security advisory fedora update critical aerc attachment path traversal

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here