Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Fedora 43 rust-astral-tokio-tar Update Advisory for GHSA Risks

fedora
Calendar Grey May 18, 2026
Dist Fedora Esm H88
Security update for rust-astral-tokio-tar in Fedora 43 addresses GHSA vulnerabilities to enhance system safety.
Update uv and python-uv-build to 0.11.11

Summary

A Rust implementation of an async TAR file reader and writer. This

library does not currently handle compression, but it is abstract over

all I/O readers and writers. Additionally, great lengths are taken to

ensure that the entire contents are never required to be entirely

resident in memory all at once.

Update Information:

Update uv and python-uv-build to 0.11.11. Update the astral-tokio-tar Rust crate to 0.6.1, fixing security advisories GHSA-xx64-wwv2-hcqq and GHSA- fp55-jw48-c537.

Change Log

* Tue May 5 2026 Benjamin A. Beasley - 0.6.1-1 - Update to version 0.6.1 - Fixes GHSA-fp55-jw48-c537; fixes GHSA-xx64-wwv2-hcqq

References


[ 1 ] Bug #2466653 - python-uv-build-0.11.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=2466653 [ 2 ] Bug #2466654 - uv-0.11.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=2466654

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-a8100094df' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: rust-astral-tokio-tar
Product: Fedora 43
Version: 0.6.1
Release: 1.fc43
Summary: Rust implementation of an async TAR file reader and writer

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here