Alerts This Week
Warning Icon 1 681
Alerts This Week
Warning Icon 1 681

Fedora 42: Update ruff Security Advisory for CVE-2025-4574

fedora
Calendar Grey May 30, 2025
Dist Fedora Esm H88
Urgent security patch for Fedora 42 rusty tackles CVE-2025-4575, boosting reliability via code enhancements.
Security update for CVE-2025-4574, GHSA-pg9f-39pc-qf8g: by rebuilding ruff, we ensure that it uses version 0.5.15 of the crossbeam-channel crate library

Summary

An extremely fast Python linter and code formatter, written in Rust.

Ruff aims to be orders of magnitude faster than alternative tools while

integrating more functionality behind a single, common interface.

Ruff can be used to replace Flake8 (plus dozens of plugins), Black,

isort, pydocstyle, pyupgrade, autoflake, and more, all while executing

tens or hundreds of times faster than any individual tool.

Update Information:

Security update for CVE-2025-4574, GHSA-pg9f-39pc-qf8g: by rebuilding ruff, we ensure that it uses version 0.5.15 of the crossbeam-channel crate library. rust-hashlink 0.10.0 API incompatible change: upgrade hashbrown to 0.15 API incompatible change: we now wrap DefaultHashBuilder and DefaultHasher from hashbrown so that in the future upgrading hashbrown is not an API incompatible change

Topics%20covered

Topics Covered

security advisory update Fedora CVE-2025-4574 ruff code formatter

Change Log

* Fri May 2 2025 Benjamin A. Beasley - 0.11.5-2 - Stop patching for hashbrown/hashlink 0.14/0.9; use 0.15/0.10

References


[ 1 ] Bug #2331134 - rust-hashlink-0.10.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2331134 [ 2 ] Bug #2366571 - CVE-2025-4574 ruff: crossbeam-channel Vulnerable to Double Free on Drop [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2366571

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-04894ce9bd' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: ruff
Product: Fedora 42
Version: 0.11.5
Release: 2.fc42
URL: https://github.com/astral-sh/ruff
Summary: Extremely fast Python linter and code formatter

Topics%20covered

Topics Covered

security advisory update Fedora CVE-2025-4574 ruff code formatter

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here