Stay Secure with the Latest Linux Advisories

security advisoryfedoraupdate

Fedora 42: python-deepdiff Security Advisory CVE-2025-58367 Update

Update to 8.6.1. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-6ecd8d4f9b 2025-09-26 01:08:57.941191+00:00 -------------------------------------------------------------------------------- Name : python-deepdiff Product : Fedora 42 Version : 8.6.1 Release : 1.fc42 URL : https://github.com/qlustered/deepdiff Summary : Deep Difference and search of any Python object/data Description : Deep Difference of dictionaries, iterables, strings, and ANY other object. Includes additional modules with related functionality: DeepSearch: Search for objects within other objects. DeepHash: Hash any object based on their content. Delta: Store the difference of objects and apply them to other objects. Extract: Extract an item from a nested Python object using its path. commandline: Use DeepDiff from commandline. -------------------------------------------------------------------------------- Update Information: Update to 8.6.1 -------------------------------------------------------------------------------- ChangeLog: * Sun Sep 14 2025 Romain Geissler - 8.6.1-1 - Update to 8.6.1 (rhbz#2393085). * Fri Aug 15 2025 Python Maint - 8.5.0-7 - Rebuilt for Python 3.14.0rc2 bytecode * Fri Jul 25 2025 Fedora Release Engineering - 8.5.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Tue Jul 8 2025 Charalampos Stratakis - 8.5.0-5 - Remove click's upper version bound * Sun Jun 29 2025 Romain Geissler - 8.5.0-4 - Fix tests with python 3.14 (rhbz#2374300). * Wed Jun 18 2025 Python Maint - 8.5.0-3 - Bootstrap for Python 3.14.0b3 bytecode * Thu Jun 5 2025 Python Maint - 8.5.0-2 - Bootstrap for Python 3.14 * Sat May 10 2025 Romain Geissler - 8.5.0-1 - Update to 8.5.0 (rhbz#2365409). * Wed Apr 16 2025 Romain Geissler - 8.4.1-2 - Relax a bit the pyyaml version for EPEL 10 * Mon Mar 31 2025 Romain Geissler - 8.4.1-1 - Update to 8.4.1(rhbz#2332738). -------------------------------------------------------------------------------- References: [ 1 ] Bug #2393899 - CVE-2025-58367 python-deepdiff: DeepDiff class pollution [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2393899 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-6ecd8d4f9b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . The recent Fedora 42 upgrade to python-deepdiff successfully addresses the class contamination vulnerability associated with CVE-2025-58367.. python-deepdiff, security advisory, class pollution, Fedora 42, CVE-2025-58367. . Severity: Critical. LinuxSecurity.com Team

Sep 26, 2025 •Critical Fedora